Release notes for Cluster API Provider AWS (CAPA) v2.1.0

Documentation

Changelog since v2.0.2

What's Changed

🚀 Features

• Add ability to use NLBs as control plane load-balancers by @Skarlso in #3804
• Expose Metrics port by @Skarlso in #3941
• Run tests on localhost to increase security and avoid macOS firewall popup dialogs by @AndiDog in #4024
• Configure EC2 instance metadata options by @muraee in #4037
• ✨ support arm64 AMI lookup based on instance type by @charlie-haley in #4054
• feat(release): update image promotion to use kpromo by @richardcase in #4158
• add explicit securityContexts to the controller by @chrischdi in #4104
• added tests for annotations.go by @khareyash05 in #4232
• added reset_test.go by @khareyash05 in #4234

🐛 Bug Fixes

• [E2E] Use k8s version 1.24.4 in conformance test and increase control plane wait timeout for conformance and EKS tests by @Ankitasw in #3823
• Fix lastAppliedTags annotations naming by @dntosas in #3867
• drop /v2/ from api/tests/docs by @yastij in #3890
• Remove suspend process flow from create ASG by @Skarlso in #3864
• fix AWSServiceRoleForAmazonEKSForFargate failed to create on non-aws partitions by @jejer in #3882
• Make the LoadBalancerType optional in the Status by @Skarlso in #3913
• [E2E] Increase service quota for VPC by @Ankitasw in #3896
• Always populate ControlPlaneLoadBalancer type as classic if not provided by user by @Ankitasw in #3917
• Only enable IPv6 if it's already enabled in the config by @Skarlso in #3914
• Add back RBAC for controller identities by @Ankitasw in #3935
• Fix String function receiver for IngressRule which resulted in an unreadable log output by @Skarlso in #3949
• Update LoadBalancerReadyCondition on deletion by @mnitchev in #3871
• Fail creation of machine pool if no subnets matching filters found by @AverageMarcus in #3978
• Ignore EIGW deletion in case of unmanaged VPC by @Skarlso in #3996
• Fix AWS CloudFormation dump after failed suit when there is no bootstrap cluster by @Skarlso in #4002
• Reorder the bootstrapping logic so AWSSession is available in afterSuite by @Skarlso in #4008
• fix(#3980): save the API ELB AZ to NetworkStatus by @thefirstofthe300 in #4000
• Move defaulting before creation of patch helper so that no differences will be detected unnecessarily by @AndiDog in #4025
• Ensure tags on managed VPCs by @Skarlso in #4030
• Ensure empty loadBalancerType field value is handled correctly by @AndiDog in #4033
• Allow user to specify the Name tag value for AWS tags by @AverageMarcus in #3991
• fix: use instance profiles of machine pools and machine deployments for mapping roles by @faiq in #4011
• Fix error condition on eventually by @Skarlso in #4048
• fix: cleanup AWS CloudFormation stack in Test environment by @Skarlso in #4059
• Fix error print statement for ELBv2 listeners test by @johannesfrey in #4060
• fix error validating message by @zirain in #4055
• chore(ref): add more robustness to cloudformation stack create in tests by @Skarlso in #4069
• chore(ref): always clean roles and resources on cf stack failure by @Skarlso in #4076
• chore(ref): add output of error for role deletion by @Skarlso in #4077
• chore(ref): fix error checking in eventually by @Skarlso in #4078
• bug: order of deleting cloud formation resources matters and fix missing GroupName setting from Bootstrap user by @Skarlso in #4079
• [e2e] try it without the event bridge by @Skarlso in #4088
• cleaning up unnecessary object patches by @luthermonson in #4095
• Modify AWSMachine reconciliation behavior to terminate and create instances without blocking by @cnmcavoy in #4092
• Update AWSMachine webhook validate logic on update to be consistent by @cnmcavoy in #3728
• Allow for Self-Managed VPC with a Secondary Subnet for Pods by @luthermonson in #3688
• Add missing configuration to enable the awsmachinetemplate validating webhook by @cnmcavoy in #4117
• Fix awsmanagedcontrolplane doesn’t get reconciled by @kahun in #4007
• Allow external autoscaler for EKS managed node groups by @ionutbalutoiu in #4137
• Fix InstanceMetadataOptions defaults by @muraee in #4147
• Set ASG DesiredCapacity value only if MachinePool replicas is between min and max size of the AWSMachinePool by @Fedosin in #4135
• fix: getting maintainers fails by @richardcase in #4185
• Fix session surviving cluster purge and recreate through cache by @roehrijn in #4162
• fix: adds enum validations to healtcheckprotocol field by @faiq in #4193
• Reconcile EKSConfig correctly for MachinePool and other Owner kinds by @cnmcavoy in #4195
• capa fix hardcoded role arn for aws iam authenticator by @AmitSahastra in #4010
• fix: malformed s3 arn due to incorrect string formatting by @Skarlso in #4224
• fix: automatically append /readyz to http and https health checks by @faiq in #4227

📖 Documentation

• docs: updated Developer Guide with changes to make it more accurate by @rjsadow in #3877
• docs: fix broken bullet points by @nekottyo in #3905
• docs: Update release doc steps by @Ankitasw in #3911
• Update README.md instruction to install clusterawsadm via Homebrew by @Ankitasw in #3937
• docs: fix git-repository-url by @zirain in #4072
• chore: adding release notes section to PR template by @richardcase in #4074
• fix: invalid yaml in multi-tenancy example by @jdockerty in #4098
• [PROPOSAL] add luther as reviewer by @richardcase in #4107

🌱 Others

• test: increased cluster creation timeout for eks e2e by @richardcase in #3878
• chore: bump capi to 1.2.6 by @richardcase in #3868
• [E2E] Update CAPA version in tests by @Ankitasw in #3881
• [E2E] Fix AWS services creation flake in external infrastructure test by @Ankitasw in #3886
• chore: Bump CAPI to v1.2.7 by @Ankitasw in #3893
• [E2E] Test conformance with ci releases on HA control plane by @Ankitasw in #3906
• test: save original aws resource quotas as returned by API by @richardcase in #3897
• build(deps): bump github.com/itchyny/gojq from 0.12.9 to 0.12.10 in /hack/tools by @dependabot in #3909
• build(deps): bump golang.org/x/text from 0.4.0 to 0.5.0 by @dependabot in #3910
• test: awscluster should get deleted if creation fails due to VPC limits getting exceeded by @akash-gautam in #3889
• build(deps): bump github.com/aws/aws-lambda-go from 1.35.0 to 1.36.0 by @dependabot in #3915
• Scope down RBAC permissions for CAPA resources by @Ankitasw in #3907
• chore: Bump CAPI to v1.3.1 by @Ankitasw in #3920
• build(deps): bump actions/checkout from 3.1.0 to 3.2.0 by @dependabot in #3928
• build(deps): bump github.com/onsi/ginkgo/v2 from 2.6.0 to 2.6.1 by @dependabot in #3951
• build(deps): bump golang.org/x/crypto from 0.3.0 to 0.4.0 by @dependabot in #3950
• Verify container images by @wyike in #3921
• build(deps): bump github.com/aws/aws-lambda-go from 1.36.0 to 1.36.1 by @dependabot in #3954
• Bump aws-iam-authenticator from 0.5.10 to 0.6.1 by @Ankitasw in #3952
• [E2E] Fix CloudFormationStack creation flake by @Ankitasw in #3953
• Adding tags to AWS Network Interfaces by @vishu2498 in #3946
• [E2E] Increase test timeout in Ginkgo args by @Ankitasw in #3958
• Move sedefsavas to emeritus by @sedefsavas in #3960
• Update ASG if subnet changes by @wyike in #3936
• Update scan action by @wyike in #3959
• build(deps): bump golang.org/x/crypto from 0.4.0 to 0.5.0 by @dependabot in #3961
• build(deps): bump github.com/aws/amazon-vpc-cni-k8s from 1.12.0 to 1.12.1 by @dependabot in #3963
• build(deps): bump actions/checkout from 3.2.0 to 3.3.0 by @dependabot in #3964
• refactor: Improved all testcases naming convention conformity to camel case standard by @fazpeerbaksh in #3966
• Bump controller-tools and gojq in /hack/tools by @Ankitasw in #3957
• build(deps): bump github.com/aws/aws-lambda-go from 1.36.1 to 1.37.0 by @dependabot in #3969
• build(deps): bump github.com/onsi/ginkgo/v2 from 2.6.1 to 2.7.0 by @dependabot in #3970
• Adding tags to OIDC providers by @vishu2498 in #3976
• capa fix hardcoded role arn for aws iam authenticator by @AmitSahastra in #3926
• Revert "capa fix hardcoded role arn for aws iam authenticator" by @Skarlso in #3982
• Introduce args in releasechangelog script by @rvacaru in #3440
• build(deps): bump github.com/onsi/gomega from 1.24.1 to 1.25.0 by @dependabot in #3993
• build(deps): bump sigs.k8s.io/aws-iam-authenticator from 0.6.1 to 0.6.3 by @dependabot in #3994
• build(deps): bump github.com/sergi/go-diff from 1.2.0 to 1.3.1 by @dependabot in #3985
• build(deps): bump golang from 1.19.4 to 1.19.5 by @dependabot in #3983
• build(deps): bump github.com/onsi/gomega from 1.25.0 to 1.26.0 by @dependabot in #4003
• build(deps): bump k8s.io/klog/v2 from 2.80.1 to 2.90.0 by @dependabot in #4004
• Fixes for gc related tests by @wyike in #3999
• Fix boilerplate by @AndiDog in #4006
• build(deps): bump github.com/onsi/ginkgo/v2 from 2.7.0 to 2.7.1 by @dependabot in #4015
• build(deps): bump github.com/onsi/ginkgo/v2 from 2.7.1 to 2.8.0 by @dependabot in #4021
• Bump ginkgo and klog in /hack/tools by @Ankitasw in #4019
• Replace E2E_FOCUS with GINKGO_FOCUS in all jobs by @Ankitasw in #4022
• Fix make test for Apple M1 (darwin-arm64), fail if kubebuilder assets cannot be found by @AndiDog in #4023
• Move all E2E test templates to use external CCM and CSI by @wyike in #4005
• build(deps): bump sigs.k8s.io/kustomize/api from 0.12.1 to 0.13.0 by @dependabot in #4032
• chore: Bump CAPI to v1.3.3 by @Ankitasw in #3973
• build(deps): bump sigs.k8s.io/kustomize/api from 0.13.0 to 0.13.1 by @dependabot in #4035
• Adding permission to tag OIDC providers for EKS by @vishu2498 in #4036
• build(deps): bump github.com/aws/amazon-vpc-cni-k8s from 1.12.1 to 1.12.2 by @dependabot in #4041
• Bump controller-tools in /hack/tools by @Ankitasw in #4018
• [E2E] Fix CF role deletion flake by @Ankitasw in #4044
• Remove unnecessary .AnyTimes() mock calls for unmanaged VPC test by @AndiDog in #4045
• [E2E] Fix service quotas for EventBridge rules by @Ankitasw in #4061
• build(deps): bump golang.org/x/text from 0.6.0 to 0.7.0 by @dependabot in #4056
• build(deps): bump golang.org/x/crypto from 0.5.0 to 0.6.0 by @dependabot in #4057
• build(deps): bump github.com/onsi/ginkgo/v2 from 2.8.0 to 2.8.1 by @dependabot in #4064
• chore: remove usage of images from k8s.gcr.io by @richardcase in #4073
• build(deps): bump github.com/onsi/gomega from 1.26.0 to 1.27.0 by @dependabot in #4080
• build(deps): bump github.com/onsi/gomega from 1.27.0 to 1.27.1 by @dependabot in #4086
• build(deps): bump sigs.k8s.io/aws-iam-authenticator from 0.6.3 to 0.6.4 by @dependabot in #4089
• Bump envsubst in /hack/tools by @Ankitasw in #4066
• build(deps): bump github.com/aws/amazon-vpc-cni-k8s from 1.12.2 to 1.12.5 by @dependabot in #4097
• chore: Bump ginkgo version by @Ankitasw in #4087
• build(deps): bump github.com/onsi/gomega from 1.27.1 to 1.27.2 by @dependabot in #4102
• proposal: CAPA AMI GitHub Action by @zeborg in #3514
• chore: Bump CAPI to v1.3.4 by @Ankitasw in #4106
• build(deps): bump k8s.io/klog/v2 from 2.90.0 to 2.90.1 by @dependabot in #4110
• build(deps): bump github.com/onsi/gomega from 1.27.1 to 1.27.2 by @dependabot in #4111
• build(deps): bump github.com/aws/aws-lambda-go from 1.37.0 to 1.38.0 by @dependabot in #4114
• Replace deprecated function in k8s.io/utils/pointer by @ystkfujii in #4121
• build(deps): bump golang.org/x/text from 0.7.0 to 0.8.0 by @dependabot in #4127
• build(deps): bump k8s.io/klog/v2 from 2.90.0 to 2.90.1 in /hack/tools by @dependabot in #4122
• build(deps): bump github.com/joelanford/go-apidiff from 0.5.0 to 0.6.0 in /hack/tools by @dependabot in #4124
• build(deps): bump github.com/itchyny/gojq from 0.12.11 to 0.12.12 in /hack/tools by @dependabot in #4123
• build(deps): bump golang.org/x/crypto from 0.6.0 to 0.7.0 by @dependabot in #4126
• build(deps): bump github.com/onsi/ginkgo/v2 from 2.8.4 to 2.9.0 by @dependabot in #4125
• chore: Bump golangci-lint to v1.51.2 by @Ankitasw in #4103
• chore: Bump aws-iam-authenticator from 0.6.4 to 0.6.5 by @Ankitasw in #4131
• chore: Bump CAPI to v1.3.5 by @Ankitasw in #4113
• build(deps): bump github.com/onsi/gomega from 1.27.2 to 1.27.3 by @dependabot in #4141
• build(deps): bump github.com/onsi/ginkgo/v2 from 2.9.0 to 2.9.1 by @dependabot in #4139
• build(deps): bump sigs.k8s.io/aws-iam-authenticator from 0.6.5 to 0.6.6 by @dependabot in #4140
• build(deps): bump sigs.k8s.io/kustomize/api from 0.13.1 to 0.13.2 by @dependabot in #4144
• build(deps): bump sigs.k8s.io/aws-iam-authenticator from 0.6.6 to 0.6.7 by @dependabot in #4143
• build(deps): bump github.com/onsi/gomega from 1.27.3 to 1.27.4 by @dependabot in #4145
• build(deps): bump actions/setup-go from 3 to 4 by @dependabot in #4150
• build(deps): bump actions/checkout from 3.3.0 to 3.4.0 by @dependabot in #4151
• Expose and support AlternativeGCStrategy feature gate by @wyike in #4129
• Bump golangci-lint to v1.52.1 by @Ankitasw in #4155
• build(deps): bump github.com/aws/aws-lambda-go from 1.38.0 to 1.39.1 by @dependabot in #4165
• build(deps): bump actions/checkout from 3.4.0 to 3.5.0 by @dependabot in #4170
• build(deps): bump github.com/onsi/ginkgo/v2 from 2.9.1 to 2.9.2 by @dependabot in #4168
• build(deps): bump github.com/onsi/gomega from 1.27.4 to 1.27.5 by @dependabot in #4169
• Update Calico to v3.24.1 by @killianmuldoon in #4176
• Use klog to log errors instead of panic in controllers by @Atharva-Shinde in #4174
• [E2E] Fix failing MHC test affected due to ebs-csi-driver version update by @Ankitasw in #4173
• build(deps): bump github.com/go-logr/logr from 1.2.3 to 1.2.4 by @dependabot in #4181
• build(deps): bump github.com/onsi/gomega from 1.27.5 to 1.27.6 by @dependabot in #4180
• build(deps): bump github.com/mikefarah/yq/v4 from 4.25.2 to 4.33.2 in /hack/tools by @dependabot in #4189
• build(deps): bump sigs.k8s.io/kind from 0.17.0 to 0.18.0 in /hack/tools by @dependabot in #4190
• build(deps): bump github.com/docker/docker from 20.10.21+incompatible to 20.10.24+incompatible by @dependabot in #4199
• build(deps): bump github.com/docker/docker from 20.10.21+incompatible to 20.10.24+incompatible in /hack/tools by @dependabot in #4200
• Bump CAPI to v1.4.1 by @Ankitasw in #4154
• build(deps): bump github.com/spf13/cobra from 1.6.1 to 1.7.0 by @dependabot in #4201
• build(deps): bump sigs.k8s.io/aws-iam-authenticator from 0.6.7 to 0.6.9 by @dependabot in #4202
• Add required permission to CloudFormation to support AlternativeGCStrategy by @wyike in #4163
• build(deps): bump golang.org/x/text from 0.8.0 to 0.9.0 by @dependabot in #4207
• build(deps): bump golang.org/x/crypto from 0.7.0 to 0.8.0 by @dependabot in #4212
• Show cluster name instead of address in reconcile message by @stefanmcshane in #4229
• build(deps): bump github.com/prometheus/client_golang from 1.14.0 to 1.15.1 by @dependabot in #4239
• build(deps): bump actions/checkout from 3.5.0 to 3.5.2 by @dependabot in #4218
• build(deps): bump sigs.k8s.io/promo-tools/v3 from 3.5.1 to 3.5.2 in /hack/tools by @dependabot in #4221
• build(deps): bump github.com/mikefarah/yq/v4 from 4.33.2 to 4.33.3 in /hack/tools by @dependabot in #4222
• build(deps): bump github.com/sigstore/rekor from 1.0.1 to 1.1.1 in /hack/tools by @dependabot in #4241
• build(deps): bump github.com/onsi/ginkgo/v2 from 2.9.2 to 2.9.4 by @dependabot in #4243
• build(deps): bump k8s.io/klog/v2 from 2.90.1 to 2.100.1 by @dependabot in #4236
• build(deps): bump k8s.io/klog/v2 from 2.90.1 to 2.100.1 in /hack/tools by @dependabot in #4237
• build(deps): bump github.com/aws/aws-lambda-go from 1.39.1 to 1.40.0 by @dependabot in #4214

New Contributors

• @dntosas made their first contribution in #3867
• @rjsadow made their first contribution in #3877
• @yastij made their first contribution in #3890
• @nekottyo made their first contribution in #3905
• @jejer made their first contribution in #3882
• @vishu2498 made their first contribution in #3946
• @fazpeerbaksh made their first contribution in #3966
• @rvacaru made their first contribution in #3440
• @AndiDog made their first contribution in #4006
• @thefirstofthe300 made their first contribution in #4000
• @johannesfrey made their first contribution in #4060
• @zirain made their first contribution in #4055
• @jdockerty made their first contribution in #4098
• @ystkfujii made their first contribution in #4121
• @muraee made their first contribution in #4037
• @kahun made their first contribution in #4007
• @ionutbalutoiu made their first contribution in #4137
• @killianmuldoon made their first contribution in #4176
• @Atharva-Shinde made their first contribution in #4174
• @Fedosin made their first contribution in #4135
• @roehrijn made their first contribution in #4162
• @chrischdi made their first contribution in #4104
• @stefanmcshane made their first contribution in #4229
• @khareyash05 made their first contribution in #4232

Full Changelog: v2.0.2...v2.1.0
The image for this release is: registry.k8s.io/cluster-api-aws/cluster-api-aws-controller:v2.1.0
Thanks to all our contributors!