1. Docs
  2. Changes and releases

Changes and Releases

Updates on Giant Swarm workload cluster releases, apps, UI improvements and documentation changes.

  • Connectivity kong-app v4.5.0

    Changed

    • Update kong ingress controller to 3.4.1
    • Align with upstream chart version 2.46.0 (Changes in upstream repository)
    • Revert ingressController.admissionWebhook settings to upstream values. (Enabled by default with failurePolicy: Ignore)
    • Update Kong Gateway image to 3.8.1.0-debian
    • Execute CRD installation Job only if ingressController is enabled (ingressController.enabled)

    Removed

    • Keep PSP disabled by default and remove Giant Swarm PSP-PSS migration hacks
    • Legacy Giant Swarm metrics Service and labels
  • Managed Apps kong-app v4.5.0

    Changed

    • Update kong ingress controller to 3.4.1
    • Align with upstream chart version 2.46.0 (Changes in upstream repository)
    • Revert ingressController.admissionWebhook settings to upstream values. (Enabled by default with failurePolicy: Ignore)
    • Update Kong Gateway image to 3.8.1.0-debian
    • Execute CRD installation Job only if ingressController is enabled (ingressController.enabled)

    Removed

    • Keep PSP disabled by default and remove Giant Swarm PSP-PSS migration hacks
    • Legacy Giant Swarm metrics Service and labels
  • Developer Portal backstage v0.49.0

    In this release:

    • RELEASE column was added to clusters list;
    • LOCATION column was added to clusters list;
    • AWS ACCOUNT ID column was added to clusters list. See ./docs/releases/v0.49.0-changelog.md for more information.
  • CAPA releases releases aws-28.5.0

    Most notable change in this release is the reduction of IAM permissions on the worker nodes instance profile, aiming at improving the general security of the clusters. Additional changes include reducing the size of the ETCD volume to 50GB targetting costs saving initiatives, as well as improvements for the node-termination-handler application for smoother upgrades and operations.

    Changes compared to v28.4.0

    Components

    • cluster-aws from v1.3.5 to v1.3.6

    cluster-aws v1.3.5…v1.3.6

    Changed

    • Chart: Reduce default etcd volume size to 50 GB.
    • Explicitly set Ignition user data storage type to S3 bucket objects for machine pools
    • Use reduced IAM permissions on worker nodes instance profile. This can be toggled back with global.providerSpecific.reducedInstanceProfileIamPermissionsForWorkers.

    Fixed

    • Explicitly set aws-node-termination-handler queue region so crash-loops are avoided, allowing faster startup

    Apps

    • aws-nth-bundle from v1.2.0 to v1.2.1

    aws-nth-bundle v1.2.0…v1.2.1

    Added

    • Forward proxy settings to aws-node-termination-handler-app as environment variables
  • CAPA releases releases aws-29.6.0

    Most notable change in this release is the reduction of IAM permissions on the worker nodes instance profile, aiming at improving the general security of the clusters. Additional changes include reducing the size of the ETCD volume to 50GB targetting costs saving initiatives, as well as improvements for the node-termination-handler application for smoother upgrades and operations. Several components such as Flatcar or Kubernetes have also been updated to the latest available versions.

    Changes compared to v29.5.0

    Components

    • cluster-aws from v2.5.0 to v2.6.0
    • Flatcar from v3975.2.2 to v4081.2.1
    • Kubernetes from v1.29.12 to v1.29.13

    cluster-aws v2.5.0…v2.6.0

    Changed

    • Chart: Reduce default etcd volume size to 50 GB.
    • Explicitly set Ignition user data storage type to S3 bucket objects for machine pools
    • Use reduced IAM permissions on worker nodes instance profile. This can be toggled back with global.providerSpecific.reducedInstanceProfileIamPermissionsForWorkers.

    Fixed

    • Explicitly set aws-node-termination-handler queue region so crash-loops are avoided, allowing faster startup

    Apps

    • aws-nth-bundle from v1.2.0 to v1.2.1
    • aws-pod-identity-webhook from v1.17.0 to v1.18.0
    • cilium from v0.25.1 to v0.25.2
    • prometheus-blackbox-exporter from v0.4.2 to v0.5.0
    • security-bundle from v1.8.2 to v1.9.1
    • vertical-pod-autoscaler from v5.3.0 to v5.3.1
    • vertical-pod-autoscaler-crd from v3.1.1 to v3.1.2

    aws-nth-bundle v1.2.0…v1.2.1

    Added

    • Forward proxy settings to aws-node-termination-handler-app as environment variables

    aws-pod-identity-webhook v1.17.0…v1.18.0

    Changed

    • Update securityContext to be compliant.

    cilium v0.25.1…v0.25.2

    Changed

    prometheus-blackbox-exporter v0.4.2…v0.5.0

    Changed

    • Harden security context to pass PSS compliance.

    Removed

    • Remove PSP resources.

    security-bundle v1.8.2…v1.9.1

    Breaking changes

    Note: When upgrading to this security-bundle version with Falco enabled, the Falco App will fail to upgrade due to a breaking change in the upstream chart. To finish the upgrade, disable, then re-enable the Falco App by setting apps.falco.enabled=[false|true] in the security-bundle user values Config Map.

    Changed

    • Update trivy-operator (app) to v0.10.3.
    • Update trivy (app) to v0.13.1.
    • Update kyverno (app) to v0.18.1.
    • Update kyverno-crds (app) to v1.12.0.
    • Update kyverno-policies (app) to v0.21.0.
    • Update starboard-exporter (app) to v0.8.0.
    • Update falco (app) to v0.9.1.

    vertical-pod-autoscaler v5.3.0…v5.3.1

    Changed

    • Chart: Update Helm release vertical-pod-autoscaler to v9.9.1. (#333)

    vertical-pod-autoscaler-crd v3.1.1…v3.1.2

    Changed

    • Chart: Sync to upstream. (#124)
  • CAPZ releases releases azure-29.5.0

    Changes compared to v29.4.0

    Components

    • cluster-azure from v1.5.0 to v1.6.0
    • Flatcar from v3975.2.2 to v4081.2.1
    • Kubernetes from v1.29.12 to v1.29.13

    cluster-azure v1.5.0…v1.6.0

    Changed

    • Chart: Reduce default etcd volume size to 50 GB.

    Apps

    • cilium from v0.25.1 to v0.25.2
    • prometheus-blackbox-exporter from v0.4.2 to v0.5.0
    • security-bundle from v1.8.2 to v1.9.1
    • vertical-pod-autoscaler from v5.3.0 to v5.3.1
    • vertical-pod-autoscaler-crd from v3.1.1 to v3.1.2

    cilium v0.25.1…v0.25.2

    Changed

    prometheus-blackbox-exporter v0.4.2…v0.5.0

    Changed

    • Harden security context to pass PSS compliance.

    Removed

    • Remove PSP resources.

    security-bundle v1.8.2…v1.9.1

    Breaking changes

    Note: When upgrading to this security-bundle version with Falco enabled, the Falco App will fail to upgrade due to a breaking change in the upstream chart. To finish the upgrade, disable, then re-enable the Falco App by setting apps.falco.enabled=[false|true] in the security-bundle user values Config Map.

    Changed

    • Update trivy-operator (app) to v0.10.3.
    • Update trivy (app) to v0.13.1.
    • Update kyverno (app) to v0.18.1.
    • Update kyverno-crds (app) to v1.12.0.
    • Update kyverno-policies (app) to v0.21.0.
    • Update starboard-exporter (app) to v0.8.0.
    • Update falco (app) to v0.9.1.

    vertical-pod-autoscaler v5.3.0…v5.3.1

    Changed

    • Chart: Update Helm release vertical-pod-autoscaler to v9.9.1. (#333)

    vertical-pod-autoscaler-crd v3.1.1…v3.1.2

    Changed

    • Chart: Sync to upstream. (#124)
  • CAPVCD releases releases cloud-director-29.3.0

    Changes compared to v29.2.0

    Components

    • cluster-cloud-director from v0.64.0 to v0.64.2
    • Flatcar from v3975.2.2 to v4081.2.1
    • Kubernetes from v1.29.12 to v1.29.13

    cluster-cloud-director v0.64.0…v0.64.2

    Added

    • Add components.containerd to the schema and values.

    Changed

    • Make CPI helmrelease catalog configurable.

    Apps

    • cilium from v0.25.1 to v0.25.2
    • prometheus-blackbox-exporter from v0.4.2 to v0.5.0
    • security-bundle from v1.8.2 to v1.9.1
    • vertical-pod-autoscaler from v5.3.0 to v5.3.1
    • vertical-pod-autoscaler-crd from v3.1.1 to v3.1.2

    cilium v0.25.1…v0.25.2

    Changed

    prometheus-blackbox-exporter v0.4.2…v0.5.0

    Changed

    • Harden security context to pass PSS compliance.

    Removed

    • Remove PSP resources.

    security-bundle v1.8.2…v1.9.1

    Breaking changes

    Note: When upgrading to this security-bundle version with Falco enabled, the Falco App will fail to upgrade due to a breaking change in the upstream chart. To finish the upgrade, disable, then re-enable the Falco App by setting apps.falco.enabled=[false|true] in the security-bundle user values Config Map.

    Changed

    • Update trivy-operator (app) to v0.10.3.
    • Update trivy (app) to v0.13.1.
    • Update kyverno (app) to v0.18.1.
    • Update kyverno-crds (app) to v1.12.0.
    • Update kyverno-policies (app) to v0.21.0.
    • Update starboard-exporter (app) to v0.8.0.
    • Update falco (app) to v0.9.1.

    vertical-pod-autoscaler v5.3.0…v5.3.1

    Changed

    • Chart: Update Helm release vertical-pod-autoscaler to v9.9.1. (#333)

    vertical-pod-autoscaler-crd v3.1.1…v3.1.2

    Changed

    • Chart: Sync to upstream. (#124)
  • CAPV releases releases vsphere-29.3.0

    Changes compared to v29.2.0

    Components

    • cluster-vsphere from v0.68.0 to v0.68.1
    • Flatcar from v3975.2.2 to v4081.2.1
    • Kubernetes from v1.29.12 to v1.29.13

    cluster-vsphere v0.68.0…v0.68.1

    Added

    • Add components.containerd to the schema and values.

    Changed

    • Update example manifest.
    • Make cloud-provider-vsphere HelmRelease catalog configurable.
    • Update kube-vip to 0.8.9.
    • Update kube-vip static pod manifest with CIDR.

    Apps

    • cilium from v0.25.1 to v0.25.2
    • cloud-provider-vsphere from v1.11.0 to v1.12.0
    • prometheus-blackbox-exporter from v0.4.2 to v0.5.0
    • security-bundle from v1.8.2 to v1.9.1
    • vertical-pod-autoscaler from v5.3.0 to v5.3.1
    • vertical-pod-autoscaler-crd from v3.1.1 to v3.1.2

    cilium v0.25.1…v0.25.2

    Changed

    cloud-provider-vsphere v1.11.0…v1.12.0

    Added

    • Add Renovate to track new tags.
    • Update kube-vip helm chart to 0.6.2.
    • Update kube-vip to 0.8.4.
    • Add initContainer to CSI node registrar container to wait for CRD to be registered.

    prometheus-blackbox-exporter v0.4.2…v0.5.0

    Changed

    • Harden security context to pass PSS compliance.

    Removed

    • Remove PSP resources.

    security-bundle v1.8.2…v1.9.1

    Breaking changes

    Note: When upgrading to this security-bundle version with Falco enabled, the Falco App will fail to upgrade due to a breaking change in the upstream chart. To finish the upgrade, disable, then re-enable the Falco App by setting apps.falco.enabled=[false|true] in the security-bundle user values Config Map.

    Changed

    • Update trivy-operator (app) to v0.10.3.
    • Update trivy (app) to v0.13.1.
    • Update kyverno (app) to v0.18.1.
    • Update kyverno-crds (app) to v1.12.0.
    • Update kyverno-policies (app) to v0.21.0.
    • Update starboard-exporter (app) to v0.8.0.
    • Update falco (app) to v0.9.1.

    vertical-pod-autoscaler v5.3.0…v5.3.1

    Changed

    • Chart: Update Helm release vertical-pod-autoscaler to v9.9.1. (#333)

    vertical-pod-autoscaler-crd v3.1.1…v3.1.2

    Changed

    • Chart: Sync to upstream. (#124)
  • Managed Apps exception-recommender v0.2.0

    Added

    • Add AutomatedException feature.

    Changed

    • Disable logger development mode to avoid panicking
    • Disable PSPs and CRD install job.
  • Security exception-recommender v0.2.0

    Added

    • Add AutomatedException feature.

    Changed

    • Disable logger development mode to avoid panicking
    • Disable PSPs and CRD install job.

This part of our documentation refers to our vintage product. The content may be not valid anymore for our current product. Please check our new documentation hub for the latest state of our docs.