)]}'
{
  "log": [
    {
      "commit": "f6ad298e24e22c1fadb203d85f8b8dd6cb118e25",
      "tree": "ec764428f186cf879085d6956b20d315434408aa",
      "parents": [
        "4a3e54c86c05e4881105f7aced6f039a383ed5a1"
      ],
      "author": {
        "name": "gio",
        "email": "gio@v1.dodo.cloud",
        "time": "Fri Aug 23 17:42:49 2024 +0400"
      },
      "committer": {
        "name": "gio",
        "email": "gio@v1.dodo.cloud",
        "time": "Fri Sep 20 14:19:48 2024 +0000"
      },
      "message": "ClusterManager: Implements support of remote clusters.\n\nAfter this change users will be able to:\n* Create cluster and add/remove servers to it\n* Install apps on remote cluster\n* Move already installed apps between clusters\n* Apps running on server being removed will auto-migrate\n  to another server from that same cluster\n\nThis is achieved by:\n* Installing and running minimal version of dodo on remote cluster\n* Ingress-nginx is installed automatically on new clusters\n* Next to nginx we run VPN client in the same pod, so that\n  default cluster can establish secure communication with it\n* Multiple reverse proxies are configured to get to the\n  remote cluster service from ingress installed on default cluster.\n\nNext steps:\n* Support remote clusters in dodo apps (prototype ready)\n* Clean up old cluster when moving app to the new one. Currently\n  old cluster keeps running app pods even though no ingress can\n  reach it anymore.\n\nChange-Id: Iffc908c93416d4126a8e1c2832eae7b659cb8044\n"
    },
    {
      "commit": "e72b54f819a38afc6656b99010370d6f3d51c38e",
      "tree": "3da4dec10618aca7403f423005ba31ed8c3fae04",
      "parents": [
        "56f86a481e4ac0be5548c8337ea85c1af0561462"
      ],
      "author": {
        "name": "gio",
        "email": "gio@v1.dodo.cloud",
        "time": "Mon Apr 22 10:44:41 2024 +0400"
      },
      "committer": {
        "name": "gio",
        "email": "gio@v1.dodo.cloud",
        "time": "Tue Apr 30 16:15:43 2024 +0400"
      },
      "message": "DNS: run separate CoreDNS instance for each PCloud env.\n\nPreviously shared CoreDNS instance was used to handle all domains. This has multiple downsides, most important which is security. For example DNS-Sec keys of all domains were persisted on the same shared volume. Also key itself was generated by PCloud env-manager as part of bootstrapping new env. Which is counter to the main aspirations of PCloud, that environment internal private data must not leak outside of the environment.\n\nWith new approach implemented in this change, environment starts up it’s own CoreDNS and DNS record manager servers. Manager generates dns-sec keys internally and only exposes public information to the outside world. PCloud infrastructure runes another instance of CoreDNS which acts as a proxy service forwarding requests to individual environments based an requested domain.\n\nThis simplifies DNS based TLS challenge solvers, as private certificate issuer of each env will point directly to the DNS record manager of the same environment.\n\nChange-Id: Ifb0f36d2a133e3b53da22030cc7d6b9099136b3d\n"
    }
  ]
}