v0.14.1

[gardener/gardener-extension-registry-cache]

🐛 Bug Fixes

• [OPERATOR] An issue where the referenced registry-cache config or TLS Secret is being garbage collected while it is still in-use has been fixed. by @dimitar-kostadinov [#364]

Helm Charts

• admission-registry-cache-application: europe-docker.pkg.dev/gardener-project/releases/charts/gardener/extensions/admission-registry-cache-application:v0.14.1
• admission-registry-cache-runtime: europe-docker.pkg.dev/gardener-project/releases/charts/gardener/extensions/admission-registry-cache-runtime:v0.14.1
• registry-cache: europe-docker.pkg.dev/gardener-project/releases/charts/gardener/extensions/registry-cache:v0.14.1

Docker Images

• gardener-extension-registry-cache-admission: europe-docker.pkg.dev/gardener-project/releases/gardener/extensions/registry-cache-admission:v0.14.1
• gardener-extension-registry-cache: europe-docker.pkg.dev/gardener-project/releases/gardener/extensions/registry-cache:v0.14.1

v0.13.2

[gardener/gardener-extension-registry-cache]

🐛 Bug Fixes

• [OPERATOR] An issue where the referenced registry-cache config or TLS Secret is being garbage collected while it is still in-use has been fixed. by @dimitar-kostadinov [#364]

Helm Charts

• admission-registry-cache-application: europe-docker.pkg.dev/gardener-project/releases/charts/gardener/extensions/admission-registry-cache-application:v0.13.2
• admission-registry-cache-runtime: europe-docker.pkg.dev/gardener-project/releases/charts/gardener/extensions/admission-registry-cache-runtime:v0.13.2
• registry-cache: europe-docker.pkg.dev/gardener-project/releases/charts/gardener/extensions/registry-cache:v0.13.2

Docker Images

• gardener-extension-registry-cache-admission: europe-docker.pkg.dev/gardener-project/releases/gardener/extensions/registry-cache-admission:v0.13.2
• gardener-extension-registry-cache: europe-docker.pkg.dev/gardener-project/releases/gardener/extensions/registry-cache:v0.13.2

v0.14.0

[gardener/gardener-extension-registry-cache]

✨ New Features

• [USER] In registry-cache < v0.12, TLS was not supported for a registry cache.
  In registry-cache@v0.13.0, TLS was enabled by default and there was no option to disable it.
  The TLS feature is now configurable for a registry cache using the providerConfig.caches[].http.tls field. Using this field, the TLS can be disabled which is useful for cases where a machinery that consumes a registry cache endpoint is not yet adapted to consume it over HTTPS. by @ialidzhikov [#331]

🐛 Bug Fixes

• [USER] An issue causing reconciliation to fail for caches with long upstreams (> 59 chars) is now fixed. by @ialidzhikov [#339]

🏃 Others

• [OPERATOR] Registry cache Services with IPv6 spec.clusterIP are now supported. by @dimitar-kostadinov [#336]
• [OPERATOR] The registry cache DNS service names are now included in the Subject Alternative Name of the server certificate. by @dimitar-kostadinov [#336]

Helm Charts

• admission-registry-cache-application: europe-docker.pkg.dev/gardener-project/releases/charts/gardener/extensions/admission-registry-cache-application:v0.14.0
• admission-registry-cache-runtime: europe-docker.pkg.dev/gardener-project/releases/charts/gardener/extensions/admission-registry-cache-runtime:v0.14.0
• registry-cache: europe-docker.pkg.dev/gardener-project/releases/charts/gardener/extensions/registry-cache:v0.14.0

Docker Images

• gardener-extension-registry-cache-admission: europe-docker.pkg.dev/gardener-project/releases/gardener/extensions/registry-cache-admission:v0.14.0
• gardener-extension-registry-cache: europe-docker.pkg.dev/gardener-project/releases/gardener/extensions/registry-cache:v0.14.0

v0.13.1

[gardener/gardener-extension-registry-cache]

🐛 Bug Fixes

• [OPERATOR] A corner case causing the registry-cache Service to be deleted (and later on recreated again) during the non-TLS to TLS migration (from registry-cache@v0.12 to registry-cache@v.013) is now mitigated. by @ialidzhikov [#327]

Helm Charts

• admission-registry-cache-application: europe-docker.pkg.dev/gardener-project/releases/charts/gardener/extensions/admission-registry-cache-application:v0.13.1
• admission-registry-cache-runtime: europe-docker.pkg.dev/gardener-project/releases/charts/gardener/extensions/admission-registry-cache-runtime:v0.13.1
• registry-cache: europe-docker.pkg.dev/gardener-project/releases/charts/gardener/extensions/registry-cache:v0.13.1

Docker Images

• gardener-extension-registry-cache-admission: europe-docker.pkg.dev/gardener-project/releases/gardener/extensions/registry-cache-admission:v0.13.1
• gardener-extension-registry-cache: europe-docker.pkg.dev/gardener-project/releases/gardener/extensions/registry-cache:v0.13.1

v0.13.0

[gardener/gardener-extension-registry-cache]

✨ New Features

• [USER] The communication between containerd and the registry cache is no longer over plain HTTP. The communication is now encrypted with TLS. The pull through cache is now served over HTTPS. by @dimitar-kostadinov [#245]
• [USER] The registry cache now supports optional proxy settings. by @dergeberl [#246]

🏃 Others

• [USER] The following image is updated:
  • europe-docker.pkg.dev/gardener-project/releases/3rd/registry: 3.0.0-beta.1 -> 3.0.0-rc.2 by @ialidzhikov [#309]
• [DEVELOPER] A new TM test that verifies that registry cache is working after CA rotation is introduced. by @dimitar-kostadinov [#285]

Helm Charts

• admission-registry-cache-application: europe-docker.pkg.dev/gardener-project/releases/charts/gardener/extensions/admission-registry-cache-application:v0.13.0
• admission-registry-cache-runtime: europe-docker.pkg.dev/gardener-project/releases/charts/gardener/extensions/admission-registry-cache-runtime:v0.13.0
• registry-cache: europe-docker.pkg.dev/gardener-project/releases/charts/gardener/extensions/registry-cache:v0.13.0

Docker Images

• gardener-extension-registry-cache-admission: europe-docker.pkg.dev/gardener-project/releases/gardener/extensions/registry-cache-admission:v0.13.0
• gardener-extension-registry-cache: europe-docker.pkg.dev/gardener-project/releases/gardener/extensions/registry-cache:v0.13.0

v0.12.0

[gardener/gardener-extension-registry-cache]

🐛 Bug Fixes

• [DEVELOPER] An issue causing make extension-up to fail to patch the ControllerDeployment is now mitigated. by @ialidzhikov [#277]
• [DEVELOPER] An issue causing make extension-up to do NOT generate a new tag for local source code changes is now fixed. by @ialidzhikov [#279]

🏃 Others

• [OPERATOR] The following Distribution issue distribution/distribution#4478 is now mitigated. by @dimitar-kostadinov [#292]
• [OPERATOR] The extension and admission charts do no longer specify VPA maxAllowed values by default. You can still configure maxAllowed values, if needed. by @ialidzhikov [#296]
• [DEVELOPER] The parallel execution of e2e tests is increase from 2 to 3 to speed up the e2e test execution times. by @ialidzhikov [#280]
• [DEVELOPER] gosec is made available for SAST(static application security testing). It can be run with make sast or make sast-report, but is also incorporated in the verify and verify-extended makefile targets. by @Kostov6 [#272]

Helm Charts

• admission-registry-cache-application: europe-docker.pkg.dev/gardener-project/releases/charts/gardener/extensions/admission-registry-cache-application:v0.12.0
• admission-registry-cache-runtime: europe-docker.pkg.dev/gardener-project/releases/charts/gardener/extensions/admission-registry-cache-runtime:v0.12.0
• registry-cache: europe-docker.pkg.dev/gardener-project/releases/charts/gardener/extensions/registry-cache:v0.12.0

Docker Images

• gardener-extension-registry-cache-admission: europe-docker.pkg.dev/gardener-project/releases/gardener/extensions/registry-cache-admission:v0.12.0
• gardener-extension-registry-cache: europe-docker.pkg.dev/gardener-project/releases/gardener/extensions/registry-cache:v0.12.0

v0.11.0

[gardener/gardener-extension-registry-cache]

⚠️ Breaking Changes

• [OPERATOR] The specification of the image in gardener-extension-registry-cache Helm chart has been changed. by @oliver-goetz [#229]

✨ New Features

• [OPERATOR] Helm charts of extension and admission controller are published as OCI artifacts now. by @oliver-goetz [#229]
• [OPERATOR] All container images are built for linux/amd64 and linux/arm64 now. by @oliver-goetz [#229]

🐛 Bug Fixes

• [OPERATOR] The monitoring resources (dashboards ConfigMap, PrometheusRule, ScrapeConfig) are now deleted when the Extension is deleted. by @ialidzhikov [#268]

🏃 Others

• [DEVELOPER] e2e tests are no longer using test images from public ECR as the Distribution project cannot pull blobs from it. by @dimitar-kostadinov [#254]
• [DEVELOPER] The verification in the e2e test is enhanced to check that all image layers of an image are present in the registry cache storage. by @dimitar-kostadinov [#255]
• [DEVELOPER] A new e2e test that covers upstream registries with credentials is now added. by @dimitar-kostadinov [#184]
• [DEVELOPER] The golang version is updated to 1.23.0. by @dependabot[bot] [#239]

Helm Charts

• admission-registry-cache-application: europe-docker.pkg.dev/gardener-project/releases/charts/gardener/extensions/admission-registry-cache-application:v0.11.0
• admission-registry-cache-runtime: europe-docker.pkg.dev/gardener-project/releases/charts/gardener/extensions/admission-registry-cache-runtime:v0.11.0
• registry-cache: europe-docker.pkg.dev/gardener-project/releases/charts/gardener/extensions/registry-cache:v0.11.0

Docker Images

• gardener-extension-registry-cache-admission: europe-docker.pkg.dev/gardener-project/releases/gardener/extensions/registry-cache-admission:v0.11.0
• gardener-extension-registry-cache: europe-docker.pkg.dev/gardener-project/releases/gardener/extensions/registry-cache:v0.11.0

v0.10.0

[gardener/gardener-extension-registry-cache]

⚠️ Breaking Changes

• [OPERATOR] The legacy method of providing monitoring configuration via ConfigMaps labeled with extensions.gardener.cloud/configuration=monitoring has been removed. The extension does now only uses the new contract for providing monitoring configuration. Before upgrading to this version of the extension, make sure that the deployed Gardener version supports the new monitoring contract. by @dimitar-kostadinov [#237]

📰 Noteworthy

• [DEVELOPER] The containerd registry configuration hosts.toml files are now created using the OpetingSystemConfig CRI API. by @dimitar-kostadinov [#227]

🏃 Others

• [OPERATOR] A priorityClassName can now be set for the admission deployment via the admission Helm chart. by @timuthy [#222]
• [OPERATOR] The registry-cache admission validation is skipped when no semantic change in providerConfig is detected. by @dimitar-kostadinov [#210]
• [OPERATOR] The following image is updated:
  • europe-docker.pkg.dev/gardener-project/releases/3rd/registry: 3.0.0-alpha.1 -> 3.0.0-beta.1 by @ialidzhikov [#224]

Docker Images

• gardener-extension-registry-cache-admission: europe-docker.pkg.dev/gardener-project/releases/gardener/extensions/registry-cache-admission:v0.10.0
• gardener-extension-registry-cache: europe-docker.pkg.dev/gardener-project/releases/gardener/extensions/registry-cache:v0.10.0

v0.9.0

[gardener/gardener-extension-registry-cache]

⚠️ Breaking Changes

• [USER] The registry.extensions.gardener.cloud/v1alpha2 API version is removed. Use registry.extensions.gardener.cloud/v1alpha3 instead. by @ialidzhikov [#165]
• [OPERATOR] The registry.extensions.gardener.cloud/v1alpha2 API version is removed. Before upgrading to this version, make sure that there are no usages of the registry.extensions.gardener.cloud/v1alpha2 API version in the landscape. by @ialidzhikov [#165]

📰 Noteworthy

• [USER] The registry cache StatefulSets for registries with upstream host with more than 43 chars will be recreated. Only the StatefulSet will be recreated, the underlying PVC remains the same. by @dimitar-kostadinov [#186]

🏃 Others

• [OPERATOR] This extension is now using the new way of providing monitoring configuration (ref GEP-19) in case a shoot cluster's Prometheus has been migrated to management via prometheus-operator. by @ialidzhikov [#187]
• [OPERATOR] The upstream fields in the registry-mirror and registry-cache APIs now support optional port (e.g. example.io:5000). by @dimitar-kostadinov [#183]
• [OPERATOR] A new optional remoteURL field in the registry-cache API allows specifying the URL of the upstream registry (e.g. http://example.io:5000). by @dimitar-kostadinov [#183]
• [OPERATOR] The registry-cache extension does now support the Deploying Gardener Locally and Enabling Provider-Extensions local setup. by @dimitar-kostadinov [#193]

Docker Images

• gardener-extension-registry-cache-admission: europe-docker.pkg.dev/gardener-project/releases/gardener/extensions/registry-cache-admission:v0.9.0
• gardener-extension-registry-cache: europe-docker.pkg.dev/gardener-project/releases/gardener/extensions/registry-cache:v0.9.0

v0.8.0

[gardener/gardener-extension-registry-cache]

⚠️ Breaking Changes

• [OPERATOR] registry-cache extension no longer supports Shoots with Кubernetes version == 1.24. by @shafeeqes [#121]

🐛 Bug Fixes

• [OPERATOR] Fixed an issue where the extension-registry-configuration-cleaner ManagedResource could block Shoot deletion if the registry-cache extension was disabled before the Shoot deletion was triggered, and disabling the extension failed while trying to deploy the said ManagedResource and wait for it to become ready. by @ialidzhikov [#173]

🏃 Others

• [OPERATOR] Registry configuration option http.draintimeout is set to 25 seconds to activate registry graceful shutdown. by @dimitar-kostadinov [#162]
• [OPERATOR] The registry-cache extension defines recording rules (shoot:registry_proxy_pushed_bytes_total:sum and shoot:registry_proxy_pulled_bytes_total:sum) that are federated in the Seed cluster's aggregate prometheus and also in the prometheus in the runtime cluster. These rules make possible to query registry-cache related metrics from the prometheus in the runtime cluster and in this way get an overview for given set of Shoot clusters. by @ialidzhikov [#169]

Docker Images

• gardener-extension-registry-cache-admission: europe-docker.pkg.dev/gardener-project/releases/gardener/extensions/registry-cache-admission:v0.8.0
• gardener-extension-registry-cache: europe-docker.pkg.dev/gardener-project/releases/gardener/extensions/registry-cache:v0.8.0