Releases: GoogleCloudPlatform/k8s-config-connector
v1.120.1
-
IAM configuration can now be applied to
PrivateCACAPool
, using our direct-actuation approach. -
You can configure the ConfigConnector operator to roll back to install the v1.119.0 CRDs by specifying
spec.version: 1.119.0
in theConfigConnectorContext
CR (namespaced mode). -
Special shout-outs to @600lyy,@acpana,@barney-s,@coperni,@gemmahou,@hankfreund,@jasonvigil,@justinsb,@maqiuyujoyce,@nancynh,@xiaoweim,@yuwenma,@zicongmei,@ziyue-101 for their contributions to this release.
Direct Cloud Reconciler:
CloudBuildWorkerPool
MonitoringDashboard
Resources promoted from alpha to beta:
CloudBuildWorkerPool
CloudIDSEndpoint
ComputeMangedSSLCertificate
New Fields:
-
AlloyDBInstance
- Added
networkConfig
field to support Public-IP feature.
- Added
-
MonitoringAlertPolicy
- Added
spec.severity
field.
- Added
-
MonitoringDashboard
-
Added
dashboardFilters
support. -
Added
alertChart
widgets. -
Added
collapsibleGroup
widgets. -
Added
pieChart
widgets. -
Added
sectionHeader
widgets. -
Added
singleViewGroup
widgets. -
Added
timeSeriesTable
widgets. -
Added
blankView
toscorecard
widgets. -
Added
dataSets.targetAxis
andy2Axis
fields toxyChart
widgets. -
Added
id
field to all widgets. -
Added
prometheusQuery
andoutputFullDuration
to timeSeriesQuery. -
Added
style
fields to text widgets. -
Added
targetAxis
field to thresholds.
-
-
StorageBucket
- Added
spec.softDeletePolicy
field. - Added
status.observedState.softDeletePolicy
field.
- Added
v1.119.0
- This release adds options to configure the reconciliation of the ConfigConnector
- This release adds several new resources and fields.
- Special shout-outs to @acpana, @anhdle-sso, @barney-s, @cheftako, @gemmahou, @hankfreund, @jasonvigil, @jingyih, @justinsb, @maqiuyujoyce, @varsharmavs, @xiaoweim, @yuwenma, @zicongmei, @ziyue-101 for their
contributions to this release.
New features:
-
Add options to configure the reconciliation of the ConfigConnector controller
- Added a new
ControllerReconciler
CRD (v1alpha1). See example - This feature allows users to customize the client-side kube-apiserver request rate limit.
- Added a new
-
Continue moving towards Direct Actuation as our preferred mechanism.
- The default reconciler now uses Direct Actuation, if the ConfigConnector CRD does not have a
cnrm.cloud.google.com/tf2crd: "true"
orcnrm.cloud.google.com/dcl2crd: "true"
label.
- The default reconciler now uses Direct Actuation, if the ConfigConnector CRD does not have a
New Resources:
CloudBuildWorkerPool
- Added
CloudBuildWorkerPool
(v1alpha1) resource for servicecloudbuild
. - This resource uses Direct Actuation.
- Added
New Fields:
-
ComputeForwardingRule
- Added the
spec.target.serviceAttachmentRef
field, allowing aComputeForwaringRule
to target aComputeServiceAttachment
.
- Added the
-
ContainerCluster
- Added previous output-only spec fields to
status.observedState
- Added
status.observedState.masterAuth.clusterCaCertificate
- Added
status.observedState.privateClusterConfig.privateEndpoint
- Added
status.observedState.privateClusterConfig.publicEndpoint
- Added
- Added previous output-only spec fields to
v1.118.1
-
This release introduces our new direct-reconciliation mechanism to reconcile KCC resources (without relying on terraform). Currently it only applies to
LoggingLogMetric
. -
Special shout-outs to @199201shubhamsahu, @acpana, @anhdle-sso, @barney-s, @cheftako, @gemmahou, @jingyih, @justinsb, @katrielt, @vmiglani, @xiaoweim and @yuwenma for their
contributions to this release.
Direct Cloud Reconciler:
LoggingLogMetric
- This resource no longer depends on Terraform. Its reconciliation is moved to a KCC direct controller.
- This is our very first KCC directly-reconciled resource. We will announce more in the upcoming releases. 🎉🎉🎉
New Resource:
ComputeNetworkFirewallPolicyRule
(alpha)
New Fields:
LoggingLogMetric
- Add the
spec.loggingLogBucketRef
field to support bucket reference.
- Add the
Fixes:
SQLInstance
- Fix the permanent diff bug in
spec.settings.edition
update.
- Fix the permanent diff bug in
v1.117.0
v1.117.0
-
This release improves our support for VertexAI.
-
Special shout-outs to @199201shubhamsahu, @acpana, @anhdle-sso, @barney-s,
@cheftako, @gemmahou, @jingyih, @justinsb, @katrielt, @maqiuyujoyce,
@nicslatts, @xiaoweim, @yuwenma, @zicongmei and @ziyue-101
for their contributions to this release.
Resources promoted from alpha to beta:
-
VertexAIDataSet
- Output fields are now in
status.observedState
. - The KMS key is now specified using a reference:
spec.encryptionSpec.kmsKeyNameRef
- Output fields are now in
-
VertexAIIndex
- Output fields are now in
status.observedState
. - Note that
isCompleteOverwrite
is currently not supported: it is not
obviously compatible with declarative operation.
- Output fields are now in
-
VertexAIEndpoints
- Output fields are now in
status.observedState
. - The KMS key is now specified using a reference:
spec.encryptionSpec.kmsKeyNameRef
- The network is now specified using a reference:
spec.networkRef
- Output fields are now in
New Fields:
- ComputeNetwork
- The
spec.enableUlaInternalIpv6
field is no longer immutable - it can now
be changed without recreating the network.
- The
v1.116.0
- This release includes enhanced support for DNSRecordSet,
enabling advanced configurations such as geo-routing, primary/backup,
and weighted round-robin load-balancing.
New Fields:
-
ContainerCluster
- Added
spec.nodeConfig.linuxNodeConfig.cgroupMode
field.
- Added
-
ContainerNodePool
- Added
spec.nodeConfig.linuxNodeConfig.cgroupMode
field.
- Added
-
DNSRecordSet
- Added
spec.routingPolicy.geo.healthCheckedTargets
field. - Added
spec.routingPolicy.primaryBackup
field. - Added
spec.routingPolicy.wrr
field.
- Added
-
EventArcTrigger
- Added
spec.destination.httpEndpoint
field. - Added
spec.destination.networkConfig
field.
- Added
-
LoggingLogBucket
- Added
spec.enableAnalytics
field.
- Added
v1.115.0
v1.115.0
-
Better support for AlloyDB secondary clusters and instances.
-
Special shout-out to @199201shubhamsahu for their contributions to this release.
New Fields:
-
AlloyDBCluster
- Added
spec.clusterType
field. - Added
spec.deletionPolicy
field. - Added
spec.secondaryConfig
field.
- Added
-
AlloyDBInstance
- Added
spec.instanceTypeRef
field.
- Added
1.114.1
(Version 1.114.0 contained a minor regression discovered after tagging, and was not published; we recommend 1.114.1 instead)
-
Stop merging sensitive fields in SQLInstance and ComputeBackendService
-
Fix resource deletion of
AlloyDBInstance
andEdgeContainerNodePool
when their "parent objects" no longer exist. -
Initial support (alpha stability) for pausing reconciliation, by setting
spec.actuationMode: Paused
in the ConfigConnectorContext. -
Initial support (alpha stability) for defaulting state-into-spec to absent (the recommended setting),
by settingspec.stateIntoSpec: Absent
in the ConfigConnectorContext. -
Experimental "powertools" area of the CLI, containing experimental/dangerous functionality that should not be
part of normal operation, but can sometimes nonetheless be useful. -
Special shout-outs to @Hamzawy63, @hkundag, @katrielt for their
contributions to this release.
Resources promoted from alpha to beta:
When resources are promoted from alpha to beta, we (generally) ensure they follow our best practices: use of refs on fields where appropriate,
output fields from GCP APIs are in status.observedState
.
AccessContextManagerServicePerimeterResource
New Resources:
-
Added support for
ComputeNetworkFirewallPolicyAssociation
(v1beta1) resource. -
Added support for
APIKeysKey
(v1alpha1) resource.
New Fields:
-
BigQueryDataSet
- Added
access[].iamMember
field.
- Added
-
ComputeAddress
- Added
status.observedState.address
field.
- Added
-
ComputeTargetHttpsProxy
- Added
spec.certificateManagerCertificates
field.
- Added
-
DNSRecordSet
- Added
spec.routingPolicy
field.
- Added
-
GKEHubFeatureMembership
- Added
spec.policycontroller
field.
- Added
1.113.0
-
Initial support for status.observedState in ContainerCluster,
ContainerNodePool and RedisInstance; we are trying to encourage use of
cnrm.cloud.google.com/state-into-spec: absent
and eventually
make it the default. Some important resource information (such as the
certificate for connecting to a GKE cluster) is only currently available
in spec, and we recommend instead reading it from observedState
where this is available. We expect to add more fields to observedState
in the future. -
Isolate terraform provider into a git subtree so we can more directly fix
problems. -
Special shout-outs to svwijk@, katrielt@, sofam@, higef@ for their
contributions to this release.
New Resources:
- Added support for
ComputeNetworkFirewallPolicy
(v1beta1) resource. - Added support for
TagsLocationTagBinding
(v1alpha1) resource.
New Fields:
- RunJob (CloudRun Job)
- Added
spec.template.vpcAccess.connectorRef
field.
- Added
1.112.0
- Added support for
AlloyDBUser
(v1beta1) resource. - Added support for
EdgeContainerCluster
(v1beta1) andEdgeContainerNodePool
(v1beta1) resources. - Added support for
EdgeNetworkNetwork
(v1beta1) andEdgeNetworkSubnet
(v1beta1) resources. - Resource BigtableAppProfile(v1beta1):
- Added
spec.standardIsolation
field.
- Added
- Fixed the SecretKeyRef in the Go client. (#598)
1.111.0
- Added support for
ContainerAttachedCluster
(v1beta1) resource. - Added support for
AlloyDBCluster
(v1beta1) resource. - Added support for
AlloyDBInstance
(v1beta1) resource. - Added support for
AlloyDBBackup
(v1beta1) resource. - Added name validation for
ValidatingWebhookConfigurationCustomization
andMutatingWebhookConfigurationCustomization
CRDs. - Added validation for duplicate webhooks in
spec.webhooks
list of the customizableControllerResource
andNamespacedControllerResource
CRDs. - Added errors on invalid webhook names into status of
ValidatingWebhookConfigurationCustomization
andMutatingWebhookConfigurationCustomization
custom resources. - Fixed an reconciliation issue in ComputeManagedSSLCert resource. #107
- Fixed issue of the retrieved maxWorkers in
DataflowFlexTemplateJob
resource - Graduated
ValidatingWebhookConfigurationCustomization
,MutatingWebhookConfigurationCustomization
,ControllerResource
andNamespacedControllerResource
CRDs to v1beta1. - Fixed an issue in
ComputeForwardingRule
resource when used with PSC. #763 - Resource AlloyDBCluster(v1beta1):
- Added
spec.networkConfig
field.
- Added
- Resource ComputeSubnetwork(v1beta1):
- Added
status.internalIpv6Prefix
field.
- Added
- Resource ComputeTargetHTTPSProxy(v1beta1):
- Added
spec.serverTlsPolicyRef
field.
- Added
- Resource ContainerCluster(v1beta1):
- Added
spec.nodeConfig.fastSocket
field.
- Added
- Resource ContainerNodePool(v1beta1):
- Added
spec.nodeConfig.fastSocket
field.
- Added
- Resource NetworkConnectivitySpoke(v1beta1):
- Added
spec.linkedVPCNetwork
field.
- Added
- Resource RunJob(v1beta1):
- Added
spec.template.template.vpcAccess.networkInterfaces
field.
- Added
- Resource RunService(v1beta1):
- Added
spec.template.vpcAccess.networkInterfaces
field.
- Added
- Resource SecretManagerSecretVersion(v1beta1):
- Added
spec.isSecretDataBase64
field.
- Added