Releases: GoogleCloudPlatform/k8s-config-connector
Releases · GoogleCloudPlatform/k8s-config-connector
1.103.0
- Fixed an issue in resource
PrivateCACAPool
to support settingmaxIssuerPathLength
field as 0. - Added support for manual installation in GKE Autopilot.
- Fixed set blockOwnerDeletion failures for OwnerReferencesPermissionEnforcement enabled clusters #797
- Optimized ratelimiter for
IAMPolicyMember
controller to make sure new resources get reconciled timely. - Resource ArtifactRegistryRepository(v1beta1):
- Added
spec.dockerConfig
field.
- Added
- Resource BigQueryDataset(v1beta1):
- Added
spec.defaultCollation
field. - Added
spec.isCaseInsensitive
field.
- Added
- Resource ComputeInstance(v1beta1):
- Added
spec.scratchDisk.items.size
field.
- Added
- Resource ComputeInstanceTemplate(v1beta1):
- Added
status.selfLinkUnique
field.
- Added
- Resource ComputeNetwork(v1beta1):
- Added
spec.networkFirewallPolicyEnforcementOrder
field.
- Added
- Resource ComputeVPNGateway(v1beta1):
- Added
spec.stackType
field.
- Added
- Resource ContainerCluster(v1beta1):
- Added
spec.ipAllocationPolicy.podCidrOverprovisionConfig
field. - Added
spec.ipAllocationPolicy.stackType
field. - Added
spec.nodeConfig.advancedMachineFeatures
field. - Added
spec.nodeConfig.ephemeralStorageLocalSsdConfig
field. - Added
spec.nodeConfig.localNvmeSsdBlockConfig
field.
- Added
- Resource ContainerNodePool(v1beta1):
- Added
spec.networkConfig.podCidrOverprovisionConfig
field. - Added
spec.nodeConfig.advancedMachineFeatures
field. - Added
spec.nodeConfig.ephemeralStorageLocalSsdConfig
field. - Added
spec.nodeConfig.localNvmeSsdBlockConfig
field.
- Added
- Resource PrivateCACAPool(v1beta1):
- Added
spec.issuancePolicy.baselineValues.caOptions.zeroMaxIssuerPathLength
field.
- Added
- Resource PrivateCACertificateAuthority(v1beta1):
- Added
spec.config.x509Config.caOptions.zeroMaxIssuerPathLength
field.
- Added
- Resource StorageTransferJob(v1beta1):
- Added
spec.transferSpec.objectConditions.lastModifiedBefore
field. - Added
spec.transferSpec.objectConditions.lastModifiedSince
field.
- Added
- Added 136 v1alpha1 Google Cloud resource CRDs. See Install instructions for more information.
1.102.0
- Added support for
IAMAccessBoundaryPolicy
resource. - Introduced configurable reconciliation interval feature.
- Switched prometheus-to-sd image from k8s.gcr.io to gke.gcr.io for private GKE cluster #789
- Fixed a bug causing diff detection on
reservedIpRange
inRedisInstance
. - Added
mode
,remoteRepositoryConfig
,virtualRepositoryConfig
fields to
ArtifactRegistryRepository. - Added
scheduling.maintenanceInterval
field toComputeInstance
. - Added
scheduling.maintenanceInterval
field toComputeInstanceTemplate
. - Added
groupPlacementPolicy.maxDistance
field toComputeResourcePolicy
. - Added
deletionPolicy
field toComputeSharedVPCServiceProject
. - Added
protectConfig
field toContainerCluster
. - Added
transferSpec.sinkAgentPoolName
,
transferSpec.sourceAgentPoolName
fields toStorageTransferJob
. - Added
spec.bitbucketServerTriggerConfig
,spec.github.enterpriseConfigResourceNameRef
fields to CloudBuildTrigger. - Added
spec.diskEncryptionKey.rsaEncryptedKey
field to ComputeDisk. - Added
spec.rateLimitOptions.enforceOnKeyConfigs
field to ComputeSecurityPolicy. - Added
spec.kubeletConfig.podPidsLimit
field to ContainerCluster. - Added
spec.kubeletConfig.podPidsLimit
field to ContainerNodePool. - Added
spec.instanceType
field to SQLInstance.
1.101.0
- Disabled fast dependency reconciliation during resource deletion.
- Adjusted default reconciliation interval for the following resources:
BigtableInstance
: 3600 seconds (1 hour)BigtableTable
: 3600 seconds (1 hour)ServiceUsage
: 3600 seconds (1 hour)ComputeSslCertificate
: 0 seconds (This resource does not support any updates, so reconciliation is not useful.)
- Graduated the following resources from
alpha
tostable
:NetworkServicesGateway
,NetworkServicesGRPCRoute
,NetworkServicesHTTPRoute
,NetworkServicesMesh
,NetworkServicesTCPRoute
,NetworkServicesTLSRoute
. - Removed
GameServicesRealm
resource. - Added
spec.externalDataConfiguration.referenceFileSchemaUri
field toBigQueryTable
. - Added
spec.gitFileSource.githubEnterpriseConfigRef
,spec.repositoryEventConfig
andspec.sourceToBuild.githubEnterpriseConfigRef
fields toCloudBuildTrigger
. - Added
spec.edgeSecurityPolicyRef
andspec.localityLbPolicies
fields toComputeBackendService
. - Added
spec.scheduling.maxRunDuration
field toComputeInstance
. - Added
spec.resourcePolicies
andspec.scheduling.maxRunDuration
fields toComputeInstanceTemplate
. - Added
spec.shareSettings
field toComputeNodeGroup
. - Added
spec.tcpTimeWaitTimeoutSec
field toComputeRouterNAT
(#692). - Added
spec.adaptiveProtectionConfig.autoDeployConfig
field toComputeSecurityPolicy
. - Added
spec.bindings.members.memberFrom.serviceIdentityRef
field toIAMPartialPolicy
(#722). - Added
spec.memberFrom.serviceIdentityRef
field toIAMPolicyMember
(#722). - In
SQLInstance
:spec.settings.diskType
is now immutable.- Added
spec.ipConfiguration.enablePrivatePathForGoogleCloudServices
field.
- Fixed a bug that could cause controllers to become stuck on an outdated CRD version.
- Updated optional status fields in Config Connector Go client library to be consistent with optional spec fields. This updates some existing status fields to pointer types and is a breaking change to the Go client library users.
1.100.0
- Added support for
BigQueryRoutine
resource. This resource has been auto-generated and is inalpha
stability (#739). - Added support for
TagsTagBinding
resource. This resource has been auto-generated and is inalpha
stability. - Added support for
PubSubLiteReservation
resource. - Added support for
ServiceIdentity
resource (#728). - Added field
status.generatedId
inComputeBackendService
. - Added field
spec.imagedEncryptionKey
inComputeImage
. - Added fields
spec.disk.sourceImageEncryptionKey
,spec.disk.sourceSnapshotRef
, andspec.disk.sourceSnapshotEncryptionKey
inComputeInstanceTemplate
. - Added field
spec.routerApplianceInstanceRef
inComputeRouterPeer
. - Added field
status.expireTime
inComputeSSLCertificate
. - In
SQLInstance
:- Added fields
spec.settings.deletionProtectionEnabled
andstatus.instanceType
(#748). - Field
spec.settings.sqlServerAuditConfig.bucketRef
is no longer required.
- Added fields
- Supported
IAMPolicy
,IAMPartialPolicy
andIAMPolicyMember
forDNSManagedZone
. abandon-on-uninstall
webhook will now ignore non-Config Connector CRDs (#758).- Extended event-driven reconciliation support to
IAMPolicyMember
.
1.99.0
- Added support for
DataCatalogPolicyTag
resource. This resource has been auto-generated and is inalpha
stability. - Added support for
TagsTagKey
resource. This resource has been auto-generated and is inalpha
stability. - Added support for
TagsTagValue
resource. This resource has been auto-generated and is inalpha
stability. - Fixed export error for
IAMCustomRole
inconfig-connector
CLI with--resource-format=terraform
. - Added fields
spec.configmanagement.oci
andspec.mesh.controlPlane
in GKEHubFeatureMembership. - Added field
spec.skipAwaitRollout
in OSConfigOSPolicyAssignment. - Removed field
spec.authorizationPolicyRef
in NetworkServicesGateway (Alpha). - Added field
spec.deletionPolicy
in BigtableGCPolicy. - Added field
spec.deletionProtection
in BigtableTable. - Added field
spec.cdnPolicy.cacheKeyPolicy.includeHttpHeaders
in ComputeBackendService. - Added fields
spec.privateIpAddressRef
,spec.redundantInterfaceRef
,spec.subnetworkRef
in ComputeRouterInterface. - Added fields
spec.recaptchaOptionsConfig
,spec.rule.headerAction
,spec.rule.preconfiguredWafConfig
in ComputeSecurityPolicy. - Added fields
spec.clusterAutoscaling.autoProvisioningDefaults.management
,spec.clusterAutoscaling.autoProvisioningDefaults.shieldedInstanceConfig
spec.clusterAutoscaling.autoProvisioningDefaults.upgradeSettings
,spec.gatewayApiConfig
,spec.masterAuthorizedNetworksConfig.gcpPublicCidrsAccessEnabled
,spec.nodeConfig.loggingVariant
,spec.nodeConfig.resourceLabels
,spec.nodePoolDefaults.nodeConfigDefaults.loggingVariant
,spec.privateClusterConfig.privateEndpointSubnetworkRef
in ContainerCluster. - Added fields
spec.networkConfig.enablePrivateNodes
,spec.nodeConfig.loggingVariant
,spec.nodeConfig.resourceLabels
,spec.upgradeSettings.blueGreenSettings
,spec.upgradeSettings.stategy
in ContainerNodePool. - Added field
spec.privateVisibilityConfig.gkeClustersRef
in DNSManagedZone. - Added field
spec.mesh.controlPlane
in GKEHubFeatureMembership. - Added field
spec.deletionPolicy
in SQLDatabase. - Added fields
spec.settings.connectorEnforcement
,spec.settings.denyMaintenancePeriod
,spec.settings.insightsConfig.queryPlansPerMinute
in SQLInstance. - Added field
spec.autoclass
in StorageBucket. - Supported the regional
spec.defaultRouteAction.requestMirrorPolicy.backendServiceRef
,spec.defaultRouteAction.weightedBackendServices.backendServiceRef
for the regional ComputeURLMap resources. - Field
spec.labels
in CloudIdentityGroup has become mutable. - Field
spec.ipv6AccessType
in ComputeSubnetwork has become mutable. - Extended faster reconciliation of resources with dependencies to support IAMPartialPolicy.
1.98.0
- Added support for
DataCatalogTaxonomy
resource. This resource has been auto-generated and is inalpha
stability. - Added
spec.maxTimeTravelHours
field toBigQueryDataset
. - Added
spec.build.step.script
field toCloudBuildTrigger
. - Added
spec.sourceDiskRef
andstatus.sourceDiskId
fields toComputeDisk
. - Added
spec.rules
toComputeRouterNAT
. - In
ContainerCluster
:- Added
spec.clusterAutoscaling.autoProvisioningDefaults.diskSize
field. - Fixed
spec.datapathProvider
field and it is now immutable. - Added mutation support to
spec.nodeConfig.tags
field.
- Added
- Added
status.member
field inIAMServiceAccount
. - Fixed
spec.schemaSettings.encoding
field inPubSubTopic
and it is now immutable (#698). - Added
spec.settings.timeZone
field inSQLInstance
.
1.97.0
- Added
spec.gcRules
toBigtableGCPolicy
(#624, #542, #482, #345, #300). - Added
spec.load.jsonExtension
toBigQueryJob
. - Added
spec.externalDataConfiguration.avroOptions
toBigQueryTable
. - Added
spec.compressionMode
toComputeBackendBucket
. - Added
spec.compressionMode
toComputeBackendService
. - Added
spec.advancedOptionsConfig.jsonCustomConfig
to
ComputeSecurityPolicy
. - Added
spec.managementConfig.fullManagementConfig
toConfigControllerInstance
. - Added
spec.nodeConfig.guestAccelerator[].gpuSharingConfig
and
spec.notificationConfig.pubsub.filter
toContainerCluster
. - Added
spec.nodeConfig.guestAccelerator[].gpuSharingConfig
to
ContainerNodePool
. - Added
spec.config.dataprocMetricConfig
,spec.config.gceClusterConfig.confidentialInstanceConfig
,spec.config.gceClusterConfig.shieldedInstanceConfig
,spec.config.masterConfig.diskConfig.localSsdInterface
,spec.config.metastoreConfig.dataprocMetastoreServiceRef
,spec.config.secondaryWorkerConfig.diskConfig.localSsdInterface
,spec.config.securityConfig
,spec.config.workerConfig.diskConfig.localSsdInterface
andspec.virtualClusterConfig
toDataprocCluster
. - Added
spec.cloudLoggingConfig
toDNSManagedZone
. - Added
spec.persistenceConfig
toRedisInstance
. - Added
status.version
toSecretManagerSecretVersion
. - Added
spec.maintenanceVersion
and
status.availableMaintenanceVersions
toSQLInstance
. - Added
spec.passwordPolicy
toSQLUser
. - Added
spec.customPlacementConfig
toStorageBucket
. - Added
spec.notificationConfig
toStorageTransferJob
(#303). - Fixed: Moved
SQLUser
output-only fieldsqlServerUserDetails
from
spec
tostatus
. - Added support for
DLPJobTrigger
resource. - External contributors can now create a dev environment in which they can build and test a local copy of Config Connector. Instructions can be found here.
1.96.0
- Added support for "reconcile resource immediately once its dependency is ready" feature for all remaining resources.
- Added
storageTarget
toBigTableInstance
(#729). - Added
location
andBITBUCKET
support toCloudBuildTrigger
(#672). - Added
visibleCoreCount
toComputeInstance
. - Added
visibleCoreCount
toComputeInstanceTemplate
. - Added
snapshotProperties.chainName
toComputeResourcePolicies
. - Added
chainName
toComputeSnapshot
. - Added
certificateMapRef
toComputeTargetSSLProxy
. - Added
costManagementConfig
,nodePoolDefaults
,serviceExternalIpsConfig
toContainerCluster
. - Added
locationPolicy
,totalMaxNodeCount
,totalMinNodeCount
toContainerNodePool
. - Added
channelRef
andresourceConditions
toEventarcTrigger
. - Added
mesh
toGKEHubFeatureMembership
. - Added
forceDelete
toMonitoringNotificationChannel
. - Removed
labels
fromNetworkServicesGateway
,NetworkServicesGRPCRoute
,NetworkServicesHTTPRoute
,NetworkServicesMesh
, andNetworkServicesTCPRoute
. - Released new controller
unmanaged-detector
. Now if there is no Config Connector controller for a resource's namespace, that resource's status will show as "Unmanaged". - Extended faster reconciliation of resources with dependencies to support
IAMAuditConfig
andIAMPolicy
. - Added support for
DLPInspectTemplate
resource. - Fixed issue with
DataprocCluster
where resource creation was failing with error messageUpdate call failed: error applying desired state: infeasible update: ({true }) would require recreation
(#661).
1.95.0
- Added support for
DLPDeidentifyTemplate
resource. - Added
enableServiceLinks: false
to all the pod configurations in Config Connecor installation bundle. This is to fix the issue users might encounter,standard_init_linux.go:228: exec user process caused: argument list too long
, in Config Connector pods.
1.94.0
- Extended support for value
absent
instate-into-spec
annotation to most Config Connector resources. - Added
spec.memberFrom.sqlInstanceRef
field toIAMPolicyMember
(#689). - Added
spec.bindings[].members[].memberFrom.sqlInstanceRef
field toIAMPartialPolicy
(#689). - Removed the validation on
spec.cluster.numNodes
> 0 inBigtableInstance
(#673). - Added support for major version upgrades to
SQLInstance
(spec.databaseVersion
is now mutable). - Added
spec.nodeConfig.reservationAffinity
toContainerCluster
. - Added
spec.nodePoolAutoConfig
toContainerCluster
. - Added
spec.nodeConfig.reservationAffinity
toContainerNodePool
. - Added
spec.placement.managedCluster.config.gceClusterConfig.shieldedInstanceConfig
toDataprocWorkflow
. - For
NetworkServicesGateway
(alpha):- Updated
spec.authorizationPolicy
tospec.authorizationPolicyRef
. - Updated
spec.serverTlsPolicy
tospec.serverTlsPolicyRef
.
- Updated
- Removed
spec.routers
inNetworkServicsGRPCRoute
(alpha) andNetworkServicsTCPRoute
(alpha). - Removed
spec.routers
andspec.rules.action.originalDestination
inNetworkServicsHTTPRoute
(alpha).