terraform-google-secure-cicd
terraform-google-secure-cicd copied to clipboard
Published
20 hours ago •
GoogleCloudPlatform
GoogleCloudPlatform
chore(deps): Update Terraform terraform-google-modules/kubernetes-engine/google to v33
This PR contains the following updates:
| Package | Type | Update | Change |
|---|---|---|---|
| terraform-google-modules/kubernetes-engine/google (source) | module | major | ~> 25.0 -> ~> 33.0 |
| terraform-google-modules/kubernetes-engine/google (source) | module | major | ~> 25.0.0 -> ~> 33.0.0 |
Release Notes
terraform-google-modules/terraform-google-kubernetes-engine (terraform-google-modules/kubernetes-engine/google)
v33.0.4
Bug Fixes
v33.0.3
Bug Fixes
v33.0.2
Bug Fixes
v33.0.1
Bug Fixes
v33.0.0
⚠ BREAKING CHANGES
- beta-autopilot: enable gcfs by default (#2066)
- TPG>=5.41: add config_sync.enabled (#2074)
- update relay_mode to enable_relay (#2067)
- private_cluster: enable private nodes by default (#2064)
- deps: Update Terraform terraform-google-modules/project-factory/google to v16 (#2057)
Features
- beta-autopilot: enable gcfs by default (#2066) (a083437)
- deps: Update Terraform Google Provider to v6 (major) (#2063) (8b7e342)
- private_cluster: enable private nodes by default (#2064) (e11787c)
- support reservation affinity (#2010) (7cc0626)
Bug Fixes
- avoid TPGv5.44.0 with Autopilot (#2076) (f54d2e1)
- deps: Update Terraform terraform-google-modules/project-factory/google to v16 (#2057) (8e53122)
- Node Pool enable_gcfs true:false (#1976) (419078d)
- TPG>=5.41: add config_sync.enabled (#2074) (4939c6f)
- update relay_mode to enable_relay (#2067) (dafdd72)
v32.0.4
Bug Fixes
v32.0.3
Bug Fixes
v32.0.2
Bug Fixes
v32.0.1
Bug Fixes
- fleet_app_operator_permissions: enable multi use per project (#2045) (a83100d)
- fleet_app_operator_permissions: optional groups and users (#2044) (a5a67e5)
- gcfs AP diff and general cleanup (#2043) (ec42a18)
- remove duplicte enable_secure_boot (#2040) (d469973)
v32.0.0
⚠ BREAKING CHANGES
- TPG>=5.40.0: Add support for RayOperator Addon (#2032)
- TPG>=5.33: add secret manager add-on config to beta modules (#1977)
Features
- Add additional functionality for autopilot clusters (#1985) (3b0bbe8)
- add notification event filter (#1996) (9ff1b5e)
- add optional private_endpoint_subnetwork variable in private submodules (#2009) (7a2e9b8)
- add support for
logging_variantin Autopilot clusters (#1962) (08028a8) - add support for additive_vpc_scope_dns_domain (#1998) (b54b7ba)
- add support for confidential storage + docs fixes (#2003) (270a5c7)
- allow default node pools metadata key-value pairs to be disabled (#2005) (318f38f)
- anthos modules remote fleet project (#1995) (674f772)
- bump
enable_intranode_visibilityto GA (#1956) (4274b0e) - bump identity_service_config to ga (#1997) (9d6a400)
- bump kubelet config to ga + minor doc fixes (#1994) (6bd1bc1)
- cluster.tf: add support for setting cgroup mode (#2001) (3fc4db4)
- enable binauthz for autopilot (#2030) (3ebf04a)
- extend enable_secret_manager_addon to beta-autopilot clusters (#2017) (7f31e96)
- Fleet app operator permissions (#1986) (e0fd03a)
- support enable_nested_virtualization (#2012) (e298e74)
- support workload_identity_config on autopilot (#2011) (b4f2e14)
- TPG>=5.33: add secret manager add-on config to beta modules (#1977) (5c58d89)
- TPG>=5.40.0: Add support for RayOperator Addon (#2032) (c046af1)
Bug Fixes
- add missing gpu node pool param docs (#2023) (ac76d4d)
- empty addons_config handling (#1978) (9ae8b38)
- enable_confidential_storage fix (#2018) (12cfe5e)
- skip service account
random_stringwhen not needed (#2024) (be88d19)
v31.1.0
Features
- Add enable_cilium_clusterwide_network_policy support (#1972) (72cf873)
- Add enable_l4_ilb_subsetting for autopilot clusters (#1969) (c48dc6e)
- add pod_pids_limit for kubelet_config in all modules, example and autogen (#1922) (eec38a2)
- Adding extra permissions to the cluster's default service account (#1943) (4fab404)
- Set boot_disk_kms_key cluster wide and for cluster_autoscaling (#1959) (654868e)
Bug Fixes
- avoid
auto_provisioning_defaultsdrift (#1806) (0005ab9) - firewall rules for autopilot clusters are ineffective. add cluster_network_tag to autopilot cluster network_tags if firewalls are toggled on (#1817) (e7b20cd)
- Fix the value of output "identity_service_enabled" in beta modules (#1982) (a6210fc)
v31.0.0
⚠ BREAKING CHANGES
- TPG>=5.25.0: bump for #1948 (#1955)
- TPG>=5.21: add queued_provisioning (#1950)
- TPG>=5.25.0: Add support for StatefulHA Addon (#1948)
- deps: Update Terraform terraform-google-modules/project-factory/google to v15 (#1936)
Features
- Add local_ssd_ephemeral_count to default configuration (#1944) (04ebd0c)
- add missing dns_cache output in non beta (#1864) (3d5cc9f)
- Add option image_type in cluster_autoscaling block (#1905) (2272164)
- Add secondary_boot_disks to node_pool configuration. (#1946) (11bae67)
- add security posture VULNERABILITY_ENTERPRISE (#1947) (c48c8ab)
- add support for gpu_sharing_config on nodepool (#1874) (b57387c)
- Add threads_per_core setting for node config in node pools (#1942) (e573ced)
- Add upgrade_settings for NAP created node pools (#1908) (c87bb41)
- TPG>=5.21: add queued_provisioning (#1950) (c87333b)
- TPG>=5.25.0: Add support for StatefulHA Addon (#1948) (acbb453)
Bug Fixes
- add gpu_driver_version to recreate list + docs (#1913) (12cf40f)
- deps: Update Terraform terraform-google-modules/project-factory/google to v15 (#1936) (d01e5bc)
- docs: remove beta from docs from non beta arguments (#1957) (3de63b3)
- dynamic block ephemeral_storage_local_ssd_config (#1951) (26eb7c0)
- local nvme ssd count (#1937) (dbd90e3)
- TPG>=5.25.0: bump for #1948 (#1955) (b12c2e7)
v30.3.0
Features
- add enable_l4_ilb_subsetting for GA TPG (#1924) (da0476a)
- adds local_nvme_ssd_block_config to beta-public-cluster (#1912) (f7c2ed9)
- network tags for autoprovisioned node pools (#1920) (f864e8a)
- safer-clusters: add components selection for monitoring (#1851) (15b472f)
Bug Fixes
v30.2.0
Features
v30.1.0
Features
- add direct fleet registration option (#1878) (6b267bd)
- add optional membership_location to fleet-membership (#1860) (163de39)
Bug Fixes
v30.0.0
⚠ BREAKING CHANGES
- TPG>=5.9: cluster autoscaling profile is GA (#1839)
- Update least privilege default service account (#1844)
- TPG>=5.6: use hub membership location for output (#1824)
- Revert create least privilege default service account (#1757) (#1827)
- TF>=1.1: Configure ASM management mode (#1702)
Features
- add advanced datapath observability config option (#1776) (90e9bdf)
- Add support for configuring allow_net_admin in autopilot clusters (#1768) (493149d)
- add support for pod_range in private cluster (#1803) (9c62f1f)
- dual stack (IPV4_IPV6) support (#1818) (d6cb390)
- Make confidential_nodes GA (#1815) (322a5ee)
- promote tpu to ga (#1856) (ba78819)
- TF>=1.1: Configure ASM management mode (#1702) (a9de2d7)
- TPG>=5.6: use hub membership location for output (#1824) (13e79af)
- TPG>=5.9: cluster autoscaling profile is GA (#1839) (495623e)
- Update least privilege default service account (#1844) (c63aa4f)
- workload-identity: Allow passing Google Service Account display_name and description (#1834) (b387621)
Bug Fixes
- Add project ID to the fleet feature membership for ASM (#1832) (1835f80)
- alpha option for cluster creation (#1796) (67b67f3)
- CI: extend wait time for ACM (#1861) (3d840c0)
- Do not ignore "mesh_id" label on "google_container_cluster" resource (#1836) (95641a6)
- Revert create least privilege default service account (#1757) (#1827) (0d7f638)
v29.0.0
⚠ BREAKING CHANGES
- TPGv5: update to TPG v5 (#1761)
- align keepers with ForceNew: true fields (#1698)
- Create least privilege default service account (#1757)
- acm: remove direct kubectl commands (#1751)
- TPG>=4.81.0: add fqdn policies (#1729)
- enabling vulnerability and audit modes for workloads (#1749)
- support for enabling image streaming at cluster level (#1696)
- make promethus configurable (#1715)
- Add support for additional pod secondary ranges at the cluster level (#1738)
Features
- acm: remove direct kubectl commands (#1751) (4c27a6a)
- add security posture (#1750) (5d959a6)
- Add support for additional pod secondary ranges at the cluster level (#1738) (cebc213)
- add support for gpu_driver_installation_config on nodepool (#1767) (f43a241)
- align keepers with ForceNew: true fields (#1698) (3181f6c)
- Create least privilege default service account (#1757) (350faa7)
- enabling vulnerability and audit modes for workloads (#1749) (7bfd6fe)
- make promethus configurable (#1715) (ae26016)
- support for enabling image streaming at cluster level (#1696) (dbb57a2)
- TPG>=4.81.0: add fqdn policies (#1729) (2beb720)
Bug Fixes
- acm: Allow to enable config_sync or policy_controller standalone (#1752) (abdba8c)
- lint updates for dev-tools v1.16 (#1742) (e09ff11)
- TPGv5: update to TPG v5 (#1761) (455a93c)
v28.0.0
⚠ BREAKING CHANGES
- support gcs fuse addon (#1722)
- Add support for disk_size and disk_type for cluster_autoscaling. (#1693)
Features
- add project and location output to fleet-membership (#1740) (825bda6)
- Add support for disk_size and disk_type for cluster_autoscaling. (#1693) (fd233e5)
- Add support for Logging Variant to enable max throughput option (#1616) (acd2d41)
- mesh_certificates support (#1712) (8913ef2)
- promote config_connector_config to ga (#1559) (ae63848)
- support configuring ACM git service account email (#1685) (426f06f)
- support gcs fuse addon (#1722) (2f5a276)
Bug Fixes
v27.0.0
⚠ BREAKING CHANGES
- TPG>=4.32.0: Support enabling Policy Controller mutations (#1665)
Features
- Add protect_config beta feature (#1617) (d252579)
- cluster.tf: add support to set initial release channel version (#1625) (e522073)
- TPG>=4.32.0: Support enabling Policy Controller mutations (#1665) (1173518)
Bug Fixes
- extend acm wait when policy bundles are present (#1657) (e51804e)
- set max firewall name to 36 (#1645) (29d9259)
- update policy-essentials hash
59f4695using ref (#1659) (2fe1715)
v26.1.1
Bug Fixes
v26.1.0
Features
Bug Fixes
- allow ACM module to work w/o metrics sa (#1634) (83a8be2)
- avoid TPG 4.65.0 and 4.65.1 (#1637) (ea3e374)
v26.0.0
⚠ BREAKING CHANGES
- set release_channel and auto_upgrade, drop meshtelemetry (#1618)
- kubernetes ~> 2.13: Remove 1.23 restriction on workload identity module (#1595)
- acm: prevent conflicts in IAM binding (#1576)
Features
- add blue/green upgrade strategy settings (#1551) (db51271)
- add enable_private_nodes options to node_pool network_config (#1604) (48d7590)
- allow setting network tags on autopilot clusters (#1572) (23e9c96)
- Workload Identity module, to bind roles in various projects for the service account created (#1574) (53f0f58)
Bug Fixes
- acm: prevent conflicts in IAM binding (#1576) (a7cfe92)
- Autopilot vertical pod autoscaling (#1564) (6853c61)
- fixes for tflint and dev-tools 1.10 (#1598) (d012313)
- kubernetes ~> 2.13: Remove 1.23 restriction on workload identity module (#1595) (b23bc86)
- node_metadata mapping for GCE_METADATA (#1542) (#1543) (b03ea84)
- nodepool autoscaling vars avail in GKE 1.24.1 result in conflicts. Preserve default behavior (#1562) (98e8dc3)
- PSP removed in GKE >= 1.25.0 (#1622) (530f16b)
- set release_channel and auto_upgrade, drop meshtelemetry (#1618) (3c8dd3a)
- use provided service_account_name if available (#1610) (a42ed88)
Configuration
📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).
🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.
♻ Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.
🔕 Ignore: Close this PR and you won't be reminded about these updates again.
- [ ] If you want to rebase/retry this PR, check this box
This PR was generated by Mend Renovate. View the repository job log.
