v0.14.0

[gardener/gardener-extension-runtime-gvisor]

⚠️ Breaking Changes

• [OPERATOR] runtime-gvisor extension no longer supports Shoots with Кubernetes version == 1.24. by @shafeeqes [#110]

🏃 Others

• [OPERATOR] Fix CVE-2024-0727 by @marwinski [#124]

Docker Images

• gardener-extension-runtime-gvisor-installation: europe-docker.pkg.dev/gardener-project/releases/gardener/extensions/runtime-gvisor-installation:v0.14.0
• gardener-extension-runtime-gvisor: europe-docker.pkg.dev/gardener-project/releases/gardener/extensions/runtime-gvisor:v0.14.0

v0.13.0

[gardener/gardener-extension-runtime-gvisor]

⚠️ Breaking Changes

• [OPERATOR] Change OCI Image Registry from GCR (eu.gcr.io/gardener-project) to Artifact-Registry (europe-docker.pkg.dev/gardener-project/releases). Users should update their references.
  by @ccwienk [#109]

🏃 Others

• [OPERATOR] Update runsc to version 20240115.0 by @danatsap [#113]

Docker Images

• gardener-extension-runtime-gvisor-installation: europe-docker.pkg.dev/gardener-project/releases/gardener/extensions/runtime-gvisor-installation:v0.13.0
• gardener-extension-runtime-gvisor: europe-docker.pkg.dev/gardener-project/releases/gardener/extensions/runtime-gvisor:v0.13.0

v0.12.0

[gardener/gardener-extension-runtime-gvisor]

📰 Noteworthy

• [OPERATOR] The security.gardener.cloud/pod-security-enforce annotation in the ControllerRegistration is set to baseline. With this, the pods running in the extension namespace should comply with baseline pod-security standard. by @dimityrmirchev [#94]

✨ New Features

• [USER] runtime-gvisor extension now supports Shoot Force Deletion. by @shafeeqes [#101]

🏃 Others

• [DEPENDENCY] The following dependency were updated:
  • github.com/gardener/gardener: v1.75.0-> v1.80.1
  • k8s.io/* : v0.26.3 -> v0.28.2
  • sigs.k8s.io/controller-runtime: v0.14.6-> v0.16.2 by @dimityrmirchev [#96]
• [DEPENDENCY] The go version was updated to 1.21.3. by @dimityrmirchev [#96]

Docker Images

gardener-extension-runtime-gvisor-installation: eu.gcr.io/gardener-project/gardener/extensions/runtime-gvisor-installation:v0.12.0
gardener-extension-runtime-gvisor: eu.gcr.io/gardener-project/gardener/extensions/runtime-gvisor:v0.12.0

v0.11.0

[gardener/gardener-extension-runtime-gvisor]

⚠️ Breaking Changes

• [OPERATOR] extension-runtime-gvisor no longer supports Shoots with Кubernetes version < 1.22. by @shafeeqes [#84]

🏃 Others

• [OPERATOR] The Alpine base images for the gVisor installation containers were updated to the latest 3.17.4 version. by @MrBatschner [#85]
• [OPERATOR] The Alpine base images for the gVisor installation containers were updated to the latest 3.18.3 version. by @dependabot[bot] [#89]

v0.10.0

[gardener-extension-runtime-gvisor]

🐛 Bug Fixes

• [OPERATOR] The stale healthcheck conditions from the runtime-gvisor extension are now properly cleaned up. (gardener/gardener-extension-runtime-gvisor#79, @shafeeqes)

🏃 Others

• [OPERATOR] Added NoExecute/NoSchedule tolerations to the gvisor daemonset to prevent reporting of misscheduled pods on node scale-down operations. (gardener/gardener-extension-runtime-gvisor#81, @bd3lage)
• [OPERATOR] The gVisor runtime extension is now built with Golang 1.20 and uses Gardener 1.70.2 libraries. (gardener/gardener-extension-runtime-gvisor#83, @MrBatschner)
• [DEPENDENCY] The following dependency is updated: (gardener/gardener-extension-runtime-gvisor#79, @shafeeqes)
  • github.com/gardener/gardener: v1.65.0 -> v1.65.3

v0.9.1

[gardener-extension-runtime-gvisor]

🐛 Bug Fixes

• [OPERATOR] The stale healthcheck conditions from the runtime-gvisor extension are now properly cleaned up. (gardener/gardener-extension-runtime-gvisor#80, @shafeeqes)

🏃 Others

• [DEPENDENCY] The following dependency is updated: (gardener/gardener-extension-runtime-gvisor#80, @shafeeqes)
  • github.com/gardener/gardener: v1.65.0 -> v1.65.3

v0.9.0

[gardener-extension-runtime-gvisor]

🏃 Others

• [OPERATOR] Removed minAllowed.cpu from all VPA objects (gardener/gardener-extension-runtime-gvisor#74, @voelzmo)
• [OPERATOR] Update gvisor to version 20230227.0 and installation base image to golang:1.19.6 (gardener/gardener-extension-runtime-gvisor#77, @danielfoehrKn)
• [OPERATOR] Adapted extension components to latest network policy improvements in gardener/gardener, see here and #7352 for more information. (gardener/gardener-extension-runtime-gvisor#78, @timuthy)
• [DEPENDENCY] The following dependency is updated: (gardener/gardener-extension-runtime-gvisor#75, @shafeeqes)
  • github.com/gardener/gardener: v1.59.0 -> v1.65.0
  • k8s.io/* : v0.25.0 -> v0.26.1
  • sigs.k8s.io/controller-runtime: v0.13.0-> v0.14.4

v0.8.0

[gardener-extension-runtime-gvisor]

🏃 Others

• [USER] upgrade gVisor binaries to 20230102.0 which now run on cgroup v2 enabled OSes (gardener/gardener-extension-runtime-gvisor#69, @MrBatschner)
• [OPERATOR] runtime-gvisor no longer supports Shoots with Кubernetes version < 1.20. (gardener/gardener-extension-runtime-gvisor#68, @dimitar-kostadinov)

v0.7.0

[gardener-extension-runtime-gvisor]

⚠️ Breaking Changes

• [OPERATOR] runtime-gvisor no longer supports Shoots with Кubernetes version < 1.17. (gardener/gardener-extension-runtime-gvisor#63, @dimitar-kostadinov)

✨ New Features

• [OPERATOR] The extension controller has been adjusted to the high availability configuration supported by Gardener as of release v1.60. See this document for more information about HA in gardener. (gardener/gardener-extension-runtime-gvisor#66, @timuthy)

🐛 Bug Fixes

• [DEVELOPER] A bug that the extension was using wrong version of the installation image when no image vector overwrite is configured is fixed. (gardener/gardener-extension-runtime-gvisor#62, @vpnachev)

🏃 Others

• [OPERATOR] Update alpine version to 3.16.2. (gardener/gardener-extension-runtime-gvisor#64, @ary1992)
• [OPERATOR] Adds a heartbeat controller that creates and renews a Lease resource named gardener-extension-heartbeat in the namespace where the extension controller is deployed. This Lease resource can be used by other controllers to check if the runtime-gvisor extension controller is running. (gardener/gardener-extension-runtime-gvisor#65, @AleksandarSavchev)
• [OPERATOR] The daemonset pods now have their seccomp profiles set to "RuntimeDefault". (gardener/gardener-extension-runtime-gvisor#60, @AleksandarSavchev)
• [DEPENDENCY] Dependency github.com/gardener/gardener is updated v1.53.0 -> v1.59.0. (gardener/gardener-extension-runtime-gvisor#65, @AleksandarSavchev)

v0.6.0

[gardener-extension-runtime-gvisor]

⚠️ Breaking Changes

• [OPERATOR] Please make sure you're running gardener@v1.53 or above before upgrading to this version. (gardener/gardener-extension-runtime-gvisor#56, @shafeeqes)

🐛 Bug Fixes

• [DEVELOPER] An issue causing the integration test execution to fail due to outdated golang version is now fixed. (gardener/gardener-extension-runtime-gvisor#45, @ialidzhikov)

🏃 Others

• [OPERATOR] Updated the alpine base image for the installation pods to 3.16.1. (gardener/gardener-extension-runtime-gvisor#53, @kris94)
• [OPERATOR] Golang version is updated to 1.18.5 (gardener/gardener-extension-runtime-gvisor#53, @kris94)
• [OPERATOR] The following dependency is updated: (gardener/gardener-extension-runtime-gvisor#55, @shafeeqes)
  • github.com/gardener/gardener: v1.45.0 -> v1.53.0
  • k8s.io/* : v0.23.3 -> v0.24.3
  • sigs.k8s.io/controller-runtime: v0.11.1 -> v0.12.1
• [OPERATOR] Published docker images for gvisor are now multi-arch ready. They support linux/amd64 and linux/arm64. (gardener/gardener-extension-runtime-gvisor#57, @acumino)

📰 Noteworthy

• [OPERATOR] This version of gardener-extension-runtime-gvisor requires Gardener v1.50+. (gardener/gardener-extension-runtime-gvisor#48, @kris94)
• [OPERATOR] The extension container now uses distroless as a base image. (gardener/gardener-extension-runtime-gvisor#49, @dimityrmirchev)

Docker Images

extension-runtime-gvisor: eu.gcr.io/gardener-project/gardener/extensions/runtime-gvisor:v0.6.0
gardener-extension-runtime-gvisor-installation: eu.gcr.io/gardener-project/gardener/extensions/runtime-gvisor-installation:v0.6.0