Changed
- Upgrade Tempo chart from to 1.61.3 to 2.4.2
- Upgrades Tempo from 2.9.0 to 2.10.1
- Upgrade Tempo Vulture chart from 0.12.5 to 0.12.6
Updates on Giant Swarm workload cluster releases, apps, UI improvements and documentation changes.
Full Changelog: https://github.com/giantswarm/muster/compare/v0.1.11...v0.1.12
Full Changelog: https://github.com/giantswarm/klaus/compare/v0.0.41...v0.0.42
kubectl-gs login to prevent race-condition between multiple kubectl calls.Full Changelog: https://github.com/giantswarm/klaus/compare/v0.0.40...v0.0.41
Full Changelog: https://github.com/giantswarm/klaus-toolchains/compare/go/v0.1.2...go/v0.1.3
Full Changelog: https://github.com/giantswarm/klaus/compare/v0.0.39...v0.0.40
HTTPRoute resources for Loki, Mimir, and Tempo (read and write), replacing the previous NGINX ingress setup.SecurityPolicy.jwt, supporting multiple OIDC providers (e.g. Dex, Azure AD). Configurable via auth.jwt.providers./loki/api/v1/rules to the Loki read routes.GRPCRoute for Tempo gRPC traffic (port 9095), routing all tempopb.* services to tempo-query-frontend with JWT enforcement via SecurityPolicy.nginx.ingress.kubernetes.io/auth-url) with Envoy Gateway SecurityPolicy JWT validation — no external auth service (oauth2-proxy or Dex extAuth) required.X-Scope-OrgID response code from 400 to 401 across all routes.auth.jwt.providers is empty and a service is enabled, routes are silently not rendered (no chart error). Previously the chart would fail with an error.tempopb to tempopb\.[^/]+ to correctly match package-qualified service names (e.g. tempopb.StreamingQuerier).Backend CRD and extAuth configuration in favour of inline JWT validation.