ironcore-dev / gardener-extension-provider-ironcore

Gardener extension controller for the IronCore cloud provider
https://github.com/ironcore-dev
Apache License 2.0
4 stars 4 forks source link

chore(deps): bump github.com/gardener/gardener from 1.80.3 to 1.86.0 #441

Closed dependabot[bot] closed 9 months ago

dependabot[bot] commented 10 months ago

Bumps github.com/gardener/gardener from 1.80.3 to 1.86.0.

Release notes

Sourced from github.com/gardener/gardener's releases.

v1.86.0

[gardener/gardener]

⚠️ Breaking Changes

  • [OPERATOR] All virtual garden access Secrets have to be labeled with with resources.gardener.cloud/class=shoot. Otherwise the virtual-GRM won't consider the Secrets and won't renew them. by @​rfranzke #8883
  • [OPERATOR] The ContainerdRegistryHostsDir feature gate has been promoted to beta and is now turned on by default. by @​ialidzhikov #8873
  • [DEVELOPER] Support for the deprecated NetworkPolicy annotations networking.resources.gardener.cloud/from-policy-allowed-ports and networking.resources.gardener.cloud/from-policy-pod-label-selector has been removed. Use networking.resources.gardener.cloud/from-<some-alias>-allowed-ports instead (documentation). by @​rfranzke #8883

📰 Noteworthy

  • [DEVELOPER] The local Gardener environments for e2e tests running in Prow are now backed by the registry-cache extensions enabled in the Prow cluster. This should have a positive impact on the network I/O for image pulls and resulting costs. by @​oliver-goetz #8880
  • [OPERATOR] The WorkerlessShoots has been promoted to GA and is now locked to "enabled by default". by @​acumino #8906

✨ New Features

  • [USER] It is now possible to configure the resources encrypted in the ETCD for shoot clusters, see this document for more details. by @​shafeeqes #8842
  • [USER] The shoots/viewerkubeconfig subresource now also restricts viewer access to resources which are specified in the spec.kubernetes.kubeAPIServer.encryptionConfig in the Shoot in addition to Secrets. by @​shafeeqes #8966
  • [USER] It is now possible to request a kubeconfig with read-only access (all APIs except core/v1.Secret) for shoot clusters by using the new shoots/viewerkubeconfig subresource. Read all about it here. by @​rfranzke #8870
  • [OPERATOR] The vpn-seed-server component now supports IPv4 seed clusters hosting IPv6 shoot clusters. by @​DockToFuture #8830
  • [OPERATOR] It is now possible to configure the resources encrypted in the ETCD for the virtual garden cluster, see this document for more details. by @​shafeeqes #8842

🐛 Bug Fixes

  • [DEPENDENCY] extension library: An issue causing the Worker restore operation to fail for hibernated Shoots is now fixed. by @​ialidzhikov #8943
  • [OPERATOR] A bug causing the Shoot to use the wrong istio load balancer if the ExposureClass name and the exposureclass handler name are not the same is now fixed. by @​shafeeqes #8926
  • [OPERATOR] Fixed a bug where a Shoot with an expired machine image or Kubernetes version could be created.
    For machine images: only allow updating to a higher expired machine image version for an existing worker pool
    For Kubernetes versions: do not allow creation of a worker pool with an expired K8s version, but still allow updating an existing worker pool to a higher expired version. by @​danielfoehrKn #8854
  • [OPERATOR] gardener-node-agent's OperatingSystemConfig controller now respects the reconciliation timeout and aborts the reconciliation if it takes too long. by @​rfranzke #8907
  • [OPERATOR] gardener-node-agent now creates temporary directories and files under /var/lib/gardener-node-agent/tmp instead of /tmp. This fixes issues during OperatingSystemConfig reconciliation which occur when /var and /tmp are backed by different file systems or devices. by @​rfranzke #8894
  • [OPERATOR] gardener-node-agent now skips disablement and stop attempts of deleted units in case their unit files have already been cleaned up by third parties. by @​rfranzke #8898
  • [OPERATOR] gardener-node-agent now converts the hostname to lower case to match kubelet behaviour when it maintains the kubernetes.io/hostname label on Nodes. by @​rfranzke #8902

🏃 Others

  • [OPERATOR] gardener-node-agent now stops waiting for systemd command results if they don't respond back after 10s. by @​rfranzke #8919
  • [OPERATOR] Add unhealthy nodes dashboard. by @​adenitiu #8869
  • [OPERATOR] Add egressCIDRs field to the infrastructureStatus resource. This allows provider-extensions to specify a list of stable CIDRs used as source IP for traffic generated by the shoot's worker nodes. by @​kon-angelo #8888
  • [DEVELOPER] Add support for optional SCRIPT_ROOT environment var in vgopath enabled hack scripts by @​afritzler #8935

[gardener/vpn2]

⚠️ Breaking Changes

  • [OPERATOR] Change OCI Image Registry from GCR (eu.gcr.io/gardener-project) to Artifact-Registry (europe-docker.pkg.dev/gardener-project/releases). Users should update their references. by @​ccwienkgardener/vpn2#62

📰 Noteworthy

  • [OPERATOR] added ipv6 single-stack support by @​nschadgardener/vpn2#45
  • [OPERATOR] Add iptables backend detection to firewall script. by @​axel7borngardener/vpn2#64

[gardener/apiserver-proxy]

📰 Noteworthy

  • [OPERATOR] Remove the optional creation of iptables rules and the flag--setup-iptables. by @​axel7borngardener/apiserver-proxy#70

... (truncated)

Commits
  • cee1201 Release v1.86.0
  • 483cda3 [release-v1.86] Revert "Spread Istio Ingress Gateway pods across hosts if the...
  • c75e3b6 [release-v1.86] Prevent reading encrypted resources with `shoots/viewerkubeco...
  • 0a20f87 Delete MCM before deleting the MCM resources in the Shoot force deletion flow...
  • e6f98fa egress cidrs (#8888)
  • 9748682 Upgrade vpn-seed-server and vpn-shoot-client (#8958)
  • f31674b typo (#8955)
  • 8077ed3 [scheduler] Clean up technical debt in defaulting code (#8832)
  • fd95bd4 Add e2e test for cpm of hibernated shoot (#8952)
  • 3374afd Fix CPM for hibernated Shoots (#8943)
  • Additional commits viewable in compare view


Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
dependabot[bot] commented 9 months ago

Superseded by #453.