kubernetes-sigs/cluster-api v1.13.0-beta.0

on GitHub

⚠️ BETA RELEASE NOTES ⚠️

Changes since v1.12.0

📈 Overview

• 230 new commits merged
• 9 breaking changes ⚠️
• 25 feature additions ✨
• 34 bugs fixed 🐛

📝 Proposals

• Core: Update autoscaling from zero enhancement proposal with node labels and taints configuration clarification (#13308)

⚠️ Breaking Changes

• API/Runtime SDK: Bump Runtime Hooks v1alpha1 types to core CAPI v1beta2 (#13200)
• API: Remove v1alpha3 + v1alpha4 apiVersions (#13199)
• CABPK: Remove deprecated --cluster-concurrency flag in CABPK (#13288)
• ClusterCache: Remove deprecated ClusterCache GetClientCertificatePrivateKey (#13156)
• ClusterClass: Remove deprecated ShouldSkipImmutabilityChecks (#13291)
• clusterctl: Remove deprecated --disable-grouping clusterctl describe cluster flag (#13289)
• clusterctl: Remove deprecated provider CRD migration from clusterctl upgrade (#13290)
• Dependency: Bump to controller-runtime main & controller-tools v0.20 (#13159)
• Misc: Remove deprecated ParseMajorMinorPatchTolerant / ParseMajorMinorPatch (#13292)

✨ New Features

• API: Backport newly introduced v1beta2 API fields to v1beta1 (#13455)
• CABPK: Optimize cache configuration of CABPK & standardize cache/client setup (#13407)
• CAPD: Support externally managed LB (#13362)
• Cluster: Only set ownerReference on InfraCluster/ControlPlane when Topology is defined (#13332)
• ClusterCache: Add ClusterFilter to ClusterCache Options (#12665)
• ClusterClass: Implement support for taints (#13192)
• clusterctl: Allow overriding image name in clusterctl config (#13014)
• Dependency: Bump Go to v1.25.5 (#13164)
• Dependency: Bump to controller-runtime v0.23 (#13245)
• Devtools: Add a flag to skip image preloading (#13143)
• KCP/CABPK: Allow diskSetup to include partition layout (#11634)
• KCP/MachineDeployment/Cluster: Add rolloutAfter to cluster.spec.topology (#13391)
• KCP: Allow remediation of multiple failures in KCP (#13352)
• KCP: Bump coredns/corefile-migration to v1.0.30 (#13282)
• KCP: Implement support for machine taints (#13181)
• Machine: Add Machine status.failureDomain (#13266)
• Machine: Promote MachineWaitForVolumeDetachConsiderVolumeAttachments feature to GA (#13293)
• Metrics/e2e: Add infra CRDs to dashboards, improve/fix dashboards, enable native histograms (#13354)
• Misc: Disable DWARF and symbol table to decrease binary/image size (#12856)
• Misc: Enable PriorityQueue per default (#13171)
• Misc: Promote ReconcileRateLimiting to beta (enabled per default) (#13373)
• Release: Prepare main branch for v1.13 (#13174)
• Testing: Add example / debug suite for envtest (#13453)
• util: Extend conversion tests to cover the "no spec" case (#13409)
• util: Refresh cache entries on cache hit in SSA caches (#13459)

🐛 Bug Fixes

• API: Fix v1beta1 ControlPlane contract to handle .status.initialized correctly (#13186)
• CAPD: Fix "Failed to exec DockerMachine bootstrap" errors in CAPD (#13447)
• CAPD: Remove finalizers during deletion if ownerRef was never set for cluster controllers (#13239)
• CAPIM: Extend CAPD in-memory backend to set CP taint to fix scale tests (#13187)
• CI: Bump trivy to v0.69.2 to fix CI (#13387)
• Cluster: Fix panic in Cluster conversion (#13383)
• ClusterClass/KCP/MachineSet/MachineDeployment: Mitigate managedFields apiserver issue for SSA (#13338)
• ClusterClass: Allow adding spec via ClusterClass JSON patches (#13225)
• ClusterClass: Do not overwrite global http.DefaultClient TLSConfig (#13058)
• ClusterClass: Fix upgradePlan computation in GetUpgradePlanFromClusterClassVersions (#13463)
• Dependency: Bump dependencies to fix CVE GO-2026-4394 (go.opentelemetry.io/otel/sdk pkg) (#13372)
• e2e: Add wait-resource-versions-{become,remain}-stable intervals to e2e config (#13263)
• e2e: Clean up namespace in e2e tests (#13233)
• e2e: Fix cross-ns scale test (#13309)
• e2e: Fix goroutine & memory leak in inmemory provider (#13361)
• e2e: Fix node-label calculation in test extension & fix upgrade test (#13356)
• e2e: Fix WaitForMachinesReady interval (#13050)
• e2e: Increase reconcile timeout for KCP & DockerMachine (#13093)
• e2e: Only retry creating objects that failed (#13265)
• e2e: Tolerate NotFound errors during Namespace deletion in scale test cleanup (#13439)
• KCP/MachineSet: Preserve existing object names for backward compatibility with pre-v1.7 in-place updates (#13124)
• KCP: Grant delete permissions to Secrets. (#13070)
• Machine/MachineSet/MachineDeployment: Fix UpToDate calculation for rolloutAfter (#13404)
• MachineSet: Use MachineSet template values in completeMoveMachine for in-place updates (#13059)
• Misc: Fix bug while setting status for deprecated fields (#13336)
• Runtime SDK: Improve client cert/key rotation of the RuntimeSDK client (#13213)
• Testing/e2e: Fix unit test flakes, improve clusterctl download error in e2e tests (#13045)
• Testing: Fix flaky by waiting for CRD finalizer processing (#13470)
• Testing: Fix flaky TestClusterReconciler unit test (#13180)
• Testing: Fix TestReconcile flake (#13255)
• Testing: Fix webhook envtest tests for Kubernetes < v1.35 (#13170)
• util: Fix a panic in conditions.Delete method if the sources condition list is empty (#13048)
• util: Fix exponential backoff with ReconcilerRateLimiting (#13416)
• util: Fix patchHelper unit test flakes (#13412)

🌱 Others

• API: Deprecate custom Condition types (#13237)
• API: Introduce conversion.MarshalDataUnsafeNoCopy to avoid unnecessary memory allocations during conversion (#13402)
• API: Postpone date when we stop serving v1beta1 (#13394)
• API: Relax validation for Machine .status.addresses to maximum of 128 instead of 32 items (#13060)
• API: Relax validation for Machine .status.addresses to maximum of 256 instead of 128 items (#13395)
• CAPD/CAPIM: Implement .status.failureDomain for DockerMachine & DevMachine (#13286)
• CAPD: Implement pause for DockerMachinePool (#13445)
• CAPD: Improve condition if CAPD Machine is not yet ready for bootstrap exec (#13461)
• CAPD: Move RBAC for devmachinetemplates from main.go to controller.go (#13271)
• CAPIM: Fix inMemory watch (#13229)
• CI: Bump golangci-lint v2.7.0 (#13108)
• CI: Bump Kubernetes version used for testing to v1.35.0-rc.0 (#13103)
• CI: Bump Kubernetes version used for testing to v1.35.0-rc.1 (#13138)
• CI: Drop security scan on 1.10 (#13454)
• CI: Dump resources in scale test (#13232)
• CI: Improve Fake API server (#13183)
• CI: Inmemory APIserver fails for unsupported fieldSelectors (#13306)
• CI: Revive the debug endpoint for CAPDev in-memory (#13423)
• CI: Use env test 1.35.0 (#13168)
• ClusterCache: Remove stack traces from ClusterCache errors (#13396)
• ClusterClass: Add validation in ClusterClass for CP MachineInfra (#13378)
• ClusterClass: Fix test compute control plane version (#13287)
• ClusterClass: Improve topology diff (#13166)
• ClusterClass: Simplify GetUpgradePlanFromClusterClassVersions (#13276)
• clusterctl: Bump cert-manager v1.19.4 (#13376)
• clusterctl: Drop handling of old cert-manager annotation in clusterctl (#13202)
• clusterctl: Update cert-manager to v1.19.3 (#13307)
• clusterctl: Update to cert-manager v1.19.2 (#13277)
• ClusterResourceSet: Remove ClusterResourceSet ensureKubernetesServiceCreated (#13158)
• ClusterResourceSet: Set WithOwnedV1Beta1Conditions for ClusterResourceSet patch (#13267)
• Community meeting: Add AndiDog as machine pool area reviewer (#13033)
• Dependency: Bump go 1.25.7 (#13323)
• Dependency: Bump Go to v1.24.11 (#13106)
• Dependency: Bump Go to v1.25.6 (#13240)
• Dependency: Bump go v1.25.8 (#13428)
• Dependency: Bump go-github to v82 (#13296)
• Dependency: Bump golang.org/x/net to v0.51 to fix CVE (#13392)
• Devtools: Add additional_uncategorized_resources for Tilt (#13312)
• Devtools: Add labels to cluster deployment form fields (#13441)
• Devtools: Bump CAPI Visualizer to v1.5.0 (#13222)
• Devtools: Enable native histograms in Grafana / Prometheus (#13304)
• Devtools: Make kind image configurable via env var for make tilt-up (#13333)
• Devtools: Updated dev observability stack (#13044)
• e2e: 0 in e2e tests (#13429)
• e2e: Add json struct tags to ContainerImage (#13130)
• e2e: Add retry in test framework when getting manifest YAMLs (#13357)
• e2e: Bump autoscaler version used for testing to v1.34.2 (#13102)
• e2e: Bump autoscaler version used for testing to v1.35.0 (#13353)
• e2e: Bump kind to v0.31.0 (#13162)
• e2e: Bump Kubernetes version used for testing to v1.35.0 (#13151)
• e2e: Bump to etcd-v3.6.6-0 (#13144)
• e2e: Do not expect Machines for MachinePools not supporting Machines (#13071)
• e2e: Drop handling for clusterctl < v1.7.2 in e2e tests & framework (#13347)
• e2e: Drop unused e2e test template & handling for Kubernetes < v1.25 in e2e CC (#13348)
• e2e: Extend test extension to improve test coverage (#13343)
• e2e: Make clusterctl upgrade test to work when there are no machines (#13072)
• e2e: Remove handling for Kubernetes <= v1.28 in clusterctl upgrade test (#13157)
• e2e: Skip test using outdated docker client (#13125)
• e2e: Small cleanup in the RuntimeSDK test (#13274)
• e2e: Start testing against Kubernetes v1.36 (#13152)
• e2e: Use crane to pre-pull images instead of docker pull (#13113)
• KCP: Drop unnecessary etcd call in KCP (#13330)
• KCP: Fix flaky KCP test (#13374)
• KCP: KCP should read only KCP machines (#13457)
• KCP: KCP should report missing certificates (#13175)
• KCP: KCP should report missing Node labels and taint (#13176)
• KCP: Migrate from Requeue to RequeueAfter in kcp (#13028)
• KCP: Remove live list Machine call in KCP (#13458)
• KCP: Remove the ControlPlaneKubeletLocalMode for kubeadm 1.36 later (#13177)
• Logging: Drop or reduce verbosity for noisy logs (#13420)
• Logging: Log flags on controller startup (#13437)
• Logging: Use klog.Obj in log messages (#13421)
• Machine: Avoid unsetting nodeDeletionTimeoutSeconds during Machine deletion (#13401)
• MachineHealthCheck: Decrease verbosity for MHC log entry (#13076)
• MachineHealthCheck: Increase MHC rate limiting and filter events (#13422)
• Misc: Increase default kube-api qps/burst (#13317)
• Misc: Removing v1beta1 from admissionReviewVersions & conversionReviewVersions (#13190)
• Runtime SDK: Add httpClientCache to runtime client (#13075)
• Testing: Extend managedField mitigation unit test (#13450)
• Testing: Improve error reporting of envtest CleanupAndWait (#13446)
• Testing: Improve pod log streaming to avoid duplicate logs (#13410)
• Testing: Increase envtest manager graceful shutdown timeout & print goroutines on error (#13443)
• Testing: Simplify TestGetNode unit test (#13196)
• Testing: Update version matrix for GitHub workflows for release 1.12 (#13049)
• util: Add safeguard to patchHelper to avoid sending empty patches to the apiserver (#13403)
• util: Export controller util (#13363)
• util: Improve patch helper for no-op cases (#13364)
• util: Optimise patch calls (#13367)
• util: Reduce dep tree for util/patch (#13275)
• util: Stop using patch helper when enforcing finalizers (#13365)

📖 Additionally, there have been 38 contributions to our documentation and book. (#12872, #12971, #13016, #13043, #13055, #13079, #13086, #13087, #13088, #13095, #13134, #13140, #13153, #13155, #13179, #13193, #13194, #13195, #13201, #13204, #13205, #13206, #13207, #13216, #13220, #13228, #13259, #13260, #13272, #13283, #13297, #13302, #13311, #13334, #13414, #13435, #13436, #13456)

Dependencies

Added

• github.com/cenkalti/backoff/v5: v5.0.3
• github.com/google/go-github/v82: v82.0.0
• golang.org/x/tools/go/expect: v0.1.0-deprecated
• golang.org/x/tools/go/packages/packagestest: v0.1.1-deprecated
• gonum.org/v1/gonum: v0.16.0

Changed

• cloud.google.com/go/compute/metadata: v0.6.0 → v0.9.0
• github.com/GoogleCloudPlatform/opentelemetry-operations-go/detectors/gcp: v1.26.0 → v1.30.0
• github.com/cncf/xds/go: 2f00578 → 0feb691
• github.com/coredns/corefile-migration: v1.0.29 → v1.0.31
• github.com/envoyproxy/go-control-plane/envoy: v1.32.4 → v1.35.0
• github.com/envoyproxy/go-control-plane: v0.13.4 → 75eaa19
• github.com/go-jose/go-jose/v4: v4.0.4 → v4.1.3
• github.com/golang/glog: v1.2.4 → v1.2.5
• github.com/google/go-querystring: v1.1.0 → v1.2.0
• github.com/google/pprof: f64d9cf → 294ebfa
• github.com/grpc-ecosystem/grpc-gateway/v2: v2.26.3 → v2.27.7
• github.com/onsi/ginkgo/v2: v2.27.2 → v2.28.1
• github.com/onsi/gomega: v1.38.2 → v1.39.1
• github.com/prometheus/client_golang: v1.22.0 → v1.23.2
• github.com/prometheus/common: v0.62.0 → v0.66.1
• github.com/prometheus/procfs: v0.15.1 → v0.16.1
• github.com/spf13/cobra: v1.10.1 → v1.10.2
• github.com/spiffe/go-spiffe/v2: v2.5.0 → v2.6.0
• github.com/valyala/fastjson: v1.6.4 → v1.6.10
• go.etcd.io/bbolt: v1.4.2 → v1.4.3
• go.etcd.io/etcd/api/v3: v3.6.6 → v3.6.8
• go.etcd.io/etcd/client/pkg/v3: v3.6.6 → v3.6.8
• go.etcd.io/etcd/client/v3: v3.6.6 → v3.6.8
• go.etcd.io/etcd/pkg/v3: v3.6.4 → v3.6.5
• go.etcd.io/etcd/server/v3: v3.6.4 → v3.6.5
• go.opentelemetry.io/auto/sdk: v1.1.0 → v1.2.1
• go.opentelemetry.io/contrib/detectors/gcp: v1.34.0 → v1.38.0
• go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp: v0.58.0 → v0.65.0
• go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracegrpc: v1.34.0 → v1.40.0
• go.opentelemetry.io/otel/exporters/otlp/otlptrace: v1.34.0 → v1.40.0
• go.opentelemetry.io/otel/metric: v1.35.0 → v1.40.0
• go.opentelemetry.io/otel/sdk/metric: v1.34.0 → v1.40.0
• go.opentelemetry.io/otel/sdk: v1.34.0 → v1.40.0
• go.opentelemetry.io/otel/trace: v1.35.0 → v1.40.0
• go.opentelemetry.io/otel: v1.35.0 → v1.40.0
• go.opentelemetry.io/proto/otlp: v1.5.0 → v1.9.0
• go.yaml.in/yaml/v2: v2.4.2 → v2.4.3
• golang.org/x/crypto: v0.45.0 → v0.49.0
• golang.org/x/mod: v0.29.0 → v0.33.0
• golang.org/x/net: v0.47.0 → v0.52.0
• golang.org/x/oauth2: v0.33.0 → v0.36.0
• golang.org/x/sync: v0.18.0 → v0.20.0
• golang.org/x/sys: v0.38.0 → v0.42.0
• golang.org/x/telemetry: 078029d → e7419c6
• golang.org/x/term: v0.37.0 → v0.41.0
• golang.org/x/text: v0.31.0 → v0.35.0
• golang.org/x/tools: v0.38.0 → v0.42.0
• google.golang.org/appengine: v1.6.7 → v1.6.5
• google.golang.org/genproto/googleapis/api: a0af3ef → 8636f87
• google.golang.org/genproto/googleapis/rpc: a0af3ef → 8636f87
• google.golang.org/grpc: v1.72.3 → v1.78.0
• google.golang.org/protobuf: v1.36.7 → v1.36.11
• gopkg.in/evanphx/json-patch.v4: v4.12.0 → v4.13.0
• k8s.io/api: v0.34.2 → v0.35.2
• k8s.io/apiextensions-apiserver: v0.34.2 → v0.35.2
• k8s.io/apimachinery: v0.34.2 → v0.35.2
• k8s.io/apiserver: v0.34.2 → v0.35.2
• k8s.io/client-go: v0.34.2 → v0.35.2
• k8s.io/cluster-bootstrap: v0.34.2 → v0.35.2
• k8s.io/code-generator: v0.34.2 → v0.35.2
• k8s.io/component-base: v0.34.2 → v0.35.2
• k8s.io/gengo/v2: 85fd79d → ec3ebc5
• k8s.io/kms: v0.34.2 → v0.35.2
• k8s.io/kube-openapi: f3f2b99 → 589584f
• k8s.io/utils: 4c0f3b2 → bc988d5
• sigs.k8s.io/controller-runtime: v0.22.4 → v0.23.3
• sigs.k8s.io/json: cfa47c3 → 2d32026
• sigs.k8s.io/structured-merge-diff/v6: v6.3.0 → v6.3.2

Removed

• github.com/ProtonMail/go-crypto: 7d5c6f0
• github.com/bwesterb/go-ristretto: v1.2.3
• github.com/cloudflare/circl: v1.6.1
• github.com/google/go-github/v53: v53.2.0
• github.com/zeebo/errs: v1.4.0
• go.uber.org/automaxprocs: v1.6.0