By Category

CAPA Releases CAPV Releases CAPVCD Releases CAPZ Releases Connectivity Continuous Deployment Developer Portal Documentation Fleet Management Observability Others Security

RSS Feed

Changes and Releases

Updates on Giant Swarm workload cluster releases, apps, UI improvements and documentation changes.

Jan 23, 2026 CAPA releases releases aws-34.0.0
Changes compared to v33.1.4
Components
- cluster-aws from v6.4.3 to v7.2.5
- Flatcar from v4459.2.1 to v4459.2.2
- Kubernetes from v1.33.6 to v1.34.3
- os-tooling from v1.26.2 to v1.26.3
cluster-aws v6.4.3…v7.2.5
:warning: Breaking Changes
- The following IAM permissions have been removed from the control plane nodes
- autoscaling:SetDesiredCapacity
- autoscaling:TerminateInstanceInAutoScalingGroup
- Removed global.providerSpecific.reducedInstanceProfileIamPermissionsForWorkers value, as that’s the default behavior now. It cannot be overridden anymore.
Added
- Add kubernetes.io/cluster/$clusterName: "owned" and sigs.k8s.io/cluster-api-provider-aws/cluster/$clusterName: "owned" tags to the IRSAClaim CR so that resources created by Crossplane contain the expected tags. This also allows to find the S3 buckets that need to be deleted when removing a cluster.
- This change will roll the control plane nodes Add preKubeadmCommand to wait for the API server load balancer DNS to be resolvable before running kubeadm on control plane nodes. This prevents kubeadm from failing when the ELB DNS record hasn’t propagated yet.
- This change will roll the nodes Add Crossplane IAM Roles, policies and instance profiles for worker and control plane nodes. Instead of having an IAM Role per node pool, now we’ll use the same for all node pools.
- Add the priority-classes default app, enabled by default. This app provides standardised PriorityClass resources like giantswarm-critical and giantswarm-high, which should replace the previous inconsistent per-app priority classes.
- This change will roll the nodes on Karpenter node pools Attach the lb Security Group to Karpenter nodes.
- This change will roll the nodes on Karpenter node pools Name instance on AWS after the nodepool name.
Changed
- Chart: Update cluster to v5.1.2.
- Chart: Update cluster to v5.1.1.
- Chart: Update cluster to v5.1.0.
- Chart: Update cluster to v5.0.0.
- Reduce redundant parts of JSON schema for Karpenter vs. MachinePool types of node pools
- Adjust node max pods based on the nodeCidrMaskSize
Fixed
- Fix Karpenter schema definition: changed from app schema to helmRelease schema to correctly reflect that Karpenter is deployed as a HelmRelease resource. This fixes incorrect field definitions in extraConfigs (capitalized enum values ConfigMap/Secret and optional field instead of priority).
- Fix Karpenter NodePool subnet filtering: when users define custom subnetTags, the default giantswarm.io/role: "nodes" filter is no longer applied, allowing full control over subnet selection. The cluster ownership tag (sigs.k8s.io/cluster-api-provider-aws/cluster/<cluster-name>: owned) is still enforced for security.
- Fix Karpenter HelmRelease: add missing valuesFrom parent field for extraConfigs, enabling customers to use custom ConfigMaps and Secrets for Karpenter configuration.
- Ensure AWSCluster.spec.network.subnets.tags is not rendered as null
- Add missing documentation for node pools (health checks were not listed)
- Ensure defaulting maxHealthyPercentage since Helm does not use the default from the schema
Removed
- Remove RolePolicyAttachment crossplane custom resources as they are not needed when using Role and RolePolicy.
Apps
- cert-exporter from v2.9.14 to v2.9.15
- cilium from v1.3.2 to v1.3.4
- cloud-provider-aws from v1.33.2-1 to v2.0.0
- cluster-autoscaler from v1.33.1-2 to v1.34.1-1
- coredns from v1.28.3 to v1.29.1
- etcd-k8s-res-count-exporter from v1.10.11 to v1.10.12
- external-dns from v3.2.0 to v3.4.0
- k8s-audit-metrics from v0.10.10 to v0.10.11
- network-policies from v0.1.1 to v0.1.3
- node-exporter from v1.20.9 to v1.20.10
- Added node-problem-detector v0.5.2
- observability-bundle from v2.3.2 to v2.5.0
- Added priority-classes v0.3.0
- security-bundle from v1.15.0 to v1.16.1
cert-exporter v2.9.14…v2.9.15
Changed
- Go: Update dependencies.
cilium v1.3.2…v1.3.4
Changed
- Upgrade Cilium to v1.18.6.
- Upgrade Cilium to v1.18.5.
cloud-provider-aws v1.33.2-1…v2.0.0
Changed
- Chart: Update to upstream v1.34.0.
cluster-autoscaler v1.33.1-2…v1.34.1-1
Changed
- Chart: Update to upstream v1.34.1.
coredns v1.28.3…v1.29.1
Changed
- Update coredns image to 1.14.1.
- Update coredns image to 1.14.0.
etcd-k8s-res-count-exporter v1.10.11…v1.10.12
Changed
- Go: Update dependencies.
external-dns v3.2.0…v3.4.0
Changed
- Sync to upstream helm chart 1.20.0.
  - Add option to set annotationPrefix.
  - Fixed the missing schema for .provider.webhook.serviceMonitor configs.
  - Fixed incorrect indentation of selector labels under spec.template.spec.topologySpreadConstraints when topologySpreadConstraints is set.
- Use kubectl-apply-job when installing CRDs.
- Upgrade external-dns to v0.20.0.
- Update DNSEndpoints CRD.
- Sync to upstream helm chart 1.19.0.
  - Grant discovery.k8s.io/endpointslices permission only when using service source.
  - Update RBAC for Service source to support EndpointSlices.
  - Allow extraArgs to also be a map enabling overrides of individual values.
  - Set defaults for automountServiceAccountToken and serviceAccount.automountServiceAccountToken to true in Helm chart values.
  - Correctly handle txtPrefix and txtSuffix arguments when both are provided.
  - Add ability to generate schema with helm plugin schema.
  - Regenerate JSON schema with `helm-values-schema-json’ plugin.
  - Added ability to configure imagePullSecrets via helm global value.
  - Added options to configure labelFilter and managedRecordTypes via dedicated helm values.
  - Allow templating serviceaccount.annotations keys and values, by rendering them using the tpl built-in function.
  - Added support for extraContainers argument.
  - Added support for setting excludeDomains argument.
  - Added support for setting dnsConfig.
  - Added support for webhook providers.
- Restrict managed record types to A and CNAME.
k8s-audit-metrics v0.10.10…v0.10.11
Changed
- Go: Update dependencies.
network-policies v0.1.1…v0.1.3
Added
- Add support for Kamaji.
Fixed
- Fixed broken templating.
node-exporter v1.20.9…v1.20.10
Removed
- Repository: Remove integration tests.
node-problem-detector v0.5.2
Changed
- Build: Switch to pushing to default instead of playground catalog as this app will be fully supported in production
observability-bundle v2.3.2…v2.5.0
Added
- Add KSM metrics kube_servicemonitor_info and kube_podmonitor_info for ServiceMonitor and PodMonitor resources
- Add KSM metrics kube_podlog_info for PodLog resource
Changed
- Upgrade kube-prometheus-stack-app to 19.0.0
- Update alloy-app to 0.16.0
  - Bumps alloy to 1.12.0
Fixed
- Fixed KSM metrics for endpoints
priority-classes v0.3.0
Changed
- Label now uses chart version instead of app version.
Removed
- Removed appVersion (only version is used now).
security-bundle v1.15.0…v1.16.1
Changed
- Add missing dependency to all apps.
- Allow to set multiple dependencies on the depends-on annotation.
- Rename edgedb to gel.
- Update cloudnative-pg (app) to v0.0.12.
- Update gel (app) to v1.0.1.
Jan 23, 2026 Continuous Deployment flux-app v1.8.1
Changed
- Update Chart.yaml metadata
Jan 23, 2026 Security external-secrets v0.20.5
Changed
- Update chart metadata to add audience and upstream chart version annotations.
Jan 23, 2026 Fleet Management zot v2.6.2
Changed
- Update to upstream Helm Chart v0.1.95 and Zot v2.11.13.
Jan 22, 2026 CAPA releases releases aws-33.1.4
Allow volume expansion in GP3
Changes compared to v33.1.3
Apps
- aws-ebs-csi-driver from v3.3.0 to v3.4.1
aws-ebs-csi-driver v3.3.0…v3.4.1
Fixed
- Allow volume expansion by default on gp3
- Correct boolean for volume expansion
Jan 22, 2026 Fleet Management zot v2.6.1
Changed
- Updated chart metadata
Jan 22, 2026 CAPVCD releases releases cloud-director-34.0.0
Changes compared to v33.1.1
Components
- cluster-cloud-director from v2.4.0 to v3.1.2
- Flatcar from v4459.2.1 to v4459.2.2
- Kubernetes from v1.33.6 to v1.34.3
- os-tooling from v1.26.2 to v1.26.3
cluster-cloud-director v2.4.0…v3.1.2
Added
- Added fix-dns-nic-allocation.sh Ignition script to attach DNS servers to correct network interfaces.
- Add the priority-classes default app, enabled by default. This app provides standardised PriorityClass resources like giantswarm-critical and giantswarm-high, which should replace the previous inconsistent per-app priority classes.
- Add "helm.sh/resource-policy": keep annotation to VCDCluster CR so that it doesn’t get removed by Helm when uninstalling this chart. The CAPI controllers will take care of removing it, following the expected deletion order.
Changed
- Fix a race condition when populating /run/metadata/coreos.
- Fix race condition in ntpd unit.
- Chart: Update cluster to v5.1.2.
- Chart: Update cluster to v5.1.1.
- Chart: Update cluster to v5.1.0.
- Chart: Update cluster to v5.0.0.
Apps
- cert-exporter from v2.9.14 to v2.9.15
- cilium from v1.3.2 to v1.3.4
- coredns from v1.28.3 to v1.29.1
- etcd-k8s-res-count-exporter from v1.10.11 to v1.10.12
- network-policies from v0.1.1 to v0.1.3
- node-exporter from v1.20.9 to v1.20.10
- observability-bundle from v2.3.2 to v2.5.0
- Added priority-classes v0.3.0
- security-bundle from v1.15.0 to v1.16.1
cert-exporter v2.9.14…v2.9.15
Changed
- Go: Update dependencies.
cilium v1.3.2…v1.3.4
Changed
- Upgrade Cilium to v1.18.6.
- Upgrade Cilium to v1.18.5.
coredns v1.28.3…v1.29.1
Changed
- Update coredns image to 1.14.1.
- Update coredns image to 1.14.0.
etcd-k8s-res-count-exporter v1.10.11…v1.10.12
Changed
- Go: Update dependencies.
network-policies v0.1.1…v0.1.3
Added
- Add support for Kamaji.
Fixed
- Fixed broken templating.
node-exporter v1.20.9…v1.20.10
Removed
- Repository: Remove integration tests.
observability-bundle v2.3.2…v2.5.0
Added
- Add KSM metrics kube_servicemonitor_info and kube_podmonitor_info for ServiceMonitor and PodMonitor resources
- Add KSM metrics kube_podlog_info for PodLog resource
Changed
- Upgrade kube-prometheus-stack-app to 19.0.0
- Update alloy-app to 0.16.0
  - Bumps alloy to 1.12.0
Fixed
- Fixed KSM metrics for endpoints
priority-classes v0.3.0
Changed
- Label now uses chart version instead of app version.
Removed
- Removed appVersion (only version is used now).
security-bundle v1.15.0…v1.16.1
Changed
- Add missing dependency to all apps.
- Allow to set multiple dependencies on the depends-on annotation.
- Rename edgedb to gel.
- Update cloudnative-pg (app) to v0.0.12.
- Update gel (app) to v1.0.1.
Jan 22, 2026 CAPV releases releases vsphere-34.0.0
Changes compared to v33.1.1
Components
- cluster-vsphere from v3.4.0 to v4.1.2
- Flatcar from v4459.2.1 to v4459.2.2
- Kubernetes from v1.33.6 to v1.34.3
- os-tooling from v1.26.2 to v1.26.3
cluster-vsphere v3.4.0…v4.1.2
Added
- Add the priority-classes default app, enabled by default. This app provides standardised PriorityClass resources like giantswarm-critical and giantswarm-high, which should replace the previous inconsistent per-app priority classes.
- Add "helm.sh/resource-policy": keep annotation to VSphereCluster CR so that it doesn’t get removed by Helm when uninstalling this chart. The CAPI controllers will take care of removing it, following the expected deletion order.
- Add "helm.sh/resource-policy": keep annotation to the provider secret. This is to ensure that it isn’t removed by Helm, thus leading to a race condition when deleting the cluster as the vSphere cleaner needs it to clean up resources in vSphere.
Changed
- Chart: Update cluster to v5.1.2.
- Chart: Update cluster to v5.1.1.
- Chart: Update cluster to v5.1.0.
- Chart: Update cluster to v5.0.0.
- Chart: Update cluster to v4.6.0.
- Chart: Update cluster to v4.5.1.
- Chart: Update cluster to v4.5.0.
Apps
- cert-exporter from v2.9.14 to v2.9.15
- cilium from v1.3.2 to v1.3.4
- cloud-provider-vsphere from v2.0.1 to v2.2.0
- coredns from v1.28.3 to v1.29.1
- etcd-k8s-res-count-exporter from v1.10.11 to v1.10.12
- network-policies from v0.1.1 to v0.1.3
- node-exporter from v1.20.9 to v1.20.10
- observability-bundle from v2.3.2 to v2.5.0
- Added priority-classes v0.3.0
- security-bundle from v1.15.0 to v1.16.1
- vsphere-csi-driver from v3.4.2 to v3.4.3
cert-exporter v2.9.14…v2.9.15
Changed
- Go: Update dependencies.
cilium v1.3.2…v1.3.4
Changed
- Upgrade Cilium to v1.18.6.
- Upgrade Cilium to v1.18.5.
cloud-provider-vsphere v2.0.1…v2.2.0
Added
- Add kamaji.enabled value. If set to true, a deployment instead of the dameonset will be used for CPI controller components.
Changed
- Update to upstream 1.34.0.
coredns v1.28.3…v1.29.1
Changed
- Update coredns image to 1.14.1.
- Update coredns image to 1.14.0.
etcd-k8s-res-count-exporter v1.10.11…v1.10.12
Changed
- Go: Update dependencies.
network-policies v0.1.1…v0.1.3
Added
- Add support for Kamaji.
Fixed
- Fixed broken templating.
node-exporter v1.20.9…v1.20.10
Removed
- Repository: Remove integration tests.
observability-bundle v2.3.2…v2.5.0
Added
- Add KSM metrics kube_servicemonitor_info and kube_podmonitor_info for ServiceMonitor and PodMonitor resources
- Add KSM metrics kube_podlog_info for PodLog resource
Changed
- Upgrade kube-prometheus-stack-app to 19.0.0
- Update alloy-app to 0.16.0
  - Bumps alloy to 1.12.0
Fixed
- Fixed KSM metrics for endpoints
priority-classes v0.3.0
Changed
- Label now uses chart version instead of app version.
Removed
- Removed appVersion (only version is used now).
security-bundle v1.15.0…v1.16.1
Changed
- Add missing dependency to all apps.
- Allow to set multiple dependencies on the depends-on annotation.
- Rename edgedb to gel.
- Update cloudnative-pg (app) to v0.0.12.
- Update gel (app) to v1.0.1.
vsphere-csi-driver v3.4.2…v3.4.3
Changed
- Update upstream chart to v3.3.1
- Make deployment affinity and tolerations configurable in values.yaml.
Jan 22, 2026 CAPZ releases releases azure-34.0.0
Changes compared to v33.1.1
Components
- cluster-azure from v4.4.0 to v5.1.2
- Flatcar from v4459.2.1 to v4459.2.2
- Kubernetes from v1.33.6 to v1.34.3
- os-tooling from v1.26.2 to v1.26.3
cluster-azure v4.4.0…v5.1.2
Added
- Add the priority-classes default app, enabled by default. This app provides standardised PriorityClass resources like giantswarm-critical and giantswarm-high, which should replace the previous inconsistent per-app priority classes.
- Add "helm.sh/resource-policy": keep annotation to AzureCluster CR so that it doesn’t get removed by Helm when uninstalling this chart. The CAPI controllers will take care of removing it, following the expected deletion order.
Changed
- Chart: Update cluster to v5.1.2.
- Chart: Update cluster to v5.1.1.
- Chart: Update cluster to v5.1.0.
- Chart: Update cluster to v5.0.0.
Apps
- azure-cloud-controller-manager from v1.32.7-1 to v2.0.0
- azure-cloud-node-manager from v1.32.7 to v2.0.0
- azuredisk-csi-driver from v1.32.9 to v2.1.0
- azurefile-csi-driver from v1.32.5 to v2.0.0
- cert-exporter from v2.9.14 to v2.9.15
- cilium from v1.3.2 to v1.3.4
- coredns from v1.28.3 to v1.29.1
- etcd-k8s-res-count-exporter from v1.10.11 to v1.10.12
- external-dns from v3.2.0 to v3.4.0
- k8s-audit-metrics from v0.10.10 to v0.10.11
- network-policies from v0.1.1 to v0.1.3
- node-exporter from v1.20.9 to v1.20.10
- observability-bundle from v2.3.2 to v2.5.0
- Added priority-classes v0.3.0
- security-bundle from v1.15.0 to v1.16.1
azure-cloud-controller-manager v1.32.7-1…v2.0.0
Changed
- Chart: Update to upstream v1.34.3. (#132)
azure-cloud-node-manager v1.32.7…v2.0.0
Changed
- Chart: Update to upstream v1.34.3. (#118)
azuredisk-csi-driver v1.32.9…v2.1.0
Changed
- Chart: Update to upstream v1.34.0. (#118)
- Chart: Update to upstream v1.33.7. (#114)
azurefile-csi-driver v1.32.5…v2.0.0
Changed
- Chart: Update to upstream v1.34.2. (#71)
cert-exporter v2.9.14…v2.9.15
Changed
- Go: Update dependencies.
cilium v1.3.2…v1.3.4
Changed
- Upgrade Cilium to v1.18.6.
- Upgrade Cilium to v1.18.5.
coredns v1.28.3…v1.29.1
Changed
- Update coredns image to 1.14.1.
- Update coredns image to 1.14.0.
etcd-k8s-res-count-exporter v1.10.11…v1.10.12
Changed
- Go: Update dependencies.
external-dns v3.2.0…v3.4.0
Changed
- Sync to upstream helm chart 1.20.0.
  - Add option to set annotationPrefix.
  - Fixed the missing schema for .provider.webhook.serviceMonitor configs.
  - Fixed incorrect indentation of selector labels under spec.template.spec.topologySpreadConstraints when topologySpreadConstraints is set.
- Use kubectl-apply-job when installing CRDs.
- Upgrade external-dns to v0.20.0.
- Update DNSEndpoints CRD.
- Sync to upstream helm chart 1.19.0.
  - Grant discovery.k8s.io/endpointslices permission only when using service source.
  - Update RBAC for Service source to support EndpointSlices.
  - Allow extraArgs to also be a map enabling overrides of individual values.
  - Set defaults for automountServiceAccountToken and serviceAccount.automountServiceAccountToken to true in Helm chart values.
  - Correctly handle txtPrefix and txtSuffix arguments when both are provided.
  - Add ability to generate schema with helm plugin schema.
  - Regenerate JSON schema with `helm-values-schema-json’ plugin.
  - Added ability to configure imagePullSecrets via helm global value.
  - Added options to configure labelFilter and managedRecordTypes via dedicated helm values.
  - Allow templating serviceaccount.annotations keys and values, by rendering them using the tpl built-in function.
  - Added support for extraContainers argument.
  - Added support for setting excludeDomains argument.
  - Added support for setting dnsConfig.
  - Added support for webhook providers.
- Restrict managed record types to A and CNAME.
k8s-audit-metrics v0.10.10…v0.10.11
Changed
- Go: Update dependencies.
network-policies v0.1.1…v0.1.3
Added
- Add support for Kamaji.
Fixed
- Fixed broken templating.
node-exporter v1.20.9…v1.20.10
Removed
- Repository: Remove integration tests.
observability-bundle v2.3.2…v2.5.0
Added
- Add KSM metrics kube_servicemonitor_info and kube_podmonitor_info for ServiceMonitor and PodMonitor resources
- Add KSM metrics kube_podlog_info for PodLog resource
Changed
- Upgrade kube-prometheus-stack-app to 19.0.0
- Update alloy-app to 0.16.0
  - Bumps alloy to 1.12.0
Fixed
- Fixed KSM metrics for endpoints
priority-classes v0.3.0
Changed
- Label now uses chart version instead of app version.
Removed
- Removed appVersion (only version is used now).
security-bundle v1.15.0…v1.16.1
Changed
- Add missing dependency to all apps.
- Allow to set multiple dependencies on the depends-on annotation.
- Rename edgedb to gel.
- Update cloudnative-pg (app) to v0.0.12.
- Update gel (app) to v1.0.1.
Jan 21, 2026 Security auth-bundle v0.5.0

Giant Swarm Offerings

By Category

Changes and Releases

Changes compared to v33.1.4

Components

cluster-aws v6.4.3…v7.2.5

:warning: Breaking Changes

Added

Changed

Fixed

Removed

Apps

cert-exporter v2.9.14…v2.9.15

Changed

cilium v1.3.2…v1.3.4

Changed

cloud-provider-aws v1.33.2-1…v2.0.0

Changed

cluster-autoscaler v1.33.1-2…v1.34.1-1

Changed

coredns v1.28.3…v1.29.1

Changed

etcd-k8s-res-count-exporter v1.10.11…v1.10.12

Changed

external-dns v3.2.0…v3.4.0

Changed

k8s-audit-metrics v0.10.10…v0.10.11

Changed

network-policies v0.1.1…v0.1.3

Added

Fixed

node-exporter v1.20.9…v1.20.10

Removed

node-problem-detector v0.5.2

Changed

observability-bundle v2.3.2…v2.5.0

Added

Changed

Fixed

priority-classes v0.3.0

Changed

Removed

security-bundle v1.15.0…v1.16.1

Changed

Changed

Changed

Changed

Changes compared to v33.1.3

Apps

aws-ebs-csi-driver v3.3.0…v3.4.1

Fixed

Changed

Changes compared to v33.1.1

Components

cluster-cloud-director v2.4.0…v3.1.2

Added

Changed

Apps

cert-exporter v2.9.14…v2.9.15

Changed

cilium v1.3.2…v1.3.4

Changed

coredns v1.28.3…v1.29.1

Changed

etcd-k8s-res-count-exporter v1.10.11…v1.10.12

Changed

network-policies v0.1.1…v0.1.3

Added

Fixed

node-exporter v1.20.9…v1.20.10

Removed

observability-bundle v2.3.2…v2.5.0

Added

Changed

Fixed

priority-classes v0.3.0

Changed

Removed

security-bundle v1.15.0…v1.16.1

Changed