v1.123.1

• We do not recommend using 1.123.0 as it contains regression issues around the "state-into-spec" defaulting for resources CloudIdentityGroup, CloudBuildTrigger and FirestoreIndex.

• Special shout-outs to @600lyy ,@acpana ,@anhdle-sso ,@gemmahou ,@hankfreund ,@jasonvigil ,@jingyih ,@justinsb ,@maqiuyujoyce ,@nb-goog ,@xiaoweim ,@yuwenma ,@ziyue-101 for their contributions to this release.

Announcement

• Starting from this version, all the new CRs (CustomResources) will have the cnrm.cloud.google.com/state-into-spec annotation defaulted to absent. This means Config Connector will not populate any unspecified fields into the spec after a successful reconciliation of the resource. The behavior of existing CRs will not be impacted. More details about the Absent behavior can be found here.

• You can use the alpha.cnrm.cloud.google.com/reconciler: direct annotation on DataflowFlexTemplateJob resource to opt-in
  the Direct Cloud Reconciler, which provides an advanced status update solution for some timeout issues.

Direct Cloud Reconciler:

• BigQueryDataTransferConfig (v1alpha1)
• BigQueryConnectionConnection (v1alpha1)

Resources promoted from alpha to beta:

• DataformRepository is now a v1beta1 resource.

New Resources:

• Added support for FirestoreDatabase (v1alpha1) resource.

New Fields:

• BigQueryConnectionConnection
  • Added spec.cloudSql

Bug Fixes:

• fix: Enable TF-based reconciler for SQLInstances without clone source

v1.122.0

v1.122.0

• Special shout-outs to @600lyy, @acpana, @anhdle-sso, @barney-s, @CyberHippo, @gemmahou, @haiyanmeng, @hankfreund, @himanikh, @jasonvigil, @jingyih, @justinsb, @maqiuyujoyce, @marko7460, @xiaoweim, @yuwenma, @ziyue-101 for their contributions to this release.

Direct Cloud Reconciler:

• RedisCluster (v1alpha1)
• SQLInstance

New Resources:

• Added support for RedisCluster (v1alpha1) resource.

New Fields:

• ContainerCluster

  • The spec.nodeConfig.taint can be updated.

• ContainerNodePool

  • The spec.nodeConfig.taint can be updated.

• SQLInstance

  • Add the spec.cloneSource.

• RunJob

  • Add the spec.template.template.volumes[].cloudSqlInstance

v1.121.0

v1.121.0

• Special shout-outs to @600lyy, @acpana, @barney-s, @gemmahou, @haiyanmeng, @hankfreund, @jasonvigil, @jiefenghe, @jingyih, @justinsb, @maqiuyujoyce, @ostrain, @xiaoweim, @yuwenma, @ziyue-101 for their contributions to this release.

Announcement

• We plan to apply the state-into-spec default value Absent to all the ConfigConnector clusters in the v1.123 (next to the next release).

Direct Cloud Reconciler:

• DataformRepository (v1alpha1)

Fixes:

• BigtableInstance

  • When autoscaling is enabled (spec.cluster[].autoscalingConfig.), do not use numNodes (spec.cluster[].numNodes=2) as that applies only to manual scaling.

• BigQueryConnection

  • Added status.observedState field to store the output-only fields which are previously mistakenly defined in spec.

New Fields

• BigQueryTable
  • Added spec.requirePartitionFilter field.

v1.120.1

• IAM configuration can now be applied to PrivateCACAPool, using our direct-actuation approach.

• You can configure the ConfigConnector operator to roll back to install the v1.119.0 CRDs by specifying spec.version: 1.119.0 in the ConfigConnectorContext CR (namespaced mode).

• Special shout-outs to @600lyy,@acpana,@barney-s,@coperni,@gemmahou,@hankfreund,@jasonvigil,@justinsb,@maqiuyujoyce,@nancynh,@xiaoweim,@yuwenma,@zicongmei,@ziyue-101 for their contributions to this release.

Direct Cloud Reconciler:

• CloudBuildWorkerPool
• MonitoringDashboard

Resources promoted from alpha to beta:

• CloudBuildWorkerPool
• CloudIDSEndpoint
• ComputeMangedSSLCertificate

New Fields:

• AlloyDBInstance

  • Added networkConfig field to support Public-IP feature.

• MonitoringAlertPolicy

  • Added spec.severity field.

• MonitoringDashboard

  • Added dashboardFilters support.

  • Added alertChart widgets.

  • Added collapsibleGroup widgets.

  • Added pieChart widgets.

  • Added sectionHeader widgets.

  • Added singleViewGroup widgets.

  • Added timeSeriesTable widgets.

  • Added blankView to scorecard widgets.

  • Added dataSets.targetAxis and y2Axis fields to xyChart widgets.

  • Added id field to all widgets.

  • Added prometheusQuery and outputFullDuration to timeSeriesQuery.

  • Added style fields to text widgets.

  • Added targetAxis field to thresholds.

• StorageBucket

  • Added spec.softDeletePolicy field.
  • Added status.observedState.softDeletePolicy field.

v1.119.0

• This release adds options to configure the reconciliation of the ConfigConnector
• This release adds several new resources and fields.
• Special shout-outs to @acpana, @anhdle-sso, @barney-s, @cheftako, @gemmahou, @hankfreund, @jasonvigil, @jingyih, @justinsb, @maqiuyujoyce, @varsharmavs, @xiaoweim, @yuwenma, @zicongmei, @ziyue-101 for their
  contributions to this release.

New features:

• Add options to configure the reconciliation of the ConfigConnector controller

  • Added a new ControllerReconciler CRD (v1alpha1). See example
  • This feature allows users to customize the client-side kube-apiserver request rate limit.

• Continue moving towards Direct Actuation as our preferred mechanism.

  • The default reconciler now uses Direct Actuation, if the ConfigConnector CRD does not have a cnrm.cloud.google.com/tf2crd: "true" or cnrm.cloud.google.com/dcl2crd: "true" label.

New Resources:

• CloudBuildWorkerPool
  • Added CloudBuildWorkerPool (v1alpha1) resource for service cloudbuild.
  • This resource uses Direct Actuation.

New Fields:

• ComputeForwardingRule

  • Added the spec.target.serviceAttachmentRef field, allowing a ComputeForwaringRule to target a ComputeServiceAttachment.

• ContainerCluster

  • Added previous output-only spec fields to status.observedState
    • Added status.observedState.masterAuth.clusterCaCertificate
    • Added status.observedState.privateClusterConfig.privateEndpoint
    • Added status.observedState.privateClusterConfig.publicEndpoint

v1.118.1

• This release introduces our new direct-reconciliation mechanism to reconcile KCC resources (without relying on terraform). Currently it only applies to LoggingLogMetric.

• Special shout-outs to @199201shubhamsahu, @acpana, @anhdle-sso, @barney-s, @cheftako, @gemmahou, @jingyih, @justinsb, @katrielt, @vmiglani, @xiaoweim and @yuwenma for their
  contributions to this release.

Direct Cloud Reconciler:

• LoggingLogMetric
  • This resource no longer depends on Terraform. Its reconciliation is moved to a KCC direct controller.
  • This is our very first KCC directly-reconciled resource. We will announce more in the upcoming releases. 🎉🎉🎉

New Resource:

• ComputeNetworkFirewallPolicyRule (alpha)

New Fields:

• LoggingLogMetric
  • Add the spec.loggingLogBucketRef field to support bucket reference.

Fixes:

• SQLInstance
  • Fix the permanent diff bug in spec.settings.edition update.

v1.117.0

v1.117.0

• This release improves our support for VertexAI.

• Special shout-outs to @199201shubhamsahu, @acpana, @anhdle-sso, @barney-s,
  @cheftako, @gemmahou, @jingyih, @justinsb, @katrielt, @maqiuyujoyce,
  @nicslatts, @xiaoweim, @yuwenma, @zicongmei and @ziyue-101
  for their contributions to this release.

Resources promoted from alpha to beta:

• VertexAIDataSet

  • Output fields are now in status.observedState.
  • The KMS key is now specified using a reference: spec.encryptionSpec.kmsKeyNameRef

• VertexAIIndex

  • Output fields are now in status.observedState.
  • Note that isCompleteOverwrite is currently not supported: it is not
    obviously compatible with declarative operation.

• VertexAIEndpoints

  • Output fields are now in status.observedState.
  • The KMS key is now specified using a reference: spec.encryptionSpec.kmsKeyNameRef
  • The network is now specified using a reference: spec.networkRef

New Fields:

• ComputeNetwork
  • The spec.enableUlaInternalIpv6 field is no longer immutable - it can now
    be changed without recreating the network.

v1.116.0

• This release includes enhanced support for DNSRecordSet,
  enabling advanced configurations such as geo-routing, primary/backup,
  and weighted round-robin load-balancing.

New Fields:

• ContainerCluster

  • Added spec.nodeConfig.linuxNodeConfig.cgroupMode field.

• ContainerNodePool

  • Added spec.nodeConfig.linuxNodeConfig.cgroupMode field.

• DNSRecordSet

  • Added spec.routingPolicy.geo.healthCheckedTargets field.
  • Added spec.routingPolicy.primaryBackup field.
  • Added spec.routingPolicy.wrr field.

• EventArcTrigger

  • Added spec.destination.httpEndpoint field.
  • Added spec.destination.networkConfig field.

• LoggingLogBucket

  • Added spec.enableAnalytics field.

v1.115.0

v1.115.0

• Better support for AlloyDB secondary clusters and instances.

• Special shout-out to @199201shubhamsahu for their contributions to this release.

New Fields:

• AlloyDBCluster

  • Added spec.clusterType field.
  • Added spec.deletionPolicy field.
  • Added spec.secondaryConfig field.

• AlloyDBInstance

  • Added spec.instanceTypeRef field.

1.114.1

(Version 1.114.0 contained a minor regression discovered after tagging, and was not published; we recommend 1.114.1 instead)

• Stop merging sensitive fields in SQLInstance and ComputeBackendService

• Fix resource deletion of AlloyDBInstance and EdgeContainerNodePool when their "parent objects" no longer exist.

• Initial support (alpha stability) for pausing reconciliation, by setting spec.actuationMode: Paused in the ConfigConnectorContext.

• Initial support (alpha stability) for defaulting state-into-spec to absent (the recommended setting),
  by setting spec.stateIntoSpec: Absent in the ConfigConnectorContext.

• Experimental "powertools" area of the CLI, containing experimental/dangerous functionality that should not be
  part of normal operation, but can sometimes nonetheless be useful.

• Special shout-outs to @Hamzawy63, @hkundag, @katrielt for their
  contributions to this release.

Resources promoted from alpha to beta:

When resources are promoted from alpha to beta, we (generally) ensure they follow our best practices: use of refs on fields where appropriate,
output fields from GCP APIs are in status.observedState.

• AccessContextManagerServicePerimeterResource

New Resources:

• Added support for ComputeNetworkFirewallPolicyAssociation (v1beta1) resource.

• Added support for APIKeysKey (v1alpha1) resource.

New Fields:

• BigQueryDataSet

  • Added access[].iamMember field.

• ComputeAddress

  • Added status.observedState.address field.

• ComputeTargetHttpsProxy

  • Added spec.certificateManagerCertificates field.

• DNSRecordSet

  • Added spec.routingPolicy field.

• GKEHubFeatureMembership

  • Added spec.policycontroller field.