[USER] The two additional labels worker.gardener.cloud/image-name and worker.gardener.cloud/image-version that were previously introduced and attached to worker nodes are removed again to fix a regression that causes the kubelet to restart on nodes that are due to be upgraded to a new OS but not rolled yet which causes their Pods to become temporarily unready. by @gardener-ci-robot#8551
[DEVELOPER] If the kubeletCSRApprover controller is enabled, it is now mandatory to specify the namespace in the source cluster in which the Machine resources reside via .controllers.kubeletCSRApprover.machineNamespace. by @rfranzke#8483
[DEVELOPER]leader-election-resource-lock flag is dropped and the leader-election resource-lock is hard coded to leases. by @acumino#8464
[DEVELOPER] The .{source,target}ClientConnection.namespace field has been renamed to namespaces and now takes a list of namespaces. The .targetClientConnection.disableCachedClient field has been removed. by @rfranzke#8483
[OPERATOR] It is no longer possible to configure .spec.virtualCluster.kubernetes.kubeAPIServer.authorization in the Garden API. by @rfranzke#8309
[OPERATOR] The deprecated .spec.virtualCluster.dns.domain field has been dropped from the Garden API. Make use of .spec.virtualCluster.dns.domains. by @rfranzke#8434
📰 Noteworthy
[OPERATOR]gardener-resource-manager now disables cache only for Secrets and ConfigMap if DisableCachedClient set to true. by @acumino#8474
[OPERATOR] The following golang dependencies have been upgraded, please consult the upstream release notes and this issue for guidance on upgrading your golang dependencies when vendoring this gardener version:
k8s.io/* to v0.28.2
sigs.k8s.io/controller-runtime to v0.16.2
sigs.k8s.io/controller-tools to v0.13.0 by @acumino#8464
[OPERATOR] The target cache for gardener-resource-manager is now unconditionally enabled, leading to faster reconciliations and less network I/O. by @rfranzke#8483
[USER] Gardener now reports nodes for which the checksum/cloud-config-data hasn't been populated yet. This could point towards an error on the node and that not all Gardener related configuration happened successfully. by @timuthy#8448
✨ New Features
[OPERATOR]gardener-operator now runs a new controller which protects Secrets and ConfigMaps with a finalizer in case they are referenced in Garden resources. by @rfranzke#8439
[OPERATOR] It is now possible to trigger gardenlet kubeconfig renewal for unmanaged Seeds by annotating them with gardener.cloud/operation=renew-kubeconfig. This was already supported for ManagedSeeds only. by @oliver-goetz#8396
[OPERATOR] The ResourcesProgressing condition appearing in the status of ManagedResources now checks for non-terminated Pods before reporting status=False. by @rfranzke#8515
[OPERATOR]gardener-operator is now managing the Gardener control plane components (gardener-{apiserver,admission-controller,controller-manager,scheduler}). by @rfranzke#8309
[OPERATOR]gardener-operator now renews garden access secrets and the gardenlet kubeconfig on all Seeds during CA/service account signing key credentials rotation. by @oliver-goetz#8396
[OPERATOR]gardener-operator now takes over management of gardener-metrics-exporter. by @acumino#8419
[OPERATOR] Gardener can now support clusters with Kubernetes version 1.28. In order to allow creation/update of 1.28 clusters you will have to update the version of your provider extension(s) to a version that supports 1.28 as well. Please consult the respective releases and notes in the provider extension's repository. by @oliver-goetz#8479
[OPERATOR] It is now possible to configure .spec.virtualCluster.gardener.gardenerAPIServer.auditWebhook in the Garden API. by @rfranzke#8309
[OPERATOR]gardener-operator now refuses to start if operators attempt to downgrade or skip minor Gardener versions. Please see this document for more information. by @rfranzke#8413
[DEVELOPER] Gardener can now support clusters with Kubernetes version 1.28. Extension developers have to prepare individual extensions as well to work with 1.28. by @oliver-goetz#8479
[DEVELOPER] The plutono dashboards are now verified as part of make check. by @Sallyan#8401
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.
Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
Bumps github.com/gardener/gardener from 1.76.2 to 1.80.1.
Release notes
Sourced from github.com/gardener/gardener's releases.
... (truncated)
Commits
5bbabb8
Release v1.80.150bfc32
AddresourceId
togardener-metrics-exporter
image (#8550)0df6e47
Revert "add labels to workers identifying the os image (#8295)" (#8551)2578913
Prepare next Dev Cycle v1.80.1-devafe3775
Release v1.80.0a20b90a
Enable cache ingarden
namespace for `virtual-garden-gardener-resource-mana...f09575e
Add more versioned tool binaries for (go build) gardener tools to `gardenerto...be5c988
ResourcesProgressing
condition checks for non-terminatedPod
s before repo...3f226a6
Fiximport-tools-bin
make target on Linux (#8523)a4460a0
Increase timeout from15m
to20m
in Garden credentials rotation e2e test ...Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase
.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show