Update module github.com/gardener/gardener to v1.123.0 - autoclosed #150
Conversation
ℹ Artifact update noticeFile name: go.modIn order to perform the update(s) described in the table above, Renovate ran the
Details:
|
|
[APPROVALNOTIFIER] This PR is NOT APPROVED This pull-request has been approved by: The full list of commands accepted by this bot can be found here.
Needs approval from an approver in each of these files:
Approvers can indicate their approval by writing |
gardener-prow
bot
added
do-not-merge/needs-kind
gardener-prow
bot
added
the
cla: yes
gardener-ci-robot
changed the title
gardener-ci-robot
force-pushed
the
renovate/g.yxqyang.asia-gardener-gardener-1.x
branch
from
bf225b3 to
b539084
Compare
gardener-ci-robot
changed the title
gardener-ci-robot
deleted the
renovate/g.yxqyang.asia-gardener-gardener-1.x
branch
gardener-ci-robot
changed the title
gardener-ci-robot
force-pushed
the
renovate/g.yxqyang.asia-gardener-gardener-1.x
branch
from
ff0f190 to
b539084
Compare
|
@gardener-ci-robot: The following test failed, say
Full PR test history. Your PR dashboard. Command help for this repository. Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository. I understand the commands that are listed here. |
gardener-ci-robot
changed the title
This PR contains the following updates:
v1.118.2->v1.123.0Release Notes
gardener/gardener (github.com/gardener/gardener)
v1.123.0Compare Source
[gardener/gardener]
[OPERATOR]There is a new validation for theGardenresource which ensures the API server domain of the virtual cluster which is derived from the primary (immutable) DNS name does not match any SNI domain pattern. by @oliver-goetz [#11996][OPERATOR]ShootAPI fieldspec.provider.workers[].controlPlane.backup.secretRefhas been removed, please migrate your shoot manifests tospec.provider.workers[].controlPlane.backup.credentialsRef! by @vpnachev [#12347][OPERATOR]SeedAPI fieldspec.backup.secretRefhas been removed, please migrate your seed manifests tospec.backup.credentialsRef! Gardener API server already has defaulted this field. by @vpnachev [#12347][OPERATOR]GardenletConfigurationconfiguration file fieldseedConfig.spec.backup.secretRefhas been removed, please migrate your gardenlet configuration manifests toseedConfig.spec.backup.credentialsRef! Gardenlet already has defaulted this field . by @vpnachev [#12347][OPERATOR]GardenletAPI fieldspec.config.seedConfig.spec.backup.secretRefhas been removed, please migrate your gardenlet manifests tospec.config.seedConfig.spec.backup.credentialsRef! Gardener API server already has defaulted this field. by @vpnachev [#12347][OPERATOR]gardenlets cannot connect to Garden cluster withinsecure-skip-tls-verifyanymore. This setting still works in the bootstrap kubeconfig but is unset bootstrapping. by @oliver-goetz [#11996][OPERATOR]The deprecated fieldgloballyEnabledhas been removed from theControllerRegistrationandExtensionAPIs. Please make sure thatgloballyEnabledis not used anymore and all already appliedControllerRegistrationandExtensionresources switched to the new fieldautoEnable, before upgrading to this version. Read more about the extension registration and theautoEnablefeature here. by @timuthy [#12465][OPERATOR]TheDoNotCopyBackupCredentialsfeature gate has been promoted to beta and is now enabled by default. When the feature is enabled theSeedbackup secret is no longer copied from theShootinfrastructure credentials in case an operator does not provide an existing backup secret. If you configureseed.spec.backup.credentialsRef, make sure that the referred credential already exists. For production setups, it is advised that operators configure a separate set of credentials forSeedbackup andShootinfrastructure. by @dimityrmirchev [#12414][OPERATOR]TheNodeAgentAuthorizerfeature gate has been graduated to GA and is locked totrue. by @oliver-goetz [#12405][OPERATOR]ManagedSeedAPI fieldspec.gardenlet.config.seedConfig.spec.backup.secretRefhas been removed, please migrate your managed seed manifests tospec.gardenlet.config.seedConfig.spec.backup.credentialsRef! Gardener API server already has defaulted this field. by @vpnachev [#12347][DEVELOPER]The.spec.purposefield in theControlPlaneresource has been removed after being deprecated since Gardener v1.120.0. It was previously used to distinguish between thenormalandexposurepurposes. The exposure purpose was used before SNI was introduced. Since SNI is now unconditionally enabled, the field is no longer needed. by @theoddora [#12340][DEVELOPER]The functiong.yxqyang.asia/gardener/gardener/extensions/pkg/controller/controlplane/genericactuator.NewActuatorno longer acceptsexposureSecretConfigs,exposureShootAccessSecretsfunctions as parameters, andcontrolPlaneExposureChartchart.The interface
github.com/gardener/gardener/extensions/pkg/controller/controlplane/genericactuator.ValuesProviderno longer defines a method calledGetControlPlaneExposureChartValues. Implementations of the interface can drop the said method. by @theoddora [#12340][USER]Setting resources with.suffix in thespec.kubernetes.kubeAPIServer.encryptionConfig.resourcesfield is now forbidden. by @AleksandarSavchev [#12355][USER]The deprecatedurlannotation in<shoot-name>.monitoringsecrets in the project namespace has been removed. Please use theplutono-urlannotation instead. by @oliver-goetz [#12396][USER]The.spec.kubernetes.clusterAutoscaler.maxEmptyBulkDeletefield in theShootAPI is forbidden to be set for Kubernetes versions >= 1.33 and will be removed after support for Kubernetes 1.32 is dropped. by @Kostov6 [#12413]📰 Noteworthy
[OPERATOR]The graduated feature gateRemoveAPIServerProxyLegacyPorthas been removed. by @Wieneo [#12406][USER]For worker pools with in-place update strategies, themaxSurgeandmaxUnavailablefields are now correctly defaulted to0and1respectively. by @shafeeqes [#12438]✨ New Features
[OPERATOR]Introduced the OpenTelemetry Operator as a component to Seed & Garden Clusters. by @rrhubenov [#12165][OPERATOR]gardenlets are now able to update their garden cluster CA automatically from Garden cluster ifgardenClusterCACertfield ingardenletresource is omitted.gardenClusterCACertfield ingardenletresource is deprecated now. by @oliver-goetz [#11996][OPERATOR]Operators do no longer have to specify agardenClusterAddressingardenletresources. by @oliver-goetz [#11996][OPERATOR]Cluster internal L7 load balancing for control plane components of shoot and virtual garden kube-apiservers is supported now. by @oliver-goetz [#12260][DEVELOPER]The provider-local extension implements theBastionresource now. With this, you can usegardenctl sshin the local setup. by @timebertt [#12366][DEVELOPER]BackupBucket/BackupEntry controllers now support WorkloadIdentity type of credentials, provider extensions may need to adjust the respective controllers or to explicitly disallow BackupBuckets of their type to configure WorkloadIdentity. by @vpnachev [#12321]🐛 Bug Fixes
[DEVELOPER]Fixed the local-setup for Cilium shoots. by @axel7born [#12410][USER]A bug causing thekube-apiserverto crash due to invalid resources in thespec.kubernetes.kubeAPIServer.encryptionConfig.resourceswas fixed. by @AleksandarSavchev [#12355][USER]A bug forbidding the update ofspec.kubernetes.kubeAPIServer.encryptionConfig.resourcesdue to use of.suffix in resources was fixed. by @AleksandarSavchev [#12355][OPERATOR]Fix istio creation on cloud regions with uppercase characters by @modzilla99 [#12466]🏃 Others
[DEPENDENCY]The following dependencies have been updated:gardener/gardener-metrics-exporterfrom0.39.0to0.40.0. Release Notes by @gardener-ci-robot [#12441][DEPENDENCY]The following dependencies have been updated:quay.io/kiwigrid/k8s-sidecarfrom1.30.5to1.30.6. by @gardener-ci-robot [#12447][DEPENDENCY]The following dependencies have been updated:registry.k8s.io/kube-state-metrics/kube-state-metricsfromv2.15.0tov2.16.0. by @gardener-ci-robot [#12424][DEPENDENCY]The following dependencies have been updated:perses/perses-operatorfromv0.1.12tov0.2.0. Release Notes by @gardener-ci-robot [#12420][DEPENDENCY]The base image of thegardener-extension-provider-local-nodeimage is now updated tokindest/[email protected]. by @Kostov6 [#12386][DEPENDENCY]local setup: The kind cluster's node image is now updated tokindest/[email protected]. by @Kostov6 [#12386][DEPENDENCY]The following dependencies have been updated:registry.k8s.io/ingress-nginx/controller-chrootfromv1.12.3tov1.12.4. by @gardener-ci-robot [#12445][DEPENDENCY]The following dependencies have been updated:perses/persesfromv0.51.0tov0.51.1. Release Notes by @gardener-ci-robot [#12417][DEPENDENCY]The following dependencies have been updated:quay.io/kiwigrid/k8s-sidecarfrom1.30.6to1.30.7. by @gardener-ci-robot [#12488][DEPENDENCY]The following dependencies have been updated:registry.k8s.io/ingress-nginx/controller-chrootfromv1.11.7tov1.11.8. by @gardener-ci-robot [#12443][DEPENDENCY]The following dependencies have been updated:gardener/dashboardfrom1.80.3to1.81.0. Release Notes by @petersutter [#12514][DEPENDENCY]The following dependencies have been updated:registry.k8s.io/ingress-nginx/controller-chrootfromv1.12.4tov1.13.0. by @gardener-ci-robot [#12444][OPERATOR]Defaultfield inFeatureGateVersionRangeis now renamed toLockedValue. by @RadaBDimitrova [#12458][OPERATOR]Add Capabilities validation utils for provider-extension. Read more about Machine Capabilities here by @Roncossek [#12128][OPERATOR]Clean up obsoleteprometheus-folder from Prometheus volumes. This might be a leftover of GEP-19 by @vicwicker [#12219][OPERATOR]The status of constraintDualStackNodesMigrationReadyis nowprogressinginstead offalseat the start of a migration to dual-stack networking. by @axel7born [#12470]Helm Charts
europe-docker.pkg.dev/gardener-project/releases/charts/gardener/controlplane:v1.123.0europe-docker.pkg.dev/gardener-project/releases/charts/gardener/gardenlet:v1.123.0europe-docker.pkg.dev/gardener-project/releases/charts/gardener/operator:v1.123.0europe-docker.pkg.dev/gardener-project/releases/charts/gardener/resource-manager:v1.123.0Container (OCI) Images
europe-docker.pkg.dev/gardener-project/releases/gardener/admission-controller:v1.123.0europe-docker.pkg.dev/gardener-project/releases/gardener/apiserver:v1.123.0europe-docker.pkg.dev/gardener-project/releases/gardener/controller-manager:v1.123.0europe-docker.pkg.dev/gardener-project/releases/gardener/gardenadm:v1.123.0europe-docker.pkg.dev/gardener-project/releases/gardener/gardenlet:v1.123.0europe-docker.pkg.dev/gardener-project/releases/gardener/node-agent:v1.123.0europe-docker.pkg.dev/gardener-project/releases/gardener/operator:v1.123.0europe-docker.pkg.dev/gardener-project/releases/gardener/resource-manager:v1.123.0europe-docker.pkg.dev/gardener-project/releases/gardener/scheduler:v1.123.0v1.122.1Compare Source
[gardener/gardener]
🐛 Bug Fixes
[USER]An issue causing gardenlet to panic during the migration from single-stack IPv4 to dual-stack IPv4, IPv6 when the Shoot is hibernated is now fixed. by @DockToFuture [#12435][USER]A bug causing themaxSurgeandmaxUnavailablefields for worker pools with update strategyManualInPlaceUpdatealways getting overwritten is now fixed. by @shafeeqes [#12454][DEVELOPER]An issue causing reporting data generated by the testframework to be incompatible with recent elasticsearch/opensearch versions is now fixed. by @dguendisch [#12462][OPERATOR]Fixed an error inBackupBucketreconciliation by replacingStrategicMergePatchwithMergePatchto properly handleruntime.RawExtensionfields. by @shafeeqes [#12461]Helm Charts
europe-docker.pkg.dev/gardener-project/releases/charts/gardener/controlplane:v1.122.1europe-docker.pkg.dev/gardener-project/releases/charts/gardener/gardenlet:v1.122.1europe-docker.pkg.dev/gardener-project/releases/charts/gardener/operator:v1.122.1europe-docker.pkg.dev/gardener-project/releases/charts/gardener/resource-manager:v1.122.1Container (OCI) Images
europe-docker.pkg.dev/gardener-project/releases/gardener/admission-controller:v1.122.1europe-docker.pkg.dev/gardener-project/releases/gardener/apiserver:v1.122.1europe-docker.pkg.dev/gardener-project/releases/gardener/controller-manager:v1.122.1europe-docker.pkg.dev/gardener-project/releases/gardener/gardenadm:v1.122.1europe-docker.pkg.dev/gardener-project/releases/gardener/gardenlet:v1.122.1europe-docker.pkg.dev/gardener-project/releases/gardener/node-agent:v1.122.1europe-docker.pkg.dev/gardener-project/releases/gardener/operator:v1.122.1europe-docker.pkg.dev/gardener-project/releases/gardener/resource-manager:v1.122.1europe-docker.pkg.dev/gardener-project/releases/gardener/scheduler:v1.122.1v1.122.0Compare Source
[gardener/gardener]
[DEPENDENCY]The Workload Identity secrets will no longer set theconfigdata key (with value"null") when theworkloadIdentity.spec.targetSystem.providerConfigisnil. by @vpnachev [#12372][OPERATOR]If an operator configuresserviceAccountConfig.issuerfor the virtual cluster in a Garden resource and that issuer matches a hostname of the virtualkube-apiserverthen the--external-hostnameflag of the virtualkube-apiserverwill be set to that hostname instead of the first domain set in thevirtualCluster.dns.domains[]field. by @dimityrmirchev [#12351][USER]The.spec.kubernetes.enableStaticTokenKubeconfigfield in theShootAPI is removed. This field has been deprecated since Gardener v1.114.0. Adapt your manifests and machinery to no longer specify this field. Otherwise, CREATE/UPDATE requests for Shoot will be rejected due to unknown field. by @shafeeqes [#12284]📰 Noteworthy
[OPERATOR]TheRemoveAPIServerProxyLegacyPortfeature gate has been promoted to GA and is now unconditionally enabled. by @Wieneo [#12341]✨ New Features
[DEVELOPER]Gardener can now support clusters with Kubernetes version 1.33. Extension developers have to prepare individual extensions as well to work with 1.33. by @RadaBDimitrova [#12216][OPERATOR]Gardener can now support clusters with Kubernetes version 1.33. To allow creation/update of 1.33 clusters you will have to update the version of your provider extension(s) to a version that supports 1.33 as well. Please consult the respective releases and notes in the provider extension's repository. by @RadaBDimitrova [#12216][OPERATOR]The JWTs issued on behalf of WorkloadIdentity now have thejticlaim set. Already issued tokens will get thejticlaim next time when they are renewed. by @vpnachev [#12353][USER]Support defaulting machine image versions from version prefix on Shoot spec update. by @LucaBernstein [#12374]🐛 Bug Fixes
[USER]A regression causing the gardenlet to fail to decode the referencedAuthenticationConfigurationwhile deploying the kube-apiserver when the API version is notapiserver.config.k8s.io/v1beta1is now fixed. by @AleksandarSavchev [#12399]🏃 Others
[DEPENDENCY]The following dependencies have been updated:quay.io/persesdev/persesfromv0.50.3tov0.51.0. by @gardener-ci-robot [#12237][DEPENDENCY]The following dependencies have been updated:registry.k8s.io/node-problem-detector/node-problem-detectorfromv0.8.20tov0.8.21. by @gardener-ci-robot [#12242][DEPENDENCY]The following dependencies have been updated:credativ/valifromv2.2.23tov2.2.24. Release Notes by @gardener-ci-robot [#12313][DEPENDENCY]The following dependencies have been updated:credativ/plutonofromv7.5.38tov7.5.39. Release Notes by @gardener-ci-robot [#12312][DEPENDENCY]The following dependencies are updated:k8s.io/*:v0.32.5->v0.33.1sigs.k8s.io/controller-runtime:v0.20.4->v0.21.0sigs.k8s.io/controller-tools:v0.17.3->v0.18.0by @plkokanov [#12208][DEPENDENCY]The following dependencies have been updated:quay.io/kiwigrid/k8s-sidecarfrom1.30.3to1.30.5. by @gardener-ci-robot [#12375][OPERATOR]The.spec.kubernetes.kubeControllerManager.podEvictionTimeoutfield in theShootAPI is forbidden to be set for Kubernetes versions >= 1.33 and will be removed after support for Kubernetes 1.32 is dropped. by @plkokanov [#12343][OPERATOR]Terraform container now forbids privilege escalation explicitly. by @AleksandarSavchev [#12325][USER]The redundantcontainerd-monitorsystemd unit is now removed. It had already been replaced by thegardener-node-agent's health check controller which fully covers the functionality of thecontainerd-monitorunit. by @theoddora [#12297]📖 Documentation
[OPERATOR]A documentation on how to configure and use immutable backup buckets for enhanced data protection is now added. by @seshachalam-yv [#12175]Helm Charts
europe-docker.pkg.dev/gardener-project/releases/charts/gardener/controlplane:v1.122.0europe-docker.pkg.dev/gardener-project/releases/charts/gardener/gardenlet:v1.122.0europe-docker.pkg.dev/gardener-project/releases/charts/gardener/operator:v1.122.0europe-docker.pkg.dev/gardener-project/releases/charts/gardener/resource-manager:v1.122.0Container (OCI) Images
europe-docker.pkg.dev/gardener-project/releases/gardener/admission-controller:v1.122.0europe-docker.pkg.dev/gardener-project/releases/gardener/apiserver:v1.122.0europe-docker.pkg.dev/gardener-project/releases/gardener/controller-manager:v1.122.0europe-docker.pkg.dev/gardener-project/releases/gardener/gardenadm:v1.122.0europe-docker.pkg.dev/gardener-project/releases/gardener/gardenlet:v1.122.0europe-docker.pkg.dev/gardener-project/releases/gardener/node-agent:v1.122.0europe-docker.pkg.dev/gardener-project/releases/gardener/operator:v1.122.0europe-docker.pkg.dev/gardener-project/releases/gardener/resource-manager:v1.122.0europe-docker.pkg.dev/gardener-project/releases/gardener/scheduler:v1.122.0v1.121.4Compare Source
[gardener/gardener]
🐛 Bug Fixes
[USER]An issue causing gardenlet to panic during the migration from single-stack IPv4 to dual-stack IPv4, IPv6 when the Shoot is hibernated is now fixed. by @DockToFuture [#12435][USER]A bug causing themaxSurgeandmaxUnavailablefields for worker pools with update strategyManualInPlaceUpdatealways getting overwritten is now fixed. by @shafeeqes [#12455][DEVELOPER]An issue causing reporting data generated by the testframework to be incompatible with recent elasticsearch/opensearch versions is now fixed. by @dguendisch [#12463][OPERATOR]Fixed an error inBackupBucketreconciliation by replacingStrategicMergePatchwithMergePatchto properly handleruntime.RawExtensionfields. by @shafeeqes [#12459]Helm Charts
europe-docker.pkg.dev/gardener-project/releases/charts/gardener/controlplane:v1.121.4europe-docker.pkg.dev/gardener-project/releases/charts/gardener/gardenlet:v1.121.4europe-docker.pkg.dev/gardener-project/releases/charts/gardener/operator:v1.121.4europe-docker.pkg.dev/gardener-project/releases/charts/gardener/resource-manager:v1.121.4Container (OCI) Images
europe-docker.pkg.dev/gardener-project/releases/gardener/admission-controller:v1.121.4europe-docker.pkg.dev/gardener-project/releases/gardener/apiserver:v1.121.4europe-docker.pkg.dev/gardener-project/releases/gardener/controller-manager:v1.121.4europe-docker.pkg.dev/gardener-project/releases/gardener/gardenadm:v1.121.4europe-docker.pkg.dev/gardener-project/releases/gardener/gardenlet:v1.121.4europe-docker.pkg.dev/gardener-project/releases/gardener/node-agent:v1.121.4europe-docker.pkg.dev/gardener-project/releases/gardener/operator:v1.121.4europe-docker.pkg.dev/gardener-project/releases/gardener/resource-manager:v1.121.4europe-docker.pkg.dev/gardener-project/releases/gardener/scheduler:v1.121.4v1.121.3Compare Source
[gardener/gardener]
🐛 Bug Fixes
[USER]A regression causing the gardenlet to fail to decode the referencedAuthenticationConfigurationwhile deploying the kube-apiserver when the API version is notapiserver.config.k8s.io/v1beta1is now fixed. by @AleksandarSavchev [#12400]Helm Charts
europe-docker.pkg.dev/gardener-project/releases/charts/gardener/controlplane:v1.121.3europe-docker.pkg.dev/gardener-project/releases/charts/gardener/gardenlet:v1.121.3europe-docker.pkg.dev/gardener-project/releases/charts/gardener/operator:v1.121.3europe-docker.pkg.dev/gardener-project/releases/charts/gardener/resource-manager:v1.121.3Container (OCI) Images
europe-docker.pkg.dev/gardener-project/releases/gardener/admission-controller:v1.121.3europe-docker.pkg.dev/gardener-project/releases/gardener/apiserver:v1.121.3europe-docker.pkg.dev/gardener-project/releases/gardener/controller-manager:v1.121.3europe-docker.pkg.dev/gardener-project/releases/gardener/gardenadm:v1.121.3europe-docker.pkg.dev/gardener-project/releases/gardener/gardenlet:v1.121.3europe-docker.pkg.dev/gardener-project/releases/gardener/node-agent:v1.121.3europe-docker.pkg.dev/gardener-project/releases/gardener/operator:v1.121.3europe-docker.pkg.dev/gardener-project/releases/gardener/resource-manager:v1.121.3europe-docker.pkg.dev/gardener-project/releases/gardener/scheduler:v1.121.3v1.121.2Compare Source
[gardener/gardener]
🐛 Bug Fixes
[DEVELOPER]Installinglogcheckandtyposas custom linters for gardener extensions has been fixed. by @timuthy [#12380][OPERATOR]An issue preventing the cluster-autoscaler to listvolumeattachmentsin now fixed. by @aaronfern [#12376][OPERATOR]TheGardenresource validation no longer forbids setting bothbucketNameandproviderConfigin the ETCD backup configuration under the.spec.virtualClusterfield. by @seshachalam-yv [#12367]🏃 Others
[DEPENDENCY]Perses container images are switched from upstreamquay.ioimages to Gardener AR images (mirror from upstreamdocker.ioimages). The upstreamquay.ioimages are 200MB larger compared to thedocker.ioones and include binary with Sleepycat license (Berkeley DB). by @ialidzhikov [#12383]Helm Charts
europe-docker.pkg.dev/gardener-project/releases/charts/gardener/controlplane:v1.121.2europe-docker.pkg.dev/gardener-project/releases/charts/gardener/gardenlet:v1.121.2europe-docker.pkg.dev/gardener-project/releases/charts/gardener/operator:v1.121.2europe-docker.pkg.dev/gardener-project/releases/charts/gardener/resource-manager:v1.121.2Container (OCI) Images
europe-docker.pkg.dev/gardener-project/releases/gardener/admission-controller:v1.121.2europe-docker.pkg.dev/gardener-project/releases/gardener/apiserver:v1.121.2europe-docker.pkg.dev/gardener-project/releases/gardener/controller-manager:v1.121.2europe-docker.pkg.dev/gardener-project/releases/gardener/gardenadm:v1.121.2europe-docker.pkg.dev/gardener-project/releases/gardener/gardenlet:v1.121.2europe-docker.pkg.dev/gardener-project/releases/gardener/node-agent:v1.121.2europe-docker.pkg.dev/gardener-project/releases/gardener/operator:v1.121.2europe-docker.pkg.dev/gardener-project/releases/gardener/resource-manager:v1.121.2europe-docker.pkg.dev/gardener-project/releases/gardener/scheduler:v1.121.2v1.121.1Compare Source
[gardener/gardener]
🐛 Bug Fixes
[OPERATOR]A regression was fixed that previously prevented the creation or update ofCloudProfiles without a specified machine image versionclassification. by @timuthy [#12334]Helm Charts
europe-docker.pkg.dev/gardener-project/releases/charts/gardener/controlplane:v1.121.1europe-docker.pkg.dev/gardener-project/releases/charts/gardener/gardenlet:v1.121.1europe-docker.pkg.dev/gardener-project/releases/charts/gardener/operator:v1.121.1europe-docker.pkg.dev/gardener-project/releases/charts/gardener/resource-manager:v1.121.1Container (OCI) Images
europe-docker.pkg.dev/gardener-project/releases/gardener/admission-controller:v1.121.1europe-docker.pkg.dev/gardener-project/releases/gardener/apiserver:v1.121.1europe-docker.pkg.dev/gardener-project/releases/gardener/controller-manager:v1.121.1europe-docker.pkg.dev/gardener-project/releases/gardener/gardenadm:v1.121.1europe-docker.pkg.dev/gardener-project/releases/gardener/gardenlet:v1.121.1europe-docker.pkg.dev/gardener-project/releases/gardener/node-agent:v1.121.1europe-docker.pkg.dev/gardener-project/releases/gardener/operator:v1.121.1europe-docker.pkg.dev/gardener-project/releases/gardener/resource-manager:v1.121.1europe-docker.pkg.dev/gardener-project/releases/gardener/scheduler:v1.121.1v1.121.0Compare Source
[gardener/gardener]
[DEVELOPER]Movedextensions/pkg/predicatetopkg/controllerutils/predicate. Please adjust imports accordingly. by @Wieneo [#12026][DEVELOPER]TheMutatorWithShootClienthas been removed from Gardener. If your mutator requires a shoot client, it should implement the newWantsShootClientinterface instead. The corresponding client can be found in the passed context via theShootClientContextKey. by @timuthy [#12289][DEVELOPER]Movedextensions/pkg/util/cloudprofiletopkg/utils/gardener/cloudprofile. Please adjust imports accordingly. by @Wieneo [#12026][USER]The.spec.kubernetes.clusterAutoscaler.maxEmptyBulkDeletefield in the Shoot API is deprecated in favor of.spec.kubernetes.clusterAutoscaler.maxScaleDownParallelismand will be removed once gardener stops supporting kubernetesv1.32. Please adapt your Shoot manifests accordingly. by @takoverflow [#12115][OPERATOR]gardenlet no longer deploys ControlPlane resources with.spec.purpose=exposurefor Shoots usingunmanagedDNS provider. gardenlet will now cleanup any ControlPlane exposure resource as part of the reconciliation and deletion flows for such Shoots. by @theoddora [#12162]📰 Noteworthy
[OPERATOR]TheSeedbackup secret is no longer copied from theShootinfrastructure credentials in case an operator does not provide an existent backup secret andDoNotCopyBackupCredentialsfeature gate is enabled forgardenlet. If you configureseed.spec.backup.credentialsReforseed.spec.backup.secretRef, make sure that the referred credential already exists. For production setups, it is advised that operators configure a separate set of credentials forSeedbackup andShootinfrastructure. by @dimityrmirchev [#12168][OPERATOR]TheCredentialsRotationWithoutWorkersRolloutfeature gate has been promoted to beta and is now enabled by default. by @rfranzke [#12236]✨ New Features
[DEVELOPER]Extension mutators or validators can now retrieve a correspondingClusterobject from the passedcontext.Context. TheWantsClusterObjectinterface must be implemented for this functionality. by @timuthy [#12289][USER]Concurrent drain and deletion of nodes that require drain can now be configured forcluster-autoscalervia the field.spec.kubernetes.clusterAutoscaler.maxDrainParallelismin the Shoot API. by @takoverflow [#12115][OPERATOR]gardenletnow doesn't scale up deployments duringShootreconciliation if they havedependency-watchdog.gardener.cloud/meltdown-protection-activeannotation on them. by @ashwani2k [#12314]🐛 Bug Fixes
[USER]A bug causing thekube-apiserverto crash when anonymous authentication is configured viaStructuredAuthenticationwas fixed. by @dimityrmirchev [#12198][OPERATOR]An issue causing the Shoot credentials rotation status not to correctly get updated, after all the manual in-place pending workers are updated, is now fixed. by @shafeeqes [#12306]🏃 Others
[OPERATOR]Enhance DualStack migration docs with knowledge about manual reconciliation. by @adenitiu [#12246][OPERATOR]gardenadmis now published as a container image in release and snapshot builds. by @timebertt [#12294][OPERATOR]Introduce theperses-operatortoGardenandSeedclusters. by @rickardsjp [#12084][OPERATOR]Clarified and enforced policy in the Kubernetes version support process to retain only the latest 5 minor versions, improving security by dropping older, unpatched versions more consistently. by @vlerenc [#12201][DEVELOPER]Added the helper functionCurrentLifecycleClassification(version)to evaluate the current classification of a givenExpirableVersion. by @LucaBernstein [#12298][DEVELOPER]Introduced new version classificationsunavailableandexpired. They are not meant to be set manually but should act as computed classification states. by @LucaBernstein [#12298][DEPENDENCY]The following dependencies have been updated:gardener/dashboardfrom1.80.2to1.80.3. Release Notes by @gardener-ci-robot [#12227][DEPENDENCY]The following dependencies have been updated:gardener/dependency-watchdogfromv1.4.0tov1.5.0. Release Notesg.yxqyang.asia/gardener/dependency-watchdogfromv1.4.0tov1.5.0. by @ashwani2k [#12314][DEPENDENCY]The following dependencies have been updated:registry.k8s.io/autoscaling/vpa-admission-controllerfrom1.4.0to1.4.1.registry.k8s.io/autoscaling/vpa-recommenderfrom1.4.0to1.4.1.registry.k8s.io/autoscaling/vpa-updaterfrom1.4.0to1.4.1. by @gardener-ci-robot [#12239][DEPENDENCY]The following dependencies have been updated:registry.k8s.io/ingress-nginx/controller-chrootfromv1.12.2tov1.12.3. by @gardener-ci-robot [#12258][DEPENDENCY]The following dependencies have been updated:registry.k8s.io/autoscaling/vpa-admission-controllerfrom1.3.1to1.4.0.registry.k8s.io/autoscaling/vpa-recommenderfrom1.3.1to1.4.0.registry.k8s.io/autoscaling/vpa-updaterfrom1.3.1to1.4.0. by @gardener-ci-robot [#12167][DEPENDENCY]The following dependencies have been updated:registry.k8s.io/ingress-nginx/controller-chrootfromv1.11.6tov1.11.7. by @gardener-ci-robot [#12257]Helm Charts
europe-docker.pkg.dev/gardener-project/releases/charts/gardener/controlplane:v1.121.0europe-docker.pkg.dev/gardener-project/releases/charts/gardener/gardenlet:v1.121.0europe-docker.pkg.dev/gardener-project/releases/charts/gardener/operator:v1.121.0europe-docker.pkg.dev/gardener-project/releases/charts/gardener/resource-manager:v1.121.0Container (OCI) Images
europe-docker.pkg.dev/gardener-project/releases/gardener/admission-controller:v1.121.0europe-docker.pkg.dev/gardener-project/releases/gardener/apiserver:v1.121.0europe-docker.pkg.dev/gardener-project/releases/gardener/controller-manager:v1.121.0europe-docker.pkg.dev/gardener-project/releases/gardener/gardenadm:v1.121.0europe-docker.pkg.dev/gardener-project/releases/gardener/gardenlet:v1.121.0europe-docker.pkg.dev/gardener-project/releases/gardener/node-agent:v1.121.0europe-docker.pkg.dev/gardener-project/releases/gardener/operator:v1.121.0europe-docker.pkg.dev/gardener-project/releases/gardener/resource-manager:v1.121.0europe-docker.pkg.dev/gardener-project/releases/gardener/scheduler:v1.121.0v1.120.4Compare Source
[gardener/gardener]
🐛 Bug Fixes
[USER]An issue causing gardenlet to panic during the migration from single-stack IPv4 to dual-stack IPv4, IPv6 when the Shoot is hibernated is now fixed. by @DockToFuture [#12435][DEVELOPER]An issue causing reporting data generated by the testframework to be incompatible with recent elasticsearch/opensearch versions is now fixed. by @dguendisch [#12464][OPERATOR]Fixed an error inBackupBucketreconciliation by replacingStrategicMergePatchwithMergePatchto properly handleruntime.RawExtensionfields. by @shafeeqes [#12460]Helm Charts
europe-docker.pkg.dev/gardener-project/releases/charts/gardener/controlplane:v1.120.4europe-docker.pkg.dev/gardener-project/releases/charts/gardener/gardenlet:v1.120.4europe-docker.pkg.dev/gardener-project/releases/charts/gardener/operator:v1.120.4europe-docker.pkg.dev/gardener-project/releases/charts/gardener/resource-manager:v1.120.4Container (OCI) Images
europe-docker.pkg.dev/gardener-project/releases/gardener/admission-controller:v1.120.4europe-docker.pkg.dev/gardener-project/releases/gardener/apiserver:v1.120.4europe-docker.pkg.dev/gardener-project/releases/gardener/controller-manager:v1.120.4europe-docker.pkg.dev/gardener-project/releases/gardener/gardenadm:v1.120.4europe-docker.pkg.dev/gardener-project/releases/gardener/gardenlet:v1.120.4europe-docker.pkg.dev/gardener-project/releases/gardener/node-agent:v1.120.4europe-docker.pkg.dev/gardener-project/releases/gardener/operator:v1.120.4europe-docker.pkg.dev/gardener-project/releases/gardener/resource-manager:v1.120.4europe-docker.pkg.dev/gardener-project/releases/gardener/scheduler:v1.120.4v1.120.3Compare Source
[gardener/gardener]
🐛 Bug Fixes
[OPERATOR]An issue preventing the cluster-autoscaler to listvolumeattachmentsin now fixed. by @aaronfern [#12378][DEVELOPER]Installinglogcheckandtyposas custom linters for gardener extensions has been fixed. by @timuthy [#12381]Helm Charts
europe-docker.pkg.dev/gardener-project/releases/charts/gardener/controlplane:v1.120.3europe-docker.pkg.dev/gardener-project/releases/charts/gardener/gardenlet:v1.120.3europe-docker.pkg.dev/gardener-project/releases/charts/gardener/operator:v1.120.3europe-docker.pkg.dev/gardener-project/releases/charts/gardener/resource-manager:v1.120.3Container (OCI) Images
europe-docker.pkg.dev/gardener-project/releases/gardener/admission-controller:v1.120.3europe-docker.pkg.dev/gardener-project/releases/gardener/apiserver:v1.120.3europe-docker.pkg.dev/gardener-project/releases/gardener/controller-manager:v1.120.3europe-docker.pkg.dev/gardener-project/releases/gardener/gardenadm:v1.120.3europe-docker.pkg.dev/gardener-project/releases/gardener/gardenlet:v1.120.3europe-docker.pkg.dev/gardener-project/releases/gardener/node-agent:v1.120.3europe-docker.pkg.dev/gardener-project/releases/gardener/operator:v1.120.3europe-docker.pkg.dev/gardener-project/releases/gardener/resource-manager:v1.120.3europe-docker.pkg.dev/gardener-project/releases/gardener/scheduler:v1.120.3v1.120.2Compare Source
[gardener/gardener]
🐛 Bug Fixes
[OPERATOR]An issue causing the Shoot credentials rotation status not to correctly get updated, after all the manual in-place pending workers are updated, is now fixed. by @shafeeqes [#12303]🏃 Others
[OPERATOR]gardenadmis now published as a container image in release and snapshot builds. by @timebertt [#12291]Helm Charts
europe-docker.pkg.dev/gardener-project/releases/charts/gardener/controlplane:v1.120.2europe-docker.pkg.dev/gardener-project/releases/charts/gardener/gardenlet:v1.120.2europe-docker.pkg.dev/gardener-project/releases/charts/gardener/operator:v1.120.2europe-docker.pkg.dev/gardener-project/releases/charts/gardener/resource-manager:v1.120.2Container (OCI) Images
europe-docker.pkg.dev/gardener-project/releases/gardener/admission-controller:v1.120.2europe-docker.pkg.dev/gardener-project/releases/gardener/apiserver:v1.120.2europe-docker.pkg.dev/gardener-project/releases/gardener/controller-manager:v1.120.2europe-docker.pkg.dev/gardener-project/releases/gardener/gardenadm:v1.120.2europe-docker.pkg.dev/gardener-project/releases/gardener/gardenlet:v1.120.2europe-docker.pkg.dev/gardener-project/releases/gardener/node-agent:v1.120.2europe-docker.pkg.dev/gardener-project/releases/gardener/operator:v1.120.2europe-docker.pkg.dev/gardener-project/releases/gardener/resource-manager:v1.120.2europe-docker.pkg.dev/gardener-project/releases/gardener/scheduler:v1.120.2v1.120.1Compare Source
[gardener/gardener]
🐛 Bug Fixes
[USER]An issue causing the in-place update to fail during credentials rotation without workers rollout is now fixed. by @shafeeqes [#12249]Helm Charts
europe-docker.pkg.dev/gardener-project/releases/charts/gardener/controlplane:v1.120.1europe-docker.pkg.dev/gardener-project/releases/charts/gardener/gardenlet:v1.120.1europe-docker.pkg.dev/gardener-project/releases/charts/gardener/operator:v1.120.1europe-docker.pkg.dev/gardener-project/releases/charts/gardener/resource-manager:v1.120.1Container (OCI) Images
europe-docker.pkg.dev/gardener-project/releases/gardener/admission-controller:v1.120.1europe-docker.pkg.dev/gardener-project/releases/gardener/apiserver:v1.120.1europe-docker.pkg.dev/gardener-project/releases/gardener/controller-manager:v1.120.1europe-docker.pkg.dev/gardener-project/releases/gardener/gardenlet:v1.120.1europe-docker.pkg.dev/gardener-project/releases/gardener/node-agent:v1.120.1europe-docker.pkg.dev/gardener-project/releases/gardener/operator:v1.120.1europe-docker.pkg.dev/gardener-project/releases/gardener/resource-manager:v1.120.1europe-docker.pkg.dev/gardener-project/releases/gardener/scheduler:v1.120.1v1.120.0Compare Source
[gardener/gardener]
[DEPENDENCY]Themachinecontrollermanager.ProviderSidecarContainernow expects additionalshootandcontrolPlaneNamespaceparams. Incontrolplanewebhooks, extensions can useGardenContext.GetClusterto retrieve the shoot from theClusterobject. by @timebertt [#12152][OPERATOR]The graduated and unconditionally enabledShootForceDeletionfeature gate has been removed. If you have references to the feature gate, clean them up before upgrading to this version of Gardener. by @acumino [#12078][OPERATOR]The field.seedConfig.spec.backup.credentialsRef/secretRefwill no longer be defaulted inGardenletConfigurationwhen backup is configured but reference to credentials is not provided. Operators are responsible to provide a valid credentials reference when configuring backup for seeds. Please consult the deploy gardenlet documentation for more information. by @dimityrmirchev [#12087][OPERATOR]TheBackupBucketAPI fieldspec.secretRefhas been deprecated and will be removed in a future version of Gardener in favor ofspec.credentialsRef, please adapt your BackupBucket manifests to use the newcredentialsReffield. by @vpnachev [#12032][OPERATOR]A new field,clusterCompatibility, has been added to theExtensionAPI. If your landscape is managed bygardener-operatorand yourgardenspecifiesspec.extensions, please add thegardencluster type value to your correspondingExtensionresources. by @timuthy [#11982][DEVELOPER]WorkerPoolHashnow includes a new parameteradditionalDataInPlaceto support hash calculation for worker pools using theInPlaceupdate strategy. by @acumino [#12178][DEVELOPER]The already deprecatedg.yxqyang.asia/gardener/gardener/pkg/utils/gardener.ReconcileTopologyAwareRoutingMetadatafunc is now removed. Instead, useg.yxqyang.asia/gardener/gardener/pkg/utils/gardener.ReconcileTopologyAwareRoutingSettings. by @ialidzhikov [#12091]📰 Noteworthy
[DEVELOPER]The Shoot Pod autoscaling best practices guide now recommends for a container under VPA to not set initial resource requests less than VPA'sminAllowedor10mand10Mi.10mand10Miare the minimum resConfiguration
📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).
🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.
♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.
🔕 Ignore: Close this PR and you won't be reminded about this update again.
This PR has been generated by Renovate Bot.