crossplane-contrib/provider-upjet-gcp v2.6.0

on GitHub

Summary

This release includes new resources, API enhancements, security fixes, and dependency updates.

Highlights

• New Resources: Added Template and FloorSetting resources in the modelarmor group
• API Enhancement: Added projectRef support to ServiceAccount resource, enabling project references via projectRef or projectSelector
• New API: Added ProviderConfig ReconciliationPolicy API for configurable exponential failure rate limiting
• API Fixes: Fixed missing field backports in v1beta1 APIs, including SecretRef fields in spec.initProvider
• Version Management: Improved API versioning by bumping storage and controller versions for multi-version CRDs and starting the deprecation process for old versions
• Security Updates:
  • Updated Go to version 1.25.11 (addresses CVE-2026-42504, CVE-2026-42507, CVE-2026-27145, and multiple GO-2026 vulnerabilities)
  • Updated golang.org/x/crypto to v0.52.0 (addresses multiple GO-2026 vulnerabilities)
  • Updated golang.org/x/net to v0.55.0 (addresses multiple GO-2026 vulnerabilities)
  • Updated golang.org/x/sys to v0.45.0 (addresses GO-2026-5024)
  • Updated google.golang.org/grpc to v1.79.3
  • Updated github.com/antchfx/xpath to v1.3.6
  • Updated github.com/go-jose/go-jose/v4 to v4.1.4
  • Updated go.opentelemetry.io/otel to v1.41.0
  • Updated go.opentelemetry.io/otel/sdk to v1.43.0
• Dependency Updates: Bumped upjet to 0beea8e928de with crossplane-runtime v2.2.1, k8s libs to v0.35.5, controller-runtime to v0.23.3
• Infrastructure: Added API conversion roundtrip tests and unified Go version management across workflows and Makefiles
• Bug Fixes:
  • Fixed custom diff for compute.InstanceTemplate
  • Fixed reference resolution for gkehub.MembershipIAMMember resource
  • Fixed safe-start capability declaration in package metadata
  • Updated validatefunc and diffsuppress for container.Cluster resource
  • Added topology_manager and memory_manager fields to node_config