3.49.0

[gardener/garden-setup]

⚠️ Breaking Changes

• [OPERATOR] ⚠️ The previously used cert-manager has been exchanged for the Gardener cert-manager. Simply deploying over an existing landscape won't work with this release. The best idea is probably to remove the old cert-manager first before deploying the new one:

  • manually edit garden-setup and remove all references to cert-manager/* from all components (except the cert-manager components itself)
    • these references can be found under component.imports in the respective component's component.yaml file
  • remove the old cert-manager: sow delete cert-manager/cert cert-manager/solver cert-manager/controller
    • if it complains about some components which depend on the component still being installed, you missed a reference in the first step
  • upgrade garden-setup to this release (which will also revert your changes to the dependencies)
  • deploy everything again: sow deploy -A

  Note that this is will create new certificates for the dashboard ingress.
  This is just a proposal which is likely to work - garden-setup does not support upgrades of existing landscapes and the previously suggested migration path is not tested. by @Diaphteiros [#1076]

✨ New Features

• [OPERATOR] The recommended sow version to use with garden-setup is now 3.8.0. by @Diaphteiros [#1206]
• [OPERATOR] Upgrade Gardener to v1.67.2 by @Diaphteiros [#1202]

🐛 Bug Fixes

• [OPERATOR] Apparently, kubectl version returned a minor version with a + suffix for some k8s implementations, which garden-setup couldn't handle. The k8sversion component, which fetches the cluster versions, now removes this suffix, if it exists. by @Diaphteiros [#1203]

🏃 Others

• [OPERATOR] Upgrade Gardener extension runtime-gvisor to v0.11.0 by @Diaphteiros [#1202]
• [OPERATOR] Upgrade Gardener extension provider-vsphere to v0.31.2 by @Diaphteiros [#1202]
• [OPERATOR] ⚠️ Since Gardener now automatically deploys NetworkPolicy resources into the gardener namespace of a seed - which messes up the communication on the base cluster - the network policies deployed by garden-setup itself had to be modified: if the network policies are activated, garden-setup will now deploy an additional allow-all-ingress policy, allowing all ingress traffic in the base cluster's garden namespace. If the network policies are deactivated, garden-setup instead uses an allow-all policy that simply allows all egress and ingress traffic in the garden namespace. There are no changes required, unless you are actively working with network policies in the base cluster's garden namespace. by @Diaphteiros [#1202]
• [OPERATOR] Upgrade Gardener extension provider-openstack to v1.36.0 by @Diaphteiros [#1202]
• [OPERATOR] Upgrade Gardener extension shoot-cert-service to v1.36.0 by @Diaphteiros [#1202]
• [OPERATOR] Upgrade Gardener cert-manager to v0.11.0 by @Diaphteiros [#1202]
• [OPERATOR] Upgrade Gardener extension shoot-dns-service to v1.38.1 by @Diaphteiros [#1202]
• [OPERATOR] Upgrade Gardener dns-controller-manager to v0.15.8 by @Diaphteiros [#1202]
• [OPERATOR] Upgrade Gardener extension networking-calico to v1.36.0 by @Diaphteiros [#1202]
• [OPERATOR] Upgrade Gardener extension os-gardenlinux to v0.20.0 by @Diaphteiros [#1202]
• [OPERATOR] ⚠️ Due to some changes in Gardener's certificate handling, the ingress certificate changed slightly: instead of just using the wildcard ingress domain as Common Name, it now uses the dashboard's domain as CN and has the wildcard ingress domain configured as SAN. There are no changes required, unless you are interacting with the ingress certificate in some way and rely on its CN value. by @Diaphteiros [#1202]
• [OPERATOR] Upgrade Gardener extension os-ubuntu to v1.22.0 by @Diaphteiros [#1202]
• [OPERATOR] Upgrade Gardener Dashboard to v1.68.2 by @Diaphteiros [#1202]
• [OPERATOR] Upgrade Gardener extension provider-aws to v1.46.0 by @Diaphteiros [#1202]
• [OPERATOR] Default k8s versions and machine image versions have been upgraded. by @Diaphteiros [#1202]
• [OPERATOR] Upgrade Gardener extension provider-gcp to v1.32.0 by @Diaphteiros [#1202]
• [OPERATOR] Upgrade Gardener extension suse-chost to v1.22.0 by @Diaphteiros [#1202]
• [OPERATOR] Upgrade Gardener extension provider-azure to v1.38.1 by @Diaphteiros [#1202]