provider-azure-1.47.0

[gardener/gardener-extension-provider-azure]

🏃 Others

• [OPERATOR] The BackupBucket controller now adds an additional field in the generated secret to indicate the blob storage service domain. This can be used to create blobs in other Azure environments like CN or USGov. by @kon-angelo [#931]
• [OPERATOR] The shoot-webhook that mutates the calico-node DaemonSet does now specify object selector. The webhook will now intercept only requests for the calico-node DaemonSet. by @ialidzhikov [#903]

Helm Charts

• admission-azure-application: europe-docker.pkg.dev/gardener-project/releases/charts/gardener/extensions/admission-azure-application:v1.47.0
• admission-azure-runtime: europe-docker.pkg.dev/gardener-project/releases/charts/gardener/extensions/admission-azure-runtime:v1.47.0
• provider-azure: europe-docker.pkg.dev/gardener-project/releases/charts/gardener/extensions/provider-azure:v1.47.0

Docker Images

• gardener-extension-admission-azure: europe-docker.pkg.dev/gardener-project/releases/gardener/extensions/admission-azure:v1.47.0
• gardener-extension-provider-azure: europe-docker.pkg.dev/gardener-project/releases/gardener/extensions/provider-azure:v1.47.0

provider-azure-1.46.2

[gardener/gardener-extension-provider-azure]

🏃 Others

• [OPERATOR] DNSRecord Actuator client will now default to the public Azure cloud if no explicit config is given (instead of failing) by @AndreasBurger [#938]

Helm Charts

• admission-azure: europe-docker.pkg.dev/gardener-project/releases/charts/gardener/extensions/admission-azure:v1.46.2
• provider-azure: europe-docker.pkg.dev/gardener-project/releases/charts/gardener/extensions/provider-azure:v1.46.2

Docker Images

• gardener-extension-admission-azure: europe-docker.pkg.dev/gardener-project/releases/gardener/extensions/admission-azure:v1.46.2
• gardener-extension-provider-azure: europe-docker.pkg.dev/gardener-project/releases/gardener/extensions/provider-azure:v1.46.2

provider-azure-1.46.1

[gardener/gardener-extension-provider-azure]

🐛 Bug Fixes

• [USER] Also pass cloud instance name to the cloud control manager by @AndreasBurger [#937]

Helm Charts

• admission-azure: europe-docker.pkg.dev/gardener-project/releases/charts/gardener/extensions/admission-azure:v1.46.1
• provider-azure: europe-docker.pkg.dev/gardener-project/releases/charts/gardener/extensions/provider-azure:v1.46.1

Docker Images

• gardener-extension-admission-azure: europe-docker.pkg.dev/gardener-project/releases/gardener/extensions/admission-azure:v1.46.1
• gardener-extension-provider-azure: europe-docker.pkg.dev/gardener-project/releases/gardener/extensions/provider-azure:v1.46.1

provider-azure-1.46.0

[gardener/gardener-extension-provider-azure]

📰 Noteworthy

• [USER] When no CloudConfiguration is given, the Azure Cloud instance to connect to will be inferred from the region configured for the shoot by @AndreasBurger [#875]

✨ New Features

• [OPERATOR] Helm charts of extension and admission controller are published as OCI artifacts now. by @oliver-goetz [#920]

🐛 Bug Fixes

• [OPERATOR] Removed unnecessary preStop hook from node-driver-registrar in csi-driver-node, as socket removal is now handled internally by node-driver-registrar, resolving distroless image error. by @AndreasBurger [#912]

🏃 Others

• [OPERATOR] A priorityClassName can now be set for the admission deployment via the gardener-extension-admission-azure Helm chart. by @timuthy [#913]
• [OPERATOR] Update the VPA CRD used for testing locally by @hebelsan [#926]
• [OPERATOR] Inserts architecture from worker to the machine class by @sssash18 [#924]
• [OPERATOR] Deletion will now continue if non-gardener-managed loadbalancers and subnets were already deleted beforehand by @AndreasBurger [#925]
• [OPERATOR] Starting with gardenlet >= v1.98.0, use controlplane webhook object selector to limit mutator calls. by @LucaBernstein [#905]

[gardener/machine-controller-manager-provider-azure]

📰 Noteworthy

• [USER] Fixed a bug that prevented everything but authentication from connecting to non-public Azure Cloud instances. by @AndreasBurger [gardener/machine-controller-manager-provider-azure#157]

Helm Charts

• admission-azure: europe-docker.pkg.dev/gardener-project/releases/charts/gardener/extensions/admission-azure:v1.46.0
• provider-azure: europe-docker.pkg.dev/gardener-project/releases/charts/gardener/extensions/provider-azure:v1.46.0

Docker Images

• gardener-extension-admission-azure: europe-docker.pkg.dev/gardener-project/releases/gardener/extensions/admission-azure:v1.46.0
• gardener-extension-provider-azure: europe-docker.pkg.dev/gardener-project/releases/gardener/extensions/provider-azure:v1.46.0

provider-azure-1.45.2

[gardener/gardener-extension-provider-azure]

🏃 Others

• [OPERATOR] Fix a bug that would migrate shoots away from terraform during control-plane migration. This would occur only if the seed was marked to use the flow reconciler for new shoots. by @AndreasBurger [#930]

Docker Images

• gardener-extension-admission-azure: europe-docker.pkg.dev/gardener-project/releases/gardener/extensions/admission-azure:v1.45.2
• gardener-extension-provider-azure: europe-docker.pkg.dev/gardener-project/releases/gardener/extensions/provider-azure:v1.45.2

provider-azure-1.45.1

[gardener/gardener-extension-provider-azure]

🐛 Bug Fixes

• [OPERATOR] Fix bug where only one infra mutator gets called by @AndreasBurger [#911]

Docker Images

• gardener-extension-admission-azure: europe-docker.pkg.dev/gardener-project/releases/gardener/extensions/admission-azure:v1.45.1
• gardener-extension-provider-azure: europe-docker.pkg.dev/gardener-project/releases/gardener/extensions/provider-azure:v1.45.1

provider-azure-1.45.0

[gardener/machine-controller-manager-provider-azure]

📰 Noteworthy

• [USER] The cloud instance to connect to can now be configured via the provider spec by @AndreasBurger [gardener/machine-controller-manager-provider-azure#148]

🏃 Others

• [USER] Machine-Controller-Manager Provider-Azure now supports enabling of vm boot diagnostics. by @hebelsan [gardener/machine-controller-manager-provider-azure#136]
• [USER] Add support for ConfidentialVM types in Azure. by @kon-angelo [gardener/machine-controller-manager-provider-azure#146]
• [USER] Error Code is now extracted from azcore.ResponseError.ErrorCode by @rishabh-11 [gardener/machine-controller-manager-provider-azure#153]
• [USER] Fix passing data disk caching method by @hebelsan [gardener/machine-controller-manager-provider-azure#149]
• [DEVELOPER] Removed vendor directory by @rishabh-11 [gardener/machine-controller-manager-provider-azure#140]
• [DEVELOPER] Switch AzureDataDisk.Lun from pointer to value by @hebelsan [gardener/machine-controller-manager-provider-azure#150]

[gardener/gardener-extension-provider-azure]

✨ New Features

• [USER] Extension-Provider-Azure now supports enabling of vm boot diagnostics in the worker providerConfig. by @hebelsan [#808]

🏃 Others

• [OPERATOR] Add support for confidential VMs by @kon-angelo [#835]
• [OPERATOR] The CIDR blocks used for shoot egress will now be provided via the status of the shoot's infrastructure-resource by @AndreasBurger [#852]
• [OPERATOR] OverconstrainedZonalAllocationRequest is now classified as ERR_RETRYABLE_CONFIGURATION_PROBLEM by @Kostov6 [#881]
• [OPERATOR] Improve flow shoot deletion with custom vnet by @hebelsan [#896]
• [OPERATOR] A problem with deploying MachineClasses that reference an operating system image whose version contains a + character was fixed. by @AndreasBurger [#898]

[gardener/machine-controller-manager]

⚠️ Breaking Changes

• [DEVELOPER] New provider method Driver.InitializeMachine added for Post-Creation VM Instance Initialization steps. by @elankath [gardener/machine-controller-manager#898]

🏃 Others

• [OPERATOR] Updated k8s dependencies to v0.29.3 by @rishabh-11 [gardener/machine-controller-manager#907]
• [OPERATOR] Removed vendor directory by @rishabh-11 [gardener/machine-controller-manager#903]

Docker Images

• gardener-extension-admission-azure: europe-docker.pkg.dev/gardener-project/releases/gardener/extensions/admission-azure:v1.45.0
• gardener-extension-provider-azure: europe-docker.pkg.dev/gardener-project/releases/gardener/extensions/provider-azure:v1.45.0

provider-azure-1.44.1

[gardener/gardener-extension-provider-azure]

🐛 Bug Fixes

• [OPERATOR] Fixes a monitoring configuration issue that caused false CCM-down alerts to fire. by @AndreasBurger [#884]
• [USER] Fix panic that could occur when using zoned cluster and providing external vnet config by @AndreasBurger [#885]

Docker Images

• gardener-extension-admission-azure: europe-docker.pkg.dev/gardener-project/releases/gardener/extensions/admission-azure:v1.44.1
• gardener-extension-provider-azure: europe-docker.pkg.dev/gardener-project/releases/gardener/extensions/provider-azure:v1.44.1

provider-aws-1.59.1

[gardener/gardener-extension-provider-aws]

🐛 Bug Fixes

• [USER] Use ipv6 CIDR in ID string only for IPv6 only subnets. by @AndreasBurger [#1163]

Helm Charts

• admission-aws-application: europe-docker.pkg.dev/gardener-project/releases/charts/gardener/extensions/admission-aws-application:v1.59.1
• admission-aws-runtime: europe-docker.pkg.dev/gardener-project/releases/charts/gardener/extensions/admission-aws-runtime:v1.59.1
• provider-aws: europe-docker.pkg.dev/gardener-project/releases/charts/gardener/extensions/provider-aws:v1.59.1

Docker Images

• gardener-extension-admission-aws: europe-docker.pkg.dev/gardener-project/releases/gardener/extensions/admission-aws:v1.59.1
• gardener-extension-provider-aws: europe-docker.pkg.dev/gardener-project/releases/gardener/extensions/provider-aws:v1.59.1

provider-aws-1.59.0

[gardener/gardener-extension-provider-aws]

⚠️ Breaking Changes

• [OPERATOR] The Helm charts for the application and runtime parts of the gardener-extension-admission-aws admission controller have been separated into standalone charts. These charts now assume a Garden setup with a virtual garden. Both charts must be deployed individually: the runtime chart on the Garden runtime cluster, and the application chart on the virtual garden. Additionally, the intermediate global level in the Helm values has been removed, so you may need to adjust your provided values accordingly. by @MartinWeindel [#1100]

📰 Noteworthy

• [DEVELOPER] Updated AWS SDK from v1 to v2 by @AndreasBurger [#1060]

✨ New Features

• [OPERATOR] Adjustments for additional deployment of extension and admission controller on Garden runtime cluster by gardener-operator. by @MartinWeindel [#1100]
• [OPERATOR] Support specification of extended resources in provider config node template without re-specifying core resources. by @elankath [#1010]

🏃 Others

• [OPERATOR] Fixed terraform deploy and integration tests for IPv6. by @axel7born [#1112]
• [OPERATOR] update images of pause and alpine container by @hebelsan [#1101]
• [OPERATOR] Add IPv4 ranges from Spec.Networking to Status.Networking. by @axel7born [#1094]
• [OPERATOR] Filter pod ranges for IPv4 CIDRs to configure Custom-Route-Controller. by @axel7born [#1138]
• [OPERATOR] Create bastion vm from the info provided in the cloud profile bastion section by @hebelsan [#1040]
• [OPERATOR] Added validation to allow only IPv6-only shoot clusters, but not dual-stack as it is not supported, yet. by @ScheererJ [#1095]
• [OPERATOR] Fixed an issue preventing the deployment of internal load balancers in IPv6-only shoots. by @axel7born [#1108]
• [OPERATOR] Add NamespacedCloudProfile admission mutation and validation to support custom machine images and types. by @LucaBernstein [#1136]
• [OPERATOR] Remove the duplicate provider type check from the admission webhooks. by @LucaBernstein [#1117]
• [OPERATOR] Fix an issue where the "0.0.0.0/0" route creation would fail if the nat-gateway was previously deleted. by @kon-angelo [#1111]
• [OPERATOR] Update gardener to v1.106.1 by @hebelsan [#1110]
• [OPERATOR] Dual-stack networking, i.e. networks with IPv4 and IPv6, are allowed now. by @ScheererJ [#1139]
• [OPERATOR] AWS load balancers controller is always enabled for IPv6-only and dual-stack shoot clusters. by @ScheererJ [#1099]
• [OPERATOR] Harmonize logging output from controller-runtime logger and kubernetes logger. by @DockToFuture [#1105]
• [OPERATOR] gosec was introduced for Static Application Security Testing (SAST). by @DockToFuture [#1105]
• [DEPENDENCY] Update go to version 1.23.3 by @hebelsan [#1121]
• [DEVELOPER] Add gosec as sast makefile target by @hebelsan [#1123]

📖 Documentation

• [USER] Add overview documentation for IPv6 by @ScheererJ [#1143]

[gardener/aws-custom-route-controller]

✨ New Features

• [USER] gosec was introduced for Static Application Security Testing (SAST). by @ScheererJ [gardener/aws-custom-route-controller#34]
• [USER] Update sdk version to v2 by @kon-angelo [gardener/aws-custom-route-controller#48]
• [USER] The aws-custom-route-controller only adds node routes for IPv4 pod CIDR ranges and does not interfere with IPv6 routes. by @DockToFuture [gardener/aws-custom-route-controller#43]

🏃 Others

• [OPERATOR] Bumps golang from 1.23.2 to 1.23.3. by @dependabot[bot] [gardener/aws-custom-route-controller#44]
• [OPERATOR] Bumps golang from 1.23.1 to 1.23.2. by @dependabot[bot] [gardener/aws-custom-route-controller#33]