search

gardener / gardener-extension-shoot-rsyslog-relp

Other
0 stars 15 forks source link

Bump github.com/gardener/gardener from 1.95.2 to 1.96.0 #113

Closed dependabot[bot] closed 6 months ago

dependabot[bot] commented 6 months ago

Bumps github.com/gardener/gardener from 1.95.2 to 1.96.0.

Release notes

Sourced from github.com/gardener/gardener's releases.

v1.96.0

[gardener/gardener]

⚠️ Breaking Changes

  • [DEVELOPER] The pkg/utils/kubernetes.{Key,ObjectMeta{FromKey}} functions have been dropped. Use client.ObjectKey or metav1.ObjectMeta instead. by @​rfranzke #9808
  • [DEVELOPER] ControllerDeployment objects using a custom type (other than helm) are deprecated. Support for custom types will be removed when the core.gardener.cloud/v1beta1 API version is dropped. by @​timebertt #9771
  • [DEVELOPER] Packages extensions/pkg/util/{secret,index} were removed. by @​dimityrmirchev #9784
  • [DEVELOPER] The allow-shoot-networks NetworkPolicy has been dropped entirely, hence, the networking.gardener.cloud/to-shoot-networks=allowed label has no effect anymore and should be removed. by @​rfranzke #9752
  • [DEPENDENCY] With the removal of the github.com/gardener/gardener/extensions/pkg/webhook/controlplane/genericmutator.Ensurer#EnsureKubeAPIServerService func, the provider extensions using the genericmutator.Ensurer no longer need to mutate Services and should no longer mutate Services to prevent no-op webhook invocations. by @​ialidzhikov #9770
  • [DEPENDENCY] The github.com/gardener/gardener/extensions/pkg/webhook/controlplane/genericmutator.Ensurer#EnsureKubeAPIServerService func is removed. This func was used before the introduction of ManagedIstio/APIServerSNI (when the kube-apiserver Service was of type LoadBalancer) to set cloud provider specific annotations to the Service. However, after ManagedIstio/APIServerSNI are unconditionally enabled (the kube-apiserver Service is of type ClusterIP) this func is no longer used. Nowadays, istio-ingressgateway Service annotations can be provided via the Seed spec. by @​ialidzhikov #9770

📰 Noteworthy

  • [DEVELOPER] The hack/generate-controller-registration.sh script now generates a ControllerDeployment object in the core.gardener.cloud/v1 API version. by @​timebertt #9771

✨ New Features

  • [DEVELOPER] The secrets manager has new option for controlling the secret rotation. If the new generate option RenewAfterValidityPercentage(v) is set, a secret will be renewed based on whichever comes first: The percentage of validity you specify in RenewAfterValidityPercentage or 10 days before the secret's end of validity. If not specified, the default 80% is used as before. by @​MartinWeindel #9819
  • [DEVELOPER] Extensions deploying shoot cluster system components can now make use of the pkg/component/observability/monitoring/prometheus/shoot.ClusterComponentScrapeConfigSpec function in order to generate a ScrapeConfig for the shoot's Prometheus. by @​rfranzke #9737
  • [DEVELOPER] Skaffold now rebuilds components if embedded files have changed. by @​maboehm #9778
  • [OPERATOR] A new core.gardener.cloud/v1 API version is introduced which only includes the ControllerDeployment resource for now. The new version of the ControllerDeployment drops the type and providerConfig fields in favor of a well-structured section for helm-based ControllerDeployments. by @​timebertt #9771
  • [OPERATOR] Use .spec.settings.loadBalancerServices.proxyProtocol and .spec.settings.loadBalancerServices.zones[].proxyProtocol to specify whether your seed's load balancer services should terminate proxy protocol. The explicit nature of the setting allows a seamless migration while enforcing a good security posture. by @​ScheererJ #9844
  • [OPERATOR] The VPAAndHPAForAPIServer feature gate is now also implemented for the gardener-operator. When enabled, the virtual-garden-kube-apiserver and gardener-apiserver are scaled simultaneously by VPA and HPA on the same metric (CPU and memory usage). by @​ialidzhikov #9735
  • [OPERATOR] gardener-operator is now able to manage gardener-discovery-server. For details, please check the Discovery Server configuration section. by @​dimityrmirchev #9746
  • [OPERATOR] It is now possible to specify an OCI repository in ControllerDeployments describing from where the Helm chart can be pulled (instead of specifying a base64-encoded chart in the specification). by @​maboehm #9823
  • [USER] Users can now enable managed service account issuers for their shoots if the Gardener installation has this capability enabled. For details, please check the Managed Service Account Issuer documentation. by @​dimityrmirchev #9746

🐛 Bug Fixes

  • [USER] A bug has been fixed which prevented Shoot deletion in case it was still annotated with maintenance.gardener.cloud/operation. by @​rfranzke #9854
  • [USER] An issue causing the node-problem-detector to be OOMKilled is now fixed. Previously, too low memory limit was set when VPA was enabled for the Shoot. by @​ialidzhikov #9797
  • [OPERATOR] gardenlet: An issue causing Shoot deletion to fail due to "Secret etcd-backup not found" error caused by not yet created shoot namespace is now fixed. by @​Kostov6 #9871
  • [OPERATOR] A regression is fixed and now the shoot control plane Prometheus forwards its alerts to the seed alertmanager. by @​istvanballok #9876
  • [OPERATOR] gardenlet: An issue causing gardenlet to trigger unnecessary kube-apiserver rolling updates by reverting the VPN sidercar containers resource requests set by HVPA for HA Shoots is now fixed by disabling autoscaling for the VPN sidecar containers. by @​ialidzhikov #9875
  • [DEVELOPER] The {virtual|runtime}-garden Prometheus / blackbox-exporter probes in the local gardener-operator setup are fixed. by @​istvanballok #9832

🏃 Others

  • [OPERATOR] Nodes are now labeled with "worker.gardener.cloud/gardener-node-agent-secret-name", which includes the expected name of the secret used by gardener-node-agent. by @​MichaelEischer #9757
  • [OPERATOR] The Cache Prometheus scrapes the kubelet and cadvisor metrics directly, without using the proxy feature of the API server. by @​istvanballok #9716
  • [OPERATOR] The CoreDNSQueryRewriting feature gate has been promoted to beta and is turned on by default. by @​ScheererJ #9820
  • [OPERATOR] Introduce a unified single alert for all seed conditions. Previous seed alerts GardenletDown, GardenletUnknown, SeedAPIServerUnavailable, SeedControlPlaneUnhealthy and SeedSystemComponentsUnhealthy are removed. by @​vicwicker #9750
  • [OPERATOR] The resource requests of the vpn-client-{0,1} sidecar container are reduced from 100m and 100Mi to 20m and 10Mi. The resource requests of the vpn-controller-path sidecar container are reduced from 20Mi to 10Mi. by @​ialidzhikov #9875
  • [OPERATOR] Port 8132 of istio ingress gateway will respond to all ordinary http requests regardless of the target domain with a redirect (301) to the https port by @​ScheererJ #9831
  • [OPERATOR] Introduce new label shoot_dashboard_url in the alerts from the garden Prometheus by @​vicwicker #9818
  • [OPERATOR] Resource limits are removed for the observability components by @​istvanballok #9785
  • [OPERATOR] The MutableShootSpecNetworkingNodes feature gate has been promoted to beta and is turned on by default. by @​ScheererJ #9824
  • [OPERATOR] Shoot clusters with Kubernetes version >= v1.29 will use cluster-autoscaler v1.29.0. by @​rishabh-11 #9822
  • [DEPENDENCY] The registry.k8s.io/pause image has been updated to 3.10. by @​gardener-ci-robot #9837

Docker Images

  • admission-controller: europe-docker.pkg.dev/gardener-project/releases/gardener/admission-controller:v1.96.0
  • apiserver: europe-docker.pkg.dev/gardener-project/releases/gardener/apiserver:v1.96.0

... (truncated)

Commits
  • 83277e0 Release v1.96.0
  • e00541e [release-v1.96] The shoot control plane Prometheus forwards its alerts to the...
  • c8171ef [release-v1.96] VPN sidecar containers: Disable autoscaling and reduce resour...
  • 80a6514 [release-v1.96] Fix Secret etcd-backup not found (#9871)
  • 3b61cb9 [provider-local] Harmonize local VPN setup with real-world scenario (#9752)
  • b47f592 Shoot deletion: Prevent false negative validation when maintenance operation ...
  • 9f3b254 [GEP-19] Adapt monitoring configuration for shoot control plane components (#...
  • 210b15a Fix the {virtual|runtime}-garden probes in the local gardener-operator setup ...
  • c72cab2 Add the VPAAndHPAForAPIServer feature gate for the gardener-operator (#9735)
  • 694b31b Extend Seed API to explicitly enable/disable support for terminating proxy ...
  • Additional commits viewable in compare view


Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
gardener-prow[bot] commented 6 months ago

[APPROVALNOTIFIER] This PR is NOT APPROVED

This pull-request has been approved by: Once this PR has been reviewed and has the lgtm label, please assign kostov6 for approval. For more information see the Kubernetes Code Review Process.

The full list of commands accepted by this bot can be found here.

Needs approval from an approver in each of these files: - **[OWNERS](https://github.com/gardener/gardener-extension-shoot-rsyslog-relp/blob/main/OWNERS)** Approvers can indicate their approval by writing `/approve` in a comment Approvers can cancel approval by writing `/approve cancel` in a comment
gardener-robot-ci-1 commented 6 months ago

Thank you @dependabot[bot] for your contribution. Before I can start building your PR, a member of the organization must set the required label(s) {'reviewed/ok-to-test'}. Once started, you can check the build status in the PR checks section below.

gardener-prow[bot] commented 6 months ago

@dependabot[bot]: The following tests failed, say /retest to rerun all failed tests or /retest-required to rerun all mandatory failed tests:

Test name Commit Details Required Rerun command
pull-gardener-extension-shoot-rsyslog-relp-unit 9f5513988c7863a613e220260eaf4aafccb9d826 link true /test pull-gardener-extension-shoot-rsyslog-relp-unit
pull-gardener-extension-shoot-rsyslog-relp-image-build 9f5513988c7863a613e220260eaf4aafccb9d826 link true /test pull-gardener-extension-shoot-rsyslog-relp-image-build
pull-gardener-extension-shoot-rsyslog-relp-integration 9f5513988c7863a613e220260eaf4aafccb9d826 link true /test pull-gardener-extension-shoot-rsyslog-relp-integration
pull-gardener-extension-shoot-rsyslog-relp-e2e-kind 9f5513988c7863a613e220260eaf4aafccb9d826 link true /test pull-gardener-extension-shoot-rsyslog-relp-e2e-kind

Full PR test history. Your PR dashboard. Command help for this repository. Please help us cut down on flakes by linking this test failure to an open flake report or filing a new flake report if you can't find an existing one. Also see our testing guideline for how to avoid and hunt flakes.

Instructions for interacting with me using PR comments are available [here](https://git.k8s.io/community/contributors/guide/pull-requests.md). If you have questions or suggestions related to my behavior, please file an issue against the [kubernetes-sigs/prow](https://github.com/kubernetes-sigs/prow/issues/new?title=Prow%20issue:) repository. I understand the commands that are listed [here](https://go.k8s.io/bot-commands).
dependabot[bot] commented 6 months ago

Superseded by #114.