github gardener/gardener v1.144.0
on GitHub

2 days ago

[github.com/gardener/gardener:v1.144.0]

⚠️ Breaking Changes

  • [OPERATOR] The UseUnifiedHTTPProxyPort feature gate has graduated to GA and cannot be disabled anymore. The feature gate can be removed from your component configuration. If you're using gardener-extension-acl, ensure that all shoots enabling the extension have been successfully reconciled with version v1.15.0 or higher before upgrading to this Gardener version that enables the feature gate unconditionally. by @timebertt [#14899]
  • [DEVELOPER] The third_party/mock/controller-runtime/client package is now dropped. You should migrate your usages of mock clients to fake client (sigs.k8s.io/controller-runtime/pkg/client/fake). by @shafeeqes [#14799]
  • [DEPENDENCY] The reusable CI scripts hack/.ci/component_descriptor and hack/.ci/prepare_release are now removed. They were previously used by Gardener extensions. After the migration from Concourse to GitHub Actions, these are now provided as reusable steps in the gardener/cc-utils repository. by @ialidzhikov [#14345]

✨ New Features

  • [OPERATOR] gardenadm init now supports exposing the self-hosted shoot API server via a SelfHostedShootExposure extension object when controlPlane.exposure.extension is configured. by @cerealsnow [#14781]
  • [OPERATOR] gardener-resource-manager now includes an istio-cluster-configuration controller which configures the envoy edge proxy best practices for upstream services configured for istio-ingressgateway. by @oliver-goetz [#14690]
  • [USER] The Shoot spec field spec.kubernetes.kubeAPIServer.encryptionConfig.provider.type is no longer immutable. by @AleksandarSavchev [#14720]
  • [USER] The Garden spec fields spec.virtualCluster.kubernetes.kubeAPIServer.encryptionConfig.provider.type and spec.virtualCluster.gardener.gardenerAPIServer.encryptionConfig.provider.type are no longer immutable. by @AleksandarSavchev [#14720]

🐛 Bug Fixes

  • [OPERATOR] A bug has been fixed where gardener-resource-manager would crash-loop after a hibernated shoot woke up with an expired authentication token. The bootstrap detection now evaluates the current time dynamically instead of using a value frozen at gardenlet startup. by @shafeeqes [#14937]
  • [OPERATOR] A bug was resolved that caused some Istio configuration to be applied to all istio-ingressgateway deployments when the runtime cluster is also a seed. A new label istio-role=seed|garden is now used to distinguish the two ingressgateways. by @maboehm [#14869]
  • [OPERATOR] A bug has been fixed where Garden resources would start encryption key rotation on creation. by @AleksandarSavchev [#14801]

🏃 Others

  • [OPERATOR] Add label app: victoria-logs to all resources in the VictoriaLogs setup + add label app: opentelemetry-collector to all resources in the OpenTelemetry Collector setup. by @iypetrov [#14704]
  • [OPERATOR] IstioTLSTermination feature gate has been promoted to beta. by @oliver-goetz [#14923]
  • [OPERATOR] The custom json unmarshalling logic for tokenExpirationDuration in GardenletConfiguration has been removed. by @oliver-goetz [#14921]
  • [OPERATOR] The gardener-node-agent is now able to deal with version v4 of containerd's configuration file /etc/containerd/config.toml (introduced with containerd 2.3). CRI plugin paths in v4 are identical to v3; only server-level fields moved into plugin blocks. The plugin path translation that maps v2-compliant prefixes to their v3 equivalents is now applied for all config file versions >= 3. by @Vincinator [#14856]
  • [OPERATOR] Removed v1alpha1 perses CRD migration code from the perses-operator component. by @rickardsjp [#14914]
  • [USER] The gardener-apiserver now rejects attempts to change the spec.seedName of the Shoot unless it is done via the binding subresource. Previously, these invalid updates were silently ignored. by @shafeeqes [#14919]
  • [USER] The sshd-ensurer service is changed to use a loop instead of restart every 15 seconds to prevent spamming journalctl with noisy logs. by @AleksandarSavchev [#14832]
  • [DEVELOPER] Logging components now remain available until worker termination is complete during the hibernation flow. by @gagan16k [#14916]
  • [DEVELOPER] e2e upgrade tests have been enabled again. by @oliver-goetz [#14900]
  • [DEPENDENCY] The following dependencies have been updated:
  • [DEPENDENCY] The following dependencies have been updated:
  • [DEPENDENCY] The following dependencies have been updated:
  • [DEPENDENCY] The following dependencies have been updated:
  • [DEPENDENCY] The following dependencies have been updated:
  • [DEPENDENCY] The following dependencies have been updated:
  • [DEPENDENCY] The following dependencies have been updated:

application/spdx+json

  • admission-controller-spdx-ref: europe-docker.pkg.dev/gardener-project/releases/gardener/admission-controller@sha256:1fbe63f6348adfdea254d93d510778c9b74573d7019818af966b81b9ba22bc2b
  • admission-controller-spdx-ref: europe-docker.pkg.dev/gardener-project/releases/gardener/admission-controller@sha256:f1f910f43c00806b618fa9ae82ce7e3e7433a89f848ab68120caca8dca12d3fd
  • apiserver-spdx-ref: europe-docker.pkg.dev/gardener-project/releases/gardener/apiserver@sha256:8865e277dc1a978c5c84b0e46f9e38faf4dabae5ae7e94f496c744b108eab149
  • apiserver-spdx-ref: europe-docker.pkg.dev/gardener-project/releases/gardener/apiserver@sha256:d1cc2af9960f2d0c6d4d3d064a6feb870c1d5010f5eb6f26fad6f7189ec69e2a
  • controller-manager-spdx-ref: europe-docker.pkg.dev/gardener-project/releases/gardener/controller-manager@sha256:875880749d25ab4a4c9af5c54be9c8510b3b44219102c84adfec9b8210d52851
  • controller-manager-spdx-ref: europe-docker.pkg.dev/gardener-project/releases/gardener/controller-manager@sha256:9059b2463d90209a969f0d63d5cae9961e9135f24667ebac12a77e77c54a449d
  • gardenadm-spdx-ref: europe-docker.pkg.dev/gardener-project/releases/gardener/gardenadm@sha256:100cd21c29aaa2376a1186c9ceba1391ea72d11b1ad14e6b68eefdbbc158be31
  • gardenadm-spdx-ref: europe-docker.pkg.dev/gardener-project/releases/gardener/gardenadm@sha256:bfd3e320ccc21094a8a831a9e989df98917298cd5fb69fb2d7f102f1e67754c3
  • gardenlet-spdx-ref: europe-docker.pkg.dev/gardener-project/releases/gardener/gardenlet@sha256:34b3fe550bf2b18fd97f977f0c1a4dfcf69b01dfd39f6412eabde030780a5cbe
  • gardenlet-spdx-ref: europe-docker.pkg.dev/gardener-project/releases/gardener/gardenlet@sha256:bdc3c3d91ed301f5db37d2934e1a1f0c90fc2aa24c8925046d0561e0f12333ea
  • node-agent-spdx-ref: europe-docker.pkg.dev/gardener-project/releases/gardener/node-agent@sha256:7d6e4149bb128079a5e72e9362c2b1cc2e76c9f2fa1b963764a6fa5215f68383
  • node-agent-spdx-ref: europe-docker.pkg.dev/gardener-project/releases/gardener/node-agent@sha256:b588d444d6c11673b44a6ecae9909958c371c1a17c1c3f30ee0684b0beb68847
  • operator-spdx-ref: europe-docker.pkg.dev/gardener-project/releases/gardener/operator@sha256:42e6f1d31a5802ee9f21094c49b1777e9df8827891e50d6c30b565cef722725c
  • operator-spdx-ref: europe-docker.pkg.dev/gardener-project/releases/gardener/operator@sha256:c1893a86b2c920022fed1d17f0f85da10084399b130d27811eb176706cdff7cd
  • resource-manager-spdx-ref: europe-docker.pkg.dev/gardener-project/releases/gardener/resource-manager@sha256:0757a50cb759bf8c2388cc1848078de8410c1f3b7ea19bbbeb8825df71bd7b87
  • resource-manager-spdx-ref: europe-docker.pkg.dev/gardener-project/releases/gardener/resource-manager@sha256:8f0c8885215cd657543188cd29badc9714eb23f3932d1b87544f03d0d0d103ad
  • scheduler-spdx-ref: europe-docker.pkg.dev/gardener-project/releases/gardener/scheduler@sha256:b1cbbaaefcba3657735ff668d9f01acb80f9fb383b0bbe5239a210a21f9c8876
  • scheduler-spdx-ref: europe-docker.pkg.dev/gardener-project/releases/gardener/scheduler@sha256:f6c5654bd6fed68c304128b663ca42f548809fb23adccc30a2d70d00bcaa14c7

Helm Charts

  • gardenlet: europe-docker.pkg.dev/gardener-project/releases/charts/gardener/gardenlet:v1.144.0
  • operator: europe-docker.pkg.dev/gardener-project/releases/charts/gardener/operator:v1.144.0
  • resource-manager: europe-docker.pkg.dev/gardener-project/releases/charts/gardener/resource-manager:v1.144.0

Container (OCI) Images

  • admission-controller: europe-docker.pkg.dev/gardener-project/releases/gardener/admission-controller:v1.144.0
  • apiserver: europe-docker.pkg.dev/gardener-project/releases/gardener/apiserver:v1.144.0
  • controller-manager: europe-docker.pkg.dev/gardener-project/releases/gardener/controller-manager:v1.144.0
  • gardenadm: europe-docker.pkg.dev/gardener-project/releases/gardener/gardenadm:v1.144.0
  • gardenlet: europe-docker.pkg.dev/gardener-project/releases/gardener/gardenlet:v1.144.0
  • node-agent: europe-docker.pkg.dev/gardener-project/releases/gardener/node-agent:v1.144.0
  • operator: europe-docker.pkg.dev/gardener-project/releases/gardener/operator:v1.144.0
  • resource-manager: europe-docker.pkg.dev/gardener-project/releases/gardener/resource-manager:v1.144.0
  • scheduler: europe-docker.pkg.dev/gardener-project/releases/gardener/scheduler:v1.144.0
Check out latest releases or
releases around gardener/gardener v1.144.0

Don't miss a new gardener release

NewReleases is sending notifications on new releases.

Get notifications