search

gardener / diki

Diki is a compliance checker that aims to enhance the security posture of your Kubernetes clusters.
Apache License 2.0
7 stars 8 forks source link

Update module github.com/gardener/gardener to v1.108.0 #353

Closed gardener-ci-robot closed 1 week ago

gardener-ci-robot commented 1 week ago

This PR contains the following updates:

Package Type Update Change
github.com/gardener/gardener require minor v1.107.0 -> v1.108.0

Release Notes

gardener/gardener (github.com/gardener/gardener) ### [`v1.108.0`](https://redirect.github.com/gardener/gardener/releases/tag/v1.108.0) [Compare Source](https://redirect.github.com/gardener/gardener/compare/v1.107.2...v1.108.0) ### \[gardener/gardener] #### ⚠️ Breaking Changes - `[USER]` The `url` annotation in `.monitoring` secrets in the project namespace is deprecated and will be removed soon. Please use the `plutono-url` annotation instead. by [@​oliver-goetz](https://redirect.github.com/oliver-goetz) \[[#​10735](https://redirect.github.com/gardener/gardener/issues/10735)] - `[OPERATOR]` There is an incompatible change in the `Garden` (`gardens.operator.gardener.cloud`) custom resource, which required manual action: - Fields `.spec.virtualCluster.dns.domains` and `.spec.runtimeCluster.ingress.domains` were changed from type string to object with a field `name` and an optional field `provider`, e.g., in `JSON` format, replace `"domains": ["domain1.example.com", "domain2.example.com"]` with `"domains": [{"name": "domain1.example.com"}, {"name": "domain2.example.com"}]`. - `.spec.runtimeCluster.ingress.domains` is required now - `.spec.virtualCluster.dns.domains` is required now by [@​MartinWeindel](https://redirect.github.com/MartinWeindel) \[[#​10645](https://redirect.github.com/gardener/gardener/issues/10645)] - `[OPERATOR]` The optional deployment of cert-management component has been removed. As it was only introduced recently and probably not used, this change should have no impact typically. by [@​MartinWeindel](https://redirect.github.com/MartinWeindel) \[[#​10802](https://redirect.github.com/gardener/gardener/issues/10802)] #### 📰 Noteworthy - `[USER]` Allow changing `shoot.spec.cloudProfile` between `CloudProfile` and its descendant `NamespacedCloudProfile`s. by [@​LucaBernstein](https://redirect.github.com/LucaBernstein) \[[#​10811](https://redirect.github.com/gardener/gardener/issues/10811)] #### ✨ New Features - `[USER]` Allow for custom machine images in `NamespacedCloudProfile`s and add the `spec.providerConfig` field. by [@​LucaBernstein](https://redirect.github.com/LucaBernstein) \[[#​10629](https://redirect.github.com/gardener/gardener/issues/10629)] - `[USER]` The URLs of Shoot `plutono`, `prometheus` and `alertmanager` are now stored as annotations in `.monitoring` secret in the project namespace. by [@​oliver-goetz](https://redirect.github.com/oliver-goetz) \[[#​10735](https://redirect.github.com/gardener/gardener/issues/10735)] - `[OPERATOR]` Enhance the `gardener-operator` to deploy `DNSRecords` and `BackupBucket` for the virtual garden resource.\ `DNSRecords` are only deployed if at least one provider is specified at `.spec.dns.providers` in the `Garden` resource.\ A `BackupBucket` is created if the `.spec.virtualCluster.etcd.backup` section is specified. An existing backup bucket on the infrastructure becomes automatically managed this way. by [@​MartinWeindel](https://redirect.github.com/MartinWeindel) \[[#​10645](https://redirect.github.com/gardener/gardener/issues/10645)] - `[DEVELOPER]` gardener-apiserver: The `ExtensionLabels` admission plugin now also sets labels to `WorkloadIdentity`s. by [@​dimityrmirchev](https://redirect.github.com/dimityrmirchev) \[[#​10786](https://redirect.github.com/gardener/gardener/issues/10786)] #### 🐛 Bug Fixes - `[DEVELOPER]` `gardener-node-agent` applies inline files before applying containerd registries now. by [@​oliver-goetz](https://redirect.github.com/oliver-goetz) \[[#​10831](https://redirect.github.com/gardener/gardener/issues/10831)] #### 🏃 Others - `[DEPENDENCY]` The `registry.k8s.io/kube-state-metrics/kube-state-metrics` image has been updated to `v2.14.0`. by [@​gardener-ci-robot](https://redirect.github.com/gardener-ci-robot) \[[#​10818](https://redirect.github.com/gardener/gardener/issues/10818)] - `[DEPENDENCY]` The `quay.io/prometheus/prometheus` image has been updated to `v2.55.1`. by [@​gardener-ci-robot](https://redirect.github.com/gardener-ci-robot) \[[#​10804](https://redirect.github.com/gardener/gardener/issues/10804)] - `[DEPENDENCY]` The `gardener/etcd-druid` image has been updated to `v0.24.1`. [Release Notes](https://redirect.github.com/gardener/etcd-druid/releases/tag/v0.24.1) by [@​gardener-ci-robot](https://redirect.github.com/gardener-ci-robot) \[[#​10843](https://redirect.github.com/gardener/gardener/issues/10843)] - `[OPERATOR]` Fixed an issue that that could occur during control plane migration causing the `core.gardener.cloud/v1beta1.BackupEntry` to be reconciled after it was successfully migrated, but before it was restored. by [@​plkokanov](https://redirect.github.com/plkokanov) \[[#​10761](https://redirect.github.com/gardener/gardener/issues/10761)] - `[OPERATOR]` The deployment of `BackupBucket` resource in the runtime cluster is skipped if no suitable operator extension is deployed. by [@​MartinWeindel](https://redirect.github.com/MartinWeindel) \[[#​10837](https://redirect.github.com/gardener/gardener/issues/10837)] - `[OPERATOR]` Following components in gardener logging stack are updated: fluent-operator to v3.2.0, fluent-bit to v3.1.8, gardener/logging to v0.62.0 by [@​nickytd](https://redirect.github.com/nickytd) \[[#​10790](https://redirect.github.com/gardener/gardener/issues/10790)] - `[OPERATOR]` The following image has been updated: - europe-docker.pkg.dev/gardener-project/releases/gardener/autoscaler/vertical-pod-autoscaler/vpa-recommender: 1.2.1 -> 1.2.1-gardener-build.3 ([Release notes vpa-1.2.1-gardener-build.2](https://redirect.github.com/gardener/autoscaler/releases/tag/vpa-1.2.1-gardener-build.2) and [Release notes vpa-1.2.1-gardener-build.3](https://redirect.github.com/gardener/autoscaler/releases/tag/vpa-1.2.1-gardener-build.3)) by [@​ialidzhikov](https://redirect.github.com/ialidzhikov) \[[#​10785](https://redirect.github.com/gardener/gardener/issues/10785)] - `[DEVELOPER]` The `hack/sast.sh` script accepts two new optional flags: - `--exclude-dirs`: comma-separated list of dirs to exclude - `--report-dir`: where to store the gosec report by [@​Kostov6](https://redirect.github.com/Kostov6) \[[#​10766](https://redirect.github.com/gardener/gardener/issues/10766)] - `[DEVELOPER]` The provider-local admission is now deployed with the local kind setup. by [@​LucaBernstein](https://redirect.github.com/LucaBernstein) \[[#​10629](https://redirect.github.com/gardener/gardener/issues/10629)] #### Helm Charts - controlplane: `europe-docker.pkg.dev/gardener-project/releases/charts/gardener/controlplane:v1.108.0` - gardenlet: `europe-docker.pkg.dev/gardener-project/releases/charts/gardener/gardenlet:v1.108.0` - operator: `europe-docker.pkg.dev/gardener-project/releases/charts/gardener/operator:v1.108.0` - resource-manager: `europe-docker.pkg.dev/gardener-project/releases/charts/gardener/resource-manager:v1.108.0` #### Docker Images - admission-controller: `europe-docker.pkg.dev/gardener-project/releases/gardener/admission-controller:v1.108.0` - apiserver: `europe-docker.pkg.dev/gardener-project/releases/gardener/apiserver:v1.108.0` - controller-manager: `europe-docker.pkg.dev/gardener-project/releases/gardener/controller-manager:v1.108.0` - gardenlet: `europe-docker.pkg.dev/gardener-project/releases/gardener/gardenlet:v1.108.0` - node-agent: `europe-docker.pkg.dev/gardener-project/releases/gardener/node-agent:v1.108.0` - operator: `europe-docker.pkg.dev/gardener-project/releases/gardener/operator:v1.108.0` - resource-manager: `europe-docker.pkg.dev/gardener-project/releases/gardener/resource-manager:v1.108.0` - scheduler: `europe-docker.pkg.dev/gardener-project/releases/gardener/scheduler:v1.108.0` ### [`v1.107.2`](https://redirect.github.com/gardener/gardener/releases/tag/v1.107.2) [Compare Source](https://redirect.github.com/gardener/gardener/compare/v1.107.1...v1.107.2) ### \[gardener/gardener] #### 🏃 Others - `[DEPENDENCY]` The `gardener/etcd-druid` image has been updated to `v0.23.3`. [Release Notes](https://redirect.github.com/gardener/etcd-druid/releases/tag/v0.23.3) by [@​gardener-ci-robot](https://redirect.github.com/gardener-ci-robot) \[[#​10839](https://redirect.github.com/gardener/gardener/issues/10839)] #### Helm Charts - controlplane: `europe-docker.pkg.dev/gardener-project/releases/charts/gardener/controlplane:v1.107.2` - gardenlet: `europe-docker.pkg.dev/gardener-project/releases/charts/gardener/gardenlet:v1.107.2` - operator: `europe-docker.pkg.dev/gardener-project/releases/charts/gardener/operator:v1.107.2` - resource-manager: `europe-docker.pkg.dev/gardener-project/releases/charts/gardener/resource-manager:v1.107.2` #### Docker Images - admission-controller: `europe-docker.pkg.dev/gardener-project/releases/gardener/admission-controller:v1.107.2` - apiserver: `europe-docker.pkg.dev/gardener-project/releases/gardener/apiserver:v1.107.2` - controller-manager: `europe-docker.pkg.dev/gardener-project/releases/gardener/controller-manager:v1.107.2` - gardenlet: `europe-docker.pkg.dev/gardener-project/releases/gardener/gardenlet:v1.107.2` - node-agent: `europe-docker.pkg.dev/gardener-project/releases/gardener/node-agent:v1.107.2` - operator: `europe-docker.pkg.dev/gardener-project/releases/gardener/operator:v1.107.2` - resource-manager: `europe-docker.pkg.dev/gardener-project/releases/gardener/resource-manager:v1.107.2` - scheduler: `europe-docker.pkg.dev/gardener-project/releases/gardener/scheduler:v1.107.2` ### [`v1.107.1`](https://redirect.github.com/gardener/gardener/releases/tag/v1.107.1) [Compare Source](https://redirect.github.com/gardener/gardener/compare/v1.107.0...v1.107.1) ### \[gardener/gardener] #### 🐛 Bug Fixes - `[OPERATOR]` Fixed an issue where the dashboard's service account lacked permission to create `leases` in the `garden` namespace when `spec.virtualCluster.gardener.gardenerDashboard.gitHub` was configured in the `Garden` resource. by [@​petersutter](https://redirect.github.com/petersutter) \[[#​10835](https://redirect.github.com/gardener/gardener/issues/10835)] #### Helm Charts - controlplane: `europe-docker.pkg.dev/gardener-project/releases/charts/gardener/controlplane:v1.107.1` - gardenlet: `europe-docker.pkg.dev/gardener-project/releases/charts/gardener/gardenlet:v1.107.1` - operator: `europe-docker.pkg.dev/gardener-project/releases/charts/gardener/operator:v1.107.1` - resource-manager: `europe-docker.pkg.dev/gardener-project/releases/charts/gardener/resource-manager:v1.107.1` #### Docker Images - admission-controller: `europe-docker.pkg.dev/gardener-project/releases/gardener/admission-controller:v1.107.1` - apiserver: `europe-docker.pkg.dev/gardener-project/releases/gardener/apiserver:v1.107.1` - controller-manager: `europe-docker.pkg.dev/gardener-project/releases/gardener/controller-manager:v1.107.1` - gardenlet: `europe-docker.pkg.dev/gardener-project/releases/gardener/gardenlet:v1.107.1` - node-agent: `europe-docker.pkg.dev/gardener-project/releases/gardener/node-agent:v1.107.1` - operator: `europe-docker.pkg.dev/gardener-project/releases/gardener/operator:v1.107.1` - resource-manager: `europe-docker.pkg.dev/gardener-project/releases/gardener/resource-manager:v1.107.1` - scheduler: `europe-docker.pkg.dev/gardener-project/releases/gardener/scheduler:v1.107.1`

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

This PR has been generated by Renovate Bot.

gardener-robot commented 1 week ago

@gardener-ci-robot Thank you for your contribution.

gardener-ci-robot commented 1 week ago

ℹ Artifact update notice

File name: go.mod

In order to perform the update(s) described in the table above, Renovate ran the go get command, which resulted in the following additional change(s):

Details:

Package Change
k8s.io/utils v0.0.0-20240921022957-49e7df575cb6 -> v0.0.0-20241104163129-6fe5fd82f078
github.com/gardener/etcd-druid v0.23.2 -> v0.24.1
github.com/prometheus-operator/prometheus-operator/pkg/apis/monitoring v0.77.2 -> v0.78.1
golang.org/x/crypto v0.28.0 -> v0.29.0
golang.org/x/exp v0.0.0-20241009180824-f66d83c29e7c -> v0.0.0-20241108190413-2d47ceb2692f
golang.org/x/mod v0.21.0 -> v0.22.0
golang.org/x/net v0.30.0 -> v0.31.0
golang.org/x/sync v0.8.0 -> v0.9.0
golang.org/x/sys v0.26.0 -> v0.27.0
golang.org/x/term v0.25.0 -> v0.26.0
golang.org/x/text v0.19.0 -> v0.20.0
golang.org/x/time v0.7.0 -> v0.8.0
golang.org/x/tools v0.26.0 -> v0.27.0
google.golang.org/genproto/googleapis/api v0.0.0-20240827150818-7e3bb234dfed -> v0.0.0-20240903143218-8af14fe29dc1