1. Docs
  2. Changes and releases

Changes and Releases

Updates on Giant Swarm workload cluster releases, apps, UI improvements and documentation changes.

  • Security kyverno-app v0.22.0

    Changed

    • Update kyverno to upstream version v1.16.1.

    Notes

    This release includes an upstream update. Please refer to the following Release Notes from upstream for the latest changes:

  • Others hello-world-app v2.10.0

    Added

    • Chart: add annotations io.giantswarm.application.audience and io.giantswarm.application.managed to metadata.

    Changed

    • Chart: change annotation application.giantswarm.io/team to the OCI-compliant form io.giantswarm.application.team.
    • Chart: update sources list.
    • Chart: update keywords list.

    Removed

    • Chart: Remvove maintainers key.
    • Template helpers: Remove giantswarm.io/service-type: managed annotation.
  • Observability grafana-app v2.28.4

    Changed

    • upgrade giantswarm/postgresql-cnpg image tag: 17.7 => 18.1
  • Observability grafana-app v2.28.3

    Fixed

    • Set postgresqlCluster.enabled to false to fix the ATS ci job.
  • Observability grafana-app v2.28.2

    Fixed

    • Only render plugin field of postgresql cluster if backup is enabled in the values.
  • Connectivity external-dns-app v3.3.0

    Important changes

    • TXT registry record formatting has changed in this version. After upgrading, external-dns creates new TXT records, but existing (old) records will not be deleted automatically; manual cleanup by the operator is required.
    • The value .Values.provider has been deprecated in favour of .Values.provider.name.

    Changed

    • Use kubectl-apply-job when installing CRDs.
    • Upgrade external-dns to v0.20.0.
    • Update DNSEndpoints CRD.
    • Sync to upstream helm chart 1.19.0.
      • Grant discovery.k8s.io/endpointslices permission only when using service source.
      • Update RBAC for Service source to support EndpointSlices.
      • Allow extraArgs to also be a map enabling overrides of individual values.
      • Set defaults for automountServiceAccountToken and serviceAccount.automountServiceAccountToken to true in Helm chart values.
      • Correctly handle txtPrefix and txtSuffix arguments when both are provided.
      • Add ability to generate schema with helm plugin schema.
      • Regenerate JSON schema with `helm-values-schema-json’ plugin.
      • Added ability to configure imagePullSecrets via helm global value.
      • Added options to configure labelFilter and managedRecordTypes via dedicated helm values.
      • Allow templating serviceaccount.annotations keys and values, by rendering them using the tpl built-in function.
      • Added support for extraContainers argument.
      • Added support for setting excludeDomains argument.
      • Added support for setting dnsConfig.
      • Added support for webhook providers.
    • Restrict managed record types to A and CNAME.
  • Fleet Management aws-load-balancer-controller-app v3.0.0

    Changed

    • Merge both the bundle and app chart into the same repository. Now the AWS Load Balancer Controller app and the bundle containing the necessary IAM resources (managed by Crossplane) will live in this repository.
    • The bundle chart now deploys the workload cluster chart using Flux HelmRelease instead of App CR.
    • Make sure both the bundle and app charts have been pushed to the catalogs before pushing to the capa app collection
  • CAPVCD releases releases cloud-director-33.1.0

    Update Kubernetes to v1.33.6, Flatcar to v4459.2.1 and various component upgrades.

    Changes compared to v33.0.1

    Components

    • cluster-cloud-director from v2.2.0 to v2.4.0
    • Flatcar from v4230.2.3 to v4459.2.1
    • Kubernetes from v1.33.5 to v1.33.6
    • os-tooling from v1.26.1 to v1.26.2

    cluster-cloud-director v2.2.0…v2.4.0

    Changed

    • Chart: Update cluster to v4.4.0.
    • Chart: Update cluster to v4.3.0.

    Apps

    • cert-exporter from v2.9.12 to v2.9.14
    • cert-manager from v3.9.3 to v3.9.4
    • cilium from v1.3.1 to v1.3.2
    • etcd-defrag from v1.2.1 to v1.2.3
    • etcd-k8s-res-count-exporter from v1.10.9 to v1.10.11
    • k8s-audit-metrics from v0.10.8 to v0.10.10
    • node-exporter from v1.20.7 to v1.20.9
    • observability-policies from v0.0.2 to v0.0.3
    • security-bundle from v1.13.1 to v1.15.0
    • teleport-kube-agent from v0.10.6 to v0.10.7

    cert-exporter v2.9.12…v2.9.14

    Changed

    • Go: Update dependencies.
    • Go: Update dependencies.

    cert-manager v3.9.3…v3.9.4

    Added

    • Add E2E tests using apptest-framework for automated PR testing across multiple providers (CAPA, CAPV, CAPZ, CAPVCD).
      • Basic test suite: Validates fresh installations
      • Upgrade test suite: Tests upgrade scenarios and certificate reconciliation
    • Add certificate issuance integration test to cluster-test-suites.

    Changed

    • Upgrade cert-manager to v1.18.2.

    cilium v1.3.1…v1.3.2

    Changed

    etcd-defrag v1.2.1…v1.2.3

    Changed

    • Chart: Update dependency ahrtr/etcd-defrag to v0.36.0. (#69)
    • Chart: Update dependency ahrtr/etcd-defrag to v0.35.0. (#64)

    etcd-k8s-res-count-exporter v1.10.9…v1.10.11

    Changed

    • Go: Update dependencies.
    • Go: Update dependencies.

    k8s-audit-metrics v0.10.8…v0.10.10

    Changed

    • Go: Update dependencies.
    • Go: Update dependencies.

    node-exporter v1.20.7…v1.20.9

    Changed

    • Go: Update dependencies.
    • Go: Update dependencies.

    observability-policies v0.0.2…v0.0.3

    Fixed

    • Missing RBAC for kyverno-report-controller

    security-bundle v1.13.1…v1.15.0

    Added

    • Add kubescape (app) version v0.0.4.

    Changed

    • Update kyverno (app) to v0.21.1.
    • Update kyverno-crds (app) to v1.15.0.
    • Update kyverno (app) to v0.20.1.
    • Update kyverno-crds (app) to v1.14.0.
    • Update kyverno-policies (app) to v0.24.0.
    • Update reports-server (app) to v0.0.3.

    teleport-kube-agent v0.10.6…v0.10.7

    Added

    • Add ephemeral-storage requests and limits to satisfy Kyverno policy require-emptydir-requests-and-limits.

    Changed

    • Enable upstream-provided Prometheus PodMonitor to scrape metrics from Teleport Kube Agent pods.
  • CAPV releases releases vsphere-33.1.0

    Update Kubernetes to v1.33.6, Flatcar to v4459.2.1 and various component upgrades.

    Changes compared to v33.0.1

    Components

    • cluster-vsphere from v3.2.0 to v3.4.0
    • Flatcar from v4230.2.3 to v4459.2.1
    • Kubernetes from v1.33.5 to v1.33.6
    • os-tooling from v1.26.1 to v1.26.2

    cluster-vsphere v3.2.0…v3.4.0

    Changed

    • Chart: Update cluster to v4.4.0.
    • Chart: Update cluster to v4.3.0.

    Apps

    • cert-exporter from v2.9.12 to v2.9.14
    • cert-manager from v3.9.3 to v3.9.4
    • cilium from v1.3.1 to v1.3.2
    • etcd-defrag from v1.2.1 to v1.2.3
    • etcd-k8s-res-count-exporter from v1.10.9 to v1.10.11
    • k8s-audit-metrics from v0.10.8 to v0.10.10
    • node-exporter from v1.20.7 to v1.20.9
    • observability-policies from v0.0.2 to v0.0.3
    • security-bundle from v1.13.1 to v1.15.0
    • teleport-kube-agent from v0.10.6 to v0.10.7

    cert-exporter v2.9.12…v2.9.14

    Changed

    • Go: Update dependencies.
    • Go: Update dependencies.

    cert-manager v3.9.3…v3.9.4

    Added

    • Add E2E tests using apptest-framework for automated PR testing across multiple providers (CAPA, CAPV, CAPZ, CAPVCD).
      • Basic test suite: Validates fresh installations
      • Upgrade test suite: Tests upgrade scenarios and certificate reconciliation
    • Add certificate issuance integration test to cluster-test-suites.

    Changed

    • Upgrade cert-manager to v1.18.2.

    cilium v1.3.1…v1.3.2

    Changed

    etcd-defrag v1.2.1…v1.2.3

    Changed

    • Chart: Update dependency ahrtr/etcd-defrag to v0.36.0. (#69)
    • Chart: Update dependency ahrtr/etcd-defrag to v0.35.0. (#64)

    etcd-k8s-res-count-exporter v1.10.9…v1.10.11

    Changed

    • Go: Update dependencies.
    • Go: Update dependencies.

    k8s-audit-metrics v0.10.8…v0.10.10

    Changed

    • Go: Update dependencies.
    • Go: Update dependencies.

    node-exporter v1.20.7…v1.20.9

    Changed

    • Go: Update dependencies.
    • Go: Update dependencies.

    observability-policies v0.0.2…v0.0.3

    Fixed

    • Missing RBAC for kyverno-report-controller

    security-bundle v1.13.1…v1.15.0

    Added

    • Add kubescape (app) version v0.0.4.

    Changed

    • Update kyverno (app) to v0.21.1.
    • Update kyverno-crds (app) to v1.15.0.
    • Update kyverno (app) to v0.20.1.
    • Update kyverno-crds (app) to v1.14.0.
    • Update kyverno-policies (app) to v0.24.0.
    • Update reports-server (app) to v0.0.3.

    teleport-kube-agent v0.10.6…v0.10.7

    Added

    • Add ephemeral-storage requests and limits to satisfy Kyverno policy require-emptydir-requests-and-limits.

    Changed

    • Enable upstream-provided Prometheus PodMonitor to scrape metrics from Teleport Kube Agent pods.
  • CAPZ releases releases azure-33.1.0

    Update Kubernetes to v1.33.6, Flatcar to v4459.2.1 and various component upgrades.

    Changes compared to v33.0.1

    Components

    • cluster-azure from v4.2.0 to v4.4.0
    • Flatcar from v4230.2.3 to v4459.2.1
    • Kubernetes from v1.33.5 to v1.33.6
    • os-tooling from v1.26.1 to v1.26.2

    cluster-azure v4.2.0…v4.4.0

    Changed

    • Make global.baseDomain and global.managementCluster required values. These values will be passed to the chart when deploying it from the cluster-app-installation-values ConfigMap in the default namespace.
    • Extract required values to its own central file to avoid repeating the required keyword and error messages. This is normally done automatically by a Kyverno policy.
    • Chart: Update cluster to v4.4.0.
    • Install External DNS CRDs and watch default sources.
    • Chart: Update cluster to v4.3.0.

    Apps

    • cert-exporter from v2.9.12 to v2.9.14
    • cert-manager from v3.9.3 to v3.9.4
    • cilium from v1.3.1 to v1.3.2
    • etcd-defrag from v1.2.1 to v1.2.3
    • etcd-k8s-res-count-exporter from v1.10.9 to v1.10.11
    • k8s-audit-metrics from v0.10.8 to v0.10.10
    • node-exporter from v1.20.7 to v1.20.9
    • observability-policies from v0.0.2 to v0.0.3
    • security-bundle from v1.13.1 to v1.15.0
    • teleport-kube-agent from v0.10.6 to v0.10.7

    cert-exporter v2.9.12…v2.9.14

    Changed

    • Go: Update dependencies.
    • Go: Update dependencies.

    cert-manager v3.9.3…v3.9.4

    Added

    • Add E2E tests using apptest-framework for automated PR testing across multiple providers (CAPA, CAPV, CAPZ, CAPVCD).
      • Basic test suite: Validates fresh installations
      • Upgrade test suite: Tests upgrade scenarios and certificate reconciliation
    • Add certificate issuance integration test to cluster-test-suites.

    Changed

    • Upgrade cert-manager to v1.18.2.

    cilium v1.3.1…v1.3.2

    Changed

    etcd-defrag v1.2.1…v1.2.3

    Changed

    • Chart: Update dependency ahrtr/etcd-defrag to v0.36.0. (#69)
    • Chart: Update dependency ahrtr/etcd-defrag to v0.35.0. (#64)

    etcd-k8s-res-count-exporter v1.10.9…v1.10.11

    Changed

    • Go: Update dependencies.
    • Go: Update dependencies.

    k8s-audit-metrics v0.10.8…v0.10.10

    Changed

    • Go: Update dependencies.
    • Go: Update dependencies.

    node-exporter v1.20.7…v1.20.9

    Changed

    • Go: Update dependencies.
    • Go: Update dependencies.

    observability-policies v0.0.2…v0.0.3

    Fixed

    • Missing RBAC for kyverno-report-controller

    security-bundle v1.13.1…v1.15.0

    Added

    • Add kubescape (app) version v0.0.4.

    Changed

    • Update kyverno (app) to v0.21.1.
    • Update kyverno-crds (app) to v1.15.0.
    • Update kyverno (app) to v0.20.1.
    • Update kyverno-crds (app) to v1.14.0.
    • Update kyverno-policies (app) to v0.24.0.
    • Update reports-server (app) to v0.0.3.

    teleport-kube-agent v0.10.6…v0.10.7

    Added

    • Add ephemeral-storage requests and limits to satisfy Kyverno policy require-emptydir-requests-and-limits.

    Changed

    • Enable upstream-provided Prometheus PodMonitor to scrape metrics from Teleport Kube Agent pods.