Fleet Management
Changed
- Upgrade app to version 2.18.3 to support kubernetes 1.31 to 1.33.
- Upgrade chart to upstream version 2.18.3.
Changed
- Upgrade upstream AWS EFS CSI Driver from v2.1.9 to v2.3.0.
- Update sidecar images:
- livenessprobe: v2.16.0 -> v2.17.0
- csi-node-driver-registrar: v2.14.0 -> v2.15.0
- csi-provisioner: v5.3.0 -> v6.1.0
Added
- Add
controller.revisionHistoryLimit and node.revisionHistoryLimit for controlling rollback history. - Add
controller.socketDirVolume.emptyDir for configuring CSI socket volume (sizeLimit, medium). - Add
controller.fileSystemIdRefs.enabled for dynamic filesystem ID resolution from ConfigMap/Secret. - Add
node.serviceAccount.disableMutation for disabling mutating permissions in security-sensitive environments.
Security
- Multiple CVE fixes in upstream (sidecars, openssl, Golang 1.25.5).
Changed
- Build with up-to-date pipelines.
Fixed
- Fix JSON Schema
values.schema.json fields that were incorrectly defined as "type": "null" to allow actual configuration values (strings, integers, booleans, arrays, objects) in addition to null.
Changed
- Upgrade aws-load-balancer-controller from v2.8.3 to v3.0.0.
- Remove PSPs
- Move PolicyException to policy-exceptions namespace.
- Migrate from ClusterID to ClusterName
- Add additional permissions elasticloadbalancing:DescribeListenerAttributes
Changed
- Update to upstream Helm Chart
v0.1.95 and Zot v2.11.13.
Changed
- Move Giant Swarm specific values to the bundle chart. Clean up the aws-load-balancer-controller chart from any GS specific stuff.
- Shorten bundle chart name to
aws-lb-controller-bundle
Added
- Add additional permissions to the controller IAM role.
Changed
- Document upgrade path from v2 to v3
Fixed
- Configure the efs-csi-driver chart to use the IAM role managed by the bundle chart.
Changed
- Replace
github.com/giantswarm/release-operator/v4/api/v1alpha1 with github.com/giantswarm/releases/sdk/api/v1alpha1 for Release CRD types. - Update k8s dependencies to v0.35.0.
