search

gardener / gardener-extension-provider-azure

Gardener extension controller for the Azure cloud provider (https://azure.microsoft.com).
https://gardener.cloud
Apache License 2.0
9 stars 77 forks source link

Bump github.com/gardener/gardener from 1.95.1 to 1.96.1 #877

Closed dependabot[bot] closed 1 month ago

dependabot[bot] commented 1 month ago

Bumps github.com/gardener/gardener from 1.95.1 to 1.96.1.

Release notes

Sourced from github.com/gardener/gardener's releases.

v1.96.1

[gardener/gardener]

🐛 Bug Fixes

  • [OPERATOR] Increase VPA admission-controller rate limits to avoid endless eviction loops in case when many Pods are evicted at the same time. by @​voelzmo #9887

Docker Images

  • admission-controller: europe-docker.pkg.dev/gardener-project/releases/gardener/admission-controller:v1.96.1
  • apiserver: europe-docker.pkg.dev/gardener-project/releases/gardener/apiserver:v1.96.1
  • controller-manager: europe-docker.pkg.dev/gardener-project/releases/gardener/controller-manager:v1.96.1
  • gardenlet: europe-docker.pkg.dev/gardener-project/releases/gardener/gardenlet:v1.96.1
  • node-agent: europe-docker.pkg.dev/gardener-project/releases/gardener/node-agent:v1.96.1
  • operator: europe-docker.pkg.dev/gardener-project/releases/gardener/operator:v1.96.1
  • resource-manager: europe-docker.pkg.dev/gardener-project/releases/gardener/resource-manager:v1.96.1
  • scheduler: europe-docker.pkg.dev/gardener-project/releases/gardener/scheduler:v1.96.1

v1.96.0

[gardener/gardener]

⚠️ Breaking Changes

  • [DEVELOPER] The pkg/utils/kubernetes.{Key,ObjectMeta{FromKey}} functions have been dropped. Use client.ObjectKey or metav1.ObjectMeta instead. by @​rfranzke #9808
  • [DEVELOPER] ControllerDeployment objects using a custom type (other than helm) are deprecated. Support for custom types will be removed when the core.gardener.cloud/v1beta1 API version is dropped. by @​timebertt #9771
  • [DEVELOPER] Packages extensions/pkg/util/{secret,index} were removed. by @​dimityrmirchev #9784
  • [DEVELOPER] The allow-shoot-networks NetworkPolicy has been dropped entirely, hence, the networking.gardener.cloud/to-shoot-networks=allowed label has no effect anymore and should be removed. by @​rfranzke #9752
  • [DEPENDENCY] With the removal of the github.com/gardener/gardener/extensions/pkg/webhook/controlplane/genericmutator.Ensurer#EnsureKubeAPIServerService func, the provider extensions using the genericmutator.Ensurer no longer need to mutate Services and should no longer mutate Services to prevent no-op webhook invocations. by @​ialidzhikov #9770
  • [DEPENDENCY] The github.com/gardener/gardener/extensions/pkg/webhook/controlplane/genericmutator.Ensurer#EnsureKubeAPIServerService func is removed. This func was used before the introduction of ManagedIstio/APIServerSNI (when the kube-apiserver Service was of type LoadBalancer) to set cloud provider specific annotations to the Service. However, after ManagedIstio/APIServerSNI are unconditionally enabled (the kube-apiserver Service is of type ClusterIP) this func is no longer used. Nowadays, istio-ingressgateway Service annotations can be provided via the Seed spec. by @​ialidzhikov #9770

📰 Noteworthy

  • [DEVELOPER] The hack/generate-controller-registration.sh script now generates a ControllerDeployment object in the core.gardener.cloud/v1 API version. by @​timebertt #9771

✨ New Features

  • [DEVELOPER] The secrets manager has new option for controlling the secret rotation. If the new generate option RenewAfterValidityPercentage(v) is set, a secret will be renewed based on whichever comes first: The percentage of validity you specify in RenewAfterValidityPercentage or 10 days before the secret's end of validity. If not specified, the default 80% is used as before. by @​MartinWeindel #9819
  • [DEVELOPER] Extensions deploying shoot cluster system components can now make use of the pkg/component/observability/monitoring/prometheus/shoot.ClusterComponentScrapeConfigSpec function in order to generate a ScrapeConfig for the shoot's Prometheus. by @​rfranzke #9737
  • [DEVELOPER] Skaffold now rebuilds components if embedded files have changed. by @​maboehm #9778
  • [OPERATOR] A new core.gardener.cloud/v1 API version is introduced which only includes the ControllerDeployment resource for now. The new version of the ControllerDeployment drops the type and providerConfig fields in favor of a well-structured section for helm-based ControllerDeployments. by @​timebertt #9771
  • [OPERATOR] Use .spec.settings.loadBalancerServices.proxyProtocol and .spec.settings.loadBalancerServices.zones[].proxyProtocol to specify whether your seed's load balancer services should terminate proxy protocol. The explicit nature of the setting allows a seamless migration while enforcing a good security posture. by @​ScheererJ #9844
  • [OPERATOR] The VPAAndHPAForAPIServer feature gate is now also implemented for the gardener-operator. When enabled, the virtual-garden-kube-apiserver and gardener-apiserver are scaled simultaneously by VPA and HPA on the same metric (CPU and memory usage). by @​ialidzhikov #9735
  • [OPERATOR] gardener-operator is now able to manage gardener-discovery-server. For details, please check the Discovery Server configuration section. by @​dimityrmirchev #9746
  • [OPERATOR] It is now possible to specify an OCI repository in ControllerDeployments describing from where the Helm chart can be pulled (instead of specifying a base64-encoded chart in the specification). by @​maboehm #9823
  • [USER] Users can now enable managed service account issuers for their shoots if the Gardener installation has this capability enabled. For details, please check the Managed Service Account Issuer documentation. by @​dimityrmirchev #9746

🐛 Bug Fixes

  • [USER] A bug has been fixed which prevented Shoot deletion in case it was still annotated with maintenance.gardener.cloud/operation. by @​rfranzke #9854
  • [USER] An issue causing the node-problem-detector to be OOMKilled is now fixed. Previously, too low memory limit was set when VPA was enabled for the Shoot. by @​ialidzhikov #9797
  • [OPERATOR] gardenlet: An issue causing Shoot deletion to fail due to "Secret etcd-backup not found" error caused by not yet created shoot namespace is now fixed. by @​Kostov6 #9871
  • [OPERATOR] A regression is fixed and now the shoot control plane Prometheus forwards its alerts to the seed alertmanager. by @​istvanballok #9876
  • [OPERATOR] gardenlet: An issue causing gardenlet to trigger unnecessary kube-apiserver rolling updates by reverting the VPN sidercar containers resource requests set by HVPA for HA Shoots is now fixed by disabling autoscaling for the VPN sidecar containers. by @​ialidzhikov #9875
  • [DEVELOPER] The {virtual|runtime}-garden Prometheus / blackbox-exporter probes in the local gardener-operator setup are fixed. by @​istvanballok #9832

... (truncated)

Commits
  • b0f772f Release v1.96.1
  • 90a4664 Increase VPA admission-controller QPS values (#9887)
  • a7c323d Prepare next Development Cycle v1.96.1-dev
  • 83277e0 Release v1.96.0
  • e00541e [release-v1.96] The shoot control plane Prometheus forwards its alerts to the...
  • c8171ef [release-v1.96] VPN sidecar containers: Disable autoscaling and reduce resour...
  • 80a6514 [release-v1.96] Fix Secret etcd-backup not found (#9871)
  • 3b61cb9 [provider-local] Harmonize local VPN setup with real-world scenario (#9752)
  • b47f592 Shoot deletion: Prevent false negative validation when maintenance operation ...
  • 9f3b254 [GEP-19] Adapt monitoring configuration for shoot control plane components (#...
  • Additional commits viewable in compare view


Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
gardener-robot commented 1 month ago

@dependabot[bot] Thank you for your contribution.

gardener-robot-ci-3 commented 1 month ago

Thank you @dependabot[bot] for your contribution. Before I can start building your PR, a member of the organization must set the required label(s) {'reviewed/ok-to-test'}. Once started, you can check the build status in the PR checks section below.

dependabot[bot] commented 1 month ago

Superseded by #887.