v1.42.1

[gardener/gardener-extension-provider-gcp]

🏃 Others

• [OPERATOR] Fix an issue where the node-cidr-mask-size was not respected by the IPAM controller of the cloud-controller-manager by @kon-angelo [#955]

Helm Charts

• admission-gcp-application: europe-docker.pkg.dev/gardener-project/releases/charts/gardener/extensions/admission-gcp-application:v1.42.1
• admission-gcp-runtime: europe-docker.pkg.dev/gardener-project/releases/charts/gardener/extensions/admission-gcp-runtime:v1.42.1
• provider-gcp: europe-docker.pkg.dev/gardener-project/releases/charts/gardener/extensions/provider-gcp:v1.42.1

Docker Images

• gardener-extension-admission-gcp: europe-docker.pkg.dev/gardener-project/releases/gardener/extensions/admission-gcp:v1.42.1
• gardener-extension-provider-gcp: europe-docker.pkg.dev/gardener-project/releases/gardener/extensions/provider-gcp:v1.42.1

v1.42.0

[gardener/gardener-extension-provider-gcp]

📰 Noteworthy

• [USER] The kube-system/csi-driver-node DaemonSet is no longer scaled by a VerticalPodAutoscaler as it does not really benefit from it. Removing VerticalPodAutoscaler for that component will reduce unnecessary evictions by VPA and will be a mitigation for https://issues.k8s.io/126921. by @ialidzhikov [#929]
• [OPERATOR] Added support for immutable backup buckets in the GCP provider extension. Operators can configure immutability settings to enhance backup data security by preventing data alteration or deletion before the specified retention period. by @seshachalam-yv [#906]

✨ New Features

• [OPERATOR] Support specification of extended resources in provider config node template without re-specifying core resources. by @elankath [#889]

🐛 Bug Fixes

• [USER] Fix the NamespacedCloudProfile status mutation. by @LucaBernstein [#942]

🏃 Others

• [DEPENDENCY] Update gardener to v1.110.0 by @hebelsan [#927]
• [OPERATOR] Validate that all images in cloudProfile map to a valid image in the cloudProfileConfig by @hebelsan [#932]

[gardener/machine-controller-manager-provider-gcp]

🏃 Others

• [USER] MCM provider GCP is able to provide the values for a shieldedInstanceConfiguration from a machineClass to the GCP API. by @MrBatschner [gardener/machine-controller-manager-provider-gcp#135]
• [DEVELOPER] The gardener/machine-controller-manager dependency has been updated to v0.55.1. Release Notes by @thiyyakat [gardener/machine-controller-manager-provider-gcp#134]
• [DEVELOPER] Added gosec for Static Application Security Testing (SAST). by @thiyyakat [gardener/machine-controller-manager-provider-gcp#134]
• [DEVELOPER] Updated go lang version to 1.23.3 by @thiyyakat [gardener/machine-controller-manager-provider-gcp#134]

[gardener/terraformer]

🐛 Bug Fixes

• [DEVELOPER] Provider azurerm was updated to version 3.47.0 and is now properly recognising the ARM_OIDC_TOKEN_FILE_PATH env variable. by @dimityrmirchev [gardener/terraformer#156]

🏃 Others

• [OPERATOR] Update golang to v1.23.5 by @kon-angelo [gardener/terraformer#157]
• [OPERATOR] Update alpine to v3.21.2 by @kon-angelo [gardener/terraformer#157]

Helm Charts

• admission-gcp-application: europe-docker.pkg.dev/gardener-project/releases/charts/gardener/extensions/admission-gcp-application:v1.42.0
• admission-gcp-runtime: europe-docker.pkg.dev/gardener-project/releases/charts/gardener/extensions/admission-gcp-runtime:v1.42.0
• provider-gcp: europe-docker.pkg.dev/gardener-project/releases/charts/gardener/extensions/provider-gcp:v1.42.0

Docker Images

• gardener-extension-admission-gcp: europe-docker.pkg.dev/gardener-project/releases/gardener/extensions/admission-gcp:v1.42.0
• gardener-extension-provider-gcp: europe-docker.pkg.dev/gardener-project/releases/gardener/extensions/provider-gcp:v1.42.0

v1.41.1

[gardener/gardener-extension-provider-gcp]

🏃 Others

• [OPERATOR] Disable --allocate-node-cidrs in kube-controller-manager for kubernetes >= 1.31 as cloud-controller-manager takes over this responsibility. by @hebelsan [#937]

Helm Charts

• admission-gcp-application: europe-docker.pkg.dev/gardener-project/releases/charts/gardener/extensions/admission-gcp-application:v1.41.1
• admission-gcp-runtime: europe-docker.pkg.dev/gardener-project/releases/charts/gardener/extensions/admission-gcp-runtime:v1.41.1
• provider-gcp: europe-docker.pkg.dev/gardener-project/releases/charts/gardener/extensions/provider-gcp:v1.41.1

Docker Images

• gardener-extension-admission-gcp: europe-docker.pkg.dev/gardener-project/releases/gardener/extensions/admission-gcp:v1.41.1
• gardener-extension-provider-gcp: europe-docker.pkg.dev/gardener-project/releases/gardener/extensions/provider-gcp:v1.41.1

v1.41.0

[gardener/gardener-extension-provider-gcp]

⚠️ Breaking Changes

• [OPERATOR] gardener-extension-admission-gcp Helm chart has been removed. The admission can be deployed by applying admission-gcp-application and admission-gcp-runtime charts separately. With this change the global structure in Helm values of these charts has been removed. Still supported settings have been moved to other sections. by @oliver-goetz [#905]

✨ New Features

• [OPERATOR] The extension can now be deployed via extensions.operator.gardener.cloud CRD. by @oliver-goetz [#905]

🏃 Others

• [DEPENDENCY] Update go to version 1.23.3 by @hebelsan [#890]
• [DEPENDENCY] Update csi-driver from v.15.0 to v.15.1 by @hebelsan [#907]
• [OPERATOR] Add NamespacedCloudProfile admission mutation and validation to support custom machine images and types. by @LucaBernstein [#918]
• [OPERATOR] Remove the duplicate provider type check from the admission webhooks. by @LucaBernstein [#885]
• [OPERATOR] Create bastion vm from the info provided in the cloud profile bastion section by @hebelsan [#826]
• [DEVELOPER] Add gosec as sast makefile target by @hebelsan [#892]

Helm Charts

• admission-gcp-application: europe-docker.pkg.dev/gardener-project/releases/charts/gardener/extensions/admission-gcp-application:v1.41.0
• admission-gcp-runtime: europe-docker.pkg.dev/gardener-project/releases/charts/gardener/extensions/admission-gcp-runtime:v1.41.0
• provider-gcp: europe-docker.pkg.dev/gardener-project/releases/charts/gardener/extensions/provider-gcp:v1.41.0

Docker Images

• gardener-extension-admission-gcp: europe-docker.pkg.dev/gardener-project/releases/gardener/extensions/admission-gcp:v1.41.0
• gardener-extension-provider-gcp: europe-docker.pkg.dev/gardener-project/releases/gardener/extensions/provider-gcp:v1.41.0

v1.40.1

[gardener/gardener-extension-provider-gcp]

🐛 Bug Fixes

• [USER] Fix missing RBAC PV patching permissions for csi-provisioner" by @kon-angelo [#900]

Helm Charts

• admission-gcp-application: europe-docker.pkg.dev/gardener-project/releases/charts/gardener/extensions/admission-gcp-application:v1.40.1
• admission-gcp-runtime: europe-docker.pkg.dev/gardener-project/releases/charts/gardener/extensions/admission-gcp-runtime:v1.40.1
• provider-gcp: europe-docker.pkg.dev/gardener-project/releases/charts/gardener/extensions/provider-gcp:v1.40.1

Docker Images

• gardener-extension-admission-gcp: europe-docker.pkg.dev/gardener-project/releases/gardener/extensions/admission-gcp:v1.40.1
• gardener-extension-provider-gcp: europe-docker.pkg.dev/gardener-project/releases/gardener/extensions/provider-gcp:v1.40.1

v1.40.0

[gardener/gardener-extension-provider-gcp]

⚠️ Breaking Changes

• [USER] Remove redundant firewall rule *-allow-external-access that allowed traffic from all 0 by @kon-angelo [#876]

🏃 Others

• [OPERATOR] Check priority of firewall rules in integration tests by @kon-angelo [#877]
• [OPERATOR] Added validation to prevent IPv6-only/dual-stack clusters as they are not supported, yet. by @ScheererJ [#878]
• [OPERATOR] Update gardener/gardener to v1.105.0 by @hebelsan [#869]
• [OPERATOR] Updating CSI driver provisioner ClusterRole rules by @hebelsan [#867]
• [OPERATOR] Prevent unnecessary CNI side car containers for SNAT to upstream DNS servers by @ScheererJ [#868]

[gardener/machine-controller-manager]

✨ New Features

• [DEVELOPER] MCM replaces the magic string <<MACHINE_NAME>> in user data with the name of the machine when it is bootstrapped. by @oliver-goetz [gardener/machine-controller-manager#919]
• [DEVELOPER] MCM adds the name of the machine to node.gardener.cloud/machine-name label of the corresponding node. by @oliver-goetz [gardener/machine-controller-manager#919]

🐛 Bug Fixes

• [DEVELOPER] Fixed bug that removed the shoot-- prefix from control cluster namespace for integration tests using the gardener local setup case by @thiyyakat [gardener/machine-controller-manager#935]
• [OPERATOR] Fixed a bug where failure of machine initialization caused label updates to not happen. by @thiyyakat [gardener/machine-controller-manager#940]
• [OPERATOR] Fixed a bug where the Unitialised error code was blocking machine deletion by @rishabh-11 [gardener/machine-controller-manager#928]

🏃 Others

• [DEVELOPER] The following dependencies are updated:
  • k8s.io/* : v0.29.3 -> v0.31.0 by @ary1992 [gardener/machine-controller-manager#938]
• [OPERATOR] golangci-lint will now be used as the linter instead of the older golint by @aaronfern [gardener/machine-controller-manager#929]
• [OPERATOR] Drain timeout is now correctly honored for Pod eviction during Machine Drain by @sssash18 [gardener/machine-controller-manager#920]
• [OPERATOR] Golang version used is now upgraded to 1.22.5 by @aaronfern [gardener/machine-controller-manager#929]
• [OPERATOR] getVMStatus always redirects to InitiateDrain. It also populates the node label on the machine object by checking node.gardener.cloud/machine-name label on the nodes. by @thiyyakat [gardener/machine-controller-manager#940]

📖 Documentation

• [OPERATOR] Broken API doc links are now fixed by @rishabh-11 [gardener/machine-controller-manager#927]

[gardener/machine-controller-manager-provider-gcp]

🏃 Others

• [OPERATOR] golangci-lint will now be used as the linter instead of the older golint by @aaronfern [gardener/machine-controller-manager-provider-gcp#127]
• [USER] Golang version updated to 1.22.5 by @rishabh-11 [gardener/machine-controller-manager-provider-gcp#126]
• [DEVELOPER] MCM can now retrieve the project ID from a "projectID" data key, allowing support for credential configurations that do not directly contain the project ID. One such case is a workload identity credential configuration. by @dimityrmirchev [gardener/machine-controller-manager-provider-gcp#130]

Helm Charts

• admission-gcp-application: europe-docker.pkg.dev/gardener-project/releases/charts/gardener/extensions/admission-gcp-application:v1.40.0
• admission-gcp-runtime: europe-docker.pkg.dev/gardener-project/releases/charts/gardener/extensions/admission-gcp-runtime:v1.40.0
• provider-gcp: europe-docker.pkg.dev/gardener-project/releases/charts/gardener/extensions/provider-gcp:v1.40.0

Docker Images

• gardener-extension-admission-gcp: europe-docker.pkg.dev/gardener-project/releases/gardener/extensions/admission-gcp:v1.40.0
• gardener-extension-provider-gcp: europe-docker.pkg.dev/gardener-project/releases/gardener/extensions/provider-gcp:v1.40.0

v1.39.1

[gardener/gardener-extension-provider-gcp]

🏃 Others

• [OPERATOR] Fix an issue where the firewall rules where created with the wrong priority when using the flow reconciler. by @kon-angelo [#873]

Helm Charts

• admission-gcp-application: europe-docker.pkg.dev/gardener-project/releases/charts/gardener/extensions/admission-gcp-application:v1.39.1
• admission-gcp-runtime: europe-docker.pkg.dev/gardener-project/releases/charts/gardener/extensions/admission-gcp-runtime:v1.39.1
• provider-gcp: europe-docker.pkg.dev/gardener-project/releases/charts/gardener/extensions/provider-gcp:v1.39.1

Docker Images

• gardener-extension-admission-gcp: europe-docker.pkg.dev/gardener-project/releases/gardener/extensions/admission-gcp:v1.39.1
• gardener-extension-provider-gcp: europe-docker.pkg.dev/gardener-project/releases/gardener/extensions/provider-gcp:v1.39.1

v1.38.2

[gardener/gardener-extension-provider-gcp]

🏃 Others

• [OPERATOR] Fix an issue where the firewall rules where created with the wrong priority when using the flow reconciler. by @kon-angelo [#874]

Helm Charts

• admission-gcp-application: europe-docker.pkg.dev/gardener-project/releases/charts/gardener/extensions/admission-gcp-application:v1.38.2
• admission-gcp-runtime: europe-docker.pkg.dev/gardener-project/releases/charts/gardener/extensions/admission-gcp-runtime:v1.38.2
• provider-gcp: europe-docker.pkg.dev/gardener-project/releases/charts/gardener/extensions/provider-gcp:v1.38.2

Docker Images

• gardener-extension-admission-gcp: europe-docker.pkg.dev/gardener-project/releases/gardener/extensions/admission-gcp:v1.38.2
• gardener-extension-provider-gcp: europe-docker.pkg.dev/gardener-project/releases/gardener/extensions/provider-gcp:v1.38.2

v1.39.0

[gardener/gardener-extension-provider-gcp]

📰 Noteworthy

• [USER] In order to reduce log events, only the minimal required changes will be made when applying firewall rules using the flow-reconciler. This matches the behaviour of the Terraform-reconciler. by @AndreasBurger [#831]
• [OPERATOR] Switch to upstream CCM for kubernetes versions greater than 1.31.0 by @AndreasBurger [#842]

✨ New Features

• [USER] Enable support for the field shoot.Spec.CloudProfile alongside shoot.Spec.CloudProfileName and enable the future use of NamespacedCloudProfile. by @LucaBernstein [#853]
• [USER] The provider-gcp extension does now support shoot clusters with Kubernetes version 1.31. You should consider the Kubernetes release notes before upgrading to 1.31. by @ialidzhikov [#844]
• [USER] The admission webhook now validates CredentialsBindings. by @dimityrmirchev [#832]

🏃 Others

• [OPERATOR] The provider-gcp extension no longer configures min/maxAllowed in any managed VPA resource. by @AndreasBurger [#854]
• [OPERATOR] Update CCM and CSI-sidecar containers to latest version by @AndreasBurger [#816]
• [OPERATOR] Disable soft-delete for new GCP backupbuckets. by @kon-angelo [#834]
• [DEVELOPER] Update gardener/gardener to 1.103.0 and golang to 1.23.0 by @hebelsan [#841]

Helm Charts

• admission-gcp-application: europe-docker.pkg.dev/gardener-project/releases/charts/gardener/extensions/admission-gcp-application:v1.39.0
• admission-gcp-runtime: europe-docker.pkg.dev/gardener-project/releases/charts/gardener/extensions/admission-gcp-runtime:v1.39.0
• provider-gcp: europe-docker.pkg.dev/gardener-project/releases/charts/gardener/extensions/provider-gcp:v1.39.0

Docker Images

• gardener-extension-admission-gcp: europe-docker.pkg.dev/gardener-project/releases/gardener/extensions/admission-gcp:v1.39.0
• gardener-extension-provider-gcp: europe-docker.pkg.dev/gardener-project/releases/gardener/extensions/provider-gcp:v1.39.0

v1.38.1

[gardener/gardener-extension-provider-gcp]

🏃 Others

• [OPERATOR] Fix a missing error check on the GCP operation waiter that caused nil pointer exceptions. by @kon-angelo [#864]

Helm Charts

• admission-gcp-application: europe-docker.pkg.dev/gardener-project/releases/charts/gardener/extensions/admission-gcp-application:v1.38.1
• admission-gcp-runtime: europe-docker.pkg.dev/gardener-project/releases/charts/gardener/extensions/admission-gcp-runtime:v1.38.1
• provider-gcp: europe-docker.pkg.dev/gardener-project/releases/charts/gardener/extensions/provider-gcp:v1.38.1

Docker Images

• gardener-extension-admission-gcp: europe-docker.pkg.dev/gardener-project/releases/gardener/extensions/admission-gcp:v1.38.1
• gardener-extension-provider-gcp: europe-docker.pkg.dev/gardener-project/releases/gardener/extensions/provider-gcp:v1.38.1