Added
- Add Crossplane AWS support for automated S3 bucket provisioning.
Changes and Releases
Updates on Giant Swarm workload cluster releases, apps, UI improvements and documentation changes.
Added
- Add Crossplane support for AWS S3 bucket provisioning with the following resources:
- S3 Buckets for mimir, ruler, and alertmanager storage
- BucketLifecycleConfiguration for automatic object expiration
- BucketPublicAccessBlock for security hardening
- BucketPolicy enforcing SSL/TLS connections
- IAM Roles with IRSA (IAM Roles for Service Accounts) support
- Crossplane resources support dynamic AWS account ID and OIDC provider discovery from cluster CRs
- Tags from AWSCluster CR are automatically merged with user-provided tags
- Observe-only mode for safe migration of existing resources
- Add Crossplane support for AWS S3 bucket provisioning with the following resources:
Fixed
- Fix HelmRelease.getChartName() to support chartRef pattern for OCIRepository-based charts. See ./docs/releases/v0.101.1-changelog.md for more information.
Added
- Add Network Traffic Analysis Overview dashboard
Changed
- Improve Network Traffic Analysis Dashboard Performance
- [performance] Re-use panel queries, which gladly reduces the number of queries made to the backend, and ease maintenance
- [performance] Change Pie Charts query types from range to instant
- [performance] Set maximum datapoints to 500 and minimal interval to 2mn
- [ux] Change destination pie charts to only show top 10 destinations
- [ux] Change the top list panels to use pagination rather than only showing top 10 elements
- [ux] Change bottom graphs to use stacked lines and added list of values + total count
- [ux] Remove the per-namespace section which was merely a duplicate of the top one with additional namespace filter. All panels now have a namespace filter which default to all namespace, therefore keeping the old behavior of the top panels and also allowing behavior of the bottom ones at the same time.
- [ux] Add links between both Network Traffic Analysis dashboards
- [ux] Add
Include non-namespacedtoggle to filter/include non-namespaced network traffic - [ux] Improve documentation panel
- [ux] Add annotations for CiliumNetworkPolicies events
- [ux] Change Legend set to “unknown” when no value is found
- [ux] Show percentage and all values in tooltip on destination panels
- [maintenance] Move subnets regex to a constant
- NGINX Ingress controller dashboard: reworked variables
- removed
appselector - removed
namespaceselector - added
ingress namespaceselector
- removed
Removed
- Remove
logging-operatorrelated data as it is now deprecated.
Changed
- Fix HTTPRoute template.
- Add HTTPRouteFilter.
Changed
- Build with up-to-date pipelines.
- Enable TLS secret configuration for the ingresses. The default now changes to having a single shared secret per host in one namespace to avoid Let’s Encrypt rate limiting
Added
- Add Crossplane support for automated S3 bucket provisioning on CAPA (AWS) clusters
- New Crossplane configuration under top-level
crossplane - Automatic S3 bucket creation via Crossplane with lifecycle policies
- IAM role and policy management for IRSA authentication
- Two-phase migration support: observe mode and full management mode
- Automatic tag inheritance from AWSCluster CR
- Dynamic AWS account ID and OIDC provider lookup from cluster resources
- New Crossplane configuration under top-level
- Add Crossplane support for automated S3 bucket provisioning on CAPA (AWS) clusters
Added
- Add OAuth2 PKCE authentication support for MCP servers with custom authenticator and CIMD router.
- Add authentication provider support and multi-installation features for MCP servers.
- Add MCP resources loading exposed as callable tools.
Fixed
- Fix GitOpsCard source URL generation for Flux CD revision formats like
main@sha1:abc123andsha256:abc123. - Improve container registry error handling with user-friendly messages for missing repositories. See ./docs/releases/v0.101.0-changelog.md for more information.