v0.29.1

[gardener/etcd-backup-restore]

🏃 Others

• [OPERATOR] Support non-HA autonomous clusters by skipping creation of Kubernetes clientset.
  ⚠️ To completely prevent the creation of the Kubernetes clientSet in the non-HA etcd-backup-restore, please also set the following CLI flags to false: --enable-member-lease-renewal and --enable-snapshot-lease-renewal. by @ishan16696 [gardener/etcd-backup-restore#870]

Helm Charts

• etcd-druid: europe-docker.pkg.dev/gardener-project/releases/charts/gardener/etcd-druid/etcd-druid:v0.29.1

Docker Images

• etcd-druid: europe-docker.pkg.dev/gardener-project/releases/gardener/etcd-druid:v0.29.1

v0.29.0

[gardener/etcd-druid]

⚠️ Breaking Changes

• [DEVELOPER] Upgraded to golang 1.24.
  Removed the need for hack/tools.go and instead using first class support for tools in go.mod.
  Please update local go version to 1.24. by @unmarshall [#1041]

📰 Noteworthy

• [USER] compaction job metrics are now enhanced with the new label failureReason to query the reason for failure job failures. by @anveshreddy18 [#1039]

🏃 Others

• [DEPENDENCY] Bump versions of tools used for tests and checks. by @renormalize [#1042]
• [OPERATOR] feature operator
  Add possibility to add nodeSelector, affinity, tolerations & topologySpreadConstraints on the helm charts by @Hirostil [#1043]
• [OPERATOR] Component containers, which do not require privilege escalations, now forbid privilege escalation explicitly. by @georgibaltiev [#1038]
• [OPERATOR] Added CEL expression to prevent unsetting and setting of immutable fields in etcd.Spec after creation. by @Shreyas-s14 [#1053]

[gardener/etcd-wrapper]

🏃 Others

• [DEPENDENCY] Upgrade Go to 1.24, and dependencies. by @renormalize [gardener/etcd-wrapper#48]
• [OPERATOR] Upgrade indirect dependencies. by @renormalize [gardener/etcd-wrapper#50]

[gardener/etcd-backup-restore]

📰 Noteworthy

• [DEVELOPER] Introduce golangci-lint, goimports-reviser, goimports, upgrade tool versions, etc. by @renormalize [gardener/etcd-backup-restore#863]
• [USER] Added a support for skipping or ignoring any snapshot in an object lock-enabled S3 bucket. For more information please refer to this doc: https://github.com/gardener/etcd-backup-restore/blob/master/docs/usage/enabling_immutable_snapshots.md#aws-s3 by @renormalize [gardener/etcd-backup-restore#863]

🏃 Others

• [DEVELOPER] Upgrade Go to 1.24, and dependencies. by @renormalize [gardener/etcd-backup-restore#863]

Helm Charts

• etcd-druid: europe-docker.pkg.dev/gardener-project/releases/charts/gardener/etcd-druid/etcd-druid:v0.29.0

Docker Images

• etcd-druid: europe-docker.pkg.dev/gardener-project/releases/gardener/etcd-druid:v0.29.0

v0.28.0

[gardener/etcd-druid]

⚠️ Breaking Changes

• [USER] The field etcd.spec.selector field is now deprecated. by @Shreyas-s14 [#995]
• [USER] Scale subresource has been removed from Etcd resource until etcd-druid can natively support handling VPA recommendations. by @unmarshall [#988]
• [DEVELOPER] * API import path has changed, it is now github.com/gardener/etcd-druid/api/core/v1alpha1
  • Annotation key to reconcile an Etcd cluster has been changed to druid.gardener.cloud/operation from gardener.cloud/operation by @unmarshall [#988]

📰 Noteworthy

• [USER] etcd-druid helm charts will now be published as an OCI artifact to a public OCI registry. by @unmarshall [#988]
• [OPERATOR] cleanup unused older configmaps with the naming format etcd-bootstrap-UID[:6] from the cluster. by @anveshreddy18 [#1014]
• [OPERATOR] Introduces 'Etcdcustom resource validations using CEL expressions. This will be available for kubernetes clusters with version >= 1.29 only. For kubernetes clusters with version < 1.29,Etcd` CRD will not contain validations using CEL expressions. by @Shreyas-s14 [#995]
• [DEVELOPER] It is now possible to get the CRDs as string via the go API. by @unmarshall [#988]
• [DEVELOPER] Programatic access to the CRDs via the API is available using the api/core/crds/GetAll() function, which now accepts k8sVersion as a parameter, in order to return the correct CRD, either with CEL validations for k8s versions v1.29 and above, or without CEL validation for k8s versions below 1.29. by @Shreyas-s14 [#995]
• [DEPENDENCY] With this PR, dependency on utilities from https://github.com/gardener/gardener has been removed. by @unmarshall [#988]

✨ New Features

• [DEVELOPER] Change the GetAll CRD API to return a map with keys having CRD names instead of Kind. by @unmarshall [#1024]
• [OPERATOR] EtcdCopyBackupTask introduces a new field spec.PodLabels which should be used to setup additional labels on the pod(s) that are started for etcd-copy-backup operation. by @unmarshall [#988]
• [USER] Generated etcd-druid client is now its own go module. This go module provides access to a typed client for all custom resources introduced in the API go module. This will ensure that consumers will always have a lean dependency weight when using the client. by @unmarshall [#988]

🏃 Others

• [DEVELOPER] Removed the unmaintained support for deployment of etcd-druid via kustomize by @unmarshall [#988]
• [DEVELOPER] PKI resources required for helm charts are now generated on the fly when running 'make deploy*' targets.
  CRDs are no longer checked-in at 2 places. There is a single source of truth for all CRDs and that is 'etcd-druid/api/core/crds'. Prior to using 'make deploy*' targets this will be copied to 'etcd-druid/charts/crds' directory. by @unmarshall [#988]
• [DEVELOPER] To run use skaffold via 'make deploy*' targets it is no longer required to run 'gcloud auth login' by @unmarshall [#988]
• [DEVELOPER] It is recommended that consumers of etcd-druid should depend upon the API go module instead of the parent go-module. In go.mod your dependency should be on github.com/gardener/etcd-druid/api. by @unmarshall [#988]
• [DEVELOPER] Added convenience make targets
  • 'clean-chart-resources' which will clean up all copied and generated resources prior to using helm charts
  • 'prepare-helm-charts' which will prepare the helm charts by copying the CRD yamls and generating the PKI resources for the webhook. by @unmarshall [#988]
• [DEVELOPER] Samples for etcd-druid are now present at etcd-druid/samples directory by @unmarshall [#988]
• [DEPENDENCY] Remove the direct depedency on gopkg.in/yaml.v2. by @renormalize [#1027]
• [OPERATOR] Update alpine image version to 3.21.3. by @shreyas-s-rao [#1009]
• [OPERATOR] Remove UseEtcdWrapper feature gate since it is now out of GA and always enabled. by @shreyas-s-rao [#999]
• [OPERATOR] Temporarily removes CEL validations for StorageCapacity to allow users to correctly configure volume size to be at least 3 times that of etcd DB size. by @unmarshall [#1032]

📖 Documentation

• [DEVELOPER] Added a document to describe how to use the etcd-druid helm charts by @unmarshall [#988]

[gardener/etcd-backup-restore]

🐛 Bug Fixes

• [USER] Fixed a bug that caused restoration to fail when the first delta snapshot completely overlap with the latest full snapshot. by @ishan16696 [gardener/etcd-backup-restore#845]

🏃 Others

• [DEVELOPER] Revive e2e tests (previously integrationcluster tests) and enable them to run with AWS, GCP, AZURE cloud providers and their emulators. by @anveshreddy18 [gardener/etcd-backup-restore#743]
• [DEVELOPER] Upgrade to go1.23.6. by @renormalize [gardener/etcd-backup-restore#842]

Helm Charts

• etcd-druid: europe-docker.pkg.dev/gardener-project/releases/charts/gardener/etcd-druid/etcd-druid:v0.28.0

Docker Images

• etcd-druid: europe-docker.pkg.dev/gardener-project/releases/gardener/etcd-druid:v0.28.0

v0.27.0

[gardener/etcd-backup-restore]

📰 Noteworthy

• [OPERATOR] Ensure the integrity of the full snapshot prior to uploading it to the object store, thereby reducing the potential restoration failures. by @ishan16696 [gardener/etcd-backup-restore#779]

🏃 Others

• [DEPENDENCY] Update golang version to 1.23.5. by @shreyas-s-rao [gardener/etcd-backup-restore#831]
• [USER] Use etcdbr latest tagged image in the helm charts by @anveshreddy18 [gardener/etcd-backup-restore#830]

[gardener/etcd-druid]

⚠️ Breaking Changes

• [OPERATOR] Remove deprecated CLI flag ignore-operation-annotation. by @shreyas-s-rao [#990]
• [USER] Remove support for deprecated annotation druid.gardener.cloud/ignore-reconciliation. by @shreyas-s-rao [#990]
• [USER] Remove deprecated status fields ServiceName, ClusterSize, UpdatedReplicas and LastError. by @shreyas-s-rao [#990]

📰 Noteworthy

• [USER] Introduce new Etcd status condition AllMembersUpdated. by @shreyas-s-rao [#987]
• [DEVELOPER] Condition statuses Progressing and ConditionCheckError are now deprecated and will soon be removed, since druid conditions will be replaced by metav1.Condition in the future. by @shreyas-s-rao [#987]

🐛 Bug Fixes

• [USER] Updation of status.observedGeneration and optional removal of the gardener.cloud/operation: reconcile annotation on the Etcd resource are now executed after the reconciliation of the Etcd status, to depict accurate state of the cluster at any given point in time. Users must wait for the status.observedGeneration field to be updated (and additionally for the removal of the gardener.cloud/operation: reconcile annotation is CLI flag enable-spec-auto-reconcile is set to false) to confirm completion of reconciliation. by @shreyas-s-rao [#996]

🏃 Others

• [OPERATOR] The Etcd resource now allows specifying etcd client Service traffic distribution preferences via the spec.etcd.clientService.trafficDistribution field. by @ialidzhikov [#973]

📖 Documentation

• [OPERATOR] Add DEP-06: Immutable ETCD Backups by @seshachalam-yv [#884]

[gardener/etcd-wrapper]

🏃 Others

• [DEVELOPER] Update golang images to v1.23.5. by @shreyas-s-rao [gardener/etcd-wrapper#42]

Docker Images

• etcd-druid: europe-docker.pkg.dev/gardener-project/releases/gardener/etcd-druid:v0.27.0

v0.26.1

[gardener/etcd-druid]

🏃 Others

• [DEPENDENCY] Temporarily downgrade k8s.io dependencies to v0.31.5. by @shreyas-s-rao [#982]

Docker Images

• etcd-druid: europe-docker.pkg.dev/gardener-project/releases/gardener/etcd-druid:v0.26.1

v0.26.0

[gardener/etcd-druid]

📰 Noteworthy

• [DEVELOPER] Don't set environment variable AZURE_EMULATOR_ENABLED for etcd pods. by @shreyas-s-rao [#958]
• [DEVELOPER] - Updated dependencies:

  • Gardener to v1.109.0

  • VGopath to v0.1.5

  • client_golang to v1.20.5

  • go.uber.org/mock to v0.5.0

  • golang.org/x/exp to v0.0.0-20241108190413-2d47ceb2692f

  • k8s.io/api, k8s.io/apimachinery, k8s.io/apiserver, k8s.io/client-go, k8s.io/component-base to v0.31.3

  • k8s.io/utils to v0.0.0-20241104163129-6fe5fd82f078

  • controller-runtime to v0.19.2

  • controller-tools to v0.16.5

  • Ginkgo to v2.22.0

  • Gomega to v1.36.0

  • Refactored etcd reconciler and controller registration logic to support unique controller names, ensuring compatibility with controller-runtime v0.19.2. by @seshachalam-yv [#948]

✨ New Features

• [OPERATOR] Enable Druid to use GCS Emulator for local setup and running e2e tests using "make ci-e2e-kind-gcs" by @anveshreddy18 [#741]

🏃 Others

• [DEVELOPER] Upgrade kind to v0.26.0, kindest/node to v1.32.0, and kubectl to v1.32.0 for local development. by @renormalize [#954]

[gardener/etcd-backup-restore]

📰 Noteworthy

• [DEVELOPER] Set umask to 0077 to restrict permissions for files created by etcd-backup-restore. by @shreyas-s-rao [gardener/etcd-backup-restore#821]
• [OPERATOR] etcd-backup-restore now supports immutable objects for storage provider: AWS S3, provided by the Bucket Lock feature. by @ishan16696 [gardener/etcd-backup-restore#818]
• [OPERATOR] Support for Bucket lock (S3) in etcd-backup-restore is backward compatible. For more info please refer to this doc: https://github.com/gardener/etcd-backup-restore/blob/master/docs/usage/enabling_immutable_snapshots.md. by @ishan16696 [gardener/etcd-backup-restore#818]
• [OPERATOR] Snapshots garbage collection performed by etcd-backup-restore (if enabled) for S3 is performed only when the snapshots's retention period get expires. by @ishan16696 [gardener/etcd-backup-restore#818]

🏃 Others

• [USER] Tag docker images built via pipeline release process as latest. by @shreyas-s-rao [gardener/etcd-backup-restore#824]
• [USER] Update golang images to v1.23.4. by @shreyas-s-rao [gardener/etcd-backup-restore#817]
• [USER] Update the helm charts for deploying single & multi node etcd cluster. by @anveshreddy18 [gardener/etcd-backup-restore#813]
• [USER] Remove usage of environment variables to determine whether storage emulators are enabled. by @shreyas-s-rao [gardener/etcd-backup-restore#819]
• [DEVELOPER] Example commands to make buckets immutable added to the documentation for the currently supported providers. by @renormalize [gardener/etcd-backup-restore#806]
• [DEVELOPER] Introduce gosec for Static Application Security Testing (SAST) via make sast and make sast-report. by @shreyas-s-rao [gardener/etcd-backup-restore#815]
• [OPERATOR] Enhanced the documentation for enabling immutable snapshots in etcd-backup-restore, providing detailed guidance and best practices for configuring bucket-level immutability on Google Cloud Storage and Azure Blob Storage. by @seshachalam-yv [gardener/etcd-backup-restore#811]

[gardener/etcd-wrapper]

✨ New Features

• [DEVELOPER] Introduce gosec for Static Application Security Testing (SAST) via make sast and make sast-report. by @shreyas-s-rao [gardener/etcd-wrapper#34]

Docker Images

• etcd-druid: europe-docker.pkg.dev/gardener-project/releases/gardener/etcd-druid:v0.26.0

v0.25.0

[gardener/etcd-druid]

📰 Noteworthy

• [OPERATOR] Etcd ConfigMap Naming Update: The naming convention has changed to {etcd.Name}-config for consistency, replacing etcd-bootstrap-. Unused old ConfigMaps will be removed in v0.27.0 by @anveshreddy18 [#812]
• [USER] The UseEtcdWrapper feature gate has been promoted to GA and locked to true. by @shreyas-s-rao [#936]

🏃 Others

• [DEVELOPER] Enhanced the check make target to ensure the Go version adheres to x.y.0. by @renormalize [#930]
• [OPERATOR] Upgrade the alpine image version to 3.20.3 by @renormalize [#916]
• [OPERATOR] Enhances Etcd configuration by organizing ConfigMap naming convention, enabling snapshot-count configuration, and rectifying URL issues for improved functionality and consistency by @anveshreddy18 [#812]

[gardener/etcd-backup-restore]

⚠️ Breaking Changes

• [USER] The etcd configuration parameters initial-advertise-peer-urls and advertise-client-urls now accept a structured YAML format where URLs are listed per etcd instance. This replaces the previous unstructured string format with @ as a separator. Existing configurations must be updated to match this new format. To know the new format in detail, check the example config file at pkg/miscellaneous/testdata/valid_config.yaml by @anveshreddy18 [gardener/etcd-backup-restore#715]

📰 Noteworthy

• [OPERATOR] Snapshots garbage collection performed by etcd-backup-restore (if enabled) for ABS is performed only when the objects' immutability period expires. by @renormalize [gardener/etcd-backup-restore#781]
• [OPERATOR] etcd-backup-restore now supports immutable objects for storage provider: Azure Blob Storage, provided by the Container Level WORM feature. by @renormalize [gardener/etcd-backup-restore#781]
• [OPERATOR] Support for Container level WORM (ABS) in etcd-backup-restore is backward compatible. For more info please refer to this doc: https://github.com/gardener/etcd-backup-restore/blob/master/docs/usage/immutable_snapshots.md by @renormalize [gardener/etcd-backup-restore#781]

🏃 Others

• [DEVELOPER] Enhanced the check make target to ensure the Go version adheres to x.y.0. by @renormalize [gardener/etcd-backup-restore#803]
• [OPERATOR] Don't skip full snapshot, always trigger a full snapshot independent of new updates to etcd, preventing prometheus alerts of not taking a scheduled full snapshot. by @Shreyas-s14 [gardener/etcd-backup-restore#804]

Docker Images

• etcd-druid: europe-docker.pkg.dev/gardener-project/releases/gardener/etcd-druid:v0.25.0

v0.24.1

[gardener/etcd-druid]

📰 Noteworthy

• [DEVELOPER] Upgraded github.com/gardener/etcd-backup-restore dependency from 0.31.0 to 0.31.1. by @renormalize [#928]
• [DEVELOPER] etcd-druid will henceforth stick to Go versions x.y.0 only to be in line with gardener/gardener, kubernetes, controller-runtime. by @renormalize [#929]
• [OPERATOR] Upgraded etcd-backup-restore image version to v0.31.1. by @renormalize [#928]

Docker Images

• etcd-druid: europe-docker.pkg.dev/gardener-project/releases/gardener/etcd-druid:v0.24.1

v0.24.0

[gardener/etcd-druid]

📰 Noteworthy

• [OPERATOR] Upgraded etcd-backup-restore image version to v0.31.0. by @renormalize [#924]
• [OPERATOR] Upgraded etcd-wrapper image version to v0.3.0. by @gardener-robot-ci-3 [#921]
• [DEVELOPER] Upgraded github.com/gardener/etcd-backup-restore dependency from 0.29.0 to 0.31.0. by @renormalize [#924]

🏃 Others

• [OPERATOR] Introduced github pages to host the etcd-druid documentation by @unmarshall [#909]
• [OPERATOR] Fix a minor bug in wrongly assuming 24hr as full snapshot interval to compute backup ready condition by getting it from full snapshot schedule. by @anveshreddy18 [#906]
• [OPERATOR] Added a doc detailing on how to contribute to existing documentation. by @unmarshall [#920]
• [OPERATOR] add additional latest tag to released images. by @anveshreddy18 [#888]
• [OPERATOR] Fixes github pages links by @unmarshall [#919]
• [OPERATOR] Minor fixes to the docs, changed the images to reflect the new logo. by @Shreyas-s14 [#901]

[gardener/etcd-backup-restore]

🏃 Others

• [OPERATOR] Improved error handling in deletion of delta snapshots during snapshot garbage collection. by @Shreyas-s14 [gardener/etcd-backup-restore#793]
• [OPERATOR] Improves the renewTime of full snapshot lease when the lease is updated as part of retry mechanism by @anveshreddy18 [gardener/etcd-backup-restore#753]
• [DEVELOPER] Azure Blob Storage client Go module upgraded to github.com/Azure/azure-sdk-for-go/sdk/storage/azblob from the deprecated github.com/Azure/azure-storage-blob-go by @renormalize [gardener/etcd-backup-restore#751]
• [DEVELOPER] Builds for non-native platforms can now be done using the docker-build make target instead of having to invoke the docker buildx command. The platform can be specified using the PLATFORM variable which is passed while invoking make. by @renormalize [gardener/etcd-backup-restore#780]
• [DEVELOPER] Standardize the yaml dependency to sigs.k8s.io/yaml. Replace deprecated k8s.io/utils/pointer with k8s.io/utils/ptr. Bump all direct dependencies to newer versions. by @renormalize [gardener/etcd-backup-restore#796]
• [DEVELOPER] etcd-backup-restore now uses the Restore API exposed by go.etcd.io/etcd/clientv3/snapshot to perform restoration of the etcd data directory, moving away from performing restoration of the data directory manually. by @renormalize [gardener/etcd-backup-restore#795]
• [DEVELOPER] Upgrade the Go dependency to go1.23.2. by @renormalize [gardener/etcd-backup-restore#786]
• [USER] etcd-backup-restore now uses etcd version v3.4.34 for the embedded etcd during restoration. by @renormalize [gardener/etcd-backup-restore#795]

[gardener/etcd-wrapper]

✨ New Features

• [USER] etcd-wrapper has been updated to start etcd version v3.4.34. by @renormalize [gardener/etcd-wrapper#30]

🏃 Others

• [DEVELOPER] All dependencies upgraded to the newer versions for enhanced security and support. by @renormalize [gardener/etcd-wrapper#30]

Docker Images

• etcd-druid: europe-docker.pkg.dev/gardener-project/releases/gardener/etcd-druid:v0.24.0

v0.23.3

[gardener/etcd-druid]

🐛 Bug Fixes

• [OPERATOR] etcd controller now differentiates between TLS configuration change and peer TLS enablement. Only if peer TLS has been enabled and not yet reflected it will wait for all pods to come up else it will allow patching of statefulset. by @unmarshall [#918]
• [OPERATOR] Fixes etcd client and peer service label selector, ensuring that only Etcd statefulset pods are selected. by @unmarshall [#918]

Docker Images

• etcd-druid: europe-docker.pkg.dev/gardener-project/releases/gardener/etcd-druid:v0.23.3