v1.13.0-beta.0

🚨 This is a BETA RELEASE. Use it only for testing purposes. If you find any bugs, file an issue.

More details about the release

⚠️ BETA RELEASE NOTES ⚠️

Changes since v1.12.0

📈 Overview

• 230 new commits merged
• 9 breaking changes ⚠️
• 25 feature additions ✨
• 34 bugs fixed 🐛

📝 Proposals

• Core: Update autoscaling from zero enhancement proposal with node labels and taints configuration clarification (#13308)

⚠️ Breaking Changes

• API/Runtime SDK: Bump Runtime Hooks v1alpha1 types to core CAPI v1beta2 (#13200)
• API: Remove v1alpha3 + v1alpha4 apiVersions (#13199)
• CABPK: Remove deprecated --cluster-concurrency flag in CABPK (#13288)
• ClusterCache: Remove deprecated ClusterCache GetClientCertificatePrivateKey (#13156)
• ClusterClass: Remove deprecated ShouldSkipImmutabilityChecks (#13291)
• clusterctl: Remove deprecated --disable-grouping clusterctl describe cluster flag (#13289)
• clusterctl: Remove deprecated provider CRD migration from clusterctl upgrade (#13290)
• Dependency: Bump to controller-runtime main & controller-tools v0.20 (#13159)
• Misc: Remove deprecated ParseMajorMinorPatchTolerant / ParseMajorMinorPatch (#13292)

✨ New Features

• API: Backport newly introduced v1beta2 API fields to v1beta1 (#13455)
• CABPK: Optimize cache configuration of CABPK & standardize cache/client setup (#13407)
• CAPD: Support externally managed LB (#13362)
• Cluster: Only set ownerReference on InfraCluster/ControlPlane when Topology is defined (#13332)
• ClusterCache: Add ClusterFilter to ClusterCache Options (#12665)
• ClusterClass: Implement support for taints (#13192)
• clusterctl: Allow overriding image name in clusterctl config (#13014)
• Dependency: Bump Go to v1.25.5 (#13164)
• Dependency: Bump to controller-runtime v0.23 (#13245)
• Devtools: Add a flag to skip image preloading (#13143)
• KCP/CABPK: Allow diskSetup to include partition layout (#11634)
• KCP/MachineDeployment/Cluster: Add rolloutAfter to cluster.spec.topology (#13391)
• KCP: Allow remediation of multiple failures in KCP (#13352)
• KCP: Bump coredns/corefile-migration to v1.0.30 (#13282)
• KCP: Implement support for machine taints (#13181)
• Machine: Add Machine status.failureDomain (#13266)
• Machine: Promote MachineWaitForVolumeDetachConsiderVolumeAttachments feature to GA (#13293)
• Metrics/e2e: Add infra CRDs to dashboards, improve/fix dashboards, enable native histograms (#13354)
• Misc: Disable DWARF and symbol table to decrease binary/image size (#12856)
• Misc: Enable PriorityQueue per default (#13171)
• Misc: Promote ReconcileRateLimiting to beta (enabled per default) (#13373)
• Release: Prepare main branch for v1.13 (#13174)
• Testing: Add example / debug suite for envtest (#13453)
• util: Extend conversion tests to cover the "no spec" case (#13409)
• util: Refresh cache entries on cache hit in SSA caches (#13459)

🐛 Bug Fixes

• API: Fix v1beta1 ControlPlane contract to handle .status.initialized correctly (#13186)
• CAPD: Fix "Failed to exec DockerMachine bootstrap" errors in CAPD (#13447)
• CAPD: Remove finalizers during deletion if ownerRef was never set for cluster controllers (#13239)
• CAPIM: Extend CAPD in-memory backend to set CP taint to fix scale tests (#13187)
• CI: Bump trivy to v0.69.2 to fix CI (#13387)
• Cluster: Fix panic in Cluster conversion (#13383)
• ClusterClass/KCP/MachineSet/MachineDeployment: Mitigate managedFields apiserver issue for SSA (#13338)
• ClusterClass: Allow adding spec via ClusterClass JSON patches (#13225)
• ClusterClass: Do not overwrite global http.DefaultClient TLSConfig (#13058)
• ClusterClass: Fix upgradePlan computation in GetUpgradePlanFromClusterClassVersions (#13463)
• Dependency: Bump dependencies to fix CVE GO-2026-4394 (go.opentelemetry.io/otel/sdk pkg) (#13372)
• e2e: Add wait-resource-versions-{become,remain}-stable intervals to e2e config (#13263)
• e2e: Clean up namespace in e2e tests (#13233)
• e2e: Fix cross-ns scale test (#13309)
• e2e: Fix goroutine & memory leak in inmemory provider (#13361)
• e2e: Fix node-label calculation in test extension & fix upgrade test (#13356)
• e2e: Fix WaitForMachinesReady interval (#13050)
• e2e: Increase reconcile timeout for KCP & DockerMachine (#13093)
• e2e: Only retry creating objects that failed (#13265)
• e2e: Tolerate NotFound errors during Namespace deletion in scale test cleanup (#13439)
• KCP/MachineSet: Preserve existing object names for backward compatibility with pre-v1.7 in-place updates (#13124)
• KCP: Grant delete permissions to Secrets. (#13070)
• Machine/MachineSet/MachineDeployment: Fix UpToDate calculation for rolloutAfter (#13404)
• MachineSet: Use MachineSet template values in completeMoveMachine for in-place updates (#13059)
• Misc: Fix bug while setting status for deprecated fields (#13336)
• Runtime SDK: Improve client cert/key rotation of the RuntimeSDK client (#13213)
• Testing/e2e: Fix unit test flakes, improve clusterctl download error in e2e tests (#13045)
• Testing: Fix flaky by waiting for CRD finalizer processing (#13470)
• Testing: Fix flaky TestClusterReconciler unit test (#13180)
• Testing: Fix TestReconcile flake (#13255)
• Testing: Fix webhook envtest tests for Kubernetes < v1.35 (#13170)
• util: Fix a panic in conditions.Delete method if the sources condition list is empty (#13048)
• util: Fix exponential backoff with ReconcilerRateLimiting (#13416)
• util: Fix patchHelper unit test flakes (#13412)

🌱 Others

• API: Deprecate custom Condition types (#13237)
• API: Introduce conversion.MarshalDataUnsafeNoCopy to avoid unnecessary memory allocations during conversion (#13402)
• API: Postpone date when we stop serving v1beta1 (#13394)
• API: Relax validation for Machine .status.addresses to maximum of 128 instead of 32 items (#13060)
• API: Relax validation for Machine .status.addresses to maximum of 256 instead of 128 items (#13395)
• CAPD/CAPIM: Implement .status.failureDomain for DockerMachine & DevMachine (#13286)
• CAPD: Implement pause for DockerMachinePool (#13445)
• CAPD: Improve condition if CAPD Machine is not yet ready for bootstrap exec (#13461)
• CAPD: Move RBAC for devmachinetemplates from main.go to controller.go (#13271)
• CAPIM: Fix inMemory watch (#13229)
• CI: Bump golangci-lint v2.7.0 (#13108)
• CI: Bump Kubernetes version used for testing to v1.35.0-rc.0 (#13103)
• CI: Bump Kubernetes version used for testing to v1.35.0-rc.1 (#13138)
• CI: Drop security scan on 1.10 (#13454)
• CI: Dump resources in scale test (#13232)
• CI: Improve Fake API server (#13183)
• CI: Inmemory APIserver fails for unsupported fieldSelectors (#13306)
• CI: Revive the debug endpoint for CAPDev in-memory (#13423)
• CI: Use env test 1.35.0 (#13168)
• ClusterCache: Remove stack traces from ClusterCache errors (#13396)
• ClusterClass: Add validation in ClusterClass for CP MachineInfra (#13378)
• ClusterClass: Fix test compute control plane version (#13287)
• ClusterClass: Improve topology diff (#13166)
• ClusterClass: Simplify GetUpgradePlanFromClusterClassVersions (#13276)
• clusterctl: Bump cert-manager v1.19.4 (#13376)
• clusterctl: Drop handling of old cert-manager annotation in clusterctl (#13202)
• clusterctl: Update cert-manager to v1.19.3 (#13307)
• clusterctl: Update to cert-manager v1.19.2 (#13277)
• ClusterResourceSet: Remove ClusterResourceSet ensureKubernetesServiceCreated (#13158)
• ClusterResourceSet: Set WithOwnedV1Beta1Conditions for ClusterResourceSet patch (#13267)
• Community meeting: Add AndiDog as machine pool area reviewer (#13033)
• Dependency: Bump go 1.25.7 (#13323)
• Dependency: Bump Go to v1.24.11 (#13106)
• Dependency: Bump Go to v1.25.6 (#13240)
• Dependency: Bump go v1.25.8 (#13428)
• Dependency: Bump go-github to v82 (#13296)
• Dependency: Bump golang.org/x/net to v0.51 to fix CVE (#13392)
• Devtools: Add additional_uncategorized_resources for Tilt (#13312)
• Devtools: Add labels to cluster deployment form fields (#13441)
• Devtools: Bump CAPI Visualizer to v1.5.0 (#13222)
• Devtools: Enable native histograms in Grafana / Prometheus (#13304)
• Devtools: Make kind image configurable via env var for make tilt-up (#13333)
• Devtools: Updated dev observability stack (#13044)
• e2e: 0 in e2e tests (#13429)
• e2e: Add json struct tags to ContainerImage (#13130)
• e2e: Add retry in test framework when getting manifest YAMLs (#13357)
• e2e: Bump autoscaler version used for testing to v1.34.2 (#13102)
• e2e: Bump autoscaler version used for testing to v1.35.0 (#13353)
• e2e: Bump kind to v0.31.0 (#13162)
• e2e: Bump Kubernetes version used for testing to v1.35.0 (#13151)
• e2e: Bump to etcd-v3.6.6-0 (#13144)
• e2e: Do not expect Machines for MachinePools not supporting Machines (#13071)
• e2e: Drop handling for clusterctl < v1.7.2 in e2e tests & framework (#13347)
• e2e: Drop unused e2e test template & handling for Kubernetes < v1.25 in e2e CC (#13348)
• e2e: Extend test extension to improve test coverage (#13343)
• e2e: Make clusterctl upgrade test to work when there are no machines (#13072)
• e2e: Remove handling for Kubernetes <= v1.28 in clusterctl upgrade test (#13157)
• e2e: Skip test using outdated docker client (#13125)
• e2e: Small cleanup in the RuntimeSDK test (#13274)
• e2e: Start testing against Kubernetes v1.36 (#13152)
• e2e: Use crane to pre-pull images instead of docker pull (#13113)
• KCP: Drop unnecessary etcd call in KCP (#13330)
• KCP: Fix flaky KCP test (#13374)
• KCP: KCP should read only KCP machines (#13457)
• KCP: KCP should report missing certificates (#13175)
• KCP: KCP should report missing Node labels and taint (#13176)
• KCP: Migrate from Requeue to RequeueAfter in kcp (#13028)
• KCP: Remove live list Machine c...

v1.12.4

👌 Kubernetes version support

• Management Cluster: v1.31.x -> v1.35.x
• Workload Cluster: v1.29.x -> v1.35.x

More information about version support can be found here

Highlights

Starting from this release ReconcilerRateLimiting feature also requires PriorityQueue to be enabled.
This ensures that ReconcilerRateLimiting works consistently with controller runtime ExponentialBackoff.

Changes since v1.12.3

📈 Overview

• 17 new commits merged
• 9 bugs fixed 🐛

🐛 Bug Fixes

• CAPD: Fix "Failed to exec DockerMachine bootstrap" errors in CAPD (#13451)
• CI: Bump trivy to v0.69.2 to fix CI (#13388)
• Cluster: Fix panic in Cluster conversion (#13384)
• ClusterClass/KCP/MachineSet/MachineDeployment: Implement mitigation for managedFields issue with SSA in apiserver (#13355)
• ClusterClass: Fix upgradePlan computation in GetUpgradePlanFromClusterClassVersions (#13471)
• Dependency: Bump dependencies to fix CVE GO-2026-4394 (go.opentelemetry.io/otel/sdk pkg) (#13377)
• e2e: Only retry creating objects that failed (#13430)
• Machine/MachineSet/MachineDeployment: Fix UpToDate calculation for rolloutAfter (#13406)
• util: Fix exponential backoff with ReconcilerRateLimiting (#13427)

🌱 Others

• API: Relax validation for Machine .status.addresses to maximum of 256 instead of 128 items (#13399)
• CAPD: Implement pause for DockerMachinePool (#13448)
• clusterctl: Bump cert-manager v1.19.4 (#13381)
• Dependency: Bump cloudflare/circl (#13438)
• Dependency: Bump go v1.25.8 (#13432)
• e2e: Add retry in test framework when getting manifest YAMLs (#13358)
• e2e: Bump autoscaler version used for testing to v1.35.0 (#13375)
• e2e: Improve condition if CAPD Machine is not yet ready for bootstrap exec (#13468)

Dependencies

Added

• github.com/cenkalti/backoff/v5: v5.0.3
• gonum.org/v1/gonum: v0.16.0

Changed

• cloud.google.com/go/compute/metadata: v0.6.0 → v0.9.0
• github.com/GoogleCloudPlatform/opentelemetry-operations-go/detectors/gcp: v1.26.0 → v1.30.0
• github.com/cloudflare/circl: v1.6.1 → v1.6.3
• github.com/cncf/xds/go: 2f00578 → 0feb691
• github.com/envoyproxy/go-control-plane/envoy: v1.32.4 → v1.35.0
• github.com/envoyproxy/go-control-plane: v0.13.4 → 75eaa19
• github.com/go-jose/go-jose/v4: v4.0.4 → v4.1.3
• github.com/golang/glog: v1.2.4 → v1.2.5
• github.com/grpc-ecosystem/grpc-gateway/v2: v2.26.3 → v2.27.7
• github.com/spiffe/go-spiffe/v2: v2.5.0 → v2.6.0
• go.opentelemetry.io/auto/sdk: v1.1.0 → v1.2.1
• go.opentelemetry.io/contrib/detectors/gcp: v1.34.0 → v1.38.0
• go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp: v0.58.0 → v0.65.0
• go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracegrpc: v1.34.0 → v1.40.0
• go.opentelemetry.io/otel/exporters/otlp/otlptrace: v1.34.0 → v1.40.0
• go.opentelemetry.io/otel/metric: v1.35.0 → v1.40.0
• go.opentelemetry.io/otel/sdk/metric: v1.34.0 → v1.40.0
• go.opentelemetry.io/otel/sdk: v1.34.0 → v1.40.0
• go.opentelemetry.io/otel/trace: v1.35.0 → v1.40.0
• go.opentelemetry.io/otel: v1.35.0 → v1.40.0
• go.opentelemetry.io/proto/otlp: v1.5.0 → v1.9.0
• golang.org/x/crypto: v0.45.0 → v0.47.0
• golang.org/x/mod: v0.29.0 → v0.31.0
• golang.org/x/net: v0.47.0 → v0.49.0
• golang.org/x/oauth2: v0.33.0 → v0.34.0
• golang.org/x/sync: v0.18.0 → v0.19.0
• golang.org/x/sys: v0.38.0 → v0.40.0
• golang.org/x/telemetry: 078029d → 8fff8a5
• golang.org/x/term: v0.37.0 → v0.39.0
• golang.org/x/text: v0.31.0 → v0.33.0
• golang.org/x/tools: v0.38.0 → v0.40.0
• google.golang.org/genproto/googleapis/api: a0af3ef → 8636f87
• google.golang.org/genproto/googleapis/rpc: a0af3ef → 8636f87
• google.golang.org/grpc: v1.72.3 → v1.78.0
• google.golang.org/protobuf: v1.36.7 → v1.36.11
• sigs.k8s.io/structured-merge-diff/v6: v6.3.0 → d9cc664

Removed

• github.com/zeebo/errs: v1.4.0

Thanks to all our contributors! 😊

v1.11.7

👌 Kubernetes version support

• Management Cluster: v1.30.x -> v1.34.x
• Workload Cluster: v1.28.x -> v1.34.x

More information about version support can be found here

Changes since v1.11.6

📈 Overview

• 11 new commits merged
• 5 bugs fixed 🐛

🐛 Bug Fixes

• CAPD: Fix "Failed to exec DockerMachine bootstrap" errors in CAPD (#13452)
• CI: Bump trivy to v0.69.2 to fix CI (#13389)
• ClusterClass/KCP: Implement mitigation for managedFields issue for KCP with SSA in apiserver (#13426)
• Dependency: Bump dependencies to fix CVE GO-2026-4394 (go.opentelemetry.io/otel/sdk pkg) (#13379)
• e2e: Only retry creating objects that failed (#13431)

🌱 Others

• API: Relax validation for Machine .status.addresses to maximum of 256 instead of 128 items (#13400)
• CAPD: Implement pause for DockerMachinePool (#13449)
• clusterctl: Bump cert-manager v1.19.4 (#13380)
• Dependency: Bump go v1.25.8 (#13434)
• e2e: Add retry in test framework when getting manifest YAMLs (#13359)
• e2e: Improve condition if CAPD Machine is not yet ready for bootstrap exec (#13469)

Dependencies

Added

• github.com/cenkalti/backoff/v5: v5.0.3
• github.com/go-jose/go-jose/v4: v4.1.3
• github.com/spiffe/go-spiffe/v2: v2.6.0
• gonum.org/v1/gonum: v0.16.0
• sigs.k8s.io/structured-merge-diff/v6: v6.3.2

Changed

• cel.dev/expr: v0.19.1 → v0.24.0
• cloud.google.com/go/compute/metadata: v0.6.0 → v0.9.0
• github.com/GoogleCloudPlatform/opentelemetry-operations-go/detectors/gcp: v1.25.0 → v1.30.0
• github.com/cloudflare/circl: v1.6.1 → v1.6.3
• github.com/cncf/xds/go: cff3c89 → 0feb691
• github.com/envoyproxy/go-control-plane/envoy: v1.32.4 → v1.35.0
• github.com/envoyproxy/go-control-plane: v0.13.4 → 75eaa19
• github.com/golang/glog: v1.2.4 → v1.2.5
• github.com/grpc-ecosystem/grpc-gateway/v2: v2.24.0 → v2.27.7
• github.com/rogpeppe/go-internal: v1.13.1 → v1.14.1
• github.com/stretchr/testify: v1.10.0 → v1.11.1
• go.opentelemetry.io/auto/sdk: v1.1.0 → v1.2.1
• go.opentelemetry.io/contrib/detectors/gcp: v1.34.0 → v1.38.0
• go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp: v0.58.0 → v0.65.0
• go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracegrpc: v1.33.0 → v1.40.0
• go.opentelemetry.io/otel/exporters/otlp/otlptrace: v1.33.0 → v1.40.0
• go.opentelemetry.io/otel/metric: v1.34.0 → v1.40.0
• go.opentelemetry.io/otel/sdk/metric: v1.34.0 → v1.40.0
• go.opentelemetry.io/otel/sdk: v1.34.0 → v1.40.0
• go.opentelemetry.io/otel/trace: v1.34.0 → v1.40.0
• go.opentelemetry.io/otel: v1.34.0 → v1.40.0
• go.opentelemetry.io/proto/otlp: v1.4.0 → v1.9.0
• go.yaml.in/yaml/v3: v3.0.3 → v3.0.4
• golang.org/x/crypto: v0.45.0 → v0.47.0
• golang.org/x/mod: v0.29.0 → v0.31.0
• golang.org/x/net: v0.47.0 → v0.49.0
• golang.org/x/oauth2: v0.30.0 → v0.34.0
• golang.org/x/sync: v0.18.0 → v0.19.0
• golang.org/x/sys: v0.38.0 → v0.40.0
• golang.org/x/telemetry: 078029d → 8fff8a5
• golang.org/x/term: v0.37.0 → v0.39.0
• golang.org/x/text: v0.31.0 → v0.33.0
• golang.org/x/tools: v0.38.0 → v0.40.0
• google.golang.org/genproto/googleapis/api: 5f5ef82 → 8636f87
• google.golang.org/genproto/googleapis/rpc: 1a7da9e → 8636f87
• google.golang.org/grpc: v1.71.3 → v1.78.0
• google.golang.org/protobuf: v1.36.6 → v1.36.11

Removed

Nothing has changed.

Thanks to all our contributors! 😊

v1.12.3

👌 Kubernetes version support

• Management Cluster: v1.31.x -> v1.35.x
• Workload Cluster: v1.29.x -> v1.35.x

More information about version support can be found here

Changes since v1.12.2

📈 Overview

• 7 new commits merged
• 1 feature addition ✨
• 2 bugs fixed 🐛

✨ New Features

• KCP: Bump coredns/corefile-migration to v1.0.30 (#13294)

🐛 Bug Fixes

• e2e: Add wait-resource-versions-{become,remain}-stable intervals to e2e config (#13328)
• Misc: Fix bug while setting status for deprecated fields (#13344)

🌱 Others

• clusterctl: Update cert-manager to v1.19.3 (#13314)
• clusterctl: Update to cert-manager v1.19.2 (#13278)
• Dependency: Go bump 1.24.13 (#13324)

📖 Additionally, there has been 1 contribution to our documentation and book. (#13261)

Dependencies

Added

Nothing has changed.

Changed

• github.com/coredns/corefile-migration: v1.0.29 → v1.0.30

Removed

Nothing has changed.

Thanks to all our contributors! 😊

v1.11.6

👌 Kubernetes version support

• Management Cluster: v1.30.x -> v1.34.x
• Workload Cluster: v1.28.x -> v1.34.x

More information about version support can be found here

Changes since v1.11.5

📈 Overview

• 6 new commits merged
• 1 feature addition ✨
• 2 bugs fixed 🐛

✨ New Features

• KCP: Bump coredns/corefile-migration to v1.0.30 (#13295)

🐛 Bug Fixes

• e2e: Add wait-resource-versions-{become,remain}-stable intervals to e2e config (#13331)
• Misc: Fix bug while setting status for deprecated fields (#13345)

🌱 Others

• clusterctl: Update cert-manager to v1.19.3 (#13313)
• clusterctl: Update to cert-manager v1.19.2 (#13279)
• Dependency: Go bump 1.24.13 (#13325)

Dependencies

Added

Nothing has changed.

Changed

• github.com/coredns/corefile-migration: v1.0.29 → v1.0.30

Removed

Nothing has changed.

Thanks to all our contributors! 😊

v1.12.2

👌 Kubernetes version support

• Management Cluster: v1.31.x -> v1.35.x
• Workload Cluster: v1.29.x -> v1.35.x

More information about version support can be found here

Changes since v1.12.1

📈 Overview

• 14 new commits merged
• 4 bugs fixed 🐛

🐛 Bug Fixes

• API: Fix v1beta1 ControlPlane contract to handle .status.initialized correctly (#13188)
• ClusterClass: Allow adding spec via ClusterClass JSON patches (#13226)
• Runtime SDK: Improve client cert/key rotation of the RuntimeSDK client (#13217)
• Testing: Fix webhook envtest tests for Kubernetes < v1.35 (#13172)

🌱 Others

• CI: Use env test 1.35.0 (#13169)
• ClusterClass: Improve topology diff (#13173)
• Dependency: Bump Go to v1.24.12 (#13241)
• Dependency: Bump to controller-runtime v0.22.5 (#13246)
• KCP: Remove the ControlPlaneKubeletLocalMode for kubeadm 1.36 later (#13211)
• MachineHealthCheck: Decrease verbosity for MHC log entry (#13203)

📖 Additionally, there have been 4 contributions to our documentation and book. (#13197, #13198, #13208, #13219)

Dependencies

Added

Nothing has changed.

Changed

• k8s.io/api: v0.34.2 → v0.34.3
• k8s.io/apiextensions-apiserver: v0.34.2 → v0.34.3
• k8s.io/apimachinery: v0.34.2 → v0.34.3
• k8s.io/apiserver: v0.34.2 → v0.34.3
• k8s.io/client-go: v0.34.2 → v0.34.3
• k8s.io/code-generator: v0.34.2 → v0.34.3
• k8s.io/component-base: v0.34.2 → v0.34.3
• k8s.io/kms: v0.34.2 → v0.34.3
• sigs.k8s.io/controller-runtime: v0.22.4 → v0.22.5

Removed

Nothing has changed.

Thanks to all our contributors! 😊

v1.11.5

👌 Kubernetes version support

• Management Cluster: v1.30.x -> v1.34.x
• Workload Cluster: v1.28.x -> v1.34.x

More information about version support can be found here

Changes since v1.11.4

📈 Overview

• 5 new commits merged
• 4 bugs fixed 🐛

🐛 Bug Fixes

• API: Fix v1beta1 ControlPlane contract to handle .status.initialized correctly (#13189)
• ClusterClass: Allow adding spec via ClusterClass JSON patches (#13227)
• KCP: Grant delete permissions to Secrets. (#13230)
• Runtime SDK: Improve client cert/key rotation of the RuntimeSDK client (#13214)

🌱 Others

• Dependency: Bump Go to v1.24.12 (#13244)

Dependencies

Added

Nothing has changed.

Changed

Nothing has changed.

Removed

Nothing has changed.

Thanks to all our contributors! 😊

v1.10.10

👌 Kubernetes version support

• Management Cluster: v1.28.x -> v1.33.x
• Workload Cluster: v1.26.x -> v1.33.x

More information about version support can be found here

Changes since v1.10.9

📈 Overview

• 1 new commit merged
• 1 bug fixed 🐛

🐛 Bug Fixes

• Runtime SDK: Improve client cert/key rotation of the RuntimeSDK client (#13215)

Dependencies

Added

Nothing has changed.

Changed

Nothing has changed.

Removed

Nothing has changed.

Thanks to all our contributors! 😊

v1.12.1

👌 Kubernetes version support

• Management Cluster: v1.31.x -> v1.35.x
• Workload Cluster: v1.29.x -> v1.35.x

More information about version support can be found here

Highlights

• Support for Kubernetes v1.35

Changes since v1.12.0

📈 Overview

• 8 new commits merged
• 1 bug fixed 🐛

🐛 Bug Fixes

• KCP/MachineSet: Preserve existing object names for backward compatibility with pre-v1.7 in-place updates (#13147)

🌱 Others

• CI: Bump Kubernetes version used for testing to v1.35.0-rc.1 (#13139)
• e2e: Bump kind to v0.31.0 (#13163)
• e2e: Bump Kubernetes version used for testing to v1.35.0 (#13161)
• e2e: Bump to etcd-v3.6.6-0 (#13145)

📖 Additionally, there have been 3 contributions to our documentation and book. (#13141, #13154, #13160)

Dependencies

Added

Nothing has changed.

Changed

Nothing has changed.

Removed

Nothing has changed.

Thanks to all our contributors! 😊

v1.12.0

👌 Kubernetes version support

• Management Cluster: v1.31.x -> v1.34.x
• Workload Cluster: v1.29.x -> v1.34.x

More information about version support can be found here

Highlights

• Bumped to Go 1.24, controller-runtime v0.22, k8s.io/* v0.34, controller-gen v0.19
• In-place updates
  • Cluster API introduces support for update extensions allowing users to execute changes on existing machines without deleting the machines and creating a new one.
  • Both KCP and Machine deployments support in-place updates based on the new update extension
  • Can be enabled with the new InPlaceUpdates feature gate
  • More details can be found in the proposal
• Chained upgrades
  • Clusters using managed topologies can now upgrade by more than one minor Kubernetes version by performing chained and efficient upgrades.
  • Upgrade plan will be computed using Kubernetes version from the ClusterClass or by calling a new runtimeExtension (also defined in the ClusterClass)
  • Existing lifecycle hooks have been adapted to the new workflow, new lifecycle hooks have been introduced to allow granular control of the upgrade steps.
  • More details can be found in the proposal
• MachineHealthCheck: Add support for checking Machine conditions (#12827)
• Machine: First part of the Taint propagation proposal (Machine/MachineSet/MachineDeployment) (#12936, #12966)
  • Feature tracking issue
  • Can be enabled with the new MachineTaintPropagation feature gate
• KCP/CABPK: Add EncryptionAlgorithm field to Kubeadmconfig to support keys generated with RSA-3072, RSA-4096, ECDSA-P256, ECDSA-P384 (#12859)
• Introduce ReconcilerRateLimiting feature (#13006)
  • Can be enabled with the new ReconcilerRateLimiting feature gate
  • Rate-limits all reconcilers to at most 1 request per second

Note: Cluster API is only supported on conformant Kubernetes Clusters and contract-relevant provider resources (e.g. InfraCluster) have to be implemented as CRDs (i.e. not via an aggregated apiserver).

Other changes

• clusterctl: Add conditions filter for clusterctl describe (#12991)
• clusterctl: clusterctl move blocks when Cluster or ClusterClass is paused (#12786)
• KCP: Enable websocket dialer with fallback to spdy (for communication with etcd) (#12902)
• Runtime SDK: Add defensive response status checking in runtime client (#12898)
• Improved logging across several controllers
• Improved e2e test coverage, e.g.: CAPD: Add scale from/to 0 support for CAPD (#12572)
• New providers in clusterctl: HCP (#12800) control plane provider, Metal3 IPAM provider (#12756), metal-stack infrastructure provider (#12925)

Deprecation and Removals Warning

• ClusterResourceSet: Remove deprecated ClusterResourceSet feature gate (#12950)
• Reminder: v1alpha3 & v1alpha4 will be removed in CAPI v1.13 (they are already not served since a while)
• Reminder: v1beta1 is on track to be unserved in CAPI v1.14
  • Reminder: Provider should start implementing the v1beta2 contract ASAP.

For additional details for providers, please take a look at Cluster API v1.11 compared to v1.12.

Changes since v1.11.0

📈 Overview

• 298 new commits merged
• 5 breaking changes ⚠️
• 42 feature additions ✨
• 42 bugs fixed 🐛

⚠️ Breaking Changes

• CI: Improve KAL config docs for forbidding OpenAPI defaulting (#12869)
• clusterctl: Block move when Cluster or ClusterClass is paused (#12786)
• Dependency: Bump to controller-runtime v0.22 & controller-tools v0.19 (#12634)
• Runtime SDK: Improve chained upgrade observability (#12973)
• Runtime SDK: Make the AfterClusterUpgrade hook blocking (#12984)

✨ New Features

• API/Machine/MachineSet/MachineDeployment: Machine related API changes, conversion and feature gate (#12936)
• CABPK: Add EncryptionAlgorithm to Kubeadmconfig (#12859)
• CAPD: Add scale from/to 0 support for CAPD (#12572)
• CI: Bump autoscaler to a9cb59fdd (#12643)
• CI: Bump Kubernetes in tests to v1.34.0 and claim support for v1.34 (#12699)
• ClusterCache/KCP: Deprecate GetClientCertificatePrivateKey and stop using it in KCP (#12846)
• ClusterCache: Add GetUncachedClient() (#12803)
• ClusterClass: Add .spec.upgrade.external.generateUpgradePlanExtension field to ClusterClass (#12809)
• ClusterClass: Add types and hook for GenerateUpgradePlan (#12823)
• ClusterClass: Additional validation in Cluster/ClusterClass webhook for chained upgrades (#12816)
• ClusterClass: Call GenerateUpgradePlanRequest Runtime Extension (#12903)
• ClusterClass: Implement core logic for chained upgrades (#12726)
• clusterctl: Add conditions filter for clusterctl describe (#12991)
• Control-plane: Add new control-plane provider HCP (#12800)
• e2e: Bump Kubernetes version used for testing to v1.34.0-rc.1 (#12623)
• e2e: Bump Kubernetes version used for testing to v1.34.0-rc.2 (#12658)
• e2e: Bump Kubernetes version used for testing to v1.35.0-beta.0 (#13029)
• e2e: Change RuntimeSDK e2e test ClusterClass to use GenerateUpgradePlan extension (#12955)
• e2e: Implement e2e test for in-place updates (#12938)
• KCP/CABPK/CI: Bump KAL to pick up latest requiredfields linter, add Min/MaxLength to BootstrapToken (#12563)
• KCP/MachineSet: Refactor BootstrapConfig/InfraMachine managedFields for in-place (#12890)
• KCP: Bump coredns/corefile-migration to v1.0.28 (#12748)
• KCP: Bump coredns/corefile-migration to v1.0.29 (#12862)
• KCP: Bump corefile-migration to v1.0.27 (#12636)
• KCP: Compare ClusterConfiguration via KubeadmConfig instead of annotation on Machine (#12758)
• KCP: Extend rollout logic for in-place updates (#12840)
• KCP: Implement CanUpdateMachine (#12857)
• KCP: Implement trigger in-place update (#12897)
• Machine: Add in-place updates support for machine controller (#12831)
• MachineDeployment: Add in-place to rollout planner (#12865)
• MachineDeployment: Implement CanUpdateMachineSet (#12965)
• MachineHealthCheck: Add support for checking Machine conditions in MachineHealthCheck (#12827)
• Misc: Add inplace updates featuregate (#12755)
• Misc: Improve logs, errors and conditions (#12992)
• Misc: Introduce & use wait for cache utils (#12957)
• Misc: Introduce reconciler rate-limiting and hook caching (#13006)
• Runtime SDK/IPAM/MachinePool: Cleanup exp packages (#12651)
• Runtime SDK: Add in-place update hooks to API (#12343)
• Runtime SDK: Add lifecycle hooks for chained-upgrade (#12878)
• Runtime SDK: Call new lifecycle hooks for chained-upgrades (#12891)
• Runtime SDK: Ensure ExtensionConfig controller can be used outside of the core provider (#12754)
• Runtime SDK: Implement GenerateUpgradePlan handler (#12927)

🐛 Bug Fixes

• API: Only try to convert infraRefs if they are set (#12686)
• API: Register conversion funcs in schemes (#12687)
• CABPK: Always use latest apiVersion when getting owner of KubeadmConfig in CABPK (#12685)
• CAPD: CAPD on rootless podman (#12941)
• CAPD: Fix the format error of healthCheck in test templates (#12787)
• CAPD: Remove finalizers during deletion if ownerRef was never set (#12675)
• CAPD: Run CAPD conversion tests in CI (#12583)
• CAPIM: Eliminate data race in DialContext (#12778)
• ClusterClass/MachinePool: Fix MP error in desired state calculation during Cluster creation (#12607)
• ClusterClass: Do not overwrite global http.DefaultClient TLSConfig (#13063)
• ClusterClass: Ensure holder field path in GeneratePatchRequest is set based on contract (#12684)
• ClusterClass: Fix field paths in ClusterClass compatibility validation errors (#12660)
• ClusterClass: Fix wait for cache in reconcile_state.go (#13032)
• ClusterClass: Stop adding conversion-data annotation to Cluster object (#12719)
• ClusterClass: Stop writing zero values for spec.controlPlaneEndpoint to ControlPlane objects (#12958)
• clusterctl: Removing Ready/Available prefix from STATUS Column (#12729)
• clusterctl: Verify providers need upgrade before applying (#12753)
• Devtools: Fix kube-state-metrics deployment (#13024)
• e2e: Do not require kubetest configration if not needed (#12948)
• e2e: Fix autoscaler e2e test flake (#12613)
• e2e: Fix e2e test issues introduced by chained upgrades (#12766)
• e2e: Fix objects with Changed Resource Versions flake (#12848)
• e2e: Fix upgrade runtimesdk test (#12833)
• e2e: Fix WaitForMachinesReady interval (#13051)
• e2e: Increase reconcile timeout for DockerMachine (#13099)
• e2e: Propagate clusterctl variables for cluster upgrades (#12949)
• KCP: Fix ControlPlaneComponentHealthCheckSeconds validation in KubeadmConfigSpec.Validate (#12609)
• KCP: Fix conversion issue in KubeadmControlPlaneTemplate with rolloutStrategy.type (#12608)
• KCP: Fix KCP KubeadmConfig isJoin detection (#13035)
• KCP: Grant delete permissions to Secrets. (#13097)
• Machine/MachinePool: Fix MachinePool nodeRef UID mismatch after K8s upgrade (#12392)
• Machine/MachineSet: Use MachineSet template values in completeMoveMachine for in-place updates (#13085)
• MachineDeployment: Fix race conditions ScaleDownOldMS (#12812)
• MachineDeployment: Fix race conditions ScaleDownOldMS OnDelete (#12830)
• MachineDeployment: Fix rollout with unavailable machines (#13020)
  -...