What's Changed

Cost Model

• Allow disabling of adjustment prediction
• Use node.Name as ProviderID when missing (fixes ECP issues)
• Fixes an error check for object not exist for GCS.

Helm Chart

• Add support for extraEnv to cloud cost by @srpomeroy in #4465
• Bump agent to 1.0.6 by @mittal-ishaan in #4494

Full Changelog: v2.9.3...v2.9.5

What's Changed

Cost Model

• Allow disabling of adjustment prediction
• Use node.Name as ProviderID when missing (fixes ECP issues)
• Fixes an error check for object not exist for GCS.

Helm Chart

• Add tmp dir to Grafana deployment to address regression by @HMetcalfeW in #4388
• 2.8.5 clean up and bumps by @jessegoodier in #4397 and #4396
• Add support for extraEnv to cloud cost - 2.8 by @srpomeroy in #4461

Full Changelog: v2.8.4...v2.8.5

What's Changed

Cost model

• Fixes issues with Enterprise Custom (CSV) Pricing failing to price containers when ProviderID is missing
• Fix window gating by not defaulting to eks optimised even with license or trial
• Fix generation of filterString in reports when created through helm values to not include spaces
• Make auth cookies have lax samesite property
• Remove business tier from product key and add enterprise access middleware

Frontend

• Adds a permissions parameter to service account token creation
• The Cloud Integration details panel will no longer show the integration's Helm values.
• Display N/A for last seen when date is epoch
• Improve license message to more accurately reflect the current license

Kubecost Helm Chart

• Users can now test cloud integrations before saving them.
• Update docs and remove old chart-tests
• Set default network costs affinity
• Adds an example configuration for Reintroduce Product Configs using the values introduced in kubecost/finops-agent-chart#62
• Bump Finops agent to v1.0.6

Full Changelog: v3.0.5...v3.0.6

Image List

• icr.io/kubecost/network-costs:v0.18.1
• icr.io/ibm-finops/agent:v1.0.6
• icr.io/kubecost/cost-model:3.0.6
• icr.io/kubecost/cluster-controller:v0.16.30
• icr.io/kubecost/modeling:v0.1.33
• icr.io/kubecost/frontend:3.0.6
• icr.io/kubecost/cost-model:3.0.6
• icr.io/kubecost/cost-model:3.0.6
• docker.io/alpine/curl:8.14.1

Helm Chart Security Comparison: v3.0.5 to v3.0.6

Helm Chart Comparison Report

CVE by Severity

Unchanged CVEs

High

Medium

Low

Added CVEs

No new vulnerabilities found.

Removed CVEs

High

Medium

What's Changed

Kubecost Helm Chart

• Add forecasting /anomaly endpoints back to frontend nginx config (#4430)
• Add default noProxy value to systemProxy values (#4414)
• Fix bug in basic-health.yaml (#4435)
• Add configs for enabling deployment guide (#4419)
• add missing comma to make it valid JSON (#4440)
• Updates documentation links to v3 (#4415)
• 3.0 docs fixes (#4401)
• Fix: frontend.service.type override ignored (#4445)
• Kubecost HA Configuration (#4448)
• Bump finops agent, cluster controller and network cost images (#4452)

Cost model

• Fix requestSizingV2 savings discrepancy when includeLabelsAndAnnotations is true
• An unneeded error log has been removed
• Users will now be able to utilize autocomplete for assets when searching by asset type.
• Fix issue where team claims with commas were being split incorrectly.
• Allow SAML/OIDC Service Account Keys to be assigned an RBAC permissions level; previously all keys would have been admin.
• Fix filtering by custom label using starts/ends with
• Fix issue where enterprise custom pricing was not authorizing with v2 licenses
• Bump golang.org/x/crypto from 0.43.0 to 0.45.0
• chore: update Go version to go1.25.4

Finops Agent

• chore: update Go version to go1.25.4
• Bump golang.org/x/crypto from 0.40.0 to 0.45.0

Finops Agent Helm Chart

• Re-add disabledMetrics
• Add extraObjectgs and kubecost PR testing workflow

Frontend

• Update the way forecasting APIs are called to match what the new support in Helm chart will be.
• Fixes an issue in which the anomalies query could return undefined, triggering an error
• Added a global data-fetching indicator ribbon at the top of the page
• Update the way asset type filter queries are called.
• An issue with cloud cost autocomplete with custom labels have been fixed.
• Removed calls to API endpoints that no longer exist; prune unused code
• Adds support for runtime conditional schema selection to facilitate license-driven query window options
• Minor cleanup

Network Costs

• Bump Dependencies

Cluster Controller

• Bump Dependencies
• chore: update Go version to go1.25.4
• Adds ITs for resource quota resizing.

Full Changelog: v3.0.4...v3.0.5

Helm Chart Security Comparison: v3.0.4 to v3.0.5

CVE by Severity

Unchanged CVEs

High

Medium

Low

Added CVEs

No new vulnerabilities found.

Removed CVEs

High

Medium

Low

What's Changed

Kubecost Helm Chart

• Add global.ImagePullSecret to all pods by @jessegoodier in #4385
• Add useIDToken config to helm values by @mittal-ishaan in #4406
• Consistent quoting/image templates by @jessegoodier in #4408
• Fix link checker by @jessegoodier in #4410
• Add actions configmap by @ameijer in #4405
• Add the ability for enterprise customers to add custom branding assets by @aligon in #4331
• Expand custom branding options to include switching to IBM's Plex font by @aligon in #4377
• bump forecasting image to 0.1.33 by @jessegoodier in #4424

Kubecost Cost Model

• Implment new authorizer: Connection String for azure cloud integration
• Azure clusters containing underscores in their names will now appear with a correct name in the clusters status page.
• Prevents free users from querying >15d of data
• Add telemetry debug endpoints
• Fixes rbac teams issue where leading/trailing spaces in team names would cause errors
• Users can now disable predictive reconciliation using the new ENABLE_PREDICTIVE_RECONCILIATION env var.
• Fix predictive reconciliation: apply no-op node data transformation if feature is disabled
• Fix Product key file path
• Add return to Allocation CSV Report to fix an issue where both the CSV contents and JSON are appended together when running an allocation report and the user selects the format CSV.

Frontend

• Fix Adding Budget workload UI bug in create and edit Budget form
• Remove older feature gating from service accounts, teams, roles, and audit
• Updates the window picker for free tier, replacing "Month to date" with "Last 15 days".
• Expand custom branding support for advanced containers
• Adds missing region and version info to cluster-inspect overview
• Remove duplicate variables

Full Changelog: v3.0.3...v3.0.4

Helm Chart Security Comparison: v3.0.3 to v3.0.4

CVE by Severity

Unchanged CVEs

High

Medium

Low

Added CVEs

No new vulnerabilities found.

Removed CVEs

High

Medium

Low

Version 2.9.3 is only needed for the primary. There are no changes to the agent between 2.9.3 and 2.9.2.

See https://github.com/kubecost/kubecost/tree/v2.9/examples for details on 2.9 usage.

What's Changed

• kiwigrid version by @jessegoodier in #4402
• 2.9 fix aggregator volumeMount by @jessegoodier in #4400

Full Changelog: v2.9.2...v2.9.3

2.9.2 addresses a critical issue in 2.9.0 and 2.9.1

Please see the 2.9 readme for instructions on usage.
https://github.com/kubecost/kubecost/tree/v2.9/examples

What's Changed

2.9.0 => 2.9.2:

• fix chart alias by @jessegoodier in #4393
• fix cluster_id in cost-model by @jessegoodier in #4398
• fix clusterId by @jessegoodier in #4399

Full Changelog: v2.9.0...v2.9.2

Notice: Kubecost 2.9 has been released to allow for seamless upgrades to 3.x. See https://www.ibm.com/docs/en/kubecost/self-hosted/3.x?topic=installupgrade-kubecost-upgrade for more information and please do not hesitate to reach out to us if you have any questions.

What's Changed

Important Updates in 3.0.3

The helm values for finops-agent have been changed. If setting custom values for finops-agent: the upgrade will fail with a message that your values must be updated to finopsagent: prior to upgrading.

Kubecost 3.0.3 fixes the EKS-Optimizated license that was broken in the 3.0.0 release.

Known issues

Setting global.imagePullSecrets will only set the pull secret for the finops-agent pod. This will be fixed in 3.0.4 so that all pods will use the pull secret.

Kubecost Helm Chart

• remove hyphen from finops-agent helm key by @jessegoodier in #4381
• Update basicHealth image to remove critical CVEs present in alpine/k8s by @mittal-ishaan in #4356
• Readme updates by @jessegoodier in #4359
• Fix handling of init Container block in cloud cost deployment template by @mittal-ishaan in #4364
• Fix System Proxy in Manifests by @HMetcalfeW in #4369
• Fix healthz logs by @jessegoodier in #4371
• Bump finops agent chart to 1.0.3 by @mittal-ishaan in #4373

Finops Agent

• Allow mounting custom CA certs to finops agent pod
• Update Go version to go1.25.3
• Update Opencost Version to 1.118.0
• Pass k8s version in heartbeat metadata

Kubecost Cost Model

• Parametrize resolution in Kubernetes Containers and Nodes APIs
• Use 'controller' as aggregation alias for 'controllername'
• Add Account labels to cloud costs
• Fix api for EKS-Optimized check
• Actions: Refactor config manager handlers
• Kubernetes version in /kubernetes/clusters endpoint
• Change telemetry AnonymousId
• Add AppVersion to build

Frontend

• Adds validation to Alert emails
• Alerts endpoint is now /v3/alerts
• Updates forecasting to use /model api path instead of /forecasting.
• Fix forecasting api endpoint path
• Make 30d query to check whether GPU data is being collected a 7d query
• Fix capacity planning
• Fixes overflow issues on chart tooltips
• Prevent type-based build errors due to a bad peerDep
• Enable customized branding as an advanced enterprise option
• Show 15d retention limit message for EKS Optimized
• Added feature enabled/disabled status info to settings page
• Playwright test coverage for license gating
• Remove "new" badges from 2.0 forecasting features
• Fixes an issue were v2ActionsEnabled would be undefined in the mock env, breaking some tests
• Fixed custom label filters in collections
• Fix the allocations detail page
• Improve support for custom branding
• Fix savings item visibility
• Handle missing data points more gracefully

Full Changelog: v3.0.2...v3.0.3

Helm Chart Security Comparison: v3.0.2 to v3.0.3

CVE by Severity

Unchanged CVEs

High

Medium

Low

Added CVEs

Medium

Low

Removed CVEs

Critical

High

Medium

What has changed

fixes typo in 2.9.0

See https://github.com/kubecost/kubecost/releases/tag/v2.9.0

Update: version 2.9.0 has a bug that has been fixed by 2.9.2

The v2.9 release is designed to facilitate seamless upgrades to v3.0.

There are no new features in v2.9 compared to v2.8- other than the addition of a finops-agent container that will begin collecting metrics in preparation for a seamless upgrade to 3.0.

A federated storage configuration is required when installing v2.9.

See https://github.com/kubecost/kubecost/tree/v2.9/examples

for more information on how to use this version.

The 2.9.0 frontend and cost-model images are copies of the 2.8.4 images.

What's Changed

• 2x-finops-agent by @jessegoodier in #4380
• add global.ImagePullSecret to kubecost pods v2.9 by @jessegoodier in #4389
• v2.9.0 by @jessegoodier in #4378

Full Changelog: v2.8.4...v2.9.0