Download Latest Version occ_v1.0.1_darwin_amd64.tar.gz (14.8 MB)
Email in envelope

Get an email when there's a new version of OpenChoreo

Home / v0.17.0
Name Modified Size InfoDownloads / Week
Parent folder
checksums.txt 2026-03-05 582 Bytes
0
checksums.txt.sigstore.json 2026-03-05 10.0 kB
0
occ_v0.17.0_darwin_amd64.tar.gz 2026-03-05 14.8 MB
0
occ_v0.17.0_darwin_amd64.tar.gz.sigstore.json 2026-03-05 9.8 kB
0
occ_v0.17.0_darwin_arm64.tar.gz 2026-03-05 13.8 MB
0
occ_v0.17.0_darwin_arm64.tar.gz.sigstore.json 2026-03-05 9.9 kB
0
occ_v0.17.0_linux_amd64.tar.gz 2026-03-05 14.8 MB
0
occ_v0.17.0_linux_amd64.tar.gz.sigstore.json 2026-03-05 10.0 kB
0
occ_v0.17.0_linux_arm64.tar.gz 2026-03-05 13.2 MB
0
occ_v0.17.0_linux_arm64.tar.gz.sigstore.json 2026-03-05 10.1 kB
0
occ_v0.17.0_windows_amd64.zip 2026-03-05 15.1 MB
0
occ_v0.17.0_windows_amd64.zip.sigstore.json 2026-03-05 9.9 kB
0
occ_v0.17.0_windows_arm64.zip 2026-03-05 13.3 MB
0
occ_v0.17.0_windows_arm64.zip.sigstore.json 2026-03-05 10.0 kB
0
README.md 2026-03-05 23.7 kB
0
v0.17.0 source code.tar.gz 2026-03-05 6.4 MB
1 1 weekly downloads
v0.17.0 source code.zip 2026-03-05 7.6 MB
1 1 weekly downloads
Totals: 17 Items   99.1 MB 2

Summary of Changes

This release introduces endpoint visibility-based network policies, a unified workflow model, API improvements, expanded CLI capabilities, and significant observability architecture improvements.

  • Endpoint Visibility-Based Network Policies: Network policies are now automatically generated based on endpoint visibility settings. Cross-environment traffic is blocked for namespace-visible endpoints, enforcing network-level isolation that aligns with declared endpoint visibility.

  • Unified Workflow Model: Component Workflows and Workflows have been merged into a single Workflow resource, eliminating redundancy. The allowedWorkflows field in ComponentTypes now uses structured object references (aligned with the allowedTraits pattern). Workflow annotations have been updated, and workflow run labels are now available in the workflow CEL context for richer conditional logic.

  • API Gateway Topology & Connection URL Resolution: A new API gateway topology configuration for ClusterDataPlane, DataPlane and Environment with different gateway modes like Ingress/Egress and Internal/External with endpoint URL resolution based on endpoint visibility.

  • OpenChoreo Connections: Introduce OpenChoreo connections for project-level and namespace-level endpoints.

  • CLI Enhancements: Added get, list, and delete subcommands for Components, Projects, and custom resources. New workflow get, component workflowrun, workflowrun list, and workflowrun logs commands. Optional --output-path for componentrelease gen in filesystem mode. The --set flag is now supported for inline overrides. The top-level occ delete command has been removed in favor of resource-specific delete subcommands.

  • Release Resources Debuggability Enhancements: Improved the reliability and visibility of release resources in the platform. This update includes enhancements and bug fixes to the resource tree API, ensuring it gracefully returns an empty tree when no releases exist. Pod health reporting has been improved to correctly surface failure states such as CrashLoopBackOff, instead of incorrectly showing Progressing. Additionally, the ReleaseBinding status has been extended with new fields, including lastSpecUpdateTime and observedGeneration, to provide better deployment tracking and operational visibility.

  • Workflow External References: Workflows now support externalRefs (renamed from contextRefs) and buildplaneRef fields, allowing workflows to reference external resources and specify which build plane to execute on. Secret references are also propagated through workflow annotations.

  • OpenBao Extracted as Standalone Prerequisite: OpenBao has been decoupled from the build-plane Helm chart into a standalone prerequisite, with dedicated Helm values added for k3d setup.

  • MCP Server Enhancements: Revamped the controlplane and observabilityplane MCP servers, featuring improved tools with optimised payloads for lightweight operations, and a reduced tool count without compromising functionality. The controlplane server includes updated toolsets with developer-focused toolsets enabled by default.

  • RCA Agent Improvements: The RCA agent now suggests applicable fixes within OpenChoreo. The APIs have been revamped, and the agent has been migrated from the legacy MCP servers to the new MCP servers.

  • Default Component Type Enhancements: Default component types updated to use workload.endpoints. The service and webapp default component types now use workload.endpoints to expose services based on endpoint visibility via the internal and external gateways.

  • Dependency Bumps: Thunder to v0.24.0, and observability community module versions updated to latest

  • Documentation for Community Module Authors: Added guides to be used by module authors to create new community modules

Breaking Changes

  • Unified Workflow Model: Component Workflows merged into Workflows. The separate ComponentWorkflow resource type has been removed. All component workflows are now regular Workflow resources. Existing ComponentWorkflow CRs must be migrated to Workflow CRs. The allowedWorkflows field in ComponentTypes has changed from a string array to a structured object array with kind and name fields:

    Before

    allowedWorkflows:

    • my-workflow

    After

    allowedWorkflows:

    • kind: Workflow # Optional, defaults to Workflow name: my-workflow

  • Workflow contextRefs renamed to externalRefs. Any workflows using the contextRefs field must update to use externalRefs.

  • CLI: Top-level occ delete removed. The generic occ delete command has been removed. Use resource-specific delete subcommands instead (e.g., occ component delete, occ project delete).

  • OpenBao decoupled from the build-plane chart. OpenBao is no longer bundled with the build-plane Helm chart. It must be installed separately as a prerequisite. See the updated installation guides for details.

  • OpenChoreo API routes have been updated: OpenChoreo API is switched to use new API Routes by default. Legacy API routes are now served under a /legacy prefix. Clients must be updated to use the new APIs. Observer legacy APIs have also moved under a /legacy prefix.

  • Default component types refactored to use workload.endpoints. The service and webapp default component types now rely on workload.endpoints for service exposure based on internal/external gateway visibility. Existing components that use these default component types may require updates to align with the new model.

  • Thunder moved to a dedicated namespace. While Thunder was previously decoupled from the control plane deployment, it was still deployed in the same namespace. In this release, Thunder is deployed in its own namespace and must be installed and managed separately.

  • API Gateway topology: ClusterDataPlane, DataPlane and Environment APIs now support defining gateways with different configurations like Ingress/Egress and Internal/External. To migrate, recreate the ClusterDataPlane, DataPlane and Environment using the new API.

What's Changed

Full Changelog: https://github.com/openchoreo/openchoreo/compare/v0.16.0...v0.17.0

Source: README.md, updated 2026-03-05