From b00d08174d6aa9a21d38cb55494af64faca41eca Mon Sep 17 00:00:00 2001
From: AvineshTripathi <avineshtripathi1@gmail.com>
Date: Sat, 28 Feb 2026 12:45:06 +0530
Subject: [PATCH 1/4] docs: add v0.2.0 release notes

Signed-off-by: AvineshTripathi <avineshtripathi1@gmail.com>
---
 docs/book/src/releases.md | 78 +++++++++++++++++++++++++++++++++++++++
 1 file changed, 78 insertions(+)

diff --git a/docs/book/src/releases.md b/docs/book/src/releases.md
index 8ff58b7..2025db8 100644
--- a/docs/book/src/releases.md
+++ b/docs/book/src/releases.md
@@ -2,6 +2,84 @@
 
 This page details the official releases of the Node Readiness Controller.
 
+## v0.2.0
+
+**Date:** 2026-02-28
+
+This release brings several new features, including a webhook component, metrics manifests natively integrated with Kustomize, and major documentation improvements.
+
+### Release Notes
+
+#### Features & Enhancements
+- Add webhook as kustomize component ([#122](https://github.com/kubernetes-sigs/node-readiness-controller/pull/122))
+- Enable metrics manifests ([#79](https://github.com/kubernetes-sigs/node-readiness-controller/pull/79)) 
+- Use `status.patch` api for node updates ([#104](https://github.com/kubernetes-sigs/node-readiness-controller/pull/104))
+- Mark controller as `system-cluster-critical` to prevent eviction ([#108](https://github.com/kubernetes-sigs/node-readiness-controller/pull/108))
+- Enhance Dockerfiles and bump Go module version ([#113](https://github.com/kubernetes-sigs/node-readiness-controller/pull/113))
+- Add `build-installer` make target to create CRD and install manifests ([#95](https://github.com/kubernetes-sigs/node-readiness-controller/pull/95), [#93](https://github.com/kubernetes-sigs/node-readiness-controller/pull/93))
+- Add a pull request template ([#110](https://github.com/kubernetes-sigs/node-readiness-controller/pull/110))
+
+#### Bug Fixes
+- Fix dev-container: disable moby in newer version of debian ([#127](https://github.com/kubernetes-sigs/node-readiness-controller/pull/127))
+- Add missing boilerplate headers in `metrics.go` ([#119](https://github.com/kubernetes-sigs/node-readiness-controller/pull/119))
+- Update path to logo in README ([#115](https://github.com/kubernetes-sigs/node-readiness-controller/pull/115))
+
+#### Code Cleanup & Maintenance
+- Remove unused `globalDryRun` feature ([#123](https://github.com/kubernetes-sigs/node-readiness-controller/pull/123), [#130](https://github.com/kubernetes-sigs/node-readiness-controller/pull/130))
+- Bump versions for devcontainer and golangci-kal ([#132](https://github.com/kubernetes-sigs/node-readiness-controller/pull/132))
+
+#### Documentation & Examples
+- Document `NoExecute` taint risks and add admission warning ([#120](https://github.com/kubernetes-sigs/node-readiness-controller/pull/120))
+- Updates on getting-started guide and installation docs ([#135](https://github.com/kubernetes-sigs/node-readiness-controller/pull/135), [#92](https://github.com/kubernetes-sigs/node-readiness-controller/pull/92))
+- Add example for security agent readiness ([#101](https://github.com/kubernetes-sigs/node-readiness-controller/pull/101))
+- Managing CNI-readiness with node-readiness-controller and switch reporter to daemonset ([#99](https://github.com/kubernetes-sigs/node-readiness-controller/pull/99), [#116](https://github.com/kubernetes-sigs/node-readiness-controller/pull/116))
+- Update cni-patcher to use `registry.k8s.io` image ([#96](https://github.com/kubernetes-sigs/node-readiness-controller/pull/96))
+- Add video demo ([#114](https://github.com/kubernetes-sigs/node-readiness-controller/pull/114)) and update heptagon logo ([#109](https://github.com/kubernetes-sigs/node-readiness-controller/pull/109))
+- Remove stale `docs/spec.md` ([#126](https://github.com/kubernetes-sigs/node-readiness-controller/pull/126))
+
+### Images
+
+The following container images are published as part of this release.
+
+```
+// Node readiness controller
+registry.k8s.io/node-readiness-controller/node-readiness-controller:v0.2.0
+
+// Report component readiness condition from the node
+registry.k8s.io/node-readiness-controller/node-readiness-reporter:v0.2.0
+
+```
+
+### Installation
+
+To install the CRDs, apply the `crds.yaml` manifest for this version:
+
+```sh
+kubectl apply -f https://github.com/kubernetes-sigs/node-readiness-controller/releases/download/v0.2.0/crds.yaml
+```
+
+To install the controller, apply the `install.yaml` manifest for this version:
+
+```sh
+kubectl apply -f https://github.com/kubernetes-sigs/node-readiness-controller/releases/download/v0.2.0/install.yaml
+```
+
+This will deploy the controller into any available node in the `nrr-system` namespace in your cluster. Check [here](https://node-readiness-controller.sigs.k8s.io/user-guide/installation.html) for more installation instructions.
+
+### Contributors
+
+- ajaysundark
+- arnab-logs
+- AvineshTripathi
+- GGh41th
+- Hii-Himanshu
+- ketanjani21
+- knechtionscoding
+- OneUpWallStreet
+- pehlicd
+- Priyankasaggu11929
+- sats-23
+
 ## v0.1.1
 
 **Date:** 2026-01-19

From 15e416a8efb007dcc171ebd696e2969806e8cbe3 Mon Sep 17 00:00:00 2001
From: AvineshTripathi <avineshtripathi1@gmail.com>
Date: Sun, 1 Mar 2026 12:09:32 +0530
Subject: [PATCH 2/4] feat(docs): introduce new installation manifests for
 metrics, secure metrics, and webhooks, alongside updated documentation.

Signed-off-by: AvineshTripathi <avineshtripathi1@gmail.com>
---
 Makefile                                 | 14 +++++++++++-
 docs/book/src/releases.md                | 20 ++++++++++++++++
 docs/book/src/user-guide/installation.md | 29 ++++++++++++++++++++++++
 3 files changed, 62 insertions(+), 1 deletion(-)

diff --git a/Makefile b/Makefile
index 8f8591c..2684b30 100644
--- a/Makefile
+++ b/Makefile
@@ -221,7 +221,19 @@ build-installer: build-manifests-temp ## Generate CRDs and deployment manifests
 	# Generate controller deployment without CRDs
 	cp $(BUILD_DIR)/manifests.yaml dist/install.yaml
 	@echo "Generated dist/install.yaml with image ${IMG_PREFIX}:${IMG_TAG}"
-	@echo "NOTE: Install crds.yaml first, then install.yaml. Deployment runs on any available node by default."
+	# Generate controller deployment with metrics
+	$(MAKE) build-manifests-temp ENABLE_METRICS=true
+	cp $(BUILD_DIR)/manifests.yaml dist/install-with-metrics.yaml
+	@echo "Generated dist/install-with-metrics.yaml with image ${IMG_PREFIX}:${IMG_TAG}"
+	# Generate controller deployment with secure metrics
+	$(MAKE) build-manifests-temp ENABLE_METRICS=true ENABLE_TLS=true
+	cp $(BUILD_DIR)/manifests.yaml dist/install-with-secure-metrics.yaml
+	@echo "Generated dist/install-with-secure-metrics.yaml with image ${IMG_PREFIX}:${IMG_TAG}"
+	# Generate controller deployment with webhook
+	$(MAKE) build-manifests-temp ENABLE_TLS=true ENABLE_WEBHOOK=true
+	cp $(BUILD_DIR)/manifests.yaml dist/install-with-webhook.yaml
+	@echo "Generated dist/install-with-webhook.yaml with image ${IMG_PREFIX}:${IMG_TAG}"
+	@echo "NOTE: Install crds.yaml first, then install.yaml, install-with-metrics.yaml, install-with-secure-metrics.yaml, or install-with-webhook.yaml. Deployment runs on any available node by default."
 
 ## --------------------------------------
 ## Deployment
diff --git a/docs/book/src/releases.md b/docs/book/src/releases.md
index 2025db8..b081111 100644
--- a/docs/book/src/releases.md
+++ b/docs/book/src/releases.md
@@ -64,6 +64,26 @@ To install the controller, apply the `install.yaml` manifest for this version:
 kubectl apply -f https://github.com/kubernetes-sigs/node-readiness-controller/releases/download/v0.2.0/install.yaml
 ```
 
+Alternatively, to install with metrics enabled:
+
+```sh
+kubectl apply -f https://github.com/kubernetes-sigs/node-readiness-controller/releases/download/v0.2.0/install-with-metrics.yaml
+```
+
+To install with secure metrics enabled:
+
+```sh
+kubectl apply -f https://github.com/kubernetes-sigs/node-readiness-controller/releases/download/v0.2.0/install-with-secure-metrics.yaml
+```
+
+To install with webhook enabled:
+
+```sh
+kubectl apply -f https://github.com/kubernetes-sigs/node-readiness-controller/releases/download/v0.2.0/install-with-webhook.yaml
+```
+
+Note: secure metrics and webhook requires cert-manager crds to be installed in the cluster.
+
 This will deploy the controller into any available node in the `nrr-system` namespace in your cluster. Check [here](https://node-readiness-controller.sigs.k8s.io/user-guide/installation.html) for more installation instructions.
 
 ### Contributors
diff --git a/docs/book/src/user-guide/installation.md b/docs/book/src/user-guide/installation.md
index a452119..8099706 100644
--- a/docs/book/src/user-guide/installation.md
+++ b/docs/book/src/user-guide/installation.md
@@ -22,6 +22,26 @@ To install the controller, apply the `install.yaml` manifest:
 kubectl apply -f https://github.com/kubernetes-sigs/node-readiness-controller/releases/download/${VERSION}/install.yaml
 ```
 
+Alternatively, to install with metrics enabled:
+
+```sh
+kubectl apply -f https://github.com/kubernetes-sigs/node-readiness-controller/releases/download/${VERSION}/install-with-metrics.yaml
+```
+
+To install with secure metrics enabled:
+
+```sh
+kubectl apply -f https://github.com/kubernetes-sigs/node-readiness-controller/releases/download/${VERSION}/install-with-secure-metrics.yaml
+```
+
+To install with webhook enabled:
+
+```sh
+kubectl apply -f https://github.com/kubernetes-sigs/node-readiness-controller/releases/download/${VERSION}/install-with-webhook.yaml
+```
+
+Note: Secure metrics and webhooks require cert-manager to be installed in the cluster.
+
 This will deploy the controller into the `nrr-system` namespace on any available node in your cluster.
 
 #### Controller priority
@@ -90,6 +110,15 @@ The controller uses a **finalizer** (`readiness.node.x-k8s.io/cleanup-taints`) o
     ```sh
     # If installed via release manifest
     kubectl delete -f https://github.com/kubernetes-sigs/node-readiness-controller/releases/download/${VERSION}/install.yaml
+    
+    # Or if using the metrics manifest
+    kubectl delete -f https://github.com/kubernetes-sigs/node-readiness-controller/releases/download/${VERSION}/install-with-metrics.yaml
+
+    # Or if using the secure metrics manifest
+    kubectl delete -f https://github.com/kubernetes-sigs/node-readiness-controller/releases/download/${VERSION}/install-with-secure-metrics.yaml
+
+    # Or if using the webhook manifest
+    kubectl delete -f https://github.com/kubernetes-sigs/node-readiness-controller/releases/download/${VERSION}/install-with-webhook.yaml
 
     # OR if using Kustomize
     kubectl delete -k config/default

From b28c5e1c4de2d295efd6bfe48dbef4e003f07625 Mon Sep 17 00:00:00 2001
From: AvineshTripathi <avineshtripathi1@gmail.com>
Date: Tue, 3 Mar 2026 11:17:46 +0530
Subject: [PATCH 3/4] docs: simplify installation release manifests and update
 documentation

This commit simplifies the published manifests down to 'install.yaml' and 'install-full.yaml'.

Co-authored-by: ajaysundar.k <ajaysundar.k@gmail.com>

Signed-off-by: AvineshTripathi <avineshtripathi1@gmail.com>
---
 Makefile                                 | 20 +++------
 docs/book/src/releases.md                | 33 +++++++-------
 docs/book/src/user-guide/installation.md | 55 ++++++++++++------------
 3 files changed, 49 insertions(+), 59 deletions(-)

diff --git a/Makefile b/Makefile
index 2684b30..5f9c8ef 100644
--- a/Makefile
+++ b/Makefile
@@ -218,22 +218,14 @@ build-installer: build-manifests-temp ## Generate CRDs and deployment manifests
 	# Generate CRDs only
 	$(KUSTOMIZE) build config/crd > dist/crds.yaml
 	@echo "Generated dist/crds.yaml"
-	# Generate controller deployment without CRDs
+	# Generate standard installation (core controller only) manifest without CRDs
 	cp $(BUILD_DIR)/manifests.yaml dist/install.yaml
 	@echo "Generated dist/install.yaml with image ${IMG_PREFIX}:${IMG_TAG}"
-	# Generate controller deployment with metrics
-	$(MAKE) build-manifests-temp ENABLE_METRICS=true
-	cp $(BUILD_DIR)/manifests.yaml dist/install-with-metrics.yaml
-	@echo "Generated dist/install-with-metrics.yaml with image ${IMG_PREFIX}:${IMG_TAG}"
-	# Generate controller deployment with secure metrics
-	$(MAKE) build-manifests-temp ENABLE_METRICS=true ENABLE_TLS=true
-	cp $(BUILD_DIR)/manifests.yaml dist/install-with-secure-metrics.yaml
-	@echo "Generated dist/install-with-secure-metrics.yaml with image ${IMG_PREFIX}:${IMG_TAG}"
-	# Generate controller deployment with webhook
-	$(MAKE) build-manifests-temp ENABLE_TLS=true ENABLE_WEBHOOK=true
-	cp $(BUILD_DIR)/manifests.yaml dist/install-with-webhook.yaml
-	@echo "Generated dist/install-with-webhook.yaml with image ${IMG_PREFIX}:${IMG_TAG}"
-	@echo "NOTE: Install crds.yaml first, then install.yaml, install-with-metrics.yaml, install-with-secure-metrics.yaml, or install-with-webhook.yaml. Deployment runs on any available node by default."
+	# Generate full installation (with features: Metrics, TLS, webhook) manifest
+	$(MAKE) build-manifests-temp ENABLE_METRICS=true ENABLE_TLS=true ENABLE_WEBHOOK=true
+	cp $(BUILD_DIR)/manifests.yaml dist/install-full.yaml
+	@echo "Generated dist/install-full.yaml (Features: Metrics, TLS, Webhook - Requires cert-manager)"
+	@echo "Check https://node-readiness-controller.sigs.k8s.io/user-guide/installation.html for installation instructions."
 
 ## --------------------------------------
 ## Deployment
diff --git a/docs/book/src/releases.md b/docs/book/src/releases.md
index b081111..4fd1331 100644
--- a/docs/book/src/releases.md
+++ b/docs/book/src/releases.md
@@ -6,7 +6,7 @@ This page details the official releases of the Node Readiness Controller.
 
 **Date:** 2026-02-28
 
-This release brings several new features, including a webhook component, metrics manifests natively integrated with Kustomize, and major documentation improvements.
+This release brings several new features, including a validating admission webhook that validates `NodeReadinessRule` configurations, prevents conflicting rules with overlapping node selectors, and warns against risky `NoExecute` enforcement. It also introduces metrics manifests natively integrated with Kustomize, which includes support for secure metrics via TLS. Finally, this release includes major documentation improvements.
 
 ### Release Notes
 
@@ -52,39 +52,36 @@ registry.k8s.io/node-readiness-controller/node-readiness-reporter:v0.2.0
 
 ### Installation
 
+**Prerequisites**: If you plan to install with all optional features enabled (`install-full.yaml`), you must have [cert-manager](https://cert-manager.io/docs/installation/) installed in your cluster.
+
 To install the CRDs, apply the `crds.yaml` manifest for this version:
 
 ```sh
 kubectl apply -f https://github.com/kubernetes-sigs/node-readiness-controller/releases/download/v0.2.0/crds.yaml
 ```
 
-To install the controller, apply the `install.yaml` manifest for this version:
-
-```sh
-kubectl apply -f https://github.com/kubernetes-sigs/node-readiness-controller/releases/download/v0.2.0/install.yaml
-```
-
-Alternatively, to install with metrics enabled:
+To install the controller, choose one of the following manifests based on your requirements:
 
-```sh
-kubectl apply -f https://github.com/kubernetes-sigs/node-readiness-controller/releases/download/v0.2.0/install-with-metrics.yaml
-```
+| Manifest | Contents | Prerequisites |
+| :--- | :--- | :--- |
+| **`install.yaml`** | Core Controller | None |
+| **`install-full.yaml`** | Core Controller + Metrics (Secure) + Validation Webhook | `cert-manager` |
 
-To install with secure metrics enabled:
+**Standard Installation (Minimal):**
+The simplest way to deploy the controller with no external dependencies.
 
 ```sh
-kubectl apply -f https://github.com/kubernetes-sigs/node-readiness-controller/releases/download/v0.2.0/install-with-secure-metrics.yaml
+kubectl apply -f https://github.com/kubernetes-sigs/node-readiness-controller/releases/download/v0.2.0/install.yaml
 ```
 
-To install with webhook enabled:
+**Full Installation (Production Ready):**
+Includes secure metrics (TLS-protected) and validating webhooks for rule conflict prevention. **Requires [cert-manager](https://cert-manager.io/docs/installation/)** to be installed in your cluster.
 
 ```sh
-kubectl apply -f https://github.com/kubernetes-sigs/node-readiness-controller/releases/download/v0.2.0/install-with-webhook.yaml
+kubectl apply -f https://github.com/kubernetes-sigs/node-readiness-controller/releases/download/v0.2.0/install-full.yaml
 ```
 
-Note: secure metrics and webhook requires cert-manager crds to be installed in the cluster.
-
-This will deploy the controller into any available node in the `nrr-system` namespace in your cluster. Check [here](https://node-readiness-controller.sigs.k8s.io/user-guide/installation.html) for more installation instructions.
+This will deploy the controller into any available node in the `nrr-system` namespace in your cluster. Check [here](https://node-readiness-controller.sigs.k8s.io/user-guide/installation.html) for more detailed installation instructions.
 
 ### Contributors
 
diff --git a/docs/book/src/user-guide/installation.md b/docs/book/src/user-guide/installation.md
index 8099706..df5a901 100644
--- a/docs/book/src/user-guide/installation.md
+++ b/docs/book/src/user-guide/installation.md
@@ -2,9 +2,13 @@
 
 Follow this guide to install the Node Readiness Controller in your Kubernetes cluster.
 
+## Prerequisites
+
+If you plan to use the `install-full.yaml` option (which includes secure metrics and the validating admission webhook), you must first have [cert-manager](https://cert-manager.io/docs/installation/) installed in your cluster.
+
 ## Deployment Options
 
-### Option 1: Install Official Release (Recommended)
+### Option 1: Official Release (Recommended)
 
 First, to install the CRDs, apply the `crds.yaml` manifest:
 
@@ -16,32 +20,29 @@ kubectl wait --for condition=established --timeout=30s crd/nodereadinessrules.re
 
 ```
 
-To install the controller, apply the `install.yaml` manifest:
-
-```sh
-kubectl apply -f https://github.com/kubernetes-sigs/node-readiness-controller/releases/download/${VERSION}/install.yaml
-```
+#### 2. Install the Controller
 
-Alternatively, to install with metrics enabled:
+Choose one of the two following manifests based on your requirements:
 
-```sh
-kubectl apply -f https://github.com/kubernetes-sigs/node-readiness-controller/releases/download/${VERSION}/install-with-metrics.yaml
-```
+| Manifest | Contents | Prerequisites |
+| :--- | :--- | :--- |
+| **`install.yaml`** | Core Controller | None |
+| **`install-full.yaml`** | Core Controller + Metrics (Secure) + Validation Webhook | `cert-manager` |
 
-To install with secure metrics enabled:
+**Standard Installation (Minimal):**
+The simplest way to deploy the controller with no external dependencies.
 
 ```sh
-kubectl apply -f https://github.com/kubernetes-sigs/node-readiness-controller/releases/download/${VERSION}/install-with-secure-metrics.yaml
+kubectl apply -f https://github.com/kubernetes-sigs/node-readiness-controller/releases/download/${VERSION}/install.yaml
 ```
 
-To install with webhook enabled:
+**Full Installation (Production Ready):**
+Includes secure metrics (TLS-protected) and validating webhooks for rule conflict prevention. **Requires [cert-manager](https://cert-manager.io/docs/installation/)** to be installed in your cluster.
 
 ```sh
-kubectl apply -f https://github.com/kubernetes-sigs/node-readiness-controller/releases/download/${VERSION}/install-with-webhook.yaml
+kubectl apply -f https://github.com/kubernetes-sigs/node-readiness-controller/releases/download/${VERSION}/install-full.yaml
 ```
 
-Note: Secure metrics and webhooks require cert-manager to be installed in the cluster.
-
 This will deploy the controller into the `nrr-system` namespace on any available node in your cluster.
 
 #### Controller priority
@@ -61,16 +62,22 @@ REPO="registry.k8s.io/node-readiness-controller/node-readiness-controller"
 TAG=$(skopeo list-tags docker://$REPO | jq .'Tags[-1]' | tr -d '"')
 docker pull $REPO:$TAG
 ```
-### Option 2: Deploy Using Kustomize
+### Option 2: Advanced Deployment (Kustomize)
+
+If you need deeper customization, you can use Kustomize directly from the source.
 
 ```sh
-# 1. Install Custom Resource Definitions (CRDs)
+# 1. Install CRDs
 kubectl apply -k config/crd
 
-# 2. Deploy Controller and RBAC
+# 2. Deploy Controller with default configuration
 kubectl apply -k config/default
 ```
 
+You can enable optional components (Metrics, TLS, Webhook) by creating a `kustomization.yaml` that includes the relevant components from the `config/` directory. For reference on how these components can be combined, see the `deploy-with-metrics`, `deploy-with-tls`, `deploy-with-webhook`, and `deploy-full` targets in the projects [`Makefile`](https://github.com/kubernetes-sigs/node-readiness-controller/blob/main/Makefile).
+
+---
+
 ## Verification
 
 After installation, verify that the controller is running successfully.
@@ -111,14 +118,8 @@ The controller uses a **finalizer** (`readiness.node.x-k8s.io/cleanup-taints`) o
     # If installed via release manifest
     kubectl delete -f https://github.com/kubernetes-sigs/node-readiness-controller/releases/download/${VERSION}/install.yaml
     
-    # Or if using the metrics manifest
-    kubectl delete -f https://github.com/kubernetes-sigs/node-readiness-controller/releases/download/${VERSION}/install-with-metrics.yaml
-
-    # Or if using the secure metrics manifest
-    kubectl delete -f https://github.com/kubernetes-sigs/node-readiness-controller/releases/download/${VERSION}/install-with-secure-metrics.yaml
-
-    # Or if using the webhook manifest
-    kubectl delete -f https://github.com/kubernetes-sigs/node-readiness-controller/releases/download/${VERSION}/install-with-webhook.yaml
+    # Or if using the full manifest
+    kubectl delete -f https://github.com/kubernetes-sigs/node-readiness-controller/releases/download/${VERSION}/install-full.yaml
 
     # OR if using Kustomize
     kubectl delete -k config/default

From e79617f0c053b8cd0d8086cc14c67cd98563d5b4 Mon Sep 17 00:00:00 2001
From: AvineshTripathi <avineshtripathi1@gmail.com>
Date: Wed, 4 Mar 2026 09:55:23 +0530
Subject: [PATCH 4/4] bump release version v0.2.1

Signed-off-by: AvineshTripathi <avineshtripathi1@gmail.com>
---
 VERSION                   | 2 +-
 docs/book/src/releases.md | 2 ++
 2 files changed, 3 insertions(+), 1 deletion(-)

diff --git a/VERSION b/VERSION
index 1474d00..22c08f7 100644
--- a/VERSION
+++ b/VERSION
@@ -1 +1 @@
-v0.2.0
+v0.2.1
diff --git a/docs/book/src/releases.md b/docs/book/src/releases.md
index 4fd1331..5e02494 100644
--- a/docs/book/src/releases.md
+++ b/docs/book/src/releases.md
@@ -18,6 +18,7 @@ This release brings several new features, including a validating admission webho
 - Enhance Dockerfiles and bump Go module version ([#113](https://github.com/kubernetes-sigs/node-readiness-controller/pull/113))
 - Add `build-installer` make target to create CRD and install manifests ([#95](https://github.com/kubernetes-sigs/node-readiness-controller/pull/95), [#93](https://github.com/kubernetes-sigs/node-readiness-controller/pull/93))
 - Add a pull request template ([#110](https://github.com/kubernetes-sigs/node-readiness-controller/pull/110))
+- Restrict NodeReadinessRuleSpec.Taint to "readiness.k8s.io/" prefix ([#112](https://github.com/kubernetes-sigs/node-readiness-controller/pull/112))
 
 #### Bug Fixes
 - Fix dev-container: disable moby in newer version of debian ([#127](https://github.com/kubernetes-sigs/node-readiness-controller/pull/127))
@@ -27,6 +28,7 @@ This release brings several new features, including a validating admission webho
 #### Code Cleanup & Maintenance
 - Remove unused `globalDryRun` feature ([#123](https://github.com/kubernetes-sigs/node-readiness-controller/pull/123), [#130](https://github.com/kubernetes-sigs/node-readiness-controller/pull/130))
 - Bump versions for devcontainer and golangci-kal ([#132](https://github.com/kubernetes-sigs/node-readiness-controller/pull/132))
+- Add release automation workflow ([#144](https://github.com/kubernetes-sigs/node-readiness-controller/pull/144))
 
 #### Documentation & Examples
 - Document `NoExecute` taint risks and add admission warning ([#120](https://github.com/kubernetes-sigs/node-readiness-controller/pull/120))