v1.30.8

Cloud Provider Azure v1.30.8

Full Changelog: v1.30.7..v1.30.8

Changes by Kind

Testing

Feature

  • Feat: Lock updates on azure resources when other component is doing the same thing.

    This PR utilizes a lease in each service reconciliation to prevent race conditions where cloud provider and others are updating the same azure resources. (#7342, @nilo19)

  • Feat: always match source account in restore and volume clone scenarios (#8152, @andyzhangx)

  • [credential provider] Add a flag mirrorMapping. This flag is to mirror registry A to B when fetching credential. (#7336, @k8s-infra-cherrypick-robot)

Bug or Regression

  • Fix checking service references from tags when deleting PIP (#7262, @zarvd)
  • Fix: AzureStack env var setting issue (#8129, @andyzhangx)
  • Fix: Change the order of updating vmss vm and vmss (#7540, @k8s-infra-cherrypick-robot)
  • Fix: Support switching from loadbalancer to externalName for services (#7566, @k8s-infra-cherrypick-robot)
  • Fix: VirtualNetworkRule match issue during account search (#8153, @andyzhangx)
  • Fix: several bugs related to multiple standard load balancers mode.
    1. All endpointslices of a local service should be included in local backend pool updater, instead of only the first endpointslice.
    2. In some rare cases, migration from NIC to IP-based LB can be in a middle state where the NIC references are removed, but those IPConfigs in the backend pool are not. In this case, we should manually exclude those IPConfigs from the request body.
    3. localServiceOwnsBackendPool should compare the full backend pool name, not just prefix, because two service names can share the same prefix.
    4. There is a corner case when the cluster is being updated to multi-slb from classic NIC-based single lb, not from an IP-based cluster. In this case, if the service being reconciled is local, the cloud provider will try to update a NIC pool to IP-based pool direct, which is not allowed. We should skip adding IPs to NIC-based pool in multi-slb mode.
    5. There is a bug in ReconcileBackendPools, where we by mistake parse the LB name to use as the backend pool name. (#7606, @nilo19)
  • Introduced prefix-based matching for systemTags during tag reconciliation.
    • Tags starting with a prefix defined in systemTags (e.g., aks-managed) will now be matched and retained.
    • For example: Adding aks-managed to systemTags ensures tags like aks-managed-cluster-name and aks-managed-cluster-rg are preserved. (#8149, @nilo19)
  • Tags with values resembling “null” (e.g., " null " or " NuLL “) will now retain their leading and trailing whitespace during inheritance or updates to avoid errors caused by ARM’s reserved tag value “null”. This change only affects tags with such specific values, ensuring all other tags continue to have whitespace trimmed as before. (#8119, @nilo19)

Other (Cleanup or Flake)

Dependencies

Added

  • github.com/Azure/azure-sdk-for-go/sdk/azidentity/cache: v0.3.1
  • github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/compute/armcompute/v6: v6.3.0
  • github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/containerservice/armcontainerservice/v5: v5.0.0
  • github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/containerservice/armcontainerservice/v6: v6.3.0
  • github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/network/armnetwork/v6: v6.2.0
  • github.com/AzureAD/microsoft-authentication-extensions-for-go/cache: v0.1.1
  • github.com/dgryski/go-rendezvous: 9f7001d
  • github.com/keybase/go-keychain: 57a3676
  • github.com/redis/go-redis/v9: v9.7.0
  • go.opentelemetry.io/auto/sdk: v1.1.0
  • gopkg.in/evanphx/json-patch.v4: v4.12.0

Changed

  • github.com/Azure/azure-sdk-for-go/sdk/azcore: v1.14.0 → v1.17.0
  • github.com/Azure/azure-sdk-for-go/sdk/azidentity: v1.7.0 → v1.8.1
  • github.com/Azure/azure-sdk-for-go/sdk/containers/azcontainerregistry: v0.2.1 → v0.2.2
  • github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/privatedns/armprivatedns: v1.2.0 → v1.3.0
  • github.com/Azure/azure-sdk-for-go/sdk/security/keyvault/azsecrets: v1.1.0 → v1.3.0
  • github.com/Azure/azure-sdk-for-go/sdk/security/keyvault/internal: v1.0.0 → v1.1.0
  • github.com/Azure/go-autorest/autorest/date: v0.3.0 → v0.3.1
  • github.com/Azure/go-autorest/autorest/mocks: v0.4.2 → v0.4.3
  • github.com/Azure/go-autorest/autorest: v0.11.29 → v0.11.30
  • github.com/Azure/go-autorest/tracing: v0.6.0 → v0.6.1
  • github.com/AzureAD/microsoft-authentication-library-for-go: v1.2.2 → v1.3.2
  • github.com/evanphx/json-patch: v5.9.0+incompatible → v5.9.11+incompatible
  • github.com/fsnotify/fsnotify: v1.7.0 → v1.8.0
  • github.com/fxamacker/cbor/v2: v2.6.0 → v2.7.0
  • github.com/go-openapi/jsonpointer: v0.19.6 → v0.21.0
  • github.com/go-openapi/swag: v0.22.4 → v0.23.0
  • github.com/google/pprof: fa2c70b → 40e02aa
  • github.com/onsi/ginkgo/v2: v2.20.2 → v2.22.2
  • github.com/onsi/gomega: v1.34.2 → v1.36.2
  • github.com/prometheus/client_golang: v1.20.3 → v1.20.5
  • github.com/prometheus/common: v0.59.1 → v0.61.0
  • github.com/rogpeppe/go-internal: v1.12.0 → v1.13.1
  • github.com/spf13/pflag: v1.0.5 → v1.0.6
  • github.com/stretchr/testify: v1.9.0 → v1.10.0
  • go.opentelemetry.io/otel/exporters/prometheus: v0.52.0 → v0.56.0
  • go.opentelemetry.io/otel/metric: v1.30.0 → v1.34.0
  • go.opentelemetry.io/otel/sdk/metric: v1.30.0 → v1.34.0
  • go.opentelemetry.io/otel/sdk: v1.30.0 → v1.34.0
  • go.opentelemetry.io/otel/trace: v1.30.0 → v1.34.0
  • go.opentelemetry.io/otel: v1.30.0 → v1.34.0
  • go.uber.org/mock: v0.4.0 → v0.5.0
  • golang.org/x/crypto: v0.27.0 → v0.33.0
  • golang.org/x/mod: v0.20.0 → v0.22.0
  • golang.org/x/net: v0.28.0 → v0.34.0
  • golang.org/x/oauth2: v0.22.0 → v0.24.0
  • golang.org/x/sync: v0.8.0 → v0.11.0
  • golang.org/x/sys: v0.25.0 → v0.30.0
  • golang.org/x/term: v0.24.0 → v0.29.0
  • golang.org/x/text: v0.18.0 → v0.22.0
  • golang.org/x/time: v0.6.0 → v0.10.0
  • golang.org/x/tools: v0.24.0 → v0.28.0
  • golang.org/x/xerrors: 04be3eb → 5ec99f8
  • google.golang.org/protobuf: v1.34.2 → v1.36.3
  • k8s.io/api: v0.30.5 → v0.30.7
  • k8s.io/apimachinery: v0.30.5 → v0.30.7
  • k8s.io/apiserver: v0.30.5 → v0.30.9
  • k8s.io/client-go: v0.30.5 → v0.30.7
  • k8s.io/cloud-provider: v0.30.5 → v0.30.9
  • k8s.io/component-base: v0.30.5 → v0.30.9
  • k8s.io/component-helpers: v0.30.5 → v0.30.9
  • k8s.io/controller-manager: v0.30.5 → v0.30.9
  • k8s.io/cri-api: v0.30.5 → v0.30.9
  • k8s.io/gengo/v2: 51d4e06 → a7b603a
  • k8s.io/kms: v0.30.5 → v0.30.9
  • k8s.io/kube-openapi: 70dd376 → 32ad38e
  • k8s.io/kubelet: v0.30.5 → v0.30.9
  • k8s.io/utils: 18e509b → 3ea5e8c
  • sigs.k8s.io/cloud-provider-azure/pkg/azclient/configloader: v0.0.23 → v0.3.4
  • sigs.k8s.io/cloud-provider-azure/pkg/azclient: v0.0.55 → v0.4.16
  • sigs.k8s.io/json: bc3834c → 9aa6b5e

Removed

  • github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/compute/armcompute/v5: v5.7.0
  • github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/containerservice/armcontainerservice/v4: v4.8.0
  • github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/network/armnetwork/v4: v4.3.0
Last modified February 21, 2025: docs: update release notes for v1.30.8 and v1.31.2 (#8390) (cffff3b7d)