v1.50.0

[gardener/gardener-extension-provider-azure]

⚠️ Breaking Changes

• [USER] VMSS-Flex based shoots are not the default deployment for non-zonal shoots. by @kon-angelo [#1025]
• [USER] Disable the creation of Availability-Set-based shoots. by @kon-angelo [#1025]
• [OPERATOR] The Helm charts for the application and runtime parts of the gardener-extension-admission-azure admission controller have been separated into standalone charts. These charts now assume a Garden setup with a virtual garden. Both charts must be deployed individually: the runtime chart on the Garden runtime cluster, and the application chart on the virtual garden. Additionally, the intermediate global level in the Helm values has been removed, so you may need to adjust your provided values accordingly. by @MartinWeindel [#1030]

📰 Noteworthy

• [USER] The kube-system/csi-driver-node-disk and kube-system/csi-driver-node-file DaemonSet are no longer scaled by a VerticalPodAutoscaler as they do not really benefit from it. Removing VerticalPodAutoscaler for these components will reduce unnecessary evictions by VPA and will be a mitigation for https://issues.k8s.io/126921. by @ialidzhikov [#1046]

✨ New Features

• [USER] Introduce an annotation to migrate the availability-set shoots to VMSS-Flex shoots. by @kon-angelo [#1025]
• [OPERATOR] Adjustments for additional deployment of extension and admission controller on Garden runtime cluster by gardener-operator. by @MartinWeindel [#1030]

🏃 Others

• [OPERATOR] Fix an issue where the provider-extension would delete a route table because of a location mismatch by @kon-angelo [#1068]
• [OPERATOR] Fixed an issue that prevented the Infrastructure resource to be correctly restored during control plane migration, if the Infrastructure was previously migrated from a single subnet network layout to a multiple subnet network layout. by @plkokanov [#907]
• [OPERATOR] Validate that all images in cloudProfile are valid images in the cloudProfileConfig by @hebelsan [#1020]
• [USER] Shoots with NodeLocalDNS enabled will use UDP instead of TCP for upstream DNS queries by default to avoid performance issues on Azure. by @domdom82 [#1032]
• [USER] Update CSI images by @AndreasBurger [#1063]
• [DEPENDENCY] Update gardener to v1.110.0 by @hebelsan [#1044]

[gardener/machine-controller-manager-provider-azure]

🏃 Others

• [DEVELOPER] The gardener/machine-controller-manager dependency has been updated to v0.55.1. Release Notes by @thiyyakat [gardener/machine-controller-manager-provider-azure#169]
• [DEVELOPER] Added gosec for Static Application Security Testing (SAST). by @thiyyakat [gardener/machine-controller-manager-provider-azure#169]
• [DEVELOPER] Updated go lang version to 1.23 by @thiyyakat [gardener/machine-controller-manager-provider-azure#169]
• [USER] It is now possible to use a workload identity token instead of a client secret when authenticating to Azure. The path to the file containing the federated token can be configured via the "workloadIdentityTokenFile" field in the secret config. by @dimityrmirchev [gardener/machine-controller-manager-provider-azure#167]

Helm Charts

• admission-azure-application: europe-docker.pkg.dev/gardener-project/releases/charts/gardener/extensions/admission-azure-application:v1.50.0
• admission-azure-runtime: europe-docker.pkg.dev/gardener-project/releases/charts/gardener/extensions/admission-azure-runtime:v1.50.0
• provider-azure: europe-docker.pkg.dev/gardener-project/releases/charts/gardener/extensions/provider-azure:v1.50.0

Docker Images

• gardener-extension-admission-azure: europe-docker.pkg.dev/gardener-project/releases/gardener/extensions/admission-azure:v1.50.0
• gardener-extension-provider-azure: europe-docker.pkg.dev/gardener-project/releases/gardener/extensions/provider-azure:v1.50.0

v1.49.4

[gardener/remedy-controller]

✨ New Features

• [OPERATOR] The remedy controller now supports authentication via federated token. The file containing the token can be specified via the "aadFederatedTokenFile" field. by @dimityrmirchev [gardener/remedy-controller#64]

🏃 Others

• [OPERATOR] Update golang to v1.23.5 by @kon-angelo [gardener/remedy-controller#66]
• [DEPENDENCY] Introduce SAST checking by @kon-angelo [gardener/remedy-controller#66]
• [DEPENDENCY] Update gardener to v1.110.4 by @kon-angelo [gardener/remedy-controller#66]
• [DEPENDENCY] Update go version to v1.22.0 by @LucaBernstein [gardener/remedy-controller#63]
• [DEPENDENCY] Update gardener/gardener version to v1.96.2 by @LucaBernstein [gardener/remedy-controller#63]
• [DEVELOPER] The vendor directory was removed in favor of the go mod cache. by @LucaBernstein [gardener/remedy-controller#63]

[gardener/terraformer]

🐛 Bug Fixes

• [DEVELOPER] Provider azurerm was updated to version 3.47.0 and is now properly recognising the ARM_OIDC_TOKEN_FILE_PATH env variable. by @dimityrmirchev [gardener/terraformer#156]

🏃 Others

• [OPERATOR] Update golang to v1.23.5 by @kon-angelo [gardener/terraformer#157]
• [OPERATOR] Update alpine to v3.21.2 by @kon-angelo [gardener/terraformer#157]

Helm Charts

• admission-azure-application: europe-docker.pkg.dev/gardener-project/releases/charts/gardener/extensions/admission-azure-application:v1.49.4
• admission-azure-runtime: europe-docker.pkg.dev/gardener-project/releases/charts/gardener/extensions/admission-azure-runtime:v1.49.4
• provider-azure: europe-docker.pkg.dev/gardener-project/releases/charts/gardener/extensions/provider-azure:v1.49.4

Docker Images

• gardener-extension-admission-azure: europe-docker.pkg.dev/gardener-project/releases/gardener/extensions/admission-azure:v1.49.4
• gardener-extension-provider-azure: europe-docker.pkg.dev/gardener-project/releases/gardener/extensions/provider-azure:v1.49.4

v1.49.3

[gardener/gardener-extension-provider-azure]

🐛 Bug Fixes

• [OPERATOR] Fix an issue causing nil pointer exception when the remote resource that was once existing and present in the inventory, had been deleted during reconciliation by @AndreasBurger [#1062]

Helm Charts

• admission-azure-application: europe-docker.pkg.dev/gardener-project/releases/charts/gardener/extensions/admission-azure-application:v1.49.3
• admission-azure-runtime: europe-docker.pkg.dev/gardener-project/releases/charts/gardener/extensions/admission-azure-runtime:v1.49.3
• provider-azure: europe-docker.pkg.dev/gardener-project/releases/charts/gardener/extensions/provider-azure:v1.49.3

Docker Images

• gardener-extension-admission-azure: europe-docker.pkg.dev/gardener-project/releases/gardener/extensions/admission-azure:v1.49.3
• gardener-extension-provider-azure: europe-docker.pkg.dev/gardener-project/releases/gardener/extensions/provider-azure:v1.49.3

v1.49.2

[gardener/gardener-extension-provider-azure]

🐛 Bug Fixes

• [USER] Fix the NamespacedCloudProfile status mutation. by @LucaBernstein [#1041]

Helm Charts

• admission-azure-application: europe-docker.pkg.dev/gardener-project/releases/charts/gardener/extensions/admission-azure-application:v1.49.2
• admission-azure-runtime: europe-docker.pkg.dev/gardener-project/releases/charts/gardener/extensions/admission-azure-runtime:v1.49.2
• provider-azure: europe-docker.pkg.dev/gardener-project/releases/charts/gardener/extensions/provider-azure:v1.49.2

Docker Images

• gardener-extension-admission-azure: europe-docker.pkg.dev/gardener-project/releases/gardener/extensions/admission-azure:v1.49.2
• gardener-extension-provider-azure: europe-docker.pkg.dev/gardener-project/releases/gardener/extensions/provider-azure:v1.49.2

v1.49.1

[gardener/gardener-extension-provider-azure]

🐛 Bug Fixes

• [USER] Support legacy CCM service tag key in flow reconciliation by @hebelsan [#1037]

Helm Charts

• admission-azure-application: europe-docker.pkg.dev/gardener-project/releases/charts/gardener/extensions/admission-azure-application:v1.49.1
• admission-azure-runtime: europe-docker.pkg.dev/gardener-project/releases/charts/gardener/extensions/admission-azure-runtime:v1.49.1
• provider-azure: europe-docker.pkg.dev/gardener-project/releases/charts/gardener/extensions/provider-azure:v1.49.1

Docker Images

• gardener-extension-admission-azure: europe-docker.pkg.dev/gardener-project/releases/gardener/extensions/admission-azure:v1.49.1
• gardener-extension-provider-azure: europe-docker.pkg.dev/gardener-project/releases/gardener/extensions/provider-azure:v1.49.1

v1.48.2

[gardener/gardener-extension-provider-azure]

🐛 Bug Fixes

• [USER] Support legacy CCM service tag key in flow reconciliation by @hebelsan [#1036]

Helm Charts

• admission-azure-application: europe-docker.pkg.dev/gardener-project/releases/charts/gardener/extensions/admission-azure-application:v1.48.2
• admission-azure-runtime: europe-docker.pkg.dev/gardener-project/releases/charts/gardener/extensions/admission-azure-runtime:v1.48.2
• provider-azure: europe-docker.pkg.dev/gardener-project/releases/charts/gardener/extensions/provider-azure:v1.48.2

Docker Images

• gardener-extension-admission-azure: europe-docker.pkg.dev/gardener-project/releases/gardener/extensions/admission-azure:v1.48.2
• gardener-extension-provider-azure: europe-docker.pkg.dev/gardener-project/releases/gardener/extensions/provider-azure:v1.48.2

v1.49.0

[gardener/gardener-extension-provider-azure]

⚠️ Breaking Changes

• [USER] Deprecate DNSRecordConfig object. Please configure the target Azure management API via the provided secret by @kon-angelo [#1018]

✨ New Features

• [USER] Enable extra-create-metadata in csi-provisioner. by @kon-angelo [#1008]

🏃 Others

• [DEPENDENCY] Update go to version 1.23.3 by @hebelsan [#1005]
• [DEPENDENCY] Update gardener/gardener to v1.108.0 by @hebelsan [#1014]
• [OPERATOR] Create bastion vm from the info provided in the cloud profile bastion section by @hebelsan [#948]
• [OPERATOR] Fix an issue where the subnet name was not calculated correctly in the migration to multi-subnet setup by @kon-angelo [#1004]
• [OPERATOR] Updating CSI driver provisioner ClusterRole rules by @hebelsan [#988]
• [OPERATOR] Remove outdated "Basic" SKU loadbalancer migration documentation. by @kon-angelo [#1017]
• [OPERATOR] Remove the duplicate provider type check from the admission webhooks. by @LucaBernstein [#998]
• [OPERATOR] Add NamespacedCloudProfile admission mutation and validation to support custom machine images and types. by @LucaBernstein [#1016]
• [OPERATOR] Added validation to prevent IPv6-only/dual-stack clusters as they are not supported, yet. by @ScheererJ [#993]
• [DEVELOPER] Add gosec as sast makefile target by @hebelsan [#1006]
• [DEVELOPER] Update gardener/gardener to v1.105.0 by @hebelsan [#989]

Helm Charts

• admission-azure-application: europe-docker.pkg.dev/gardener-project/releases/charts/gardener/extensions/admission-azure-application:v1.49.0
• admission-azure-runtime: europe-docker.pkg.dev/gardener-project/releases/charts/gardener/extensions/admission-azure-runtime:v1.49.0
• provider-azure: europe-docker.pkg.dev/gardener-project/releases/charts/gardener/extensions/provider-azure:v1.49.0

Docker Images

• gardener-extension-admission-azure: europe-docker.pkg.dev/gardener-project/releases/gardener/extensions/admission-azure:v1.49.0
• gardener-extension-provider-azure: europe-docker.pkg.dev/gardener-project/releases/gardener/extensions/provider-azure:v1.49.0

v1.48.1

[gardener/gardener-extension-provider-azure]

🐛 Bug Fixes

• [USER] Fix bug in decoding worker machineImages for existing shoots by @kon-angelo [#985]

Helm Charts

• admission-azure-application: europe-docker.pkg.dev/gardener-project/releases/charts/gardener/extensions/admission-azure-application:v1.48.1
• admission-azure-runtime: europe-docker.pkg.dev/gardener-project/releases/charts/gardener/extensions/admission-azure-runtime:v1.48.1
• provider-azure: europe-docker.pkg.dev/gardener-project/releases/charts/gardener/extensions/provider-azure:v1.48.1

Docker Images

• gardener-extension-admission-azure: europe-docker.pkg.dev/gardener-project/releases/gardener/extensions/admission-azure:v1.48.1
• gardener-extension-provider-azure: europe-docker.pkg.dev/gardener-project/releases/gardener/extensions/provider-azure:v1.48.1

v1.48.0

[gardener/gardener-extension-provider-azure]

✨ New Features

• [USER] The provider-azure extension does now support shoot clusters with Kubernetes version 1.31. You should consider the Kubernetes release notes before upgrading to 1.31. by @ialidzhikov [#963]
• [USER] The admission webhook now validates CredentialsBindings. by @dimityrmirchev [#957]
• [USER] Enable support for the field shoot.Spec.CloudProfile alongside shoot.Spec.CloudProfileName and enable the future use of NamespacedCloudProfiles. by @LucaBernstein [#922]

🐛 Bug Fixes

• [OPERATOR] Fix nil pointer dereference if diagnostic profile without given storage URI is used. by @hebelsan [#975]

🏃 Others

• [OPERATOR] Update CCM and CSI-sidecar containers to latest version by @AndreasBurger [#974]
• [OPERATOR] Adds the ability to attach dataDisks with image references by @hebelsan [#891]
• [OPERATOR] The provider-azure extension no longer configures min/maxAllowed in any managed VPA resource. by @AndreasBurger [#973]
• [OPERATOR] Conditionally enable allow-egress-{tcp,udp} loadbalancers. by @kon-angelo [#958]

[gardener/machine-controller-manager-provider-azure]

🏃 Others

• [USER] Golang version upgraded to 1.22.5 by @rishabh-11 [gardener/machine-controller-manager-provider-azure#159]
• [USER] Adds the ability to attach dataDisks with image references by @hebelsan [gardener/machine-controller-manager-provider-azure#165]
• [USER] golangci-lint will now be used as the linter instead of the older golint by @hebelsan [gardener/machine-controller-manager-provider-azure#139]

[gardener/machine-controller-manager]

✨ New Features

• [DEVELOPER] MCM adds the name of the machine to node.gardener.cloud/machine-name label of the corresponding node. by @oliver-goetz [gardener/machine-controller-manager#919]
• [DEVELOPER] MCM replaces the magic string <<MACHINE_NAME>> in user data with the name of the machine when it is bootstrapped. by @oliver-goetz [gardener/machine-controller-manager#919]

🐛 Bug Fixes

• [OPERATOR] Fixed a bug where failure of machine initialization caused label updates to not happen. by @thiyyakat [gardener/machine-controller-manager#940]
• [OPERATOR] Fixed a bug where the Unitialised error code was blocking machine deletion by @rishabh-11 [gardener/machine-controller-manager#928]
• [DEVELOPER] Fixed bug that removed the shoot-- prefix from control cluster namespace for integration tests using the gardener local setup case by @thiyyakat [gardener/machine-controller-manager#935]

🏃 Others

• [OPERATOR] Drain timeout is now correctly honored for Pod eviction during Machine Drain by @sssash18 [gardener/machine-controller-manager#920]
• [OPERATOR] getVMStatus always redirects to InitiateDrain. It also populates the node label on the machine object by checking node.gardener.cloud/machine-name label on the nodes. by @thiyyakat [gardener/machine-controller-manager#940]
• [OPERATOR] golangci-lint will now be used as the linter instead of the older golint by @aaronfern [gardener/machine-controller-manager#929]
• [OPERATOR] Golang version used is now upgraded to 1.22.5 by @aaronfern [gardener/machine-controller-manager#929]
• [DEVELOPER] The following dependencies are updated:
  • k8s.io/* : v0.29.3 -> v0.31.0 by @ary1992 [gardener/machine-controller-manager#938]

📖 Documentation

• [OPERATOR] Broken API doc links are now fixed by @rishabh-11 [gardener/machine-controller-manager#927]

Helm Charts

• admission-azure-application: europe-docker.pkg.dev/gardener-project/releases/charts/gardener/extensions/admission-azure-application:v1.48.0
• admission-azure-runtime: europe-docker.pkg.dev/gardener-project/releases/charts/gardener/extensions/admission-azure-runtime:v1.48.0
• provider-azure: europe-docker.pkg.dev/gardener-project/releases/charts/gardener/extensions/provider-azure:v1.48.0

Docker Images

• gardener-extension-admission-azure: europe-docker.pkg.dev/gardener-project/releases/gardener/extensions/admission-azure:v1.48.0
• gardener-extension-provider-azure: europe-docker.pkg.dev/gardener-project/releases/gardener/extensions/provider-azure:v1.48.0

v1.47.3

[gardener/gardener-extension-provider-azure]

🏃 Others

• [OPERATOR] Do not reconcile user-configured NAT Gateways in the gardener subnet. by @kon-angelo [#979]

Helm Charts

• admission-azure-application: europe-docker.pkg.dev/gardener-project/releases/charts/gardener/extensions/admission-azure-application:v1.47.3
• admission-azure-runtime: europe-docker.pkg.dev/gardener-project/releases/charts/gardener/extensions/admission-azure-runtime:v1.47.3
• provider-azure: europe-docker.pkg.dev/gardener-project/releases/charts/gardener/extensions/provider-azure:v1.47.3

Docker Images

• gardener-extension-admission-azure: europe-docker.pkg.dev/gardener-project/releases/gardener/extensions/admission-azure:v1.47.3
• gardener-extension-provider-azure: europe-docker.pkg.dev/gardener-project/releases/gardener/extensions/provider-azure:v1.47.3