v1.6.0-rc.1

🚨 This is a RELEASE CANDIDATE. Use it only for testing purposes. If you find any bugs, file an issue.

Highlights

• MachinePools are now supported in ClusterClass Clusters
• Metrics, profiling and other diagnostics are now served securely by default
• Types in ipam.cluster.x-k8s.io have graduated to v1beta1

Deprecation Warning

• The API version v1alpha4 is no longer served in this release.
  • Version migration guide
  • GitHub issue #8038
  • API deprecation details
• The API version v1alpha3 has been completely removed in this release.
• Flag --metrics-bind-addr is deprecated for all controllers

Changes since v1.6.0-rc.0

📈 Overview

• 2 new commits merged
• 1 bug fixed 🐛

🐛 Bug Fixes

• ClusterResourceSet: Requeue after 1 minute if ErrClusterLocked got hit (#9788)

🌱 Others

• e2e: Improve output of exec.KubectlApply (#9761)

More details about the release

⚠️ RELEASE CANDIDATE NOTES ⚠️

👌 Kubernetes version support

• Management Cluster: v1.25.x -> v1.28.x
• Workload Cluster: v1.23.x -> v1.28.x

More information about version support can be found here

Changes since v1.5.0

📈 Overview

• 387 new commits merged
• 6 breaking changes ⚠️
• 15 feature additions ✨
• 35 bugs fixed 🐛

📝 Proposals

• Community meeting: Add proposal for karpenter integration feature group (#9571)

⚠️ Breaking Changes

• API: Remove v1alpha3 API Version (#8997)
• API: Stop serving v1alpha4 API Versions (#8996)
• clusterctl: Improve Context handling in clusterctl (#8939)
• Dependency: Bump to controller-runtime v0.16 (#8999)
• Metrics/Logging: Implement secure diagnostics (metrics, pprof, log level changes) (#9264)

✨ New Features

• API: Add validation to nested ObjectMeta fields (#8431)
• CAPD: Add config maps to CAPD RBAC (#9528)
• CAPD: Add MachinePool Machine implementation to CAPD components (#8842)
• CAPD: Allow adding custom HA proxy config for CAPD load balancer (#8785)
• CAPD: Initialize configmap object before getting it (#9529)
• ClusterClass: Add topology-owned label to MachineHealthChecks. (#9191)
• ClusterClass: Introduce NamingStrategy and allow generating names using go templates (#9340)
• ClusterClass: Update API with ClusterClass MachinePool support (#8820)
• clusterctl: Add RKE2 bootstrap provider to clusterctl (#9720)
• clusterctl: Block move with annotation (#8690)
• IPAM: Promote IPAM types to v1beta1 (#9525)
• MachinePool: Add MachinePool workers support in ClusterClass (#9016)
• MachineSet: Adjust preflight check to allow kubelet version skew of 3 for clusters running v1.28 and above (#9222)
• Release: Add automation to create release branch and tags (#9111)
• Testing/Documentation: V1.28: Prepare quickstart, capd and tests for the new release including kind bump (#9160)

🐛 Bug Fixes

• CAPBK: Certificate paths in cloud-init scripts should not use a platform-dependent path separator (#9167)
• CAPD: Delete container after failed start to work around port allocation issues (#9125)
• CAPD: Fix DockerMachine panic (#9673)
• CI: Fix reporting bug in verify-container-image script (#9676)
• ClusterClass: Fix ClusterClass enqueue for ExtensionConfig (#9133)
• ClusterClass: Topology: fix namingstrategy webhook to not use uppercase characters for testing the template and align unit test to e2e test (#9425)
• clusterctl: Fix provider namespace secret not included in clusterctl move (#9694)
• ClusterResourceSet: Requeue after 1 minute if ErrClusterLocked got hit (#9788)
• Dependency: Bump golang.org/x/net to v0.13.0 (#9121)
• Dependency: Bump to docker v24.0.5-0.20230714235725-36e9e796c6fc (#9038)
• Devtools: Adding metrics container port in tilt-prepare only if it's missing (#9308)
• Devtools: Allow duplicate objects in Tiltfile (#9302)
• Devtools: Change tilt debug base image to golang (#9070)
• Devtools: Fix tilt-prepare leader-elect setting (#9315)
• Devtools: Pin Plantuml version (#9424)
• Devtools: Tilt: ensure .tiltbuild/bin directory is created early enough, add tilt troubleshooting guide (#9165)
• e2e: Drop MachinePools from Dualstack tests (#9477)
• e2e: Fix autoscaler image repo (#9353)
• e2e: Test: pin conformance image to a version which includes a fix for the dualstack tests (#9252)
• KCP: Allow dropping patches KubeadmControlPlane KubeadmConfig (#9698)
• KCP: Allow to drop useExperimentalRetryJoin field from KubeadmControlPlane.kubeadmConfigSpec (#9170)
• KCP: Fix KCP Controller reconcile always return error when workload cluster is unreachable (#9342)
• KCP: Requeue KCP object if ControlPlaneComponentsHealthyCondition is not yet true (#9032)
• Machine: Retry Node delete when CCT is locked (#9570)
• MachineDeployment: MD controller: use regular random suffix for MachineSets, ensure max length 63 (#9298)
• MachineHealthCheck: Fix excessive trace logging in the machine health check controller (#9419)
• MachinePool: Fix bug where MachinePool Machine ownerRefs weren't updating (#9619)
• Release: Alphabetically sorting release tool output (#9055)
• Release: Deduplicating area in pr title in release notes (#9186)
• Release: Fix go install path for kpromo v4.0.4 (#9336)
• Release: Generate warning when release notes can not be generated (#9163)
• Release: Hack/release-notes: ensure relase notes tool can be used for external projects again (#9018)
• Release: Reverts pull request from cahillsf/improve-release-speed (#9465)
• Runtime SDK: Set User Agent for test extension correctly (#9748)
• util: Fix AddAnnotations for unstructured.Unstructured (#9164)

🌱 Others

• API: Add ClusterClass column to Cluster CRD (#9120)
• API: Add verify-import-restrictions to enforce import restrictions (#9407)
• API: Enforce import restrictions in all API packages (#9461)
• API: Ensure we generate all webhook manifests.yaml (#9621)
• API: Move API v1beta1 webhooks to a separate package (#9047)
• API: Move docker infrastructure API v1beta1 webhooks to separate package (#9458)
• API: Move docker infrastructure experimental API v1beta1 webhooks to separate package (#9460)
• API: Move experimental addons API v1beta1 webhooks to separate package (#9438)
• API: Move experimental API v1beta1 webhooks to separate package (#9417)
• API: Move inmemory infrastructure API v1beta1 webhooks to separate package (#9459)
• API: Move Kubeadm API v1beta1 webhooks to separate package (#9410)
• API: Remove files and markers for Kubebuilder (#9344)
• API: Remove reliance on controller-runtime scheme builder (#9045)
• API: Remove reliance on controller-runtime scheme builder for experimental APIs (#9185)
• API: Remove reliance on controller-runtime scheme builder for remaining API groups (#9266)
• API: Remove the dependency on cluster-api/utils from addons API (#9482)
• API: Test and document controller ownerReferences (#9153)
• CAPBK: Remove Kubeadm upstream v1beta1 types (#9345)
• CAPD: Fix multi error handling in RunContainer (#9139)
• CAPD: Set Condition, if creating external LB failed. (#9697)
• CI: Add colored-line-number output for golangci-lint action (#9147)
• CI: Add dependabot for test and hack/tools module (#9041)
• CI: Add exclude for Kustomize API to dependabot config (#9059)
• CI: Add licence-scan for pull requests (#9184)
• CI: Add loggercheck linter and fix findings (#9446)
• CI: Add verify-govulncheck and verify-vulnerabilities targets and integrate to scan action (#9144)
• CI: Bump actions/cache from 3.3.1 to 3.3.2 (#9395)
• CI: Bump actions/checkout from 4.1.0 to 4.1.1 (#9611)
• CI: Bump actions/github-script from 7.0.0 to 7.0.1 (#9738)
• CI: Bump actions/setup-go from 4.0.1 to 4.1.0 (#9187)
• CI: Bump apidiff to v0.7.0 (#9472)
• CI: Bump golangci-lint to v1.54.1 (#9174)
• CI: Bump golangci/golangci-lint-action from 3.6.0 to 3.7.0 (#9261)
• CI: Bump tj-actions/changed-files from 40.1.0 to 40.1.1 (#9714)
• CI: Bump Trivy to v0.45.1 (#9445)
• CI: Fix .golangci.yml comments (#9499)
• CI: Ginkgolinter: forbid focus container (#9320)
• CI: Github: add edited and reopened as triggers for the GH workflow approval (#9259)
• CI: Github: add workflow to auto-approve golangci-lint if ok-to-test label is set (#9244)
• CI: Go.mod reformat to have only two require blocks (#9192)
• CI: Golangci-lint: replace deprecated local-prefixes setting for gci (#9339)
• CI: Make GO_ARCH explicit in verify_containter script (#9341)
• CI: Update actions for 1.5 and make names consistent (#9115)
• CI: Verify plantuml image generation in CI (#9363)
• ClusterCacheTracker: Add separate concurrency flag for cluster cache tracker (#9116)
• ClusterCacheTracker: Ensure Get/List calls are not getting stuck when apiserver is unreachable (#9028)
• ClusterCacheTracker: Fix accessor deletion on health check failure (#9025)
• ClusterClass: Add additional test cases for nested variable defaulting (#9728)
• ClusterClass: Add ownerRefs to BootstrapConfig/InfraMachinePool in classy Clusters (#9389)
• ClusterClass: Embed ssa.FilterObjectInput into HelperOption to remove duplication (#9512)
• ClusterClass: Fix some nits in Cluster topology engine tests (#9464)
• ClusterClass: Improve Cluster variable defaulting/validation errors (#9452)
• ClusterClass: Improve message for TopologyReconciledCondition (#9400)
• ClusterClass: Make ClusterClass generated object names consistent (#9254)
• ClusterClass: Minor fixes for ...

v1.6.0-rc.0

🚨 This is a RELEASE CANDIDATE. Use it only for testing purposes. If you find any bugs, file an issue.

Highlights

• MachinePools are now supported in ClusterClass Clusters
• Metrics, profiling and other diagnostics are now served securely by default
• Types in ipam.cluster.x-k8s.io have graduated to v1beta1

Deprecation Warning

• The API version v1alpha4 is no longer served in this release.
  • Version migration guide
  • GitHub issue #8038
  • API deprecation details
• The API version v1alpha3 has been completely removed in this release.
• Flag --metrics-bind-addr is deprecated for all controller

Changes since v1.6.0-beta.1

📈 Overview

• 53 new commits merged
• 2 feature additions ✨
• 5 bugs fixed 🐛

📝 Proposals

• Documentation: CAEP: Flexible Managed Kubernetes Endpoints (#8500)

✨ New Features

• CAPD: Add MachinePool Machine implementation to CAPD components (#8842)
• clusterctl: Add RKE2 bootstrap provider to clusterctl (#9720)

🐛 Bug Fixes

• CAPD: Fix DockerMachine panic (#9673)
• CI: Fix reporting bug in verify-container-image script (#9676)
• clusterctl: Fix provider namespace secret not included in clusterctl move (#9694)
• KCP: Allow dropping patches KubeadmControlPlane KubeadmConfig (#9698)
• MachinePool: Fix bug where MachinePool Machine ownerRefs weren't updating (#9619)

🌱 Others

• CAPD: Set Condition, if creating external LB failed. (#9697)
• CI: Bump actions/github-script from 7.0.0 to 7.0.1 (#9738)
• CI: Bump tj-actions/changed-files from 40.1.0 to 40.1.1 (#9714)
• ClusterClass: Add additional test cases for nested variable defaulting (#9728)
• clusterctl: Propagate ctx to retryWithExponentialBackoff in clusterctl (#9437)
• Dependency: Bump cert-manager to v1.13.2 (#9653)
• Dependency: Bump cloud.google.com/go/storage from 1.34.1 to 1.35.1 in /hack/tools (#9727)
• Dependency: Bump github.com/docker/docker from 24.0.6+incompatible to 24.0.7+incompatible in /test (#9652)
• Dependency: Bump github.com/fatih/color from 1.15.0 to 1.16.0 (#9681)
• Dependency: Bump github.com/onsi/ginkgo/v2 from 2.13.0 to 2.13.1 (#9716)
• Dependency: Bump github.com/onsi/gomega from 1.29.0 to 1.30.0 (#9717)
• Dependency: Bump github.com/spf13/cobra from 1.7.0 to 1.8.0 (#9679)
• Dependency: Bump Go version to v1.20.11 (#9683)
• Dependency: Bump golang.org/x/oauth2 from 0.13.0 to 0.14.0 (#9715)
• Dependency: Bump golang.org/x/text from 0.13.0 to 0.14.0 (#9680)
• Dependency: Bump golangci-lint to v1.55.2 (#9740)
• Dependency: Bump google.golang.org/api from 0.149.0 to 0.150.0 in /hack/tools (#9691)
• Dependency: Bump opentelemetry to fix CVEs (#9709)
• Dependency: Bump the kubernetes group with 4 updates (#9739)
• Dependency: Bump Trivy to v0.47.0 (#9671)
• Devtools: Allow non-provider Deployments in Tilt (#9404)
• Documentation: Add k3s providers to cluster-api book (#9577)
• Documentation: Fix typo in 'ginkgo' in Makefile (#9654)
• e2e: Add MP timeouts to cluster upgrade tests (#9723)
• e2e: Improve logging for self-hosted e2e test (#9637)
• e2e: Test/conformance: add variables to overwrite parralelization of kubetest runs (#9667)
• IPAM: Add age also to v1beta1 IPAM types (#9729)
• IPAM: Enforce IPAM import alias (#9730)
• KCP: Support admin config for Kubeadm v1.29 (#9682)
• Release: Add adilGhaffarDev to release-team owner alias (#9718)
• Release: Avoid cd'ing into test folders when building Docker images (#9744)
• Release: Bump kubebuilder tools to v0.4.2 (#9665)
• Release: Give permissions for release notes tool to release team (#9563)
• Release: Hack: add weekly update script for Slack (#9343)
• Testing: Add MachinePools to Runtime SDK and Rollout tests (#9703)
• Testing: Add WaitForMachinePoolToBeUpgraded to self-hosted test (#9540)
• Testing: Follow-up fixes: Add MachinePools to Runtime SDK and Rollout tests (#9719)

📖 Additionally, there have been 3 contributions to our documentation and book. (#9559, #9635, #9706)

More details about the release

⚠️ RELEASE CANDIDATE NOTES ⚠️

👌 Kubernetes version support

• Management Cluster: v1.25.x -> v1.28.x
• Workload Cluster: v1.23.x -> v1.28.x

More information about version support can be found here

Changes since v1.5.0

📈 Overview

• 382 new commits merged
• 6 breaking changes ⚠️
• 15 feature additions ✨
• 34 bugs fixed 🐛

📝 Proposals

• Community meeting: Add proposal for karpenter integration feature group (#9571)
• Documentation: Flexible Managed Kubernetes Endpoints (#8500)

⚠️ Breaking Changes

• API: Remove v1alpha3 API Version (#8997)
• API: Stop serving v1alpha4 API Versions (#8996)
• clusterctl: Improve Context handling in clusterctl (#8939)
• Dependency: Bump to controller-runtime v0.16 (#8999)
• Metrics/Logging: Implement secure diagnostics (metrics, pprof, log level changes) (#9264)

✨ New Features

• API: Add validation to nested ObjectMeta fields (#8431)
• CAPD: Add config maps to CAPD RBAC (#9528)
• CAPD: Add MachinePool Machine implementation to CAPD components (#8842)
• CAPD: Allow adding custom HA proxy config for CAPD load balancer (#8785)
• CAPD: Initialize configmap object before getting it (#9529)
• ClusterClass: Add topology-owned label to MachineHealthChecks. (#9191)
• ClusterClass: Introduce NamingStrategy and allow generating names using go templates (#9340)
• ClusterClass: Update API with ClusterClass MachinePool support (#8820)
• clusterctl: Add RKE2 bootstrap provider to clusterctl (#9720)
• clusterctl: Block move with annotation (#8690)
• IPAM: Promote IPAM types to v1beta1 (#9525)
• MachinePool: Add MachinePool workers support in ClusterClass (#9016)
• MachineSet: Adjust preflight check to allow kubelet version skew of 3 for clusters running v1.28 and above (#9222)
• Testing/Documentation: V1.28: Prepare quickstart, capd and tests for the new release including kind bump (#9160)
• Release: Add automation to create release branch and tags (#9111)

🐛 Bug Fixes

• CAPBK: Certificate paths in cloud-init scripts should not use a platform-dependent path separator (#9167)
• CAPD: Delete container after failed start to work around port allocation issues (#9125)
• CAPD: Fix DockerMachine panic (#9673)
• CI: Fix reporting bug in verify-container-image script (#9676)
• ClusterClass: Fix ClusterClass enqueue for ExtensionConfig (#9133)
• ClusterClass: Topology: fix namingstrategy webhook to not use uppercase characters for testing the template and align unit test to e2e test (#9425)
• clusterctl: Fix provider namespace secret not included in clusterctl move (#9694)
• Dependency: Bump golang.org/x/net to v0.13.0 (#9121)
• Dependency: Bump to docker v24.0.5-0.20230714235725-36e9e796c6fc (#9038)
• Devtools: Adding metrics container port in tilt-prepare only if it's missing (#9308)
• Devtools: Allow duplicate objects in Tiltfile (#9302)
• Devtools: Change tilt debug base image to golang (#9070)
• Devtools: Fix tilt-prepare leader-elect setting (#9315)
• Devtools: Pin Plantuml version (#9424)
• Devtools: Tilt: ensure .tiltbuild/bin directory is created early enough, add tilt troubleshooting guide (#9165)
• Documentation: Fix doctoc detection in verify-doctoc.sh (#9112)
• e2e: Drop MachinePools from Dualstack tests (#9477)
• e2e: Fix autoscaler image repo (#9353)
• e2e: Test: pin conformance image to a version which includes a fix for the dualstack tests (#9252)
• KCP: Allow dropping patches KubeadmControlPlane KubeadmConfig (#9698)
• KCP: Allow to drop useExperimentalRetryJoin field from KubeadmControlPlane.kubeadmConfigSpec (#9170)
• KCP: Fix KCP Controller reconcile always return error when workload cluster is unreachable (#9342)
• KCP: Requeue KCP object if ControlPlaneComponentsHealthyCondition is not yet true (#9032)
• Machine: Retry Node delete when CCT is locked (#9570)
• MachineDeployment: MD controller: use regular random suffix for MachineSets, ensure max length 63 (#9298)
• MachineHealthCheck: Fix excessive trace logging in the machine health check controller (#9419)
• MachinePool: Fix bug where MachinePool Machine ownerRefs weren't updating (#9619)
• Release: Alphabetically sorting release tool output (#9055)
• Release: Deduplicating area in pr title in release notes (#9186)
• Release: Fix go install path for kpromo v4.0.4 (#9336)
• Release: Generate warning when release notes can not be generated (#9163)
• Release: Hack/release-notes: ensure relase notes tool can be used for external projects again (#9018)
• Release: Reverts pull request from cahillsf/improve-release-speed (#9465)
• util: Fix AddAnnotations for unstructured.Unstructured (#9164)

🌱 Others

• API: Add ClusterClass column to Cluster CRD (#9120)
• API: Add verify-import-restrictions to enforce import restrictions (#9407)
• API: Enforce import restrictions in all API packages (#9461)
• API: Ensure we generate all webhook manifests.yaml (#9621)
• API: Move API v1beta1 webhooks to a separate package (#9047)
• API: Move docker infrastructure experimental API v1beta1 webhooks to sepa… (#9460)
• API: Move docker infrastructure API v1beta1 webhooks to separate package (#9458)
• API: Move experimental addons API v1beta1 webhooks to separate package (#9438)
• API: Move experimental API v1beta1 webhooks to separate package (#9417)
• API: Move inmemory infrastructure API v1beta1 webh...

v1.6.0-beta.1

🚨 This is a BETA RELEASE. Use it only for testing purposes. If you find any bugs, file an issue.

Highlights

• MachinePools are now supported in ClusterClass Clusters
• Metrics, profiling and other diagnostics are now served securely by default
• Types in ipam.cluster.x-k8s.io have graduated to v1beta1

Deprecation Warning

• The API version v1alpha4 is no longer served in this release.
  • Version migration guide
  • GitHub issue #8038
  • API deprecation details
• The API version v1alpha3 has been completely removed in this release.
• Flag --metrics-bind-addr is deprecated for all controllers

Changes since v1.6.0-beta.0

📈 Overview

• 14 new commits merged

📝 Proposals

• Community meeting: Add proposal for karpenter integration feature group (#9571)

🌱 Others

• API: Ensure we generate all webhook manifests.yaml (#9621)
• CI: Bump tj-actions/changed-files from 39.2.4 to 40.0.0 (#9641)
• Dependency: Bump github.com/go-logr/logr from 1.2.4 to 1.3.0 (#9644)
• Dependency: Bump github.com/onsi/gomega from 1.28.1 to 1.29.0 (#9643)
• Dependency: Bump go.etcd.io/etcd/api/v3 from 3.5.9 to 3.5.10 (#9642)
• Dependency: Bump go.etcd.io/etcd/client/v3 from 3.5.9 to 3.5.10 (#9646)
• Dependency: Bump golang.org/grpc to v1.59.0 (#9626)
• Dependency: Bump sigs.k8s.io/yaml from 1.3.0 to 1.4.0 (#9645)
• Release: Capitalize area prefix in release notes by default (#9614)

📖 Additionally, there have been 3 contributions to our documentation and book. (#9565, #9590, #9613)

More details about the release

⚠️ BETA RELEASE NOTES ⚠️

👌 Kubernetes version support

• Management Cluster: v1.25.x -> v1.28.x
• Workload Cluster: v1.23.x -> v1.28.x

More information about version support can be found here

Changes since v1.5.0

📈 Overview

• 326 new commits merged
• 6 breaking changes ⚠️
• 13 feature additions ✨
• 29 bugs fixed 🐛

📝 Proposals

• Community-meeting: Add proposal for karpenter integration feature group (#9571)

⚠️ Breaking Changes

• API: Remove v1alpha3 API Version (#8997)
• API: Stop serving v1alpha4 API Versions (#8996)
• clusterctl: Improve Context handling in clusterctl (#8939)
• Dependency: Bump to controller-runtime v0.16 (#8999)
• Metrics/Logging: Implement secure diagnostics (metrics, pprof, log level changes) (#9264)

✨ New Features

• API: Add validation to nested ObjectMeta fields (#8431)
• CAPD: Add config maps to CAPD RBAC (#9528)
• CAPD: Allow adding custom HA proxy config for CAPD load balancer (#8785)
• CAPD: Initialize configmap object before getting it (#9529)
• ClusterClass: Add topology-owned label to MachineHealthChecks. (#9191)
• ClusterClass: Introduce NamingStrategy and allow generating names using go templates (#9340)
• ClusterClass: Update API with ClusterClass MachinePool support (#8820)
• clusterctl: Block move with annotation (#8690)
• IPAM: Promote IPAM types to v1beta1 (#9525)
• MachinePool: Add MachinePool workers support in ClusterClass (#9016)
• MachineSet: Adjust preflight check to allow kubelet version skew of 3 for clusters running v1.28 and above (#9222)
• Testing/Documentation: V1.28: Prepare quickstart, capd and tests for the new release including kind bump (#9160)
• Release: Add automation to create release branch and tags (#9111)

🐛 Bug Fixes

• CAPBK: Certificate paths in cloud-init scripts should not use a platform-dependent path separator (#9167)
• CAPD: Delete container after failed start to work around port allocation issues (#9125)
• ClusterClass: Fix ClusterClass enqueue for ExtensionConfig (#9133)
• ClusterClass: Topology: fix namingstrategy webhook to not use uppercase characters for testing the template and align unit test to e2e test (#9425)
• Dependency: Bump golang.org/x/net to v0.13.0 (#9121)
• Dependency: Bump to docker v24.0.5-0.20230714235725-36e9e796c6fc (#9038)
• Devtools: Adding metrics container port in tilt-prepare only if it's missing (#9308)
• Devtools: Allow duplicate objects in Tiltfile (#9302)
• Devtools: Change tilt debug base image to golang (#9070)
• Devtools: Fix tilt-prepare leader-elect setting (#9315)
• Devtools: Pin Plantuml version (#9424)
• Devtools: Tilt: ensure .tiltbuild/bin directory is created early enough, add tilt troubleshooting guide (#9165)
• Documentation: Fix doctoc detection in verify-doctoc.sh (#9112)
• e2e: Drop MachinePools from Dualstack tests (#9477)
• e2e: Fix autoscaler image repo (#9353)
• e2e: Test: pin conformance image to a version which includes a fix for the dualstack tests (#9252)
• KCP: Allow to drop useExperimentalRetryJoin field from KubeadmControlPlane.kubeadmConfigSpec (#9170)
• KCP: Fix KCP Controller reconcile always return error when workload cluster is unreachable (#9342)
• KCP: Requeue KCP object if ControlPlaneComponentsHealthyCondition is not yet true (#9032)
• Machine: Retry Node delete when CCT is locked (#9570)
• MachineDeployment: MD controller: use regular random suffix for MachineSets, ensure max length 63 (#9298)
• MachineHealthCheck: Fix excessive trace logging in the machine health check controller (#9419)
• Release: Alphabetically sorting release tool output (#9055)
• Release: Deduplicating area in pr title in release notes (#9186)
• Release: Fix go install path for kpromo v4.0.4 (#9336)
• Release: Generate warning when release notes can not be generated (#9163)
• Release: Hack/release-notes: ensure relase notes tool can be used for external projects again (#9018)
• Release: Reverts pull request from cahillsf/improve-release-speed (#9465)
• util: Fix AddAnnotations for unstructured.Unstructured (#9164)

🌱 Others

• API: Add ClusterClass column to Cluster CRD (#9120)
• API: Add verify-import-restrictions to enforce import restrictions (#9407)
• API: Enforce import restrictions in all API packages (#9461)
• API: Ensure we generate all webhook manifests.yaml (#9621)
• API: Move API v1beta1 webhooks to a separate package (#9047)
• API: Move docker infrastructure experimental API v1beta1 webhooks to sepa… (#9460)
• API: Move docker infrastructure API v1beta1 webhooks to separate package (#9458)
• API: Move experimental addons API v1beta1 webhooks to separate package (#9438)
• API: Move experimental API v1beta1 webhooks to separate package (#9417)
• API: Move inmemory infrastructure API v1beta1 webhooks to separate package (#9459)
• API: Move Kubeadm API v1beta1 webhooks to separate package (#9410)
• API: Remove files and markers for Kubebuilder (#9344)
• API: Remove reliance on controller-runtime scheme builder (#9045)
• API: Remove reliance on controller-runtime scheme builder for experimental APIs (#9185)
• API: Remove reliance on controller-runtime scheme builder for remaining API groups (#9266)
• API: Remove the dependency on cluster-api/utils from addons API (#9482)
• API: Test and document controller ownerReferences (#9153)
• CAPBK: Remove Kubeadm upstream v1beta1 types (#9345)
• CAPD: Fix multi error handling in RunContainer (#9139)
• CI: Add colored-line-number output for golangci-lint action (#9147)
• CI: Add dependabot for test and hack/tools module (#9041)
• CI: Add exclude for Kustomize API to dependabot config (#9059)
• CI: Add licence-scan for pull requests (#9184)
• CI: Add loggercheck linter and fix findings (#9446)
• CI: Add verify-govulncheck and verify-vulnerabilities targets and integrate to scan action (#9144)
• CI: Bump actions/cache from 3.3.1 to 3.3.2 (#9395)
• CI: Bump actions/checkout from 4.1.0 to 4.1.1 (#9611)
• CI: Bump actions/setup-go from 4.0.1 to 4.1.0 (#9187)
• CI: Bump apidiff to v0.7.0 (#9472)
• CI: Bump golangci-lint to v1.54.1 (#9174)
• CI: Bump golangci/golangci-lint-action from 3.6.0 to 3.7.0 (#9261)
• CI: Bump tj-actions/changed-files from 39.2.4 to 40.0.0 (#9641)
• CI: Bump Trivy to v0.45.1 (#9445)
• CI: Fix .golangci.yml comments (#9499)
• CI: Ginkgolinter: forbid focus container (#9320)
• CI: Github: add edited and reopened as triggers for the GH workflow approval (#9259)
• CI: Github: add workflow to auto-approve golangci-lint if ok-to-test label is set (#9244)
• CI: Go.mod reformat to have only two require blocks (#9192)
• CI: Golangci-lint: replace deprecated local-prefixes setting for gci (#9339)
• CI: Make GO_ARCH explicit in verify_containter script (#9341)
• CI: Update actions for 1.5 and make names consistent (#9115)
• CI: Verify plantuml image generation in CI (#9363)
• ClusterCacheTracker: Add separate concurrency flag for cluster cache tracker (#9116)
• ClusterCacheTracker: Ensure Get/List calls are not getting stuck when apiserver is unreachable (#9028)
• ClusterCacheTracker: Fix accessor deletion on health check failure (#9025)
• ClusterClass: Add ownerRefs to BootstrapConfig/InfraMachinePool in classy Clusters (#9389)
• ClusterClass: Embed ssa.FilterObjectInput into HelperOption to remove duplication (#9512)
• ClusterClass: Fix some nits in Cluster topology engine tests (#9464)
• ClusterClass: Improve Cluster variable defaulting/validation errors (#9452)
• ClusterClass: Improve message for TopologyReconciledCondition (#9400)
• ClusterClass: Make ClusterClass generated object names consistent (#9254)
• ClusterClass: Minor fixes for CC+MP implementation (#9318)
• clusterctl: Check resource blocking clusterctl move during discovery (#9246)
• clusterctl: Use goproxy to chec...

v1.6.0-beta.0

🚨 This is a BETA release. Use it only for testing purposes. If you find any bugs, file an issue.

Highlights

• MachinePools are now supported in ClusterClass Clusters
• Metrics, profiling and other diagnostics are now served securely by default
• Types in ipam.cluster.x-k8s.io have graduated to v1beta1

Deprecation Warning

• The API version v1alpha4 is no longer served in this release.
  • Version migration guide
  • GitHub issue #8038
  • API deprecation details
• The API version v1alpha3 has been completely removed in this release.
• Flag --metrics-bind-addr is deprecated for all controllers

More details about the release

⚠️ BETA RELEASE NOTES ⚠️

👌 Kubernetes version support

• Management Cluster: v1.25.x -> v1.28.x
• Workload Cluster: v1.23.x -> v1.28.x

More information about version support can be found here

Changes since v1.5.0

📈 Overview

• 310 new commits merged
• 6 breaking changes ⚠️
• 13 feature additions ✨
• 28 bugs fixed 🐛

⚠️ Breaking Changes

• API: Remove v1alpha3 API Version (#8997)
• API: Stop serving v1alpha4 API Versions (#8996)
• clusterctl: Improve Context handling in clusterctl (#8939)
• Dependency: Bump to controller-runtime v0.16 (#8999)
• Metrics/Logging: Implement secure diagnostics (metrics, pprof, log level changes) (#9264)

✨ New Features

• API: Add validation to nested ObjectMeta fields (#8431)
• CAPD: Add config maps to CAPD RBAC (#9528)
• CAPD: Allow adding custom HA proxy config for CAPD load balancer (#8785)
• CAPD: Initialize configmap object before getting it (#9529)
• ClusterClass: Add topology-owned label to MachineHealthChecks. (#9191)
• ClusterClass: Introduce NamingStrategy and allow generating names using go templates (#9340)
• ClusterClass: Update API with ClusterClass MachinePool support (#8820)
• clusterctl: Block move with annotation (#8690)
• IPAM: Promote IPAM types to v1beta1 (#9525)
• MachinePool: Add MachinePool workers support in ClusterClass (#9016)
• MachineSet: Adjust preflight check to allow kubelet version skew of 3 for clusters running v1.28 and above (#9222)
• Release: Add automation to create release branch and tags (#9111)
• Testing/documentation: V1.28: Prepare quickstart, capd and tests for the new release including kind bump (#9160)

🐛 Bug Fixes

• CAPBK: Certificate paths in cloud-init scripts should not use a platform-dependent path separator (#9167)
• CAPD: Delete container after failed start to work around port allocation issues (#9125)
• ClusterClass: Fix ClusterClass enqueue for ExtensionConfig (#9133)
• ClusterClass: Topology: fix namingstrategy webhook to not use uppercase characters for testing the template and align unit test to e2e test (#9425)
• Dependency: Bump golang.org/x/net to v0.13.0 (#9121)
• Dependency: Bump to docker v24.0.5-0.20230714235725-36e9e796c6fc (#9038)
• Devtools: Adding metrics container port in tilt-prepare only if it's missing (#9308)
• Devtools: Allow duplicate objects in Tiltfile (#9302)
• Devtools: Change tilt debug base image to golang (#9070)
• Devtools: Fix tilt-prepare leader-elect setting (#9315)
• Devtools: Pin Plantuml version (#9424)
• Devtools: Tilt: ensure .tiltbuild/bin directory is created early enough, add tilt troubleshooting guide (#9165)
• e2e: Drop MachinePools from Dualstack tests (#9477)
• e2e: Fix autoscaler image repo (#9353)
• e2e: Test: pin conformance image to a version which includes a fix for the dualstack tests (#9252)
• KCP: Allow to drop useExperimentalRetryJoin field from KubeadmControlPlane.kubeadmConfigSpec (#9170)
• KCP: Fix KCP Controller reconcile always return error when workload cluster is unreachable (#9342)
• KCP: Requeue KCP object if ControlPlaneComponentsHealthyCondition is not yet true (#9032)
• Machine: Retry Node delete when CCT is locked (#9570)
• MachineDeployment: MD controller: use regular random suffix for MachineSets, ensure max length 63 (#9298)
• MachineHealthCheck: Fix excessive trace logging in the machine health check controller (#9419)
• Release: Alphabetically sorting release tool output (#9055)
• Release: Deduplicating area in pr title in release notes (#9186)
• Release: Fix go install path for kpromo v4.0.4 (#9336)
• Release: Generate warning when release notes can not be generated (#9163)
• Release: Hack/release-notes: ensure relase notes tool can be used for external projects again (#9018)
• Release: Reverts pull request from cahillsf/improve-release-speed (#9465)
• util: Fix AddAnnotations for unstructured.Unstructured (#9164)

🌱 Others

• API: Add ClusterClass column to Cluster CRD (#9120)
• API: Add verify-import-restrictions to enforce import restrictions (#9407)
• API: Enforce import restrictions in all API packages (#9461)
• API: Move API v1beta1 webhooks to a separate package (#9047)
• API: Move docker infrastructure experimental API v1beta1 webhooks to sepa… (#9460)
• API: Move docker infrastructure API v1beta1 webhooks to separate package (#9458)
• API: Move experimental addons API v1beta1 webhooks to separate package (#9438)
• API: Move experimental API v1beta1 webhooks to separate package (#9417)
• API: Move inmemory infrastructure API v1beta1 webhooks to separate package (#9459)
• API: Move Kubeadm API v1beta1 webhooks to separate package (#9410)
• API: Remove files and markers for Kubebuilder (#9344)
• API: Remove reliance on controller-runtime scheme builder (#9045)
• API: Remove reliance on controller-runtime scheme builder for experimental APIs (#9185)
• API: Remove reliance on controller-runtime scheme builder for remaining API groups (#9266)
• API: Remove the dependency on cluster-api/utils from addons API (#9482)
• API: Test and document controller ownerReferences (#9153)
• CAPBK: Remove Kubeadm upstream v1beta1 types (#9345)
• CAPD: Fix multi error handling in RunContainer (#9139)
• CI: Add colored-line-number output for golangci-lint action (#9147)
• CI: Add dependabot for test and hack/tools module (#9041)
• CI: Add exclude for Kustomize API to dependabot config (#9059)
• CI: Add licence-scan for pull requests (#9184)
• CI: Add loggercheck linter and fix findings (#9446)
• CI: Add verify-govulncheck and verify-vulnerabilities targets and integrate to scan action (#9144)
• CI: Bump actions/cache from 3.3.1 to 3.3.2 (#9395)
• CI: Bump actions/checkout from 4.1.0 to 4.1.1 (#9611)
• CI: Bump actions/setup-go from 4.0.1 to 4.1.0 (#9187)
• CI: Bump apidiff to v0.7.0 (#9472)
• CI: Bump golangci-lint to v1.54.1 (#9174)
• CI: Bump golangci/golangci-lint-action from 3.6.0 to 3.7.0 (#9261)
• CI: Bump tj-actions/changed-files from 39.2.2 to 39.2.4 (#9610)
• CI: Bump Trivy to v0.45.1 (#9445)
• CI: Fix .golangci.yml comments (#9499)
• CI: Ginkgolinter: forbid focus container (#9320)
• CI: Github: add edited and reopened as triggers for the GH workflow approval (#9259)
• CI: Github: add workflow to auto-approve golangci-lint if ok-to-test label is set (#9244)
• CI: Go.mod reformat to have only two require blocks (#9192)
• CI: Golangci-lint: replace deprecated local-prefixes setting for gci (#9339)
• CI: Make GO_ARCH explicit in verify_containter script (#9341)
• CI: Update actions for 1.5 and make names consistent (#9115)
• CI: Verify plantuml image generation in CI (#9363)
• ClusterCacheTracker: Add separate concurrency flag for cluster cache tracker (#9116)
• ClusterCacheTracker: Ensure Get/List calls are not getting stuck when apiserver is unreachable (#9028)
• ClusterCacheTracker: Fix accessor deletion on health check failure (#9025)
• ClusterClass: Add ownerRefs to BootstrapConfig/InfraMachinePool in classy Clusters (#9389)
• ClusterClass: Embed ssa.FilterObjectInput into HelperOption to remove duplication (#9512)
• ClusterClass: Fix some nits in Cluster topology engine tests (#9464)
• ClusterClass: Improve Cluster variable defaulting/validation errors (#9452)
• ClusterClass: Improve message for TopologyReconciledCondition (#9400)
• ClusterClass: Make ClusterClass generated object names consistent (#9254)
• ClusterClass: Minor fixes for CC+MP implementation (#9318)
• clusterctl: Check resource blocking clusterctl move during discovery (#9246)
• clusterctl: Use goproxy to check version in clusterctl (#9237)
• clusterctl: Use http get to download files from GitHub in clusterctl (#9236)
• Dependency: Bump cert-manager to v1.13.1 (#9505)
• Dependency: Bump cloud.google.com/go/storage from 1.32.0 to 1.33.0 in /hack/tools (#9423)
• Dependency: Bump controller tools to v1.13.0 (#9221)
• Dependency: Bump controller-runtime to v0.16.3 (#9592)
• Dependency: Bump conversion-gen to v0.28 (#9267)
• Dependency: Bump corefile-migration library to v1.0.21 (#9307)
• Dependency: Bump docker to v24.0.5 (#9064)
• Dependency: Bump envtest binaries to 1.28 (#9268)
• Dependency: Bump github.com/blang/semver to v4 (#9189)
• Dependency: Bump github.com/docker/distribution (#9544)
• Dependency: Bump github.com/docker/docker from 24.0.5+incompatible to 24.0.6+incompatible in /test (#9377)
• Dependency: Bump github.com/emicklei/go-restful/v3 from 3.10.2 to 3.11.0 in /test (#9272)
• Dependency: Bump github.com/evanphx/json-patch/v5 from 5.6.0 to 5.7.0 (#9397)
• Dependency: Bump github.com/google/go-cmp from 0.5.9 to 0.6.0 (#9562)
• Dependency: Bump github.com/onsi/ginkgo/v2 from 2.12.1 to 2.13.0 (#9533)
• Dependency: Bump github.com/onsi/gomega ...

v1.5.3

👌 Kubernetes version support

• Management Cluster: v1.24.x -> v1.28.x
• Workload Cluster: v1.22.x -> v1.28.x

More information about version support can be found here

Changes since v1.5.2

📈 Overview

• 10 new commits merged
• 2 bugs fixed 🐛

🐛 Bug Fixes

• e2e: Fix broken e2e test clusterclass (#9504)
• Machine: Retry Node delete when CCT is locked (#9582)

🌱 Others

• Dependency: Bump cert-manager to v1.13.1 (#9507)
• Dependency: Bump Go to v1.20.10 (#9552)
• Dependency: Bump go.opentelemetry.io/* dependencies (#9599)
• Dependency: Bump golang.org/x/net to v0.17.0 (#9595)
• e2e: Add log level for kube components patch to ClusterClass (#9501)
• Release: Improve release staging build speed (#9555)

📖 Additionally, there have been 2 contributions to our documentation and book. (#9518, #9596)

Note: Due to an issue in our build the test-extension arm64 & s390x images contain the CAPD binary. The issue has been resolved and the v1.5.4 images will have the correct binary again.

Thanks to all our contributors! 😊

v1.4.8

👌 Kubernetes version support

• Management Cluster: v1.23.x -> v1.27.x
• Workload Cluster: v1.21.x -> v1.27.x

More information about version support can be found here

Changes since v1.4.7

📈 Overview

• 7 new commits merged
• 2 bugs fixed 🐛

🐛 Bug Fixes

• Machine: Retry Node delete when CCT is locked (#9583)
• Machine: Revert ErrClusterLocked check in Machine controller (#9588)

🌱 Others

• Dependency: Bump cert-manager to v1.13.1 (#9508)
• Dependency: Bump Go to v1.20.10 (#9553)
• Dependency: Bump golang.org/x/net to v0.17.0 (#9594)
• Release: Improve release staging build speed (#9554)

📖 Additionally, there has been 1 contribution to our documentation and book. (#9597)

Thanks to all our contributors! 😊

v1.5.2

👌 Kubernetes version support

• Management Cluster: v1.24.x -> v1.28.x
• Workload Cluster: v1.22.x -> v1.28.x

More information about version support can be found here

Changes since v1.5.1

---

📈 Overview

• 19 new commits merged
• 1 feature addition ✨
• 4 bugs fixed 🐛

✨ New Features

• ClusterClass: Introduce NamingStrategy and allow generating names using go templates (#9428)

🐛 Bug Fixes

• e2e: Fix autoscaler image repo (#9357)
• KCP: Fix KCP Controller reconcile always return error when workload cluster is unreachable (#9449)
• MachineHealthCheck: Fix excessive trace logging in the machine health check controller (#9426)
• Testing: Don't use v1alpha3 in clusterctl upgrade test (#9412)

🌱 Others

• ClusterClass: Improve Cluster variable defaulting/validation errors (#9479)
• ClusterClass: Improve message for TopologyReconciledCondition (#9401)
• Dependency: Bump cert-manager to v1.13.0 (#9413)
• Dependency: Bump to Go 1.20.8 (#9383)
• e2e: Bump autoscaler to v1.28.0 (#9351)
• KCP: Remove redundant GetRESTConfig in KCP Management.GetWorkloadCluster (#9451)
• Runtime SDK: Improve ClusterClass watch for ExtensionConfigs (#9356)

📖 Additionally, there have been 6 contributions to our documentation and book. (#9365, #9430, #9435, #9466, #9470, #9491)

Thanks to all our contributors! 😊

v1.4.7

👌 Kubernetes version support

• Management Cluster: v1.23.x -> v1.27.x
• Workload Cluster: v1.21.x -> v1.27.x

More information about version support can be found here

Changes since v1.4.6

---

📈 Overview

• 10 new commits merged
• 2 bugs fixed 🐛

🐛 Bug Fixes

• KCP: Fix KCP Controller reconcile always return error when workload cluster is unreachable (#9450)
• MachineHealthCheck: Fix excessive trace logging in the machine health check controller (#9427)

🌱 Others

• Dependency: Bump cert-manager to v1.13.0 (#9414)
• Dependency: Bump to Go 1.20.8 (#9432)
• KCP: Remove redundant GetRESTConfig in KCP Management.GetWorkloadCluster (#9453)

📖 Additionally, there have been 3 contributions to our documentation and book. (#9366, #9431, #9492)

Thanks to all our contributors! 😊

v1.5.1

👌 Kubernetes version support

• Management Cluster: v1.24.x -> v1.28.x
• Workload Cluster: v1.22.x -> v1.28.x

More information about version support can be found here

Changes since v1.5.0

---

📈 Overview

• 35 new commits merged
• 2 feature additions ✨
• 10 bugs fixed 🐛

✨ New Features

• MachineSet: Adjust preflight check to allow kubelet version skew of 3 for clusters running v1.28 and above (#9233)
• Testing/documentation: v1.28: Prepare quickstart, capd and tests for the new release including kind bump (#9225)

🐛 Bug Fixes

• CAPBK: Certificate paths in cloud-init scripts should not use a platform-dependent path separator (#9230)
• CAPD: Delete container after failed start to work around port allocation issues (#9130)
• ClusterClass: Add topology-owned label to MachineHealthChecks. (#9204)
• ClusterClass: Fix ClusterClass enqueue for ExtensionConfig (#9137)
• Devtools: Fix tilt-prepare leader-elect setting (#9316)
• e2e: Pin conformance image to a version which includes a fix for the dualstack tests (#9256)
• KCP: Allow unsetting useExperimentalRetryJoin field from KubeadmControlPlane (#9202)
• MachineDeployment: MD controller: use regular random suffix for MachineSets, ensure max length 63 (#9329)
• util: Fix AddAnnotations for unstructured.Unstructured (#9176)

🌱 Others

• CAPD: Fix multi error handling in RunContainer (#9243)
• CI: Add verify-govulncheck and verify-vulnerabilities targets and integrate to scan action (#9179)
• CI: Update base branch for link checker (#9207)
• clusterctl: Set controller-runtime logger for clusterctl (#9129)
• clusterctl: Update cert-manager to v1.12.3 (#9198)
• Dependency: Bump controller-runtime to v0.15.1 (#9127)
• Dependency: Bump corefile-migration library to v1.0.21 (#9309)
• Dependency: Bump envtest binaries to 1.28 (#9304)
• Dependency: Bump golang.org/x/net to v0.13.0 (#9122)
• Dependency: Bump to Go 1.20.7 (#9105)
• e2e: Add back flavor to Waiter interface (#9177)
• e2e: Add CRS re-reconcile to ownerReference test (#9301)
• e2e: Add test for ownerReference apiVersion update (#9297)
• e2e: Refactor e2e ownerRef test utils (#9314)
• e2e: Test and document controller ownerReferences (#9303)
• logging: Fix patch errors not being logged (#9234)

📖 Additionally, there have been 8 contributions to our documentation and book. (#9332, #9226, #9205, #9238, #9154, #9117, #9090, #9082)

Thanks to all our contributors! 😊

v1.4.6

👌 Kubernetes version support

• Management Cluster: v1.23.x -> v1.27.x
• Workload Cluster: v1.21.x -> v1.27.x

More information about version support can be found here

Changes since v1.4.5

---

📈 Overview

• 20 new commits merged
• 9 bugs fixed 🐛

🐛 Bug Fixes

• CAPBK: Certificate paths in cloud-init scripts should not use a platform-dependent path separator (#9231)
• CAPD: Delete container after failed start to work around port allocation issues (#9131)
• ClusterClass: Add topology-owned label to MachineHealthChecks. (#9203)
• ClusterClass: Fix ClusterClass enqueue for ExtensionConfig (#9138)
• Devtools: Fix tilt-prepare leader-elect setting (#9317)
• KCP: Allow unsetting useExperimentalRetryJoin field from KubeadmControlPlane (#9201)
• MachineDeployment: MD controller: use regular random suffix for MachineSets, ensure max length 63 (#9330)
• util: Fix AddAnnotations for unstructured.Unstructured (#9178)

🌱 Others

• CAPD: Fix multi error handling in RunContainer (#9242)
• CI: Add verify-govulncheck and verify-vulnerabilities targets and integrate to scan action (#9180)
• CI: Update base branch for link checker (#9206)
• Dependency: Bump corefile-migration library to v1.0.21 (#9310)
• Dependency: Bump golang.org/x/net to v0.13.0 (#9123)
• Dependency: Bump to Go 1.19.12 (#9106)
• Dependency: Update cert-manager to v1.12.3 (#9199)
• logging: Fix patch errors not being logged (#9235)

📖 Additionally, there have been 4 contributions to our documentation and book. (#9333, #9245, #9155, #9118)

Thanks to all our contributors! 😊