diff --git a/README.md b/README.md index 403fbe6c3..43e5a772d 100644 --- a/README.md +++ b/README.md @@ -16,6 +16,8 @@ to all Giant Swarm installations. - v27 - v27.0 - [v27.0.0](https://github.com/giantswarm/releases/tree/master/capa/v27.0.0) + - v27.1.0 + - [v27.1.0](https://github.com/giantswarm/releases/tree/master/capa/v27.1.0) - v26 - v26.0 - [v26.0.0](https://github.com/giantswarm/releases/tree/master/capa/v26.0.0) diff --git a/capa/kustomization.yaml b/capa/kustomization.yaml index 1443a11e7..02bda3666 100644 --- a/capa/kustomization.yaml +++ b/capa/kustomization.yaml @@ -7,6 +7,7 @@ resources: - v26.0.0 - v26.1.0 - v27.0.0 +- v27.1.0 - v28.0.0 transformers: - releaseNotesTransformer.yaml diff --git a/capa/v27.1.0/README.md b/capa/v27.1.0/README.md new file mode 100644 index 000000000..046c3a790 --- /dev/null +++ b/capa/v27.1.0/README.md @@ -0,0 +1,38 @@ +# :zap: Giant Swarm Release v27.1.0 for CAPA :zap: + +This release updates the apps and components, keeping them up to date with the latest v25 and v26 releases. It also brings improvements for the container registry usage. + +## Change details compared to CAPA 27.0.0 + +### cluster-aws [1.3.0](https://github.com/giantswarm/cluster-aws/releases/tag/v1.3.0) + +#### Changed + +- All workload clusters will by default use Zot registry as a pull-through cache of Azure Container Registry. + +### cert-manager [3.7.9](https://github.com/giantswarm/cert-manager-app/releases/tag/v3.7.9) + +#### Fix +- Remove quotes from acme-http01-solver-image argument. The quotes are used when looking up the image which causes an error. + +#### Update +- Improves container security by setting `runAsGroup` and `runAsUser` greater than zero for all deployments. + +### containerlinux [3815.2.5](https://www.flatcar-linux.org/releases/#release-3815.2.5) + +_Changes since **Stable 3815.2.4**_ + +#### Security fixes: + +- openssh ([CVE-2024-6387](https://nvd.nist.gov/vuln/detail/CVE-2024-6387)) + +#### Updates: + +- Linux ([6.1.96](https://lwn.net/Articles/979851)) +- openssh ([9.7_p1](https://www.openssh.com/txt/release-9.7)) + +### cilium [0.25.1](https://github.com/giantswarm/cilium-app/releases/tag/v0.25.1) + +#### Changed +- Fix regression setting Policy BPF Max map policyMapMax back to 65536 from 16384. +- Upgrade cilium to v1.15.6. diff --git a/capa/v27.1.0/announcement.md b/capa/v27.1.0/announcement.md new file mode 100644 index 000000000..ccf70cbee --- /dev/null +++ b/capa/v27.1.0/announcement.md @@ -0,0 +1 @@ +**Workload cluster release v27.1.0 for CAPA is available**. This release updates the apps and components, keeping them up to date with the latest v25 and v26 releases. It also brings improvements for container registry usage, so now all workload clusters will use Zot registry as a pull-through cache of Azure Container Registry. Further details can be found in the [release notes](https://docs.giantswarm.io/changes/workload-cluster-releases-capa/releases/aws-27.1.0/). \ No newline at end of file diff --git a/capa/v27.1.0/kustomization.yaml b/capa/v27.1.0/kustomization.yaml new file mode 100644 index 000000000..2c64a5163 --- /dev/null +++ b/capa/v27.1.0/kustomization.yaml @@ -0,0 +1,2 @@ +resources: +- release.yaml diff --git a/capa/v27.1.0/release.yaml b/capa/v27.1.0/release.yaml new file mode 100644 index 000000000..42876788a --- /dev/null +++ b/capa/v27.1.0/release.yaml @@ -0,0 +1,122 @@ +apiVersion: release.giantswarm.io/v1alpha1 +kind: Release +metadata: + name: aws-27.1.0 +spec: + apps: + - name: aws-ebs-csi-driver + version: 2.30.1 + dependsOn: + - cloud-provider-aws + - name: aws-ebs-csi-driver-servicemonitors + version: 0.1.0 + dependsOn: + - cert-manager + - name: aws-pod-identity-webhook + version: 1.16.0 + dependsOn: + - cert-manager + - name: capi-node-labeler + version: 0.5.0 + - name: cert-exporter + version: 2.9.0 + dependsOn: + - kyverno + - name: cert-manager + version: 3.7.9 + dependsOn: + - prometheus-operator-crd + - name: chart-operator-extensions + version: 1.1.2 + dependsOn: + - prometheus-operator-crd + - name: cilium + version: 0.25.1 + - name: cilium-crossplane-resources + version: 0.1.0 + - name: cilium-servicemonitors + version: 0.1.2 + dependsOn: + - prometheus-operator-crd + - name: cloud-provider-aws + version: 1.27.7-gs1 + dependsOn: + - vertical-pod-autoscaler-crd + - name: cluster-autoscaler + version: 1.27.3-gs10 + dependsOn: + - kyverno + - name: coredns + version: 1.21.0 + dependsOn: + - cilium + - name: etcd-k8s-res-count-exporter + version: 1.10.0 + dependsOn: + - kyverno + - name: external-dns + version: 3.1.0 + dependsOn: + - prometheus-operator-crd + - name: irsa-servicemonitors + version: 0.0.1 + dependsOn: + - cert-manager + - name: k8s-audit-metrics + version: 0.9.0 + dependsOn: + - kyverno + - name: k8s-dns-node-cache + version: 2.6.2 + dependsOn: + - kyverno + - name: metrics-server + version: 2.4.2 + dependsOn: + - kyverno + - name: net-exporter + version: 1.19.0 + dependsOn: + - prometheus-operator-crd + - name: network-policies + version: 0.1.1 + catalog: cluster + dependsOn: + - cilium + - name: node-exporter + version: 1.19.0 + dependsOn: + - kyverno + - name: observability-bundle + version: 1.3.4 + dependsOn: + - coredns + - name: prometheus-blackbox-exporter + version: 0.4.1 + dependsOn: + - prometheus-operator-crd + - name: security-bundle + version: 1.7.0 + catalog: giantswarm + dependsOn: + - prometheus-operator-crd + - name: teleport-kube-agent + version: 0.9.0 + - name: vertical-pod-autoscaler + version: 5.2.2 + dependsOn: + - prometheus-operator-crd + - name: vertical-pod-autoscaler-crd + version: 3.1.0 + components: + - name: cluster-aws + catalog: cluster + version: 1.3.0 + - name: flatcar + version: 3815.2.5 + - name: flatcar-variant + version: 1.0.0 + - name: kubernetes + version: 1.27.14 + date: "2024-07-30T10:00:00Z" + state: active