1. Docs
  2. Changes and releases
  3. Highlights

Highlights

  • Highlights

    Highlights for the week ending January 19, 2023

    General

    With kubectl-gs release version v2.31.0 and happa release version v1.57.0 support for multiple identity provider got added. This means that you can reduce the risk of failure or admit users from different identity providers by connecting multiple identity providers at the same time. Please reach out to us if you need support to implement this feature.

    Apps

    • falco-app version v0.4.3 uses Falco’s much slimmer no-driver image, reducing the size and dependencies contained in the image.
    • kyverno-app version v0.13.1 updates to Kyverno version 1.8.4 and policy-reporter version 2.11.0, bringing considerable resource utilization improvements. This version also excludes the kube-system namespace from Kyverno webhooks by default. kube-system reports can be re-enabled in the app values.
    • security-pack version 0.11.0 includes new versions of all pack components and makes several adjustments to installed apps and configuration. Please refer to the changelog for details.
    • starboard-exporter version v0.7.0 introduces horizontal autoscaling based on Prometheus scrape times.
    • trivy-operator-app version 0.3.2 updates to Trivy operator 0.7.1, aligns some app configuration with new official charts, and disables the secret scanner by default. Exposed secret reports can be re-enabled in the app values.
  • Highlights

    Highlights for the week ending January 12, 2023

    Apps

    Released flux-app version v0.20.2 that contains Flux upgraded to v.37.0 (was v0.36.0) as part of v0.20.0. The major highlights of Flux v0.37.0 are:

    • The interpretation of the gitImplementation field of GitRepository by source-controller and image-automation-controller has been deprecated, and will effectively always use go-git (+ see next item on how to disable forcing this behavior).
    • ImageUpdateAutomation objects with a .spec.PushBranch specified will have the push branch refreshed automatically via force push.
      • In flux-app version v0.20.2 we added a new Helm value: imageAutomationController.featureGatesToDisable - with restricted values of GitForcePushBranch and ForceGoGitImplementation - that can be used to disable this force push behavior by adding GitForcePushBranch to the list. By default no feature gates are disabled
    • ImagePolicy CRD dropped version v1alpha1
    • ImageRepository CRD dropped version v1alpha1
    • ImageUpdateAutomation CRD dropped version v1alpha1

    Additionally flux-app contains the following updates as well:

    • Added capability to attach custom annotations and labels to kustomize-contoller pod via setting the kustomizeController.podTemplate.annotations and kustomizeController.podTemplate.labels fields
    • Added capability to attach custom annotations to the kustomize-controller service account via kustomizeServiceAccount.annotations field
    • Increased memory limits for CRD install job as it was observed to frequently get OOM killed

    User interfaces

    In kubectl-gs v2.29.3 we fixed logging in to clusters running on custom domains.

    Documentation

    There is an entire new platform overview section in our docs.

  • Highlights

    Highlights for the week ending December 15, 2022

    General

    Apps

    Released flux-app version v0.20.2 that contains Flux upgraded to v.37.0 (was v0.36.0) as part of v0.20.0. The major highlights of Flux v0.37.0 are:

    • The interpretation of the gitImplementation field of GitRepository by source-controller and image-automation-controller has been deprecated, and will effectively always use go-git (+ see next item on how to disable forcing this behaviour).
    • ImageUpdateAutomation objects with a .spec.PushBranch specified will have the push branch refreshed automatically via force push.
      • In flux-app version v0.20.2 we added a new Helm value: imageAutomationController.featureGatesToDisable - with restricted values of GitForcePushBranch and ForceGoGitImplementation - that can be used to disable this force push behaviour by adding GitForcePushBranch to the list. By default no feature gates are disabled
    • ImagePolicy CRD dropped version v1alpha1
    • ImageRepository CRD dropped version v1alpha1
    • ImageUpdateAutomation CRD dropped version v1alpha1

    Additionally flux-app contains the following updates as well:

    • Added capability to attach custom annotations and labels to kustomize-contoller pod via setting the kustomizeController.podTemplate.annotations and kustomizeController.podTemplate.labels fields
    • Added capability to attach custom annotations to the kustomize-controller service account via kustomizeServiceAccount.annotations field
    • Increased memory limits for CRD install job as it was observed to frequently get OOM killed

    User interfaces

    In kubectl-gs v2.29.3 we fixed logging in to clusters running on custom domains.

    Documentation

    There is an entire new platform overview section in our docs.

  • Highlights

    Highlights for the week ending December 8, 2022

    General

    In your configuration for Dex (dex-app) in workload clusters, you may notice a new connector named giantswarm-ad. We are adding this one to enable Giant Swarm staff access, authorized via OIDC, using Azure AD as an identity provider. We are currently rolling that out to all installations.

    User interfaces

    The web UI as of v1.54.0 allows installing an app bundle from the app catalog, like the Security Pack, into workload clusters.

  • Highlights

    Highlights for the week ending December 1, 2022

    User interfaces

    Monitoring: Prometheus Volume Size allow to adjust volume size used for cluster monitoring. Monitoring: How to disable it explains how monitoring can be turned off for specific workload clusters.

    Apps

    loki v0.5.3 was released into our public catalog and provided an improved upgrade path from v0.4.x grafana v2.1.0 was released, which upgrade Grafana from 9.1.1 to 9.2.5 but also introduce breaking changes regarding values.yaml structure see v2.0.0. prometheus-operator v2.1.1 was released which fixes an issue related to PodSecurityPolicy.

  • Highlights

    Highlights for the week ending November 22, 2022

    User interfaces

    kubectl gs v2.29.0 brings an important change in the login command. Previously, the more client certificates you would create to access workload clusters, the more the PKI backend performance would get impaired. We fixed this and recommend all users to upgrade to the latest release.

    Apps

    • kyverno-app version v0.12.0 updates to Kyverno version 1.8.2.
    • trivy-app version 0.7.1 makes it possible to use the Vertical Pod Autoscaler (VPA) to manage Trivy resources (on by default).
  • Highlights

    Highlights for the week ending November 17, 2022

    User interfaces

    • kubectl-gs v2.28.2: The kubectl-gs login command no longer writes to the main kubeconfig file in case there are no changes in access tokens and/or the current context. Also setting the --context flag will no longer affect the current context (current-context in kubeconfig).

    Apps

    • falco-app version v0.4.1 makes it possible to use the Vertical Pod Autoscaler (VPA) to manage Falco resources (off by default).
    • kyverno-policies version v0.18.0 updates to upstream kyverno-policies version 1.7.5.
  • Highlights

    Highlights for the week ending November 10, 2022

    User interfaces

    • kubectl-gs v2.28.1 avoids panic in get nodepools when node pool is lacking the release version label and disables kubectl gs template nodepool command for Cluster API (CAPI) based workload Clusters.
    • happa v1.53.0 adds support for read-only cluster and nodepool management for Cluster API provider AWS (CAPA), Update cluster creation message for GCP (Google Cloud Platform) to better reflect actual cluster creation duration and provides links for installed apps to allow navigating to the app’s catalog page and catalog item details page

    Apps

    • dex v1.30.1 updates dex to v2.35.3
    • falco-app version v0.4.0 updates to Falco v0.33.0, falco-exporter v0.8.0, and falcosidekick v2.26.0.
    • flux-app version v0.18.2. This release fixes VerticalPodAutoscaler issues. VPAs are now correctly configured when enabled with a feature flag in values.yaml.
    • kyverno-app version v0.11.8 fixes an issue where kyverno-app would fail to install on clusters using Cilium CNI.
    • linkerd-multicluster version v0.9.0 Update linkerd to stable-2.12.2. In this release the app has been renamed as linkerd-multicluster following upstream’s naming convention.
    • linkerd-multicluster-link version v0.9.0 Update linkerd to stable-2.12.2. In this release the app has been renamed as linkerd-multicluster-link following upstream’s naming convention. Also, the value target.name has been deprecated and replaced with targetClusterName.
    • prometheus-operator-app version v2.0.2. Update prometheus-operator to v0.54.0. This release include breaking changes and values.yaml need to be adapated, see update-changes. It is highly recommended to update prometheus-operator-app. Please reach out if you have any questions or need support to update.
    • prometheus-operator-crd version v2.0.1. Update CRD for prometheus-operator.
    • security-pack version 0.9.0 includes the Falco, Kyverno, Trivy, and Trivy Operator versions and associated improvements included in this announcement.
    • trivy-app version 0.7.0 renames the chart to help standardize services names when deploying as part of the security pack.
    • trivy-operator-app version 0.2.1 changes the trivy server URL to standardize the service name when deploying as part of the security pack.
  • Highlights

    Highlights for the week ending November 3, 2022

    Management API

    As a cluster admin, you now have the ability to view logs from all pods on the management clusters, enabling an additional degree of self-service towards debugging deployments that may be failing for reasons which are not clear from the resource status field. These logs can be accessed via the kubectl logs command.

    Apps

    • flux-app v0.17.0 updates Flux toolkit to v0.36.0, which includes a fix that reduces kustomize-controller’s memory usage by 90%. It contains no breaking changes.
    • k8s-dns-node-cache-appv1.0.0 is promoted to the Giant Swarm catalog together with the latest updates of app components.

    Documentation

    In our changes and releases section, you will from now on find information on changes to cluster apps, starting with AWS, GCP, and OpenStack.

  • Highlights

    Highlights for the week ending October 27, 2022

    Feedback wanted

    • We are currently designing the kubectl-gs CLI command for deleting workload clusters. The specification is available in a public issue. We’d love to see you add comments, ideas, and expectations.
    • Our survey regarding cluster creation is still open. If your organization’s perspective isn’t included yet, you still have some time.

    Apps

    • kong-app version v2.13.0 Update kong/kubernetes-ingress-controller to 2.7.0 and require at least Kubernetes 1.22.
    • linkerd2-cni version v0.8.0 Update linkerd2-cni to stable-2.12.2. In this release the app has been renamed as linkerd2-cni, dropping the -app suffix.
    • linkerd-control-plane version v0.8.0 Update linkerd to stable-2.12.2. In this release the app has been renamed as linkerd-control-plane following upstream’s naming convention.
    • kyverno-app version v0.11.6 updates policy-reporter version 2.10.1.
    • security-pack version 0.8.1 includes the new versions of Kyverno and starboard-exporter described in this announcement.
    • starboard-exporter version v0.6.2 makes the exporter’s ServiceMonitor relabelings user-configurable, enabling custom metric collection and aggregation use cases.

This part of our documentation refers to our vintage product. The content may be not valid anymore for our current product. Please check our new documentation hub for the latest state of our docs.