gardener / gardener-extension-provider-aws

Gardener extension controller for the AWS cloud provider (https://aws.amazon.com).
https://gardener.cloud
Apache License 2.0
19 stars 97 forks source link

Bump github.com/gardener/gardener from 1.106.1 to 1.107.0 #1116

Closed dependabot[bot] closed 3 weeks ago

dependabot[bot] commented 3 weeks ago

Bumps github.com/gardener/gardener from 1.106.1 to 1.107.0.

Release notes

Sourced from github.com/gardener/gardener's releases.

v1.107.0

[gardener/gardener]

⚠️ Breaking Changes

  • [DEVELOPER] The unused method WithShootCredentials have been removed from github.com/gardener/gardener/pkg/gardenlet/operation/shoot.Builder. by @​vpnachev #10672
  • [DEVELOPER] In the local development setup, the images are pushed to garden.local.gardener.cloud:5001 instead of localhost:5001 now. Please add 127.0.0.1 garden.local.gardener.cloud to your /etc/hosts. by @​rrhubenov #10257
  • [OPERATOR] Feature gate IPv6SingleStack has been removed. Infrastructure-specific validations will be added in parallel to the corresponding provider extensions. by @​ScheererJ #10716

📰 Noteworthy

  • [OPERATOR] ManagedSeed's .spec.gardenlet.config.seedConfig.spec.ingress.controller.kind field is now defaulted to nginx when
    .spec.gardenlet.config.seedConfig or .spec.gardenlet.config.seedConfig.spec.ingress is nil.
    This allows the creation of ManagedSeed without specifying the .spec.gardenlet field. by @​RadaBDimitrova #10655
  • [OPERATOR] A new required controller was added to gardener-operator. It maintains the RequiredRuntime condition for Extension resources to indicate that the extension deployment is required in the Garden-Runtime cluster. by @​timuthy #10650
  • [OPERATOR] The gardener/controlplane Helm chart has been deprecated and will be removed after v1.135 has been released (around beginning of 2026). We urge you to switch to a gardener-operator-based installation. Read all about it here. by @​rfranzke #10706
  • [DEVELOPER] .spec.gardenlet of ManagedSeed is now a required field. This was already the case from an API perspective, enforced by validation. by @​RadaBDimitrova #10648
  • [USER] The spec.kubernetes.kubeAPIServer.oidcConfig field in the Shoot API is deprecated and will be removed after support for Kubernetes 1.31 is dropped. by @​AleksandarSavchev #10666

✨ New Features

  • [OPERATOR] If an admission webhook which was deployed via Extension resource by gardener-operator is deleted again, its webhook configuration in the virtual-cluster is cleaned up automatically. by @​oliver-goetz #10585
  • [OPERATOR] The CloudProfile, Seed, and Shoot APIs are now allowing to configure access restrictions (e.g., to enable "EU access"-only or similar policies). The legacy approach with the seed.gardener.cloud/eu-access labels is deprecated and will be removed in a future release. Make sure to adapt to the new APIs. Read all about it here. by @​rfranzke #10654
  • [USER] The viewer kubeconfigs for shoot clusters now allow the pods/log subresource. by @​rfranzke #10711
  • [USER] Service Account Managed Issuer can be now enabled for workerless shoot clusters. by @​dimityrmirchev #10689
  • [USER] Structured authorization configuration can now be set by creating a ConfigMap with the AuthorizationConfiguration file set in the config.yaml data key and referencing it (in the Shoot via .spec.kubernetes.kubeAPIServer.structuredAuthorization, in the Garden via .spec.virtualCluster.kubernetes.kubeAPIServer.structuredAuthorization for Kubernetes versions >= v1.30. Read all about it here. by @​rfranzke #10682
  • [USER] Gardener reports the cluster's egress CIDRs in Shoot.status.networking.egressCIDRs if supported by the used provider extension. by @​timebertt #10240

🐛 Bug Fixes

  • [OPERATOR] Fix Prometheus rule shoot-kube-proxy. by @​LucaBernstein #10757
  • [OPERATOR] The TopologySpreadConstraints calculation was improved for StatefulSets to always use a stable label selector. This led to issues in the past when shoots were upgraded to HA. by @​timuthy #10750
  • [OPERATOR] valitail version is now pinned to v2.2.15 (depends on glibc 2.32). by @​ialidzhikov #10776

🏃 Others

... (truncated)

Commits
  • 3bb8cdc Release v1.107.0
  • cac3a69 Fix network validation for Shoot control plane migration case. (#10777)
  • 4af74fa Revert "chore(deps): update dependency kyverno/kyverno to v1.13.0 (#10746)" (...
  • 93593d0 Pin valitail version to v2.2.15 (#10776)
  • bb89282 [release-v1.107] Fix index out of range error in access restriction handling ...
  • 60b675c Increase the readiness probe timeout for the gardener-metrics-exporter (#10771)
  • c03003d Fix Prometheus rule shoot-kube-proxy (kube-proxy.rules) (#10757)
  • 3544c00 Add check for using plain http on helm push only if registry is glgc (#10743)
  • 55caa7f chore(deps): update dependency envoyproxy/envoy to v1.32.1 (#10755)
  • ee2de9a Fix TSC for StatefulSets (#10750)
  • Additional commits viewable in compare view


Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
gardener-robot-ci-1 commented 3 weeks ago

Thank you @dependabot[bot] for your contribution. Before I can start building your PR, a member of the organization must set the required label(s) {'reviewed/ok-to-test'}. Once started, you can check the build status in the PR checks section below.

gardener-robot commented 3 weeks ago

@dependabot[bot] Thank you for your contribution.