Changes and Releases

Updates on Giant Swarm workload cluster releases, apps, UI improvements and documentation changes.

• Nov 4, 2025 Connectivity gateway-api-app v1.6.0

  Changed

  • Upgrade Gateway API Inference Extension CRDs to v1.1.0
• Nov 4, 2025 Fleet Management zot v2.3.6

  Changed

  • Fixed: remove ‘additionalProperties: false’ from values.yaml schema.
• Nov 4, 2025 Fleet Management zot v2.3.5

  Changed

  • Upgrade to upstream Helm chart v0.1.83 (patch release) and zot 2.1.10
• Nov 4, 2025 Fleet Management zot v2.3.4

  Changed

  • Add the team tenant observability label to pod templates
  • switch helm schema generation to https://github.com/dadav/helm-schema/, add it to pre-commit config and add some missing annotations
• Nov 4, 2025 Developer Portal backstage v0.89.0

  Changed

  • Added support for Node.js v24
  • Removed TypeScript types for Kubernetes object and types generator script.
  • Refactored the code to use types from @giantswarm/k8s-types package.

  Fixed

  • Fixed cluster status icon alignment in the Clusters table. See ./docs/releases/v0.89.0-changelog.md for more information.
• Nov 2, 2025 CAPVCD releases releases cloud-director-32.1.0

  This release updates Flatcar to v4230.2.4 and includes several app updates and improvements.

  Changes compared to v32.0.0

  Components

  • Flatcar from v4230.2.2 to v4230.2.4
  • os-tooling from v1.26.1 to v1.26.2

  Apps

  • capi-node-labeler from v1.1.3 to v1.1.5
  • cert-exporter from v2.9.9 to v2.9.13
  • cert-manager from v3.9.2 to v3.9.4
  • cilium from v1.3.0 to v1.3.1
  • coredns from v1.27.0 to v1.28.2
  • etcd-defrag from v1.0.8 to v1.2.2
  • etcd-k8s-res-count-exporter from v1.10.7 to v1.10.10
  • k8s-audit-metrics from v0.10.6 to v0.10.9
  • node-exporter from v1.20.5 to v1.20.8
  • observability-bundle from v2.2.2 to v2.3.2
  • security-bundle from v1.12.0 to v1.14.0
  • vertical-pod-autoscaler from v6.0.1 to v6.1.1
  • vertical-pod-autoscaler-crd from v4.0.1 to v4.1.1

  capi-node-labeler v1.1.3…v1.1.5

  Changed

  • Go: Update dependencies.
  • Go: Update dependencies.

  cert-exporter v2.9.9…v2.9.13

  Changed

  • Go: Update dependencies.
  • Go: Update dependencies.
  • Chart: Add value to toggle creation of Daemonset resources.
  • Go: Update dependencies.

  cert-manager v3.9.2…v3.9.4

  Added

  • Add E2E tests using apptest-framework for automated PR testing across multiple providers (CAPA, CAPV, CAPZ, CAPVCD).
    • Basic test suite: Validates fresh installations
    • Upgrade test suite: Tests upgrade scenarios and certificate reconciliation
  • Add certificate issuance integration test to cluster-test-suites.

  Changed

  • Upgrade cert-manager to v1.18.2.
  • Fix missing targetPort in cainjector-service

  cilium v1.3.0…v1.3.1

  Changed

  • Upgrade Cilium to v1.18.2.

  coredns v1.27.0…v1.28.2

  Changed

  • Update coredns image to 1.13.1.
  • Add value to toggle creation of controlplane deployment.
  • Update coredns image to 1.13.0.

  etcd-defrag v1.0.8…v1.2.2

  Changed

  • Chart: Update dependency ahrtr/etcd-defrag to v0.35.0. (#64)
  • Chart: Update dependency ahrtr/etcd-defrag to v0.34.0. (#62)
  • Chart: Update dependency ahrtr/etcd-defrag to v0.33.0. (#60)
  • Update Kyverno API to v2 for policy exceptions
  • Chart: Update dependency ahrtr/etcd-defrag to v0.32.0. (#57)

  etcd-k8s-res-count-exporter v1.10.7…v1.10.10

  Changed

  • Go: Update dependencies.
  • Go: Update dependencies.
  • Update Kyverno API to v2 for policy exceptions
  • Go: Update dependencies.

  k8s-audit-metrics v0.10.6…v0.10.9

  Changed

  • Go: Update dependencies.
  • Go: Update dependencies.
  • Update Kyverno API to v2 for policy exceptions
  • Go: Update dependencies.

  node-exporter v1.20.5…v1.20.8

  Changed

  • Go: Update dependencies.
  • Go: Update dependencies.
  • Update Kyverno API to v2 for policy exceptions
  • Go: Update dependencies.

  observability-bundle v2.2.2…v2.3.2

  Added

  • Add KSM metrics for cloudnative-pg Cluster objects

  Changed

  • Update alloy-app to 0.15.0
    • Bumps alloy to 1.11.0

  Fixed

  • Update alloy-app to 0.15.1
    • Bumps alloy to 1.11.2

  security-bundle v1.12.0…v1.14.0

  Changed

  • Update kyverno (app) to v0.20.1.
  • Update kyverno-crds (app) to v1.14.0.
  • Update kyverno-policies (app) to v0.24.0.
  • Update reports-server (app) to v0.0.3.
  • Revert previous kyverno update (#536, #531, #538).
  • Update kyverno-policy-operator (app) to v0.1.6.
  • Update kyverno (app) to v0.20.0.
  • Update kyverno-crds (app) to v1.14.0.
  • Update kyverno-policies (app) to v0.24.0.
  • Update kyverno-policy-operator (app) to v0.1.5.
  • Update trivy-operator (app) to v0.12.1.
  • Update trivy (app) to v0.14.1.
  • Update falco (app) to v0.11.0.

  vertical-pod-autoscaler v6.0.1…v6.1.1

  Changed

  • Chart: Update Helm release vertical-pod-autoscaler to v11.1.1. (#375)
  • Chart: Update Helm release vertical-pod-autoscaler to v11.1.0. (#372)

  vertical-pod-autoscaler-crd v4.0.1…v4.1.1

  Changed

  • Chart: Sync to upstream. (#166)
  • Chart: Sync to upstream. (#164)
• Nov 2, 2025 CAPV releases releases vsphere-32.1.0

  This release updates Flatcar to v4230.2.4 and includes several app updates and improvements.

  Changes compared to v32.0.0

  Components

  • Flatcar from v4230.2.2 to v4230.2.4
  • os-tooling from v1.26.1 to v1.26.2

  Apps

  • capi-node-labeler from v1.1.3 to v1.1.5
  • cert-exporter from v2.9.9 to v2.9.13
  • cert-manager from v3.9.2 to v3.9.4
  • cilium from v1.3.0 to v1.3.1
  • coredns from v1.27.0 to v1.28.2
  • etcd-defrag from v1.0.8 to v1.2.2
  • etcd-k8s-res-count-exporter from v1.10.7 to v1.10.10
  • k8s-audit-metrics from v0.10.6 to v0.10.9
  • node-exporter from v1.20.5 to v1.20.8
  • observability-bundle from v2.2.2 to v2.3.2
  • security-bundle from v1.12.0 to v1.14.0
  • vertical-pod-autoscaler from v6.0.1 to v6.1.1
  • vertical-pod-autoscaler-crd from v4.0.1 to v4.1.1

  capi-node-labeler v1.1.3…v1.1.5

  Changed

  • Go: Update dependencies.
  • Go: Update dependencies.

  cert-exporter v2.9.9…v2.9.13

  Changed

  • Go: Update dependencies.
  • Go: Update dependencies.
  • Chart: Add value to toggle creation of Daemonset resources.
  • Go: Update dependencies.

  cert-manager v3.9.2…v3.9.4

  Added

  • Add E2E tests using apptest-framework for automated PR testing across multiple providers (CAPA, CAPV, CAPZ, CAPVCD).
    • Basic test suite: Validates fresh installations
    • Upgrade test suite: Tests upgrade scenarios and certificate reconciliation
  • Add certificate issuance integration test to cluster-test-suites.

  Changed

  • Upgrade cert-manager to v1.18.2.
  • Fix missing targetPort in cainjector-service

  cilium v1.3.0…v1.3.1

  Changed

  • Upgrade Cilium to v1.18.2.

  coredns v1.27.0…v1.28.2

  Changed

  • Update coredns image to 1.13.1.
  • Add value to toggle creation of controlplane deployment.
  • Update coredns image to 1.13.0.

  etcd-defrag v1.0.8…v1.2.2

  Changed

  • Chart: Update dependency ahrtr/etcd-defrag to v0.35.0. (#64)
  • Chart: Update dependency ahrtr/etcd-defrag to v0.34.0. (#62)
  • Chart: Update dependency ahrtr/etcd-defrag to v0.33.0. (#60)
  • Update Kyverno API to v2 for policy exceptions
  • Chart: Update dependency ahrtr/etcd-defrag to v0.32.0. (#57)

  etcd-k8s-res-count-exporter v1.10.7…v1.10.10

  Changed

  • Go: Update dependencies.
  • Go: Update dependencies.
  • Update Kyverno API to v2 for policy exceptions
  • Go: Update dependencies.

  k8s-audit-metrics v0.10.6…v0.10.9

  Changed

  • Go: Update dependencies.
  • Go: Update dependencies.
  • Update Kyverno API to v2 for policy exceptions
  • Go: Update dependencies.

  node-exporter v1.20.5…v1.20.8

  Changed

  • Go: Update dependencies.
  • Go: Update dependencies.
  • Update Kyverno API to v2 for policy exceptions
  • Go: Update dependencies.

  observability-bundle v2.2.2…v2.3.2

  Added

  • Add KSM metrics for cloudnative-pg Cluster objects

  Changed

  • Update alloy-app to 0.15.0
    • Bumps alloy to 1.11.0

  Fixed

  • Update alloy-app to 0.15.1
    • Bumps alloy to 1.11.2

  security-bundle v1.12.0…v1.14.0

  Changed

  • Update kyverno (app) to v0.20.1.
  • Update kyverno-crds (app) to v1.14.0.
  • Update kyverno-policies (app) to v0.24.0.
  • Update reports-server (app) to v0.0.3.
  • Revert previous kyverno update (#536, #531, #538).
  • Update kyverno-policy-operator (app) to v0.1.6.
  • Update kyverno (app) to v0.20.0.
  • Update kyverno-crds (app) to v1.14.0.
  • Update kyverno-policies (app) to v0.24.0.
  • Update kyverno-policy-operator (app) to v0.1.5.
  • Update trivy-operator (app) to v0.12.1.
  • Update trivy (app) to v0.14.1.
  • Update falco (app) to v0.11.0.

  vertical-pod-autoscaler v6.0.1…v6.1.1

  Changed

  • Chart: Update Helm release vertical-pod-autoscaler to v11.1.1. (#375)
  • Chart: Update Helm release vertical-pod-autoscaler to v11.1.0. (#372)

  vertical-pod-autoscaler-crd v4.0.1…v4.1.1

  Changed

  • Chart: Sync to upstream. (#166)
  • Chart: Sync to upstream. (#164)
• Nov 2, 2025 CAPZ releases releases azure-32.1.0

  This release updates Flatcar to v4230.2.4 and includes several app updates and improvements.

  Changes compared to v32.0.0

  Components

  • Flatcar from v4230.2.2 to v4230.2.4
  • os-tooling from v1.26.1 to v1.26.2

  Apps

  • capi-node-labeler from v1.1.3 to v1.1.5
  • cert-exporter from v2.9.9 to v2.9.13
  • cert-manager from v3.9.2 to v3.9.4
  • cilium from v1.3.0 to v1.3.1
  • coredns from v1.27.0 to v1.28.2
  • etcd-defrag from v1.0.8 to v1.2.2
  • etcd-k8s-res-count-exporter from v1.10.7 to v1.10.10
  • k8s-audit-metrics from v0.10.6 to v0.10.9
  • node-exporter from v1.20.5 to v1.20.8
  • observability-bundle from v2.2.2 to v2.3.2
  • security-bundle from v1.12.0 to v1.14.0
  • vertical-pod-autoscaler from v6.0.1 to v6.1.1
  • vertical-pod-autoscaler-crd from v4.0.1 to v4.1.1

  capi-node-labeler v1.1.3…v1.1.5

  Changed

  • Go: Update dependencies.
  • Go: Update dependencies.

  cert-exporter v2.9.9…v2.9.13

  Changed

  • Go: Update dependencies.
  • Go: Update dependencies.
  • Chart: Add value to toggle creation of Daemonset resources.
  • Go: Update dependencies.

  cert-manager v3.9.2…v3.9.4

  Added

  • Add E2E tests using apptest-framework for automated PR testing across multiple providers (CAPA, CAPV, CAPZ, CAPVCD).
    • Basic test suite: Validates fresh installations
    • Upgrade test suite: Tests upgrade scenarios and certificate reconciliation
  • Add certificate issuance integration test to cluster-test-suites.

  Changed

  • Upgrade cert-manager to v1.18.2.
  • Fix missing targetPort in cainjector-service

  cilium v1.3.0…v1.3.1

  Changed

  • Upgrade Cilium to v1.18.2.

  coredns v1.27.0…v1.28.2

  Changed

  • Update coredns image to 1.13.1.
  • Add value to toggle creation of controlplane deployment.
  • Update coredns image to 1.13.0.

  etcd-defrag v1.0.8…v1.2.2

  Changed

  • Chart: Update dependency ahrtr/etcd-defrag to v0.35.0. (#64)
  • Chart: Update dependency ahrtr/etcd-defrag to v0.34.0. (#62)
  • Chart: Update dependency ahrtr/etcd-defrag to v0.33.0. (#60)
  • Update Kyverno API to v2 for policy exceptions
  • Chart: Update dependency ahrtr/etcd-defrag to v0.32.0. (#57)

  etcd-k8s-res-count-exporter v1.10.7…v1.10.10

  Changed

  • Go: Update dependencies.
  • Go: Update dependencies.
  • Update Kyverno API to v2 for policy exceptions
  • Go: Update dependencies.

  k8s-audit-metrics v0.10.6…v0.10.9

  Changed

  • Go: Update dependencies.
  • Go: Update dependencies.
  • Update Kyverno API to v2 for policy exceptions
  • Go: Update dependencies.

  node-exporter v1.20.5…v1.20.8

  Changed

  • Go: Update dependencies.
  • Go: Update dependencies.
  • Update Kyverno API to v2 for policy exceptions
  • Go: Update dependencies.

  observability-bundle v2.2.2…v2.3.2

  Added

  • Add KSM metrics for cloudnative-pg Cluster objects

  Changed

  • Update alloy-app to 0.15.0
    • Bumps alloy to 1.11.0

  Fixed

  • Update alloy-app to 0.15.1
    • Bumps alloy to 1.11.2

  security-bundle v1.12.0…v1.14.0

  Changed

  • Update kyverno (app) to v0.20.1.
  • Update kyverno-crds (app) to v1.14.0.
  • Update kyverno-policies (app) to v0.24.0.
  • Update reports-server (app) to v0.0.3.
  • Revert previous kyverno update (#536, #531, #538).
  • Update kyverno-policy-operator (app) to v0.1.6.
  • Update kyverno (app) to v0.20.0.
  • Update kyverno-crds (app) to v1.14.0.
  • Update kyverno-policies (app) to v0.24.0.
  • Update kyverno-policy-operator (app) to v0.1.5.
  • Update trivy-operator (app) to v0.12.1.
  • Update trivy (app) to v0.14.1.
  • Update falco (app) to v0.11.0.

  vertical-pod-autoscaler v6.0.1…v6.1.1

  Changed

  • Chart: Update Helm release vertical-pod-autoscaler to v11.1.1. (#375)
  • Chart: Update Helm release vertical-pod-autoscaler to v11.1.0. (#372)

  vertical-pod-autoscaler-crd v4.0.1…v4.1.1

  Changed

  • Chart: Sync to upstream. (#166)
  • Chart: Sync to upstream. (#164)
• Nov 2, 2025 CAPA releases releases aws-32.1.0

  This release updates Flatcar to v4230.2.4 and includes several app updates and improvements.

  Changes compared to v32.0.0

  Components

  • cluster-aws from v5.0.0 to v5.3.0
  • Flatcar from v4230.2.2 to v4230.2.4
  • os-tooling from v1.26.1 to v1.26.2

  cluster-aws v5.0.0…v5.3.0

  Added

  • Expose value to configure terminationGracePeriod in the karpenter node pools.

  Changed

  • Configure the following startupTaints to help karpenter ignore pending Pods due to these taints that will be removed after the node starts, avoiding unnecessary instance provisioning:
    • node.cluster.x-k8s.io/uninitialized:NoSchedule
    • node.cilium.io/agent-not-ready:NoSchedule
    • ebs.csi.aws.com/agent-not-ready:NoExecute
  • Reduce heartbeat timeout for ASG lifecycle hooks to from 30 minutes to 3 minutes since aws-node-termination-handler-app (NTH) can now send heartbeats

  Apps

  • aws-ebs-csi-driver from v3.0.5 to v3.3.0
  • aws-nth-bundle from v1.2.2 to v1.3.0
  • aws-pod-identity-webhook from v1.19.1 to v2.0.0
  • capi-node-labeler from v1.1.3 to v1.1.5
  • cert-exporter from v2.9.9 to v2.9.13
  • cert-manager from v3.9.2 to v3.9.4
  • cilium from v1.3.0 to v1.3.1
  • coredns from v1.27.0 to v1.28.2
  • etcd-defrag from v1.0.8 to v1.2.2
  • etcd-k8s-res-count-exporter from v1.10.7 to v1.10.10
  • k8s-audit-metrics from v0.10.6 to v0.10.9
  • node-exporter from v1.20.5 to v1.20.8
  • observability-bundle from v2.2.2 to v2.3.2
  • security-bundle from v1.12.0 to v1.14.0
  • vertical-pod-autoscaler from v6.0.1 to v6.1.1
  • vertical-pod-autoscaler-crd from v4.0.1 to v4.1.1

  aws-ebs-csi-driver v3.0.5…v3.3.0

  Changed

  • Chart: Sync to upstream. (#338)
    • Chart: Update AWS EBS CSI Driver from v1.41.0 to v1.51.0.
    • Chart: ⚠️ URGENT: XFS Compatibility Issue - Newly formatted XFS volumes may fail to mount on nodes with older kernels (Amazon Linux 2). Use node.legacyXFS: true as workaround.
    • Chart: ⚠️ URGENT: Controller Health Checks - Controller now performs AWS API dry-run checks. Ensure proper IAM permissions and network connectivity.
    • Chart: ⚠️ URGENT: StorageClass Parameter Deprecation* - blockExpress parameter is deprecated for io2 volumes (now always uses 256,000 IOPS cap).
    • Chart: Add support for creating instant, point-in-time copies of EBS volumes within the same Availability Zone.
    • Chart: Add debugLogs parameter for maximum verbosity logging and debugging.
    • Chart: Add metadataSources configuration option for node metadata handling.
    • Chart: Add disableMutation parameter for service account mutation control.
    • Chart: Add support for updating node’s max attachable volume count via MutableCSINodeAllocatableCount feature gate (Kubernetes 1.33+).
    • Chart: Update dependencies including AWS SDK, Prometheus, and various Go modules.
    • Chart: Add missing enablePrometheusAnnotations values for controller and node components.
    • Chart: Update sidecar container versions:
  • csi-provisioner: v5.2.0 → v5.3.0
  • csi-attacher: v4.8.1 → v4.9.0
  • csi-snapshotter: v8.2.1 → v8.3.0
  • livenessprobe: v2.14.0 → v2.16.0
  • csi-resizer: v1.13.2 → v1.14.0
  • csi-node-driver-registrar: v2.13.0 → v2.14.0
  • volume-modifier-for-k8s: v0.5.1 → v0.8.0
  • Configure gsoci.azurecr.io as the default container image registry.
  • Set default updateStrategy.rollingUpdate.maxUnavailable to 25% in DaemonSet to speed up rolling update.

  aws-nth-bundle v1.2.2…v1.3.0

  Changed

  • Upgrade aws-nth-crossplane-resources to v1.3.0, fixing support for multiple OIDC providers in the NTH IAM role as required for cleanup of migrated vintage clusters, and supporting heartbeat sending
  • Upgrade aws-node-termination-handler-app to v1.23.0, enabling heartbeats by default and upgrading to upstream application version v1.25.2 which fixes a resource leak bug relevant to heartbeat sending
  • Upgrade aws-nth-crossplane-resources to v1.1.1, supporting multiple OIDC providers in the NTH IAM role as required for cleanup of migrated vintage clusters

  aws-pod-identity-webhook v1.19.1…v2.0.0

  Changed

  • Upgrade IRSA to latest v0.6.9

  capi-node-labeler v1.1.3…v1.1.5

  Changed

  • Go: Update dependencies.
  • Go: Update dependencies.

  cert-exporter v2.9.9…v2.9.13

  Changed

  • Go: Update dependencies.
  • Go: Update dependencies.
  • Chart: Add value to toggle creation of Daemonset resources.
  • Go: Update dependencies.

  cert-manager v3.9.2…v3.9.4

  Added

  • Add E2E tests using apptest-framework for automated PR testing across multiple providers (CAPA, CAPV, CAPZ, CAPVCD).
    • Basic test suite: Validates fresh installations
    • Upgrade test suite: Tests upgrade scenarios and certificate reconciliation
  • Add certificate issuance integration test to cluster-test-suites.

  Changed

  • Upgrade cert-manager to v1.18.2.
  • Fix missing targetPort in cainjector-service

  cilium v1.3.0…v1.3.1

  Changed

  • Upgrade Cilium to v1.18.2.

  coredns v1.27.0…v1.28.2

  Changed

  • Update coredns image to 1.13.1.
  • Add value to toggle creation of controlplane deployment.
  • Update coredns image to 1.13.0.

  etcd-defrag v1.0.8…v1.2.2

  Changed

  • Chart: Update dependency ahrtr/etcd-defrag to v0.35.0. (#64)
  • Chart: Update dependency ahrtr/etcd-defrag to v0.34.0. (#62)
  • Chart: Update dependency ahrtr/etcd-defrag to v0.33.0. (#60)
  • Update Kyverno API to v2 for policy exceptions
  • Chart: Update dependency ahrtr/etcd-defrag to v0.32.0. (#57)

  etcd-k8s-res-count-exporter v1.10.7…v1.10.10

  Changed

  • Go: Update dependencies.
  • Go: Update dependencies.
  • Update Kyverno API to v2 for policy exceptions
  • Go: Update dependencies.

  k8s-audit-metrics v0.10.6…v0.10.9

  Changed

  • Go: Update dependencies.
  • Go: Update dependencies.
  • Update Kyverno API to v2 for policy exceptions
  • Go: Update dependencies.

  node-exporter v1.20.5…v1.20.8

  Changed

  • Go: Update dependencies.
  • Go: Update dependencies.
  • Update Kyverno API to v2 for policy exceptions
  • Go: Update dependencies.

  observability-bundle v2.2.2…v2.3.2

  Added

  • Add KSM metrics for cloudnative-pg Cluster objects

  Changed

  • Update alloy-app to 0.15.0
    • Bumps alloy to 1.11.0

  Fixed

  • Update alloy-app to 0.15.1
    • Bumps alloy to 1.11.2

  security-bundle v1.12.0…v1.14.0

  Changed

  • Update kyverno (app) to v0.20.1.
  • Update kyverno-crds (app) to v1.14.0.
  • Update kyverno-policies (app) to v0.24.0.
  • Update reports-server (app) to v0.0.3.
  • Revert previous kyverno update (#536, #531, #538).
  • Update kyverno-policy-operator (app) to v0.1.6.
  • Update kyverno (app) to v0.20.0.
  • Update kyverno-crds (app) to v1.14.0.
  • Update kyverno-policies (app) to v0.24.0.
  • Update kyverno-policy-operator (app) to v0.1.5.
  • Update trivy-operator (app) to v0.12.1.
  • Update trivy (app) to v0.14.1.
  • Update falco (app) to v0.11.0.

  vertical-pod-autoscaler v6.0.1…v6.1.1

  Changed

  • Chart: Update Helm release vertical-pod-autoscaler to v11.1.1. (#375)
  • Chart: Update Helm release vertical-pod-autoscaler to v11.1.0. (#372)

  vertical-pod-autoscaler-crd v4.0.1…v4.1.1

  Changed

  • Chart: Sync to upstream. (#166)
  • Chart: Sync to upstream. (#164)
• Oct 30, 2025 Fleet Management aws-load-balancer-controller-app v2.2.1

  Changed

  • Updated E2E tests to use apptest-framework v2.0.1
  • Add unhealthyPodEvictionPolicy to PodDisruptionPolicy
  • Declare status port on deployment

• Newer entries
• Older entries