Update cluster-api & capd-manager to v1.12.4 (main) (minor) (!5217) · Merge requests · Sylva-projects / sylva-core

This MR contains the following updates:

Package	Type	Update	Change
gcr.io/k8s-staging-cluster-api/capd-manager	Kustomization	minor	`v1.10.10` -> `v1.12.4`
kubernetes-sigs/cluster-api		minor	`v1.10.10` -> `v1.12.4`
kubernetes-sigs/cluster-api	Kustomization	minor	`v1.10.10` -> `v1.12.4`

⚠️ Warning

Some dependencies could not be looked up. Check the Dependency Dashboard for more information.

Release Notes

kubernetes-sigs/cluster-api (kubernetes-sigs/cluster-api)

`v1.12.4`

Compare Source

👌 Kubernetes version support

Management Cluster: v1.31.x -> v1.35.x
Workload Cluster: v1.29.x -> v1.35.x

More information about version support can be found here

Highlights

Starting from this release ReconcilerRateLimiting feature also requires PriorityQueue to be enabled. This ensures that ReconcilerRateLimiting works consistently with controller runtime ExponentialBackoff.

Changes since v1.12.3

📈 Overview

17 new commits merged
9 bugs fixed 🐛

🐛 Bug Fixes

CAPD: Fix "Failed to exec DockerMachine bootstrap" errors in CAPD (#13451)
CI: Bump trivy to v0.69.2 to fix CI (#13388)
Cluster: Fix panic in Cluster conversion (#13384)
ClusterClass/KCP/MachineSet/MachineDeployment: Implement mitigation for managedFields issue with SSA in apiserver (#13355)
ClusterClass: Fix upgradePlan computation in GetUpgradePlanFromClusterClassVersions (#13471)
Dependency: Bump dependencies to fix CVE GO-2026-4394 (go.opentelemetry.io/otel/sdk pkg) (#13377)
e2e: Only retry creating objects that failed (#13430)
Machine/MachineSet/MachineDeployment: Fix UpToDate calculation for rolloutAfter (#13406)
util: Fix exponential backoff with ReconcilerRateLimiting (#13427)

🌱 Others

API: Relax validation for Machine .status.addresses to maximum of 256 instead of 128 items (#13399)
CAPD: Implement pause for DockerMachinePool (#13448)
clusterctl: Bump cert-manager v1.19.4 (#13381)
Dependency: Bump cloudflare/circl (#13438)
Dependency: Bump go v1.25.8 (#13432)
e2e: Add retry in test framework when getting manifest YAMLs (#13358)
e2e: Bump autoscaler version used for testing to v1.35.0 (#13375)
e2e: Improve condition if CAPD Machine is not yet ready for bootstrap exec (#13468)

Dependencies

Added

github.com/cenkalti/backoff/v5: v5.0.3
gonum.org/v1/gonum: v0.16.0

Changed

cloud.google.com/go/compute/metadata: v0.6.0 → v0.9.0
github.com/GoogleCloudPlatform/opentelemetry-operations-go/detectors/gcp: v1.26.0 → v1.30.0
github.com/cloudflare/circl: v1.6.1 → v1.6.3
github.com/cncf/xds/go: 2f00578 → 0feb691
github.com/envoyproxy/go-control-plane/envoy: v1.32.4 → v1.35.0
github.com/envoyproxy/go-control-plane: v0.13.4 → 75eaa19
github.com/go-jose/go-jose/v4: v4.0.4 → v4.1.3
github.com/golang/glog: v1.2.4 → v1.2.5
github.com/grpc-ecosystem/grpc-gateway/v2: v2.26.3 → v2.27.7
github.com/spiffe/go-spiffe/v2: v2.5.0 → v2.6.0
go.opentelemetry.io/auto/sdk: v1.1.0 → v1.2.1
go.opentelemetry.io/contrib/detectors/gcp: v1.34.0 → v1.38.0
go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp: v0.58.0 → v0.65.0
go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracegrpc: v1.34.0 → v1.40.0
go.opentelemetry.io/otel/exporters/otlp/otlptrace: v1.34.0 → v1.40.0
go.opentelemetry.io/otel/metric: v1.35.0 → v1.40.0
go.opentelemetry.io/otel/sdk/metric: v1.34.0 → v1.40.0
go.opentelemetry.io/otel/sdk: v1.34.0 → v1.40.0
go.opentelemetry.io/otel/trace: v1.35.0 → v1.40.0
go.opentelemetry.io/otel: v1.35.0 → v1.40.0
go.opentelemetry.io/proto/otlp: v1.5.0 → v1.9.0
golang.org/x/crypto: v0.45.0 → v0.47.0
golang.org/x/mod: v0.29.0 → v0.31.0
golang.org/x/net: v0.47.0 → v0.49.0
golang.org/x/oauth2: v0.33.0 → v0.34.0
golang.org/x/sync: v0.18.0 → v0.19.0
golang.org/x/sys: v0.38.0 → v0.40.0
golang.org/x/telemetry: 078029d → 8fff8a5
golang.org/x/term: v0.37.0 → v0.39.0
golang.org/x/text: v0.31.0 → v0.33.0
golang.org/x/tools: v0.38.0 → v0.40.0
google.golang.org/genproto/googleapis/api: a0af3ef → 8636f87
google.golang.org/genproto/googleapis/rpc: a0af3ef → 8636f87
google.golang.org/grpc: v1.72.3 → v1.78.0
google.golang.org/protobuf: v1.36.7 → v1.36.11
sigs.k8s.io/structured-merge-diff/v6: v6.3.0 → d9cc664

Removed

github.com/zeebo/errs: v1.4.0

Thanks to all our contributors! 😊

`v1.12.3`

Compare Source

👌 Kubernetes version support

Management Cluster: v1.31.x -> v1.35.x
Workload Cluster: v1.29.x -> v1.35.x

More information about version support can be found here

Changes since v1.12.2

📈 Overview

7 new commits merged
1 feature addition ✨
2 bugs fixed 🐛

✨ New Features

KCP: Bump coredns/corefile-migration to v1.0.30 (#13294)

🐛 Bug Fixes

e2e: Add wait-resource-versions-{become,remain}-stable intervals to e2e config (#13328)
Misc: Fix bug while setting status for deprecated fields (#13344)

🌱 Others

clusterctl: Update cert-manager to v1.19.3 (#13314)
clusterctl: Update to cert-manager v1.19.2 (#13278)
Dependency: Go bump 1.24.13 (#13324)

📖 Additionally, there has been 1 contribution to our documentation and book. (#13261)

Dependencies

Added

Nothing has changed.

Changed

github.com/coredns/corefile-migration: v1.0.29 → v1.0.30

Removed

Nothing has changed.

Thanks to all our contributors! 😊

`v1.12.2`

Compare Source

👌 Kubernetes version support

Management Cluster: v1.31.x -> v1.35.x
Workload Cluster: v1.29.x -> v1.35.x

More information about version support can be found here

Changes since v1.12.1

📈 Overview

14 new commits merged
4 bugs fixed 🐛

🐛 Bug Fixes

API: Fix v1beta1 ControlPlane contract to handle .status.initialized correctly (#13188)
ClusterClass: Allow adding spec via ClusterClass JSON patches (#13226)
Runtime SDK: Improve client cert/key rotation of the RuntimeSDK client (#13217)
Testing: Fix webhook envtest tests for Kubernetes < v1.35 (#13172)

🌱 Others

CI: Use env test 1.35.0 (#13169)
ClusterClass: Improve topology diff (#13173)
Dependency: Bump Go to v1.24.12 (#13241)
Dependency: Bump to controller-runtime v0.22.5 (#13246)
KCP: Remove the ControlPlaneKubeletLocalMode for kubeadm 1.36 later (#13211)
MachineHealthCheck: Decrease verbosity for MHC log entry (#13203)

📖 Additionally, there have been 4 contributions to our documentation and book. (#13197, #13198, #13208, #13219)

Dependencies

Added

Nothing has changed.

Changed

k8s.io/api: v0.34.2 → v0.34.3
k8s.io/apiextensions-apiserver: v0.34.2 → v0.34.3
k8s.io/apimachinery: v0.34.2 → v0.34.3
k8s.io/apiserver: v0.34.2 → v0.34.3
k8s.io/client-go: v0.34.2 → v0.34.3
k8s.io/code-generator: v0.34.2 → v0.34.3
k8s.io/component-base: v0.34.2 → v0.34.3
k8s.io/kms: v0.34.2 → v0.34.3
sigs.k8s.io/controller-runtime: v0.22.4 → v0.22.5

Removed

Nothing has changed.

Thanks to all our contributors! 😊

`v1.12.1`

Compare Source

👌 Kubernetes version support

Management Cluster: v1.31.x -> v1.35.x
Workload Cluster: v1.29.x -> v1.35.x

More information about version support can be found here

Highlights

Support for Kubernetes v1.35

Changes since v1.12.0

📈 Overview

8 new commits merged
1 bug fixed 🐛

🐛 Bug Fixes

KCP/MachineSet: Preserve existing object names for backward compatibility with pre-v1.7 in-place updates (#13147)

🌱 Others

CI: Bump Kubernetes version used for testing to v1.35.0-rc.1 (#13139)
e2e: Bump kind to v0.31.0 (#13163)
e2e: Bump Kubernetes version used for testing to v1.35.0 (#13161)
e2e: Bump to etcd-v3.6.6-0 (#13145)

📖 Additionally, there have been 3 contributions to our documentation and book. (#13141, #13154, #13160)

Dependencies

Added

Nothing has changed.

Changed

Nothing has changed.

Removed

Nothing has changed.

Thanks to all our contributors! 😊

`v1.12.0`

Compare Source

👌 Kubernetes version support

Management Cluster: v1.31.x -> v1.34.x
Workload Cluster: v1.29.x -> v1.34.x

More information about version support can be found here

Highlights

Bumped to Go 1.24, controller-runtime v0.22, k8s.io/* v0.34, controller-gen v0.19
In-place updates
- Cluster API introduces support for update extensions allowing users to execute changes on existing machines without deleting the machines and creating a new one.
- Both KCP and Machine deployments support in-place updates based on the new update extension
- Can be enabled with the new InPlaceUpdates feature gate
- More details can be found in the proposal
Chained upgrades
- Clusters using managed topologies can now upgrade by more than one minor Kubernetes version by performing chained and efficient upgrades.
- Upgrade plan will be computed using Kubernetes version from the ClusterClass or by calling a new runtimeExtension (also defined in the ClusterClass)
- Existing lifecycle hooks have been adapted to the new workflow, new lifecycle hooks have been introduced to allow granular control of the upgrade steps.
- More details can be found in the proposal
MachineHealthCheck: Add support for checking Machine conditions (#12827)
Machine: First part of the Taint propagation proposal (Machine/MachineSet/MachineDeployment) (#12936, #12966)
- Feature tracking issue
- Can be enabled with the new MachineTaintPropagation feature gate
KCP/CABPK: Add EncryptionAlgorithm field to Kubeadmconfig to support keys generated with RSA-3072, RSA-4096, ECDSA-P256, ECDSA-P384 (#12859)
Introduce ReconcilerRateLimiting feature (#13006)
- Can be enabled with the new ReconcilerRateLimiting feature gate
- Rate-limits all reconcilers to at most 1 request per second

Note: Cluster API is only supported on conformant Kubernetes Clusters and contract-relevant provider resources (e.g. InfraCluster) have to be implemented as CRDs (i.e. not via an aggregated apiserver).

Other changes

clusterctl: Add conditions filter for clusterctl describe (#12991)
clusterctl: clusterctl move blocks when Cluster or ClusterClass is paused (#12786)
KCP: Enable websocket dialer with fallback to spdy (for communication with etcd) (#12902)
Runtime SDK: Add defensive response status checking in runtime client (#12898)
Improved logging across several controllers
Improved e2e test coverage, e.g.: CAPD: Add scale from/to 0 support for CAPD (#12572)
New providers in clusterctl: HCP (#12800) control plane provider, Metal3 IPAM provider (#12756), metal-stack infrastructure provider (#12925)

Deprecation and Removals Warning

ClusterResourceSet: Remove deprecated ClusterResourceSet feature gate (#12950)
Reminder: v1alpha3 & v1alpha4 will be removed in CAPI v1.13 (they are already not served since a while)
Reminder: v1beta1 is on track to be unserved in CAPI v1.14
- Reminder: Provider should start implementing the v1beta2 contract ASAP.

For additional details for providers, please take a look at Cluster API v1.11 compared to v1.12.

Changes since v1.11.0

📈 Overview

298 new commits merged
5 breaking changes ⚠️
42 feature additions ✨
42 bugs fixed 🐛

⚠️ Breaking Changes

CI: Improve KAL config docs for forbidding OpenAPI defaulting (#12869)
clusterctl: Block move when Cluster or ClusterClass is paused (#12786)
Dependency: Bump to controller-runtime v0.22 & controller-tools v0.19 (#12634)
Runtime SDK: Improve chained upgrade observability (#12973)
Runtime SDK: Make the AfterClusterUpgrade hook blocking (#12984)

✨ New Features

API/Machine/MachineSet/MachineDeployment: Machine related API changes, conversion and feature gate (#12936)
CABPK: Add EncryptionAlgorithm to Kubeadmconfig (#12859)
CAPD: Add scale from/to 0 support for CAPD (#12572)
CI: Bump autoscaler to a9cb59f (#12643)
CI: Bump Kubernetes in tests to v1.34.0 and claim support for v1.34 (#12699)
ClusterCache/KCP: Deprecate GetClientCertificatePrivateKey and stop using it in KCP (#12846)
ClusterCache: Add GetUncachedClient() (#12803)
ClusterClass: Add .spec.upgrade.external.generateUpgradePlanExtension field to ClusterClass (#12809)
ClusterClass: Add types and hook for GenerateUpgradePlan (#12823)
ClusterClass: Additional validation in Cluster/ClusterClass webhook for chained upgrades (#12816)
ClusterClass: Call GenerateUpgradePlanRequest Runtime Extension (#12903)
ClusterClass: Implement core logic for chained upgrades (#12726)
clusterctl: Add conditions filter for clusterctl describe (#12991)
Control-plane: Add new control-plane provider HCP (#12800)
e2e: Bump Kubernetes version used for testing to v1.34.0-rc.1 (#12623)
e2e: Bump Kubernetes version used for testing to v1.34.0-rc.2 (#12658)
e2e: Bump Kubernetes version used for testing to v1.35.0-beta.0 (#13029)
e2e: Change RuntimeSDK e2e test ClusterClass to use GenerateUpgradePlan extension (#12955)
e2e: Implement e2e test for in-place updates (#12938)
KCP/CABPK/CI: Bump KAL to pick up latest requiredfields linter, add Min/MaxLength to BootstrapToken (#12563)
KCP/MachineSet: Refactor BootstrapConfig/InfraMachine managedFields for in-place (#12890)
KCP: Bump coredns/corefile-migration to v1.0.28 (#12748)
KCP: Bump coredns/corefile-migration to v1.0.29 (#12862)
KCP: Bump corefile-migration to v1.0.27 (#12636)
KCP: Compare ClusterConfiguration via KubeadmConfig instead of annotation on Machine (#12758)
KCP: Extend rollout logic for in-place updates (#12840)
KCP: Implement CanUpdateMachine (#12857)
KCP: Implement trigger in-place update (#12897)
Machine: Add in-place updates support for machine controller (#12831)
MachineDeployment: Add in-place to rollout planner (#12865)
MachineDeployment: Implement CanUpdateMachineSet (#12965)
MachineHealthCheck: Add support for checking Machine conditions in MachineHealthCheck (#12827)
Misc: Add inplace updates featuregate (#12755)
Misc: Improve logs, errors and conditions (#12992)
Misc: Introduce & use wait for cache utils (#12957)
Misc: Introduce reconciler rate-limiting and hook caching (#13006)
Runtime SDK/IPAM/MachinePool: Cleanup exp packages (#12651)
Runtime SDK: Add in-place update hooks to API (#12343)
Runtime SDK: Add lifecycle hooks for chained-upgrade (#12878)
Runtime SDK: Call new lifecycle hooks for chained-upgrades (#12891)
Runtime SDK: Ensure ExtensionConfig controller can be used outside of the core provider (#12754)
Runtime SDK: Implement GenerateUpgradePlan handler (#12927)

🐛 Bug Fixes

API: Only try to convert infraRefs if they are set (#12686)
API: Register conversion funcs in schemes (#12687)
CABPK: Always use latest apiVersion when getting owner of KubeadmConfig in CABPK (#12685)
CAPD: CAPD on rootless podman (#12941)
CAPD: Fix the format error of healthCheck in test templates (#12787)
CAPD: Remove finalizers during deletion if ownerRef was never set (#12675)
CAPD: Run CAPD conversion tests in CI (#12583)
CAPIM: Eliminate data race in DialContext (#12778)
ClusterClass/MachinePool: Fix MP error in desired state calculation during Cluster creation (#12607)
ClusterClass: Do not overwrite global http.DefaultClient TLSConfig (#13063)
ClusterClass: Ensure holder field path in GeneratePatchRequest is set based on contract (#12684)
ClusterClass: Fix field paths in ClusterClass compatibility validation errors (#12660)
ClusterClass: Fix wait for cache in reconcile_state.go (#13032)
ClusterClass: Stop adding conversion-data annotation to Cluster object (#12719)
ClusterClass: Stop writing zero values for spec.controlPlaneEndpoint to ControlPlane objects (#12958)
clusterctl: Removing Ready/Available prefix from STATUS Column (#12729)
clusterctl: Verify providers need upgrade before applying (#12753)
Devtools: Fix kube-state-metrics deployment (#13024)
e2e: Do not require kubetest configration if not needed (#12948)
e2e: Fix autoscaler e2e test flake (#12613)
e2e: Fix e2e test issues introduced by chained upgrades (#12766)
e2e: Fix objects with Changed Resource Versions flake (#12848)
e2e: Fix upgrade runtimesdk test (#12833)
e2e: Fix WaitForMachinesReady interval (#13051)
e2e: Increase reconcile timeout for DockerMachine (#13099)
e2e: Propagate clusterctl variables for cluster upgrades (#12949)
KCP: Fix ControlPlaneComponentHealthCheckSeconds validation in KubeadmConfigSpec.Validate (#12609)
KCP: Fix conversion issue in KubeadmControlPlaneTemplate with rolloutStrategy.type (#12608)
KCP: Fix KCP KubeadmConfig isJoin detection (#13035)
KCP: Grant delete permissions to Secrets. (#13097)
Machine/MachinePool: Fix MachinePool nodeRef UID mismatch after K8s upgrade (#12392)
Machine/MachineSet: Use MachineSet template values in completeMoveMachine for in-place updates (#13085)
MachineDeployment: Fix race conditions ScaleDownOldMS (#12812)
MachineDeployment: Fix race conditions ScaleDownOldMS OnDelete (#12830)
MachineDeployment: Fix rollout with unavailable machines (#13020)
Runtime SDK: Export ExtensionConfig webhook (#12598)
Testing/e2e: Fix unit test flakes, improve clusterctl download error in e2e tests (#13056)
Testing: Fix flaky TestFuzzyConversion (Cluster) test (#12618)
Testing: Fix flaky TestReconcileMachinePhases unit test (#12616)
Testing: Fix flaky TestReconcileState unit test (#12617)
Testing: Fix KubeadmConfig fuzz test flake (#12679)
util: Fix a panic in conditions.Delete method if the sources condition list is empty (#13053)

🌱 Others

API: Relax validation for Machine .status.addresses to maximum of 128 instead of 32 items (#13090)
Autoscaling: Bump autoscaler in e2e tests to v1.33.1 (#12790)
CABPK: Migrate from Requeue to RequeueAfter in CABPK (#12988)
CAPD: Cleanup CAPD exp packages (#12672)
CAPD: Recreate container if we re-enter reconciliation and it exists but is not running (#12923)
CI: Add OpenAPI defaulting detection for KubeadmConfig by using forbiddenmarkers (#12851)
CI: Block FIXME comments (#12772)
CI: Bump golangci-lint v2.7.0 (#13109)
CI: Bump KAL & add nodurations linter (#12743)
CI: Bump KAL & add nonullable and forbiddenmarkers linter (#12724)
CI: Bump KAL & drop schemaless excludes (#12646)
CI: Bump KAL, adjust excludes (#12650)
CI: Bump Kube API Linter version (#12974)
CI: Bump Kubernetes version used for testing to v1.35.0-rc.0 (#13105)
CI: Bump softprops/action-gh-release from 2.4.2 to 2.5.0 in the all-github-actions group (#13094)
CI: Bump to golangci-linter version to v2.4.0 (#12703)
CI: Update metrics configuration to v1beta2 (#12642)
Cluster: Allow >1 minor version upgrades if generateUpgradePlan extension is defined (#12979)
Cluster: Simplify Cluster webhook (#12895)
ClusterClass: Add input validations for desired state generator function (#12655)
ClusterClass: Improve topology reconciled condition (#13002)
clusterctl: Add metal-stack infrastructure provider (#12925)
clusterctl: Add Metal3 as an IPAMProvider (#12756)
clusterctl: Allow metadata.yaml's Kind to be empty (#12714)
clusterctl: Bump cert-manager to v1.19.0 (#12828)
clusterctl: Bump cert-manager to v1.19.1 (#12873)
clusterctl: Bumping tablewriter to v1.0.9 - latest (#12781)
clusterctl: Show Available condition for CP (#12759)
ClusterResourceSet: Remove deprecated ClusterResourceSet feature gate (#12950)
Dependency: Bump github.com/go-viper/mapstructure/v2 to fix CVE (#12677)
Dependency: Bump Go to v1.24.10 (#12962)
Dependency: Bump Go to v1.24.11 (#13111)
Dependency: Bump Go to v1.24.6 (#12611)
Dependency: Bump go to v1.24.7 (#12733)
Dependency: Bump Go to v1.24.8 (#12826)
Dependency: Bump Go to v1.24.9 (#12867)
Dependency: Bump golang.org/x/crypto to v0.45 to fix CVE (#13036)
Dependency: Bump to envtest v1.34.0 (#12702)
Devtools: Drop ALL groups in tilt (#13001)
Devtools: Extend CR dashboard to handle capi_reconcile metrics (#13040)
Devtools: Promtail to alloy migration (#11945)
Documentation/MachinePool: Add structure for area/machinepool ownership in OWNERS files (#13018)
e2e: Add quickstart e2e test with v1beta1 with ClusterClass and RuntimeSDK (#12577)
e2e: Bump autoscaler in e2e tests to v1.34.0 (#12806)
e2e: Bump autoscaler version used for testing to v1.34.2 (#13104)
e2e: Bump pause image in e2e tests to 3.10.1 (default for Kubernetes v1.34) (#12731)
e2e: Bump to kind v0.30.0 (#12701)
e2e: Do not expect Machines for MachinePools not supporting Machines (#13077)
e2e: E2e coverage via md rollout test (#12966)
e2e: Enable IPv6 test again (#12597)
e2e: Fix autoscaler test (#12978)
e2e: Fix kind build git commit setting (#12858)
e2e: Fix md-rollout test to test in-place taint changes before doing the rollout change (#13031)
e2e: Fix self-hosted to actually read DOCKER_PRELOAD_IMAGES from the e2e config (#12907)
e2e: Get kind mgmt cluster logs in clusterctl upgrade test (#12676)
e2e: Improve check for Cluster Available condition in e2e tests (#12594)
e2e: Make clusterctl upgrade test to work when there are no machines (#13074)
e2e: Set startup taint for autoscaler in e2e tests (#12736)
e2e: Skip test using outdated docker client release 1.12 (#13126)
e2e: Start testing against Kubernetes v1.35 (#12709)
e2e: Use crane to pre-pull images instead of docker pull (#13119)
e2e: Use wait-machine-upgrade timeout in ClusterClassChanges tests to wait for machines to be ready (#13013)
e2e: Wait for cluster deletion in runtime sdk test (#12956)
KCP/CABPK: Stop using unsafe for EnvVar conversion (#12619)
KCP/MachineSet/MachineDeployment: Remove unused CleanUpManagedFieldsForSSAAdoption code (#12788)
KCP: Add current/desired objects to NotUpToDateResult & refactor object creation (#12817)
KCP: Avoid KCP rollouts if only ControlPlaneComponentHealthCheckSeconds is changed (#13026)
KCP: Check for error before checking reconcile result (#12935)
KCP: Enable websocket dialer with fallback to spdy (#12902)
KCP: Fix race condition on KCP initialized condition (#12980)
KCP: Improve KCP etcd client crt/key caching (#12977)
KCP: Simplify cleanupConfigFields in KCP (#12776)
KCP: Simplify KCP matchesKubeadmConfig (#12813)
KCP: Variable/func renames, func order (#12793)
Logging: Reduce noisy logs (#12606)
Machine/MachineSet/MachineDeployment: Adjust UpToDate condition to consider Updating, move UpToDate condition to Machine ctrl for workers (#12959)
Machine: Add DisableCertPrivateKey function for clustercache for test flake (#12921)
Machine: Consider updating condition when computing Machine's ready condition (#12939)
Machine: Fix TestReconcileMachinePhases flake (#12818)
Machine: Implement Updating Machine phase (#12940)
Machine: Requeue for Machine Available condition (#12953)
Machine: Use apireader to directly talk to apiserver (#12819)
MachineDeployment: Add in-place to machineset controller (#12906)
MachineDeployment: Add more info to logs for rollout changes (#12997)
MachineDeployment: Add rollout planner (#12804)
MachineDeployment: Cleanup getMachinesSucceeded flag from MD controller (#12882)
MachineDeployment: Defer in-place updates for machines not yet provisioned (#13007)
MachineDeployment: Fix misleading log statements and optimize logic (#12871)
MachineDeployment: Move compute and create ms to rollout planner (#12841)
MachineDeployment: Refactor MachineTemplateUpToDate (#12811)
MachineDeployment: Rollout-planner improve checks for scalingOrInPlaceUpdateInProgress (#12954)
MachineDeployment: Simplify rollout planner (#12899)
MachineHealthCheck: Add reason to condition, add reason+message to log (#12987)
MachineHealthCheck: No longer requeue when remediation is not allowed (#12924)
MachinePool: Migrate from Requeue to RequeueAfter in MachinePool tests (#13027)
MachineSet: Fix flakes in syncMachines unit test (#12918)
MachineSet: Fix race conditions with global scheme in TestMachineSetReconciler_reconcileUnhealthyMachines (#12919)
MachineSet: Refactor BootstrapConfig/InfraMachine creation in MachineSet controller (#12881)
Misc: Add Proxy Support to Docker Build-Args (#12669)
Misc: Avoid using deprecated client.Patch method (#12737)
Misc: Cleanup TestReconcileMachinePhases (#12976)
Misc: Consistent webhook file/folder structure (#12791)
Misc: Improve mark hook utils (#12994)
Misc: Improve wait for cache (#12993)
Misc: Log version and git commit on controller start (#12694)
Misc: Stop setting and relying on TypeMeta in typed objects (#12533)
Misc: Use errors package of Go (#10875)
Release/clusterctl: Add CAPRKE2 to release tool’s issue-opening providers list (#12713)
Release/Testing: Added test cases for list.go and github.go (#11937)
Release: Clarify semantic of --previous-release-version (#12995)
Release: Prepare main branch for v1.12 development (#12723)
Release: Update release notes tool to handle multiples_areas and colons (#12738)
Runtime SDK: Add defensive response status checking in runtime client (#12898)
Runtime SDK: Add hint to look into controller logs to runtime client error response (#12849)
Runtime SDK: Add httpClientCache to runtime client (#13080)
Runtime SDK: Deduplicate extension filtering and response validation logic (#12905)
Runtime SDK: Migrate from Requeue to RequeueAfter in extensionconfig (#13000)
Testing: Add clusterapi crd groups to audit logs for envtest (#12883)
Testing: Enable audit logs for envtest-based unit tests if ARTIFACTS env var is set (#12847)
Testing: Implement unit-tests for desired state generator (#12656)
Testing: Update version matrix for GitHub workflows for release 1.11 (#12586)
util: Add check version against metadata utility (#12529)
util: Add items to cache immediately after apply (#12877)

📖 Additionally, there have been 49 contributions to our documentation and book. (#12085, #12199, #12329, #12562, #12581, #12582, #12593, #12600, #12601, #12647, #12662, #12663, #12673, #12710, #12741, #12761, #12777, #12779, #12797, #12810, #12814, #12835, #12836, #12854, #12866, #12880, #12885, #12892, #12893, #12896, #12917, #12934, #12942, #12944, #12951, #12961, #12970, #12998, #13010, #13011, #13012, #13021, #13057, #13098, #13101, #13114, #13115, #13116, #13118)

Dependencies

Added

github.com/gkampitakis/ciinfo: v0.3.2
github.com/gkampitakis/go-diff: v1.3.2
github.com/gkampitakis/go-snaps: v0.5.15
github.com/go-jose/go-jose/v4: v4.0.4
github.com/goccy/go-yaml: v1.18.0
github.com/golang-jwt/jwt/v5: v5.2.2
github.com/grpc-ecosystem/go-grpc-middleware/providers/prometheus: v1.0.1
github.com/grpc-ecosystem/go-grpc-middleware/v2: v2.3.0
github.com/joshdk/go-junit: v1.0.0
github.com/maruel/natural: v1.1.1
github.com/mfridman/tparse: v0.18.0
github.com/olekukonko/cat: 50322a0
github.com/olekukonko/errors: v1.1.0
github.com/olekukonko/ll: v0.1.1
github.com/olekukonko/ts: 78ecb04
github.com/spiffe/go-spiffe/v2: v2.5.0
github.com/tidwall/gjson: v1.18.0
github.com/tidwall/match: v1.1.1
github.com/tidwall/pretty: v1.2.1
github.com/tidwall/sjson: v1.2.5
github.com/zeebo/errs: v1.4.0
go.etcd.io/raft/v3: v3.6.0
sigs.k8s.io/structured-merge-diff/v6: v6.3.0

Changed

cel.dev/expr: v0.19.1 → v0.24.0
cloud.google.com/go/storage: v1.49.0 → v1.5.0
cloud.google.com/go: v0.116.0 → v0.53.0
github.com/GoogleCloudPlatform/opentelemetry-operations-go/detectors/gcp: v1.25.0 → v1.26.0
github.com/Masterminds/semver/v3: v3.3.0 → v3.4.0
github.com/census-instrumentation/opencensus-proto: v0.4.1 → v0.2.1
github.com/cncf/xds/go: cff3c89 → 2f00578
github.com/coredns/corefile-migration: v1.0.27 → v1.0.29
github.com/emicklei/go-restful/v3: v3.12.2 → v3.13.0
github.com/fsnotify/fsnotify: v1.8.0 → v1.9.0
github.com/fxamacker/cbor/v2: v2.7.0 → v2.9.0
github.com/go-viper/mapstructure/v2: v2.3.0 → v2.4.0
github.com/golang/groupcache: 41bb18b → 8c9f03a
github.com/google/cel-go: v0.23.2 → v0.26.0
github.com/google/gnostic-models: v0.6.9 → v0.7.0
github.com/google/pprof: 27863c8 → f64d9cf
github.com/googleapis/gax-go/v2: v2.14.1 → v2.0.5
github.com/grpc-ecosystem/grpc-gateway/v2: v2.24.0 → v2.26.3
github.com/ianlancetaylor/demangle: bd984b5 → f615e6b
github.com/jonboulle/clockwork: v0.4.0 → v0.5.0
github.com/mattn/go-colorable: v0.1.13 → v0.1.14
github.com/mattn/go-runewidth: v0.0.14 → v0.0.16
github.com/modern-go/reflect2: v1.0.2 → 35a7c28
github.com/olekukonko/tablewriter: v0.0.5 → v1.0.9
github.com/onsi/ginkgo/v2: v2.23.4 → v2.27.2
github.com/onsi/gomega: v1.38.0 → v1.38.2
github.com/pelletier/go-toml/v2: v2.2.3 → v2.2.4
github.com/prometheus/client_model: v0.6.1 → v0.6.2
github.com/rivo/uniseg: v0.4.2 → v0.4.7
github.com/rogpeppe/go-internal: v1.13.1 → v1.14.1
github.com/sagikazarmark/locafero: v0.7.0 → v0.11.0
github.com/sourcegraph/conc: v0.3.0 → 5f936ab
github.com/spf13/afero: v1.12.0 → v1.15.0
github.com/spf13/cast: v1.7.1 → v1.10.0
github.com/spf13/cobra: v1.9.1 → v1.10.1
github.com/spf13/pflag: v1.0.7 → v1.0.10
github.com/spf13/viper: v1.20.1 → v1.21.0
github.com/stretchr/testify: v1.10.0 → v1.11.1
go.etcd.io/bbolt: v1.3.11 → v1.4.2
go.etcd.io/etcd/api/v3: v3.5.22 → v3.6.6
go.etcd.io/etcd/client/pkg/v3: v3.5.22 → v3.6.6
go.etcd.io/etcd/client/v3: v3.5.22 → v3.6.6
go.etcd.io/etcd/pkg/v3: v3.5.21 → v3.6.4
go.etcd.io/etcd/server/v3: v3.5.21 → v3.6.4
go.opencensus.io: v0.24.0 → v0.22.3
go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc: v0.58.0 → v0.60.0
go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracegrpc: v1.33.0 → v1.34.0
go.opentelemetry.io/otel/exporters/otlp/otlptrace: v1.33.0 → v1.34.0
go.opentelemetry.io/otel/metric: v1.34.0 → v1.35.0
go.opentelemetry.io/otel/trace: v1.34.0 → v1.35.0
go.opentelemetry.io/otel: v1.34.0 → v1.35.0
go.opentelemetry.io/proto/otlp: v1.4.0 → v1.5.0
go.uber.org/zap: v1.27.0 → v1.27.1
go.yaml.in/yaml/v3: v3.0.3 → v3.0.4
golang.org/x/crypto: v0.40.0 → v0.45.0
golang.org/x/mod: v0.25.0 → v0.29.0
golang.org/x/net: v0.42.0 → v0.47.0
golang.org/x/oauth2: v0.30.0 → v0.33.0
golang.org/x/sync: v0.16.0 → v0.18.0
golang.org/x/sys: v0.34.0 → v0.38.0
golang.org/x/telemetry: bda5523 → 078029d
golang.org/x/term: v0.33.0 → v0.37.0
golang.org/x/text: v0.27.0 → v0.31.0
golang.org/x/tools: v0.34.0 → v0.38.0
google.golang.org/api: v0.215.0 → v0.17.0
google.golang.org/genproto/googleapis/api: 5f5ef82 → a0af3ef
google.golang.org/genproto/googleapis/rpc: 1a7da9e → a0af3ef
google.golang.org/genproto: e639e21 → 66ed5ce
google.golang.org/grpc: v1.71.3 → v1.72.3
google.golang.org/protobuf: v1.36.6 → v1.36.7
k8s.io/api: v0.33.3 → v0.34.2
k8s.io/apiextensions-apiserver: v0.33.3 → v0.34.2
k8s.io/apimachinery: v0.33.3 → v0.34.2
k8s.io/apiserver: v0.33.3 → v0.34.2
k8s.io/client-go: v0.33.3 → v0.34.2
k8s.io/cluster-bootstrap: v0.33.3 → v0.34.2
k8s.io/code-generator: v0.33.3 → v0.34.2
k8s.io/component-base: v0.33.3 → v0.34.2
k8s.io/gengo/v2: 1244d31 → 85fd79d
k8s.io/kms: v0.33.3 → v0.34.2
k8s.io/kube-openapi: c8a335a → f3f2b99
k8s.io/utils: 3ea5e8c → 4c0f3b2
sigs.k8s.io/controller-runtime: v0.21.0 → v0.22.4
sigs.k8s.io/json: 9aa6b5e → cfa47c3

Removed

cloud.google.com/go/auth/oauth2adapt: v0.2.6
cloud.google.com/go/auth: v0.13.0
cloud.google.com/go/iam: v1.2.2
cloud.google.com/go/monitoring: v1.21.2
github.com/GoogleCloudPlatform/opentelemetry-operations-go/exporter/metric: v0.48.1
github.com/GoogleCloudPlatform/opentelemetry-operations-go/internal/resourcemapping: v0.48.1
github.com/golang-jwt/jwt/v4: v4.5.2
github.com/google/s2a-go: v0.1.8
github.com/googleapis/enterprise-certificate-proxy: v0.3.4
github.com/grpc-ecosystem/go-grpc-middleware: v1.3.0
github.com/grpc-ecosystem/grpc-gateway: v1.16.0
github.com/kr/fs: v0.1.0
github.com/pkg/sftp: v1.13.7
github.com/prashantv/gostub: v1.1.0
go.etcd.io/etcd/client/v2: v2.305.21
go.etcd.io/etcd/raft/v3: v3.5.21
go.uber.org/atomic: v1.9.0
sigs.k8s.io/structured-merge-diff/v4: v4.6.0

Thanks to all our contributors! 😊

`v1.11.7`

Compare Source

👌 Kubernetes version support

Management Cluster: v1.30.x -> v1.34.x
Workload Cluster: v1.28.x -> v1.34.x

More information about version support can be found here

Changes since v1.11.6

📈 Overview

11 new commits merged
5 bugs fixed 🐛

🐛 Bug Fixes

CAPD: Fix "Failed to exec DockerMachine bootstrap" errors in CAPD (#13452)
CI: Bump trivy to v0.69.2 to fix CI (#13389)
ClusterClass/KCP: Implement mitigation for managedFields issue for KCP with SSA in apiserver (#13426)
Dependency: Bump dependencies to fix CVE GO-2026-4394 (go.opentelemetry.io/otel/sdk pkg) (#13379)
e2e: Only retry creating objects that failed (#13431)

🌱 Others

API: Relax validation for Machine .status.addresses to maximum of 256 instead of 128 items (#13400)
CAPD: Implement pause for DockerMachinePool (#13449)
clusterctl: Bump cert-manager v1.19.4 (#13380)
Dependency: Bump go v1.25.8 (#13434)
e2e: Add retry in test framework when getting manifest YAMLs (#13359)
e2e: Improve condition if CAPD Machine is not yet ready for bootstrap exec (#13469)

Dependencies

Added

github.com/cenkalti/backoff/v5: v5.0.3
github.com/go-jose/go-jose/v4: v4.1.3
github.com/spiffe/go-spiffe/v2: v2.6.0
gonum.org/v1/gonum: v0.16.0
sigs.k8s.io/structured-merge-diff/v6: v6.3.2

Changed

cel.dev/expr: v0.19.1 → v0.24.0
cloud.google.com/go/compute/metadata: v0.6.0 → v0.9.0
github.com/GoogleCloudPlatform/opentelemetry-operations-go/detectors/gcp: v1.25.0 → v1.30.0
github.com/cloudflare/circl: v1.6.1 → v1.6.3
github.com/cncf/xds/go: cff3c89 → 0feb691
github.com/envoyproxy/go-control-plane/envoy: v1.32.4 → v1.35.0
github.com/envoyproxy/go-control-plane: v0.13.4 → 75eaa19
github.com/golang/glog: v1.2.4 → v1.2.5
github.com/grpc-ecosystem/grpc-gateway/v2: v2.24.0 → v2.27.7
github.com/rogpeppe/go-internal: v1.13.1 → v1.14.1
github.com/stretchr/testify: v1.10.0 → v1.11.1
go.opentelemetry.io/auto/sdk: v1.1.0 → v1.2.1
go.opentelemetry.io/contrib/detectors/gcp: v1.34.0 → v1.38.0
go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp: v0.58.0 → v0.65.0
go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracegrpc: v1.33.0 → v1.40.0
go.opentelemetry.io/otel/exporters/otlp/otlptrace: v1.33.0 → v1.40.0
go.opentelemetry.io/otel/metric: v1.34.0 → v1.40.0
go.opentelemetry.io/otel/sdk/metric: v1.34.0 → v1.40.0
go.opentelemetry.io/otel/sdk: v1.34.0 → v1.40.0
go.opentelemetry.io/otel/trace: v1.34.0 → v1.40.0
go.opentelemetry.io/otel: v1.34.0 → v1.40.0
go.opentelemetry.io/proto/otlp: v1.4.0 → v1.9.0
go.yaml.in/yaml/v3: v3.0.3 → v3.0.4
golang.org/x/crypto: v0.45.0 → v0.47.0
golang.org/x/mod: v0.29.0 → v0.31.0
golang.org/x/net: v0.47.0 → v0.49.0
golang.org/x/oauth2: v0.30.0 → v0.34.0
golang.org/x/sync: v0.18.0 → v0.19.0
golang.org/x/sys: v0.38.0 → v0.40.0
golang.org/x/telemetry: 078029d → 8fff8a5
golang.org/x/term: v0.37.0 → v0.39.0
golang.org/x/text: v0.31.0 → v0.33.0
golang.org/x/tools: v0.38.0 → v0.40.0
google.golang.org/genproto/googleapis/api: 5f5ef82 → 8636f87
google.golang.org/genproto/googleapis/rpc: 1a7da9e → 8636f87
google.golang.org/grpc: v1.71.3 → v1.78.0
google.golang.org/protobuf: v1.36.6 → v1.36.11

Removed

Nothing has changed.

Thanks to all our contributors! 😊

`v1.11.6`

Compare Source

👌 Kubernetes version support

Management Cluster: v1.30.x -> v1.34.x
Workload Cluster: v1.28.x -> v1.34.x

More information about version support can be found here

Changes since v1.11.5

📈 Overview

6 new commits merged
1 feature addition ✨
2 bugs fixed 🐛

✨ New Features

KCP: Bump coredns/corefile-migration to v1.0.30 (#13295)

🐛 Bug Fixes

e2e: Add wait-resource-versions-{become,remain}-stable intervals to e2e config (#13331)
Misc: Fix bug while setting status for deprecated fields (#13345)

🌱 Others

clusterctl: Update cert-manager to v1.19.3 (#13313)
clusterctl: Update to cert-manager v1.19.2 (#13279)
Dependency: Go bump 1.24.13 (#13325)

Dependencies

Added

Nothing has changed.

Changed

github.com/coredns/corefile-migration: v1.0.29 → v1.0.30

Removed

Nothing has changed.

Thanks to all our contributors! 😊

`v1.11.5`

Compare Source

👌 Kubernetes version support

Management Cluster: v1.30.x -> v1.34.x
Workload Cluster: v1.28.x -> v1.34.x

More information about version support can be found here

Changes since v1.11.4

📈 Overview

5 new commits merged
4 bugs fixed 🐛

🐛 Bug Fixes

API: Fix v1beta1 ControlPlane contract to handle .status.initialized correctly (#13189)
ClusterClass: Allow adding spec via ClusterClass JSON patches (#13227)
KCP: Grant delete permissions to Secrets. (#13230)
Runtime SDK: Improve client cert/key rotation of the RuntimeSDK client (#13214)

🌱 Others

Dependency: Bump Go to v1.24.12 (#13244)

Dependencies

Added

Nothing has changed.

Changed

Nothing has changed.

Removed

Nothing has changed.

Thanks to all our contributors! 😊

`v1.11.4`

Compare Source

👌 Kubernetes version support

Management Cluster: v1.30.x -> v1.34.x
Workload Cluster: v1.28.x -> v1.34.x

More information about version support can be found here

Changes since v1.11.3

📈 Overview

19 new commits merged
4 bugs fixed 🐛

🐛 Bug Fixes

ClusterClass: Do not overwrite global http.DefaultClient TLSConfig (#13062)
ClusterClass: Stop writing zero values for spec.controlPlaneEndpoint to ControlPlane objects (#12982)
e2e: Fix WaitForMachinesReady interval (#13052)
util: Fix a panic in conditions.Delete method if the sources condition list is empty (#13054)

🌱 Others

API: Relax validation for Machine .status.addresses to maximum of 128 instead of 32 items (#13091)
CI: Ensure KAL is compiled using golangci-lint v2.7.0 (#13107)
Dependency: Bump Go to v1.24.10 (#12963)
Dependency: Bump Go to v1.24.11 (#13112)
Dependency: Bump golang.org/x/crypto to v0.45 to fix CVE (#13037)
e2e: Allow usage of v1beta1 and v1beta2 for MachinePools in clusterctl upgrade (#13023)
e2e: Do not expect Machines for MachinePools not supporting Machines (#13078)
e2e: Make clusterctl upgrade test to work when there are no machines (#13073)
e2e: Skip test using outdated docker client (#13127)
e2e: Use crane to pre-pull images instead of docker pull (#13120)
e2e: Use wait-machine-upgrade timeout in ClusterClassChanges tests to wait for machines to be ready (#13022)
KCP: Avoid KCP rollouts if only ControlPlaneComponentHealthCheckSeconds is changed (#13030)
KCP: Fix race condition on KCP initialized condition (#12986)
Runtime SDK: Add httpClientCache to runtime client (#13083)

📖 Additionally, there has been 1 contribution to our documentation and book. (#12999)

Dependencies

Added

Nothing has changed.

Changed

golang.org/x/crypto: v0.40.0 → v0.45.0
golang.org/x/mod: v0.25.0 → v0.29.0
golang.org/x/net: v0.42.0 → v0.47.0
golang.org/x/sync: v0.16.0 → v0.18.0
golang.org/x/sys: v0.34.0 → v0.38.0
golang.org/x/telemetry: bda5523 → 078029d
golang.org/x/term: v0.33.0 → v0.37.0
golang.org/x/text: v0.27.0 → v0.31.0
golang.org/x/tools: v0.34.0 → v0.38.0

Removed

Nothing has changed.

Thanks to all our contributors! 😊

`v1.11.3`

Compare Source

👌 Kubernetes version support

Management Cluster: v1.30.x -> v1.34.x
Workload Cluster: v1.28.x -> v1.34.x

More information about version support can be found here

Changes since v1.11.2

📈 Overview

13 new commits merged
1 feature addition ✨

✨ New Features

KCP: Bump coredns/corefile-migration to v1.0.29 (#12863)

🌱 Others

CAPD: Recreate container if we re-enter reconciliation and it exists but is not running (#12933)
clusterctl: Bump cert-manager to v1.19.0 (#12832)
clusterctl: Bump cert-manager to v1.19.1 (#12875)
Dependency: Bump Go to v1.24.8 (#12829)
Dependency: Bump Go to v1.24.9 (#12868)
e2e: Fix self-hosted to actually read DOCKER_PRELOAD_IMAGES from the e2e config (#12932)
Runtime SDK: Add hint to look into controller logs to runtime client error response (#12850)

📖 Additionally, there have been 5 contributions to our documentation and book. (#12837, #12839, #12887, #12894, #12916)

Dependencies

Added

Nothing has changed.

Changed

github.com/coredns/corefile-migration: v1.0.28 → v1.0.29

Removed

Nothing has changed.

Thanks to all our contributors! 😊

`v1.11.2`

Compare Source

👌 Kubernetes version support

Management Cluster: v1.30.x -> v1.34.x
Workload Cluster: v1.28.x -> v1.34.x

More information about version support can be found here

Changes since v1.11.1

📈 Overview

6 new commits merged
1 feature addition ✨
1 bug fixed 🐛

✨ New Features

KCP: Bump coredns/corefile-migration to v1.0.28 (#12750)

🐛 Bug Fixes

clusterctl: Verify providers need upgrade before applying (#12768)

🌱 Others

Autoscaling: Bump autoscaler in e2e tests to v1.33.1 (#12792)
clusterctl: Add Metal3 as an IPAMProvider (#12760)
Dependency: Bump go to v1.24.7 (#12735)

📖 Additionally, there has been 1 contribution to our documentation and book. (#12780)

Dependencies

Added

Nothing has changed.

Changed

github.com/coredns/corefile-migration: v1.0.27 → v1.0.28

Removed

Nothing has changed.

Thanks to all our contributors! 😊

`v1.11.1`

Compare Source

👌 Kubernetes version support

Management Cluster: v1.30.x -> v1.34.x
Workload Cluster: v1.28.x -> v1.34.x

More information about version support can be found here

Changes since v1.11.0

📈 Overview

22 new commits merged
3 feature additions ✨
8 bugs fixed 🐛

✨ New Features

CI: Bump autoscaler to a9cb59f (#12707)
CI: Bump Kubernetes in tests to v1.34.0 and claim support for v1.34 (#12705)
e2e: Bump Kubernetes version used for testing to v1.34.0-rc.2 (#12659)

🐛 Bug Fixes

API: Only try to convert infraRefs if they are set (#12693)
API: Register conversion funcs in schemes (#12697)
CABPK: Always use latest apiVersion when getting owner of KubeadmConfig in CABPK (#12689)
ClusterClass: Ensure holder field path in GeneratePatchRequest is set based on contract (#12691)
ClusterClass: Fix field paths in ClusterClass compatibility validation errors (#12670)
ClusterClass: Stop adding conversion-data annotation to Cluster object (#12721)
e2e/CAPD: Remove finalizers during deletion if ownerRef was never set (#12678)
Testing: Fix KubeadmConfig fuzz test flake (#12682)

🌱 Others

clusterctl: Allow metadata.yaml's Kind to be empty (#12715)
Dependency: Bump github.com/go-viper/mapstructure/v2 to fix CVE (#12680)
Dependency: Bump to envtest v1.34.0 (#12706)
e2e: Bump to kind v0.30.0 (#12708)
e2e: Get kind mgmt cluster logs in clusterctl upgrade test (#12688)
Misc: Log version and git commit on controller start (#12696)
Release/clusterctl: Add CAPRKE2 to release tool’s issue-opening providers list (#12717)

📖 Additionally, there have been 4 contributions to our documentation and book. (#12667, #12668, #12671, #12674)

Dependencies

Added

Nothing has changed.

Changed

github.com/go-viper/mapstructure/v2: v2.3.0 → v2.4.0

Removed

Nothing has changed.

Thanks to all our contributors! 😊

`v1.11.0`

Compare Source

👌 Kubernetes version support

Management Cluster: v1.30.x -> v1.33.x
Workload Cluster: v1.28.x -> v1.33.x

More information about version support can be found here

Highlights

Bumped to Go 1.24, controller-runtime v0.21, k8s.io/* v0.33, controller-gen v0.18 (also moved to sigs.k8s.io/randfill) (#12191)
v1beta2 API version has been introduced and considering the awesome amount of improvements it marks an important step in the journey towards graduating our API to v1.
- Accordingly there is now a new v1beta2 version of our contract for providers.
- Improve status:
  - The transition to the new K8s aligned conditions using metav1.Conditions types and the new condition semantic has been completed.
  - Replica counters are now consistent with new conditions and across all resources; new replica counters have been added at cluster level.
  - Semantic of contract fields in status have been improved and are now consistent across all resources.
  - The confusing FailureReason and FailureMessage fields have been dropped.
- Support CC across namespaces: API changes planned for this feature have been implemented.
- Improve object references:
  - Unnecessary fields have been dropped from object reference.
  - Object references are now GitOps friendly (API version is not overwritten anymore by controllers).
- KubeadmConfig and KubeadmControlPlane APIs have been aligned with kubeadm v1beta4 API.
  - Additionally, fields inferred from top level objects have been removed, thus getting rid of a common source of confusion/issues.
Compliance with K8s API guidelines:
- Thanks to the adoption of the KAL linter compliance with K8s API guidelines has been greatly improved.
- All Duration fields are now represented as *int32 fields with units being part of the field name.
- All bool fields have been changed to *bool to preserve user intent.
- Extensive work has been done to ensure required and optional is explicitly set in the API, and that both serialization and validation works accordingly:
  - Stop rendering empty structs (review of all occurrences of omitempty and introduction of omitzero)
  - Do not allow "" when it is not semantically different from value not set (either you have to provide a non-empty string value or not set the field at all).
  - Do not allow 0 when it is not semantically different from value not set (either you have to provide a non-0 int value or not set the field at all).
  - Do not allow {} when it is not semantically different from value not set (either you have to set at least one property in the object or not set the field at all).
  - Do not allow [] when it is not semantically different from value not set (either you have to set at least one item in the list or not set the field at all).
  - Ensure validation for all enum types.
- Missing list markers have been added for SSA.
- Drop unnecessary pointers:
  - After fixing required and optional according to K8s API guidelines, extensive work has been done to drop unnecessary pointers thus improving the usability of the API's Go structs.
- Avoid embedding structs: Coupling between API types has been reduced by reducing the usage of embedded structs.
- Extensive work has been done to improve consistency across all resources, e.g.:
  - Fields for Machine deletion are under a new deletion struct in all resources.
  - Settings about rollout have been logically grouped in all resources.
  - Settings about health checks and remediation have been logically grouped in all resources.
- Missing validations have been added where required.
- Tech debt has been reduced by dropping deprecated fields.

ClusterClass: Fix continuous reconciles because of apiVersion differences in Cluster topology controller (#12341)
KCP/CABPK: Add CertificateValidityPeriod and CACertificateValidityPeriod to KubeadmConfig (#12335)
KCP: Fix timeout handling in GetAPIServerCertificateExpiry and DialContext (#12554)
Machine: fallback to InfraMachine providerID during deletion if Machine providerID is not set (#11985)
Runtime SDK:
- Optimize size of Runtime Hook requests (#12462)
- Add mTLS support to Runtime Extension server and client (#12517)
Improved e2e test coverage, e.g.:
- additional checks that resourceVersion stays stable after tests and that conditions are healthy (#12546 #12111)
- test coverage for scaling from/to 0 with CAPD & cluster-autoscaler (#12572)
New providers in clusterctl: Scaleway (#12357), cdk8s (#12332)

See Cluster API v1.10 compared to v1.11 for more details

Notes for workload cluster upgrade to Kubernetes v1.34 with KCP

Context: Kubernetes/kubeadm <=> etcd compatibility:
- kubeadm v1.33 only supports etcd v3.5 for Kubernetes v1.33
- kubeadm v1.34 only supports etcd v3.6 for Kubernetes v1.34
The upgrade to etcd v3.6 requires etcd >= v3.5.20 (https://etcd.io/blog/2025/upgrade_from_3.5_to_3.6_issue/)
Accordingly, when upgrading from Kubernetes v1.33 to v1.34:
- ensure etcd >= v3.5.20 is used with Kubernetes v1.33 before the upgrade
- upgrade to Kubernetes v1.34 and etcd v3.6 at the same time

Deprecation and Removals Warning

Cluster: Remove deprecated index ByClusterClassName, ClusterByClusterClassClassName and ClusterClassNameField (#12269)
ClusterClass: Remove deprecated ClusterVariable.definitionFrom field (#12202)
ClusterClass: Remove deprecated Cluster.spec.topology.rolloutAfter field (#12268)
ClusterClass: Remove deprecated ClusterCacheTracker and corresponding types (#12270)
clusterctl: Remove deprecated clusterctl alpha topology plan command (#12283)
ClusterResourceSet: Remove deprecated ClusterResourceSetBinding.DeleteBinding method (#12267)
MachineDeployment: Removed deprecated revisionHistory (#12274)
MachineDeployment: Remove deprecated spec.progressDeadlineSeconds (#12232)
KCP/CABPK: Remove deprecated KubeadmConfig useExperimentalRetryJoin (#12234)
API: Deprecate v1alpha1 & v1beta1 API packages (#12254)

Changes since v1.10.0

📈 Overview

360 new commits merged
88 breaking changes ⚠️
29 feature additions ✨
50 bugs fixed 🐛

📝 Proposals

Core: Update autoscaling from zero enhancement proposal with support for platform-aware autoscale from zero (#11962)

⚠️ Breaking Changes

API: Add additional MinProperties & MinItems validation across multiple APIs (#12538)
API: Add CAPD v1beta2 types (#12226)
API: Add Minimum=0 marker to all MinReadySeconds fields (#12474)
API: Add omitempty to required string without zero value (#12548)
API: Add omitzero on struct without zero value (#12550)
API: Add v1beta2 types (#12037)
API: Align Spec fields to optionalfields API conventions (#12431)
API: Align Status fields to optionalfields API conventions (#12435)
API: Change .status.replicas fields to pointer + omitempty (#12250)
API: Change all *metav1.Time fields to metav1.Time (#12518)
API: Change bool to *bool for all API types (#12436)
API: Change type of *string fields with invalid zero value to string (#12429)
API: Change type of int32 fields with valid zero value to *int32 (#12424)
API/Conditions: add V1Beta1 suffix and remove V1Beta2 suffix from condition types and reasons in v1beta2 packages (#12091)
API: Drop unnecessary fields from contract-versioned object references (#12356)
API: Fix required fields linter findings (#12558)
API: Improve Cluster CRD Go type (#12489)
API: Migrate API to use *Seconds instead of metav1.Duration fields (#12327)
API: Move APIs to ./api (#12262)
API/Partially revert: Remove DefaulterRemoveUnknownOrOmitableFields mutating webhook option (#12290)
API: Promote v1beta2 conditions (#12066)
API: Remove DefaulterRemoveUnknownOrOmitableFields mutating webhook option (#12231)
API: Remove IPFamily from public APIs (move to CAPD/kind util) (#12215)
API: Remove pointers from ClusterClass and Cluster healthCheck fields (#12525)
API: Remove pointers from remaining pointer struct fields (#12545)
API: Rename namingStrategy => naming, machineNamingStrategy => machineNaming (#12524)
API: Restructure strategy fields (#12506)
CABPK: Align KubeadmConfig to kubeadm v1beta4 types (#12282)
CAPD: Align CAPD conversion to conversion of other providers (#12481)
CAPD/Conditions: add V1Beta1 suffix and remove V1Beta2 suffix from condition types and reasons in CAPD v1beta2 packages (#12393)
CAPD: Implement v1beta2 contract in CAPD (#12409)
CAPD: Keep using v1beta1 condition in CAPD Docker backend (#12450)
CAPD: Promote v1beta2 condition in CAPD (#12362)
CAPD: Stop using v1beta1 status in CAPD controllers (#12438)
CAPD: Update example manifests (#12480)
Cluster: Remove deprecated index ByClusterClassName, ClusterByClusterClassClassName and ClusterClassNameField (#12269)
ClusterClass: Drop unnecessary fields from ClusterClass template references (#12358)
ClusterClass: Move infrastructure namingStrategy field in ClusterClass (#12216)
ClusterClass: Remove ClusterVariable.DefinitionFrom field (#12202)
ClusterClass: Remove DefaulterRemoveUnknownOrOmitableFields mutating webhook option (again) (#12404)
ClusterClass: Remove deprecated Cluster.spec.topology.rolloutAfter field (#12268)
ClusterClass: Remove deprecated ClusterCacheTracker and corresponding types (#12270)
ClusterClass: Rename deprecated ClusterClass Metadata fields to DeprecatedV1Beta1Metadata (#12273)
ClusterClass: Rename runtime extension fields in ClusterClass ExternalPatchDefinition (#12281)
ClusterClass: Restructure classRef field in Cluster.spec.topology (#12235)
clusterctl: Clusterctl describe defaults to v1beta2 (#12369)
clusterctl: Remove clusterctl alpha topology plan (#12283)
ClusterResourceSet: Change ClusterResourceSetBinding Bindings field from []*ResourceSetBinding to []ResourceSetBinding (#12476)
ClusterResourceSet: Make clusterName field in ClusterResourceSetBinding required (#12276)
ClusterResourceSet: Remove deprecated ClusterResourceSetBinding.DeleteBinding method (#12267)
Conditions: Swap condition packages (#12086)
Dependency: Bump to controller-runtime v0.21 / controller-tools v0.18 / k8s.io/* v0.33 / move to randfill (#12191)
e2e: Migrate E2E tests to v1beta2 (#12451)
e2e/Test/e2e: default to strict field validation & fix unknown field in ClusterClass YAML (#12501)
IPAM: Refactor reference types for IPAM (#12365)
KCP: KCP tolerates diff not leading to changes on machines (#12402)
KCP: Rename LastRemediationStatus.Timestamp to Time in KCP (#12452)
Machine: Drop unnecessary fields from Machine status.nodeRef (#12352)
MachineDeployment: Drop revisionHistory in MachineDeployment (#12274)
MachineDeployment: Remove MD spec.progressDeadlineSeconds (#12232)
MachineHealthCheck: Drop unnecessary fields from remediationTemplate references (#12368)
MachineHealthCheck: Rename MHC unhealthyConditions to unhealthyNodeConditions (#12245)
MachineSet: Make Template in MachineSet & Spec in MachineTemplateSpec required (#12420)
API/CAPD: Update ControlPlaneEndpoint InfraCluster contract, align CAPD to infra contracts (#12465)
API/Cluster: Add initialization to Cluster status (#12098)
API/Control-plane/Bootstrap/KCP/CABPK/Cluster: Implement v1beta2 contract in cluster controller, KCP, CABPK (#12094)
API/KCP/CABPK/CI: Enable nomaps linter, Remove unused kubeadm ClusterStatus struct, Migrate Cluster.status.failureDomains to array (#12083)
API/Machine: Add initialization to Machine Status (#12101)
API/Machine: Move Machine deletion timeout fields into deletion group, move KCP machineTemplate spec fields to machineTemplate.spec (#12499)
API/MachinePool: Add initialization to MachinePool Status (#12102)
ClusterClass/MachineHealthCheck/Cluster: Restructure MHC fields in MHC, Cluster and ClusterClass CRDs (#12504)
clusterctl/Documentation: Remove reference and configurations for Packet (Equinix Metal) (#12143)
KCP/CABPK: Change BootstrapToken.Token from *BootstrapTokenString to BootstrapTokenString (#12565)
KCP/CABPK: Change envVars fields from []EnvVar to *[]EnvVar (#12539)
KCP/CABPK: Change User.PasswdFrom from *PasswdSource to PasswdSource + add omitzero, extend SSA patch helper to handle arrays (#12560)
KCP/CABPK: Inline ControlPlaneComponent struct in APIServer / ControllerManager / Scheduler in CABPK (#12446)
KCP/CABPK: Remove KubeadmConfig UseExperimentalRetryJoin (#12234)
KCP/CABPK: Remove more defaulting from KubeadmConfig/KubeadmConfigTemplate/KCP/KCPTemplate (#12495)
KCP/CABPK: Remove redundant fields from CABPK / KCP ClusterConfiguration (#12319)
KCP/CABPK: Remove TypeMeta from KubeadmConfigSpec (#12350)
KCP/MachineSet/CABPK/CAPD/e2e/Cluster: Cleanup version handling of unsupported Kubernetes releases (#12303)
Machine/Cluster: Stop using FailureReason and FailureMessage in controllers (#12148)
Machine/MachinePool/MachineSet/MachineDeployment: Add MinReadySeconds to Machine and remove it from MachineDeployment, MachineSet, MachinePool. (#12153)
Machine/MachineSet/MachineDeployment/Cluster: Stop using deprecated replica counters in controllers (#12149)
MachineSet/MachineDeployment: Use MachineSetDeletePolicy enum in MD & MS API (#12419)
Runtime SDK/MachineDeployment: Make DeletePolicy & FailurePolicy enum fields non-pointers (#12453)
Runtime SDK: Add v1beta2 API for ExtensionConfig (#12197)
Runtime SDK: Change ExtensionConfig handler timeoutSeconds from *int32 to int32 & add Minimum=1 (#12475)

✨ New Features

API: Block imports to internal packages in our API + restructure import restrictions (#12302)
API: Deprecate v1alpha1 & v1beta1 API packages (#12254)
API: Remove pointer, add omitzero & MinProperties for initialization fields/structs (#12482)
CAPD: Add scale from/to 0 support for CAPD (#12591)
CI: Add conflicting markers linter (#12569)
CI: Bump KAL & add the notimestamps linter (#12520)
clusterctl: Add Scaleway infrastructure provider to clusterctl (#12357)
clusterctl: Adding Addon Provider for cdk8s (CAAPC) to cluster-api (#12332)
clusterctl: Clearer diagnostics when provider metadata is missing or repo URL is stale (#12238)
clusterctl: Validate provider metadata (#12242)
Dependency: Bump controller-tools v0.17.3, conversion-gen v0.33.0 (#12129)
Dependency: Complete bump to Kubernetes v1.33 (#12206)
Dependency: Update KUBEBUILDER_ENVTEST_KUBERNETES_VERSION (#12130)
e2e: Bump Kubernetes version used for testing to v1.34.0-beta.0 (#12516)
e2e: Bump Kubernetes version used for testing to v1.34.0-rc.1 (#12625)
e2e: From 1.10 use GetStableReleaseOfMinor instead of GetLatestReleaseOfMinor (#12118)
KCP: Bump corefile-migration to v1.0.27 (#12639)
Machine: Implement v1beta2 contract in Machine controller (#12038)
MachinePool/Feat: set new replica fields for machine pools (#12528)
API/CI: Enable ssatags KAL linter (#12470)
KCP/CABPK/CI: Bump KAL to pick up latest requiredfields linter, add Min/MaxLength to BootstrapToken (#12604)
KCP/CABPK: Add CertificateValidityPeriod and CACertificateValidityPeriod to KubeadmConfig (#12335)
KCP/CABPK: Reintroduce KCP/CABPK ClusterConfiguration controlPlaneEndpoint (#12423)
KCP/CABPK: Stop requiring init or cluster configuration for first CP machine (#12540)
Runtime SDK/ClusterClass: Extend Cluster builtin to include metadata (#12014)
Runtime SDK/ClusterClass: Optimize size of runtime hook requests (#12462)
Runtime SDK: Add mTLS support to runtime extension server and client (#12517)
Runtime SDK: Extend cluster builtin to include classNamespace (#12050)
Testing: Bump Kubernetes in tests to v1.33.0 and claim support for v1.33 (#12104)

🐛 Bug Fixes

API: Ensure all pointer status fields are dereferenced correctly (#12412)
Bootstrap: Make joinConfiguration.discovery.bootstrapToken.token optional (#12107)
Bootstrap: Relax minLength for bootstrap.dataSecretName to 0 (#12164)
CABPK: Fix rendering of .Append = false in CABPK (#12437)
CABPK: Fix rendering of ntp.enabled & users.inactive *bool values in cloud init (#12394)
CABPK: Increase ignition additionalConfig maxSize from 10 to 32 KB (#12222)
CABPK: Make KubeadmConfig FileSystem.Label optional (#12019)
CAPD: Fix IPv6 CAPD e2e test (#12488)
CAPD: Fix worker machine count in CAPD template (#12028)
CAPD: Run CAPD conversion tests in CI (#12588)
CAPIM: Fix CAPD in-memory templates (#12013)
CAPIM/Mux: fix error check (#12230)
CI: Fix conversion-verifier and fix findings (#12349)
CI: Fixing failed to install kind for e2e tests (#12361)
ClusterClass: Fix continuous reconciles because of apiVersion differences in Cluster topology controller (#12341)
clusterctl: Accept upper case version (#12237)
clusterctl: Add missing API version to NS object (#12200)
clusterctl: Clusterctl upgrade hangs for a time on CRD migration when new version contains a number of new CRDs (#11984)
ClusterResourceSet: Fix potential panic if ClusterResourceSetStrategy is not defined or incorrect (#12096)
Conditions: Fix condition handling during controller start (#12536)
e2e: Bump cluster-autoscaler to v1.33, adjust RBAC, pin apiVersion to v1beta1 (#12502)
e2e: Fix autoscaler e2e test flake (#12627)
e2e: Fix Available/Ready checks on E2E test (#12549)
e2e: Fix e2e tests by fixing the etcd tag (#12523)
e2e: Stop overwriting ExtraPortMappings if WithDockerSockMount option is used (#12012)
IPAM: Enable conversion in CRDs (#12198)
IPAM: Revert condition func changes for IPAddressClaim v1beta1 (#12223)
KCP: Allow transition of KubeadmControlPlaneTemplate from defaulted rolloutStrategy to unset (#12467)
KCP: Fix ControlPlaneComponentHealthCheckSeconds validation in KubeadmConfigSpec.Validate (#12624)
KCP: Fix conversion issue in KubeadmControlPlaneTemplate with rolloutStrategy.type (#12622)
KCP: Fix nil pointer in conversion (#12292)
KCP: Fix rollout when init configuration in KCP is empty (#12344)
KCP: Fix timeout handling in GetAPIServerCertificateExpiry and DialContext (#12554)
Machine/Machine deletion: fallback to InfraMachine providerID if Machine providerID is not set (#11985)
MachineDeployment: Bug fix to set machinedeployment AvailableReplicas (#12410)
MachineDeployment: Fix second rolling update for MD rolloutAfter (#12261)
MachineSet: Fix v1beta1 MachinesReady condition on MachineSet (#12535)
API/ClusterClass: Fix MaxLength of worker topology Name fields (#12072)
ClusterClass/MachinePool: Fix MP error in desired state calculation during Cluster creation (#12621)
Dependency/CI: Upgrade golangci-lint to v2.1.0 (#12170)
Testing/CI: Fix the condition to check whether cluster has v1beta2 conditions (#12100)
Runtime SDK: Export ExtensionConfig webhook (#12599)
Testing: Fix flakes in TestAPIAndWebhookChanges unit test (#12526)
Testing: Fix flaky TestFuzzyConversion (Cluster) test (#12630)
Testing: Fix flaky TestReconcileMachinePhases unit test (#12632)
Testing: Fix flaky TestReconcileState unit test (#12633)
Testing: Fix race condition in InMemoryMachine controller tests (#12347)
Testing: Fix Test_ValidateCluster unit tests for mink8s (#12564)
util/CRD migration: Fix cases where update validation fails (#11991)
util: Fix typo for WithOwnedV1beta1Conditions to WithOwnedV1Beta1Conditions (#12218)

🌱 Others

API: Drop hardcoded v1beta1 references (#12027)
API: Enable optionalfields linter and fix remaining findings (#12299)
API: Move internal/apis to internal/api (#12296)
API: Remove old godoc comment, remove unnecessary cast in KCP (#12479)
API: Remove unused List conversion funcs (#12054)
API: Set minimum=1 on ObservedGeneration and KubeadmConfig APIEndpoint bindPort (#12417)
API: Set print columns for v1beta2 types (#12534)
CAPD: Ensure CAPD v1beta1 API package only imports core v1beta1 (#12405)
CAPIM/Mux: Ignore net.ErrClosed error during listener close & server shutdown (#12212)
CI: Add govulncheck to ensure vulnerability (#12108)
CI: Bump E2E to Kubernetes v1.33.0-rc.1 (#12099)
CI: Bump golangci-lint v2 (#12088)
CI: Bump KAL and remove enum exclude (#12500)
CI: Bump KAL to 2025060, cleanup excludes, fix IPAM prefix field, add MaxItems to Machine.status.addresses (#12326)
CI: Bump KAL to 2025062 + enable uniquemarkers linter (#12427)
CI/Chore: Update golangci-lint to v2.3.0 (#12573)
CI: Enable duplicatemarkers linter (#12228)
CI: Enable statusoptional linter (#12229)
CI: Fix make generate-go-openapi if parent directory name does not equal cluster-api (#12461)
CI: Remove govulncheck from the verify target (#12348)
CI: Restructure excludes in KAL linter config (#12445)
CI: Switch plugin to kube-api-linter (#12089)
CI: Update version matrix for github workflows for release-1.10 (#11992)
CI: Use release artifacts for CAPI v1.10 (#12147)
Cluster: Add validation for Cluster spec.controlPlaneRef, spec.infrastructureRef and spec.topology (#12454)
Cluster: Ensure Cluster.status.failureDomains are alphabetically sorted (#12416)
Cluster: Improve error message if rebase fails because target ClusterClass is not reconciled (#12415)
ClusterClass: Add DropEmptyStruct to ssa patch helper (#12442)
ClusterClass: Extend topology upgrade test: add bool removal test case (#12484)
ClusterClass: Improve CC RefVersionsUpToDate condition message (#12472)
ClusterClass: Improve validation of worker topology names in Cluster resource (#12561)
ClusterClass: Improve webhook output to include the names of the clusters blocking a deletion (#12060)
ClusterClass: Make infrastructure and controlPlane required in ClusterClass (#12444)
clusterctl: Add filename to clusterctl error about bad YAML (#12189)
clusterctl: Add support for compatible contracts to clusterctl (#12018)
clusterctl: Bump cert-manager to v1.17.1 (#12044)
clusterctl: Bump cert-manager to v1.17.2 (#12210)
clusterctl: Bump cert-manager to v1.18.0 (#12342)
clusterctl: Bump cert-manager to v1.18.1 (#12378)
clusterctl: Bump cert-manager to v1.18.2 (#12478)
clusterctl: Change k0smotron repo location (#12225)
clusterctl: Cleanup clusterctl tests assets (#12510)
clusterctl: Enforce skip upgrade policy in clusterctl (#12017)
Community meeting: Add JoelSpeed to approvers (#12204)
Conditions: Cleanup v1beta1 updateStatus functions (#12190)
Conditions: Drop usage of v1beta1 conditions (#12109)
Control-plane: Avoid large number of connection error traces in kubeadm controlplane controller (#12106)
Dependency: Bump Go 1.24 (#12128)
Dependency: Bump go to v1.23.8 (#12052)
Dependency: Bump Go to v1.24.5 (#12509)
Dependency: Bump Go to v1.24.6 (#12615)
Dependency: Bump kustomize to v5.7.0 (#12432)
Dependency: Bump several tool versions in Makefile (#12433)
Dependency: Bump sigs.k8s.io/kind to v0.28.0 (#12243)
Dependency: Bump sigs.k8s.io/kind to v0.29.0 (#12257)
Dependency: Bump to Go v1.24.4, github.com/cloudflare/circl v1.6.1 (#12351)
Dependency: Fix CVE-2025-54388 (#12574)
Dependency: Update github.com/go-viper/mapstructure/v2 to v2.3.0 (#12421)
Devtools: Add KubeVirt support to Tilt dev workflow (#11697)
Devtools: Fix Tiltfile (#12541)
Devtools/Metrics: use v1beta2 for condition metrics and add metrics for dockercluster devcluster dockermachine devmachine extensionconfig ipaddressclaim and crs (#12006)
e2e: Add an option to override custom node image name for kind cluster (#12186)
e2e: Add quickstart e2e test with v1beta1 with ClusterClass and RuntimeSDK (#12590)
e2e: Add resource version check to clusterctl upgrade tests (#12546)
e2e: Add retry for SSA requests against Kubernetes < v1.29 in clusterctl upgrade tests (#12067)
e2e: Bump clusterctl_upgrade_test.go main and 1.10 tests to k8s v1.33.0 (#12193)
e2e: Bump Kubernetes version used for testing to v1.33.0-rc.0 (#12073)
e2e: Fix ResourceVersion flake for MachinePools (#12552)
e2e: Improve check for Cluster Available condition in e2e tests (#12596)
e2e: Only run DescribeCluster if v1beta2 Cluster CRD is there (#12279)
e2e: Print the entire object diff if resource versions are not stable in e2e tests (#12527)
e2e: Remove redundant check in verifyV1Beta2ConditionsTrueV1Beta1 (#12477)
e2e: Set extraArgs in test extension (#12557)
e2e: Skipping test that is failing because of infra issues (#12496)
KCP: Add --etcd-client-log-level flag to KCP (#12271)
KCP: Allow unsetting etcd.local, etcd.external and dns (#12065)
KCP: Bump corefile-migration library to v1.0.26 (#12058)
KCP: Fix typo in forward etcd leadership error message (#12056)
Logging: Reduce noisy logs (#12626)
Misc: Remove jackfrancis from reviewers (#12134)
KCP/CABPK/KCP: Set MinItems=1 on ExternalEtcd.Endpoints (#12411)
KCP/CABPK: Remove unused updateClusterStatus (#12295)
KCP/CABPK: Stop using unsafe for EnvVar conversion (#12631)
KCP/MachineSet/MachineHealthCheck: Remove explicit defaulting of MS deletePolicy, MHC maxUnhealthy, KCPTemplate rolloutStrategy (#12464)
MachinePool/MachineSet/MachineDeployment: Add validation to ensure ClusterName fields are equal in MD/MS/MP (#12447)
Testing/CI/e2e: Add checker to validate conditions for v1beta2 (#12111)
Testing/CI: Fix e2e test capi-e2e-release-1.8 (#12379)
Testing/CI: Fix flaky test in extensionconfig_controller_test.go (#12386)
Release: Add validation for PREVIOUS_RELEASE_TAG in release-notes-tool (#12380)
Release: Postpone v1.11 code freeze by one week (#12498)
Release: Prepare main for v1.11 development (#12000)
Release: Use github.base_ref in markdown-link-check (#12034)
Runtime SDK: Block dependencies to internal packages for the RX implementation (#12297)
Runtime SDK: Fix lifecycle hooks conversions (#12507)
Runtime SDK: Stop registering API types in the runtime extension scheme (#12042)
Testing: Add test/framework/* tests in CI (#12469)
Testing/Framework: Watch logs from init containers (#12208)
Testing: Release Notes Generator - Test cases for main.go and ref.go (#11882)
Testing: Test changes planned to comply optionalrequired linter (#12414)
util: Move contract version & GetCompatibleVersions to contract package (#12032)
util: Recover v1.10 util packages for conditions, patch and paused to util/deprecated/v1beta1 for provider migrations (#12224)

📖 Additionally, there have been 51 contributions to our documentation and book. (#11029, #11998, #12004, #12057, #12074, #12093, #12117, #12120, #12122, #12125, #12126, #12131, #12139, #12140, #12145, #12150, #12163, #12165, #12188, #12201, #12205, #12236, #12246, #12266, #12284, #12287, #12306, #12309, #12328, #12333, #12377, #12382, #12403, #12418, #12428, #12439, #12443, #12455, #12483, #12491, #12503, #12521, #12532, #12543, #12571, #12575, #12576, #12587, #12589, #12595, #12602)

Dependencies

Added

github.com/envoyproxy/go-control-plane/envoy: v1.32.4
github.com/envoyproxy/go-control-plane/ratelimit: v0.1.0
github.com/klauspost/compress: v1.18.0
github.com/kylelemons/godebug: v1.1.0
github.com/prashantv/gostub: v1.1.0
go.opentelemetry.io/auto/sdk: v1.1.0
go.uber.org/automaxprocs: v1.6.0
go.yaml.in/yaml/v2: v2.4.2
go.yaml.in/yaml/v3: v3.0.3
gopkg.in/go-jose/go-jose.v2: v2.6.3
sigs.k8s.io/randfill: v1.0.0

Changed

cel.dev/expr: v0.18.0 → v0.19.1
github.com/cloudflare/circl: v1.3.7 → v1.6.1
github.com/cncf/xds/go: b4127c9 → cff3c89
github.com/coredns/corefile-migration: v1.0.26 → v1.0.27
github.com/coreos/go-oidc: v2.2.1+incompatible → v2.3.0+incompatible
github.com/envoyproxy/go-control-plane: v0.13.1 → v0.13.4
github.com/envoyproxy/protoc-gen-validate: v1.1.0 → v1.2.1
github.com/go-logr/logr: v1.4.2 → v1.4.3
github.com/go-viper/mapstructure/v2: v2.2.1 → v2.3.0
github.com/golang-jwt/jwt/v4: v4.5.0 → v4.5.2
github.com/golang/glog: v1.2.2 → v1.2.4
github.com/google/cel-go: v0.22.0 → v0.23.2
github.com/google/gnostic-models: v0.6.8 → v0.6.9
github.com/google/pprof: 40e02aa → 27863c8
github.com/gorilla/websocket: v1.5.3 → e064f32
github.com/grpc-ecosystem/grpc-gateway/v2: v2.20.0 → v2.24.0
github.com/onsi/ginkgo/v2: v2.23.3 → v2.23.4
github.com/onsi/gomega: v1.36.3 → v1.38.0
github.com/pmezard/go-difflib: 5d4384e → v1.0.0
github.com/prometheus/client_golang: v1.19.1 → v1.22.0
github.com/prometheus/common: v0.55.0 → v0.62.0
github.com/rogpeppe/go-internal: v1.12.0 → v1.13.1
github.com/spf13/pflag: v1.0.6 → v1.0.7
github.com/spf13/viper: v1.20.0 → v1.20.1
github.com/stretchr/objx: v0.5.0 → v0.5.2
go.etcd.io/etcd/api/v3: v3.5.20 → v3.5.22
go.etcd.io/etcd/client/pkg/v3: v3.5.20 → v3.5.22
go.etcd.io/etcd/client/v2: v2.305.16 → v2.305.21
go.etcd.io/etcd/client/v3: v3.5.20 → v3.5.22
go.etcd.io/etcd/pkg/v3: v3.5.16 → v3.5.21
go.etcd.io/etcd/raft/v3: v3.5.16 → v3.5.21
go.etcd.io/etcd/server/v3: v3.5.16 → v3.5.21
go.opentelemetry.io/contrib/detectors/gcp: v1.29.0 → v1.34.0
go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc: v0.54.0 → v0.58.0
go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp: v0.54.0 → v0.58.0
go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracegrpc: v1.27.0 → v1.33.0
go.opentelemetry.io/otel/exporters/otlp/otlptrace: v1.28.0 → v1.33.0
go.opentelemetry.io/otel/metric: v1.29.0 → v1.34.0
go.opentelemetry.io/otel/sdk/metric: v1.29.0 → v1.34.0
go.opentelemetry.io/otel/sdk: v1.29.0 → v1.34.0
go.opentelemetry.io/otel/trace: v1.29.0 → v1.34.0
go.opentelemetry.io/otel: v1.29.0 → v1.34.0
go.opentelemetry.io/proto/otlp: v1.3.1 → v1.4.0
golang.org/x/crypto: v0.36.0 → v0.40.0
golang.org/x/mod: v0.23.0 → v0.25.0
golang.org/x/net: v0.37.0 → v0.42.0
golang.org/x/oauth2: v0.28.0 → v0.30.0
golang.org/x/sync: v0.12.0 → v0.16.0
golang.org/x/sys: v0.31.0 → v0.34.0
golang.org/x/term: v0.30.0 → v0.33.0
golang.org/x/text: v0.23.0 → v0.27.0
golang.org/x/time: v0.8.0 → v0.9.0
golang.org/x/tools: v0.30.0 → v0.34.0
google.golang.org/genproto/googleapis/api: e6fa225 → 5f5ef82
google.golang.org/genproto/googleapis/rpc: 3abc09e → 1a7da9e
google.golang.org/grpc: v1.67.3 → v1.71.3
google.golang.org/protobuf: v1.36.5 → v1.36.6
k8s.io/api: v0.32.3 → v0.33.3
k8s.io/apiextensions-apiserver: v0.32.3 → v0.33.3
k8s.io/apimachinery: v0.32.3 → v0.33.3
k8s.io/apiserver: v0.32.3 → v0.33.3
k8s.io/client-go: v0.32.3 → v0.33.3
k8s.io/cluster-bootstrap: v0.32.3 → v0.33.3
k8s.io/code-generator: v0.32.3 → v0.33.3
k8s.io/component-base: v0.32.3 → v0.33.3
k8s.io/gengo/v2: 2b36238 → 1244d31
k8s.io/kms: v0.32.3 → v0.33.3
k8s.io/kube-openapi: 32ad38e → c8a335a
sigs.k8s.io/apiserver-network-proxy/konnectivity-client: v0.31.0 → v0.31.2
sigs.k8s.io/controller-runtime: v0.20.4 → v0.21.0
sigs.k8s.io/structured-merge-diff/v4: v4.4.2 → v4.6.0
sigs.k8s.io/yaml: v1.4.0 → v1.6.0

Removed

github.com/asaskevich/govalidator: f61b66f
github.com/go-kit/log: v0.2.1
github.com/go-logfmt/logfmt: v0.5.1
gopkg.in/square/go-jose.v2: v2.6.0

Thanks to all our contributors! 😊

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻️ Rebasing: Whenever MR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this MR and you won't be reminded about these updates again.

If you want to rebase/retry this MR, check this box

This MR has been generated by Renovate Bot Sylva instance.

CI configuration couldn't be handle by MR description. A dedicated comment has been posted to control it.

If no checkbox is checked, a default pipeline will be enabled (capm3, or capo if capo label is set)

Edited Mar 17, 2026 by Sylva Renovate bot