Changes and Releases

Updates on Giant Swarm workload cluster releases, apps, UI improvements and documentation changes.

• Mar 13, 2025 Observability silence-operator v0.13.0
  • Added option to use Service Account token to be used of Alertmanager authentication.

  Fixed

  • Replace Alertmanager RoundTripper with custom NewRequest.
  • Fix CVE-2024-45338 by updating golang.org/x/net to v0.33.0
• Mar 13, 2025 CAPVCD releases releases cloud-director-30.0.0

  Changes compared to v29.3.2

  Components

  • cluster-cloud-director from v0.64.2 to v0.65.0
  • Flatcar from v4081.2.1 to v4152.2.1
  • Kubernetes from v1.29.13 to v1.30.10

  cluster-cloud-director v0.64.2…v0.65.0

  Changed

  • Chart: Update cluster to v2.1.1.
  • Chart: Enable coredns-extensions and etcd-defrag.

  Apps

  • capi-node-labeler from v0.5.0 to v1.0.1
  • cert-exporter from v2.9.3 to v2.9.4
  • cert-manager from v3.8.2 to v3.9.0
  • cilium from v0.25.2 to v0.31.0
  • coredns from v1.23.0 to v1.24.0
  • coredns-extensions v0.1.2
  • etcd-defrag v1.0.1
  • etcd-k8s-res-count-exporter from v1.10.0 to v1.10.1
  • external-dns from v3.1.0 to v3.2.0
  • k8s-audit-metrics from v0.10.0 to v0.10.1
  • metrics-server from v2.4.2 to v2.6.0
  • node-exporter from v1.20.0 to v1.20.1
  • vertical-pod-autoscaler from v5.3.1 to v5.4.0
  • vertical-pod-autoscaler-crd from v3.1.2 to v3.2.0

  capi-node-labeler v0.5.0…v1.0.1

  Changed

  • Main: Improve sleep. (#125)
  • Go: Update go.mod and .nancy-ignore. (#123)

  cert-exporter v2.9.3…v2.9.4

  Changed

  • Repository: Some chores. (#418)
  • Go: Update go.mod and .nancy-ignore. (#437)

  cert-manager v3.8.2…v3.9.0

  Added

  • Adds new sync method based on Vendir to sync from upstream

  Changed

  • Updates Cert-manager Chart to Upstream 1.16.2

  cilium v0.25.2…v0.31.0

  Changed

  • Upgrade Cilium to v1.16.6.
  • Move provider specific custom CNI configuration to subchart.
  • Improve security defaults for:
    • Hubble UI
    • Hubble Relay
    • Cilium Operator

  Removed

  • Delete defaultPolicies and extraPolicies templates.

  coredns v1.23.0…v1.24.0

  Changed

  • Update coredns image to 1.12.0.
  • Disable HPA Memory target.
  • Increase threshold for HPA CPU target to 80%.

  coredns-extensions v0.1.2

  Added

  • Add VPA for CoreDNS deployments.
  • Add value to enable or disable VPA resources.

  Changed

  • Push App to the default-catalog.
  • Publish App in giantswarm-catalog.

  etcd-defrag v1.0.1

  Added

  • Chart: Add moveLeader. (#11)

  Changed

  • Chart: Update dependency ahrtr/etcd-defrag to v0.24.0. (#16)
  • Values: Rename cluster into useClusterEndpoints. (#8)

  etcd-k8s-res-count-exporter v1.10.0…v1.10.1

  Changed

  • Set readOnlyRootFilesystem to true in the container security context.
  • Update Kyverno PolicyExceptions to v2beta1.
  • Go: Update go.mod and .nancy-ignore. (#242)

  external-dns v3.1.0…v3.2.0

  Changed

  • Update architect-orb and ATS.
  • Add DNSEndpoints as a source for DNS records.

  k8s-audit-metrics v0.10.0…v0.10.1

  Changed

  • Update Kyverno PolicyExceptions to v2beta1.
  • Go: Update go.mod and .nancy-ignore. (#248)

  metrics-server v2.4.2…v2.6.0

  Added

  • Add VPA setting for metrics-server.

  Changed

  • Upgrade metrics-server to v0.7.2.
  • Chart: Update PolicyExceptions to v2beta1. (#226)

  node-exporter v1.20.0…v1.20.1

  Changed

  • Update Kyverno PolicyExceptions to v2beta1.
  • Go: Update go.mod. (#322)

  vertical-pod-autoscaler v5.3.1…v5.4.0

  Changed

  • Chart: Update Helm release vertical-pod-autoscaler to v10.0.0 (#335)

  vertical-pod-autoscaler-crd v3.1.2…v3.2.0

  Changed

  • Chart: Sync to upstream. (#126)
• Mar 13, 2025 Developer Portal backstage v0.54.1

  This release fixes the sorting behavior for version columns by changing alphanumeric sorting to semver-aware sorting. See ./docs/releases/v0.54.1-changelog.md for more information.

• Mar 12, 2025 Observability dashboards v4.3.0

  Added

  • Add Observability Resource Usage dashboard
  • Add Backstage dashboard
• Mar 12, 2025 Developer Portal happa v1.71.3

  Changes

  • Use mapiAudience configuration value instead of audience by @gusevda in https://github.com/giantswarm/happa/pull/4648

  Full Changelog: https://github.com/giantswarm/happa/compare/v1.71.2...v1.71.3

• Mar 11, 2025 Highlights

  Highlights for the week ending 2025-03-11

  General

  Apps

  • dashboards

    • 4.2.0
      • Add Envoy Gateway dashboards

  • logging-operator

    • [0.24.1](https://github.com/giantswarm/logging- operator/compare/v0.24.0…v0.24.1)
      • Only fetch tenant IDs on CAPI clusters.
    • [0.24.0](https://github.com/giantswarm/logging- operator/compare/v0.23.0…v0.24.0)
      • Add tenant filtering in Alloy config
      • Implement grafana-organization controller to update tenant IDs filter on GrafanaOrganization changes.
      • Use smaller dockerfile to reduce build time as ABS already generates the go binary.
      • Fix non-working log lines dropping on missing tenant id

  • observability-operator

    • [0.19.2](https://github.com/giantswarm/observability- operator/compare/v0.19.1…v0.19.2)

      • Switch mimir default tenant from anonymous to giantswarm once again.
      • Replace deprecated update datasource by id with update datasource by uid Grafana API call.

    • [0.19.1](https://github.com/giantswarm/observability- operator/compare/v0.19.0…v0.19.1)

      • Revert tenant switch and clean up giantswarm tenant

    • [0.19.0](https://github.com/giantswarm/observability- operator/compare/v0.18.0…v0.19.0)

      • Add cleanup for Mimir Alertmanager anonymous tenant’s configuration.
      • Add cleanup for Mimir Ruler anonymous tenant’s rules.
      • Fix default read tenant to anonymous to ensure grafana rules pages work until the tenant switch is released.

    • [0.18.0](https://github.com/giantswarm/observability- operator/compare/v0.17.0…v0.18.0)

      • Use smaller dockerfile to reduce build time as ABS already generates the go binary.
      • Read metrics from both anonymous and giantswarm tenant at once.
      • Refactor hardcoded tenant values to prepare the switch from the anonymous to the giantswarm tenant.
      • Switch the alerting component from the anonymous to the giantswarm tenant.
      • Add Grafana url when there’s no dashboard in the alert notification template.

  • cilium-app

    • 0.32.0
      • Use upstream default value for prometheus.metrics.
      • Enable Envoy Proxy in standalone DaemonSet.
    • [0.31.1] - 2025-03-06
      • Upgrade Cilium to v1.16.7.

  • envoy-gateway-app

    • [0.3.0](https://github.com/giantswarm/envoy-gateway- app/compare/v0.2.0…v0.3.0)
      • Add PodMonitor scraping envoy-gateway controller.

  • gateway-api-bundle

    • [0.3.0](https://github.com/giantswarm/gateway-api- bundle/compare/v0.2.0…v0.3.0)
      • Update dependency giantswarm/gateway-api-config-app to v0.4.0 (#18)
      • Update dependency giantswarm/envoy-gateway-app to v0.3.0 (#17)

  • gateway-api-config-app

    • [0.4.0](https://github.com/giantswarm/gateway-api-config- app/compare/v0.3.0…v0.4.0)
      • Add podMonitor for each Gateway.

  • cluster-aws

    • 3.1.1
      • Add ingress rule in nodes Security Group to allow access to the Cilium Relay when using ENI mode.
    • 3.1.0
      • Chart: Update cluster to v2.1.1.
      • Add option global.providerSpecific.nodeTerminationHandlerEnabled to disable the AWS Node Termination Handler (NTH).

  • kube-downscaler-app

    • [0.5.0](https://github.com/giantswarm/kube-downscaler- app/compare/v0.4.0…v0.5.0)
      • Updated Helm chart to use the caas-team/py-kube-downscaler upstream one as dependency.
      • Updated application.giantswarm.io/team label from Team Horizon to Team Planeteers.

  • n8n-app

    • 0.2.0
      • upgraded the upstream helm chart to 1.1.0

  • cluster-vsphere

    • [0.69.0](https://github.com/giantswarm/cluster- vsphere/compare/v0.68.1…v0.69.0)
      • Remove requirement for pods and services as they are defaulted by the values schema.
      • Chart: Update cluster to v2.1.1.
      • Chart: Enable coredns-extensions and etcd-defrag.

  • vsphere-csi-driver-app

    • [3.4.1](https://github.com/giantswarm/vsphere-csi-driver- app/compare/v3.4.0…v3.4.1)
      • Update CircleCI config.
    • [3.4.0](https://github.com/giantswarm/vsphere-csi-driver- app/releases/tag/v3.4.0)
      • Add upstream chart at v3.3.0.
      • Add repo scaffolding to generate the chart.

  • dex-operator

    • 0.12.4
      • fix issue with image registry parsing
    • 0.12.3
      • Add support for hostAliases on Chart level
      • Change ownership to Team Shield
      • Disable zap logger development mode to avoid panicking

  • etcd-defrag-app

    • 1.0.2
      • Chart: Update dependency ahrtr/etcd-defrag to v0.25.0. (#17)

  Docs

• Mar 7, 2025 CAPA releases releases aws-26.4.2

  Changes compared to v26.4.1

  Components

  • cluster-aws from v1.3.8 to v1.3.9

  cluster-aws v1.3.8…v1.3.9

  Added

  • Add ingress rule in nodes Security Group to allow access to the Cilium Relay when using ENI mode.
• Mar 7, 2025 CAPA releases releases aws-27.5.2

  Changes compared to v27.5.1

  Components

  • cluster-aws from v1.3.8 to v1.3.9

  cluster-aws v1.3.8…v1.3.9

  Added

  • Add ingress rule in nodes Security Group to allow access to the Cilium Relay when using ENI mode.
• Mar 7, 2025 CAPA releases releases aws-28.5.3

  Changes compared to v28.5.2

  Components

  • cluster-aws from v1.3.8 to v1.3.9

  cluster-aws v1.3.8…v1.3.9

  Added

  • Add ingress rule in nodes Security Group to allow access to the Cilium Relay when using ENI mode.
• Mar 7, 2025 CAPA releases releases aws-29.6.2

  Changes compared to v29.6.1

  Components

  • cluster-aws from v2.6.1 to v2.6.2

  cluster-aws v2.6.1…v2.6.2

  Added

  • Add ingress rule in nodes Security Group to allow access to the Cilium Relay when using ENI mode.

• Newer entries
• Older entries