Semi-automatic update of generated content (#2273)

src/content/changes/kubectl-gs/kubectl-gs/v3.2.0.md

@@ -0,0 +1,16 @@
+---
+# Generated by scripts/aggregate-changelogs. WARNING: Manual edits to this files will be overwritten.
+changes_categories:
+- kubectl gs
+changes_entry:
+  repository: giantswarm/kubectl-gs
+  url: https://github.com/giantswarm/kubectl-gs/blob/master/CHANGELOG.md#320---2024-08-12
+  version: 3.2.0
+  version_tag: v3.2.0
+date: '2024-08-12T10:11:49'
+description: Changelog entry for giantswarm/kubectl-gs version 3.2.0, published on
+  12 August 2024, 10:11.
+title: kubectl-gs release v3.2.0
+---
+
+

src/content/changes/managed-apps/athena/v1.12.4.md

@@ -0,0 +1,19 @@
+---
+# Generated by scripts/aggregate-changelogs. WARNING: Manual edits to this files will be overwritten.
+changes_categories:
+- Managed Apps
+changes_entry:
+  repository: giantswarm/athena
+  url: https://github.com/giantswarm/athena/blob/master/CHANGELOG.md#1124---2024-08-13
+  version: 1.12.4
+  version_tag: v1.12.4
+date: '2024-08-13T12:57:18'
+description: Changelog entry for giantswarm/athena version 1.12.4, published on 13
+  August 2024, 12:57.
+title: athena release v1.12.4
+---
+
+### Added
+- Made GraphQL introspection configurable and disabled by default
+### Changed
+- Change ImagePullPolicy from Always to IfNotPresent to reduce image network traffic.

src/content/changes/managed-apps/cilium-healthcheck/v0.0.2.md

@@ -13,4 +13,6 @@ description: Changelog entry for giantswarm/cilium-healthcheck version 0.0.2, pu
 title: cilium-healthcheck release v0.0.2
 ---
 
-
+### Changed
+- Do not perform actions while there are cordoned nodes
+- In case of failed regeneration recovery, only restart the Cilium pod if it's older than 15 minutes

src/content/changes/managed-apps/cilium-healthcheck/v0.0.3.md

@@ -0,0 +1,17 @@
+---
+# Generated by scripts/aggregate-changelogs. WARNING: Manual edits to this files will be overwritten.
+changes_categories:
+- Managed Apps
+changes_entry:
+  repository: giantswarm/cilium-healthcheck
+  url: https://github.com/giantswarm/cilium-healthcheck/blob/master/CHANGELOG.md#003---2024-08-12
+  version: 0.0.3
+  version_tag: v0.0.3
+date: '2024-08-12T09:38:25'
+description: Changelog entry for giantswarm/cilium-healthcheck version 0.0.3, published
+  on 12 August 2024, 09:38.
+title: cilium-healthcheck release v0.0.3
+---
+
+### Fixed
+- Fix Cilium pod being restarted too soon – instead of every 15 minutes – in case of failed regeneration recovery. This was because creation date parsing failed.

src/content/changes/managed-apps/falco-app/v0.9.0.md

@@ -0,0 +1,27 @@
+---
+# Generated by scripts/aggregate-changelogs. WARNING: Manual edits to this files will be overwritten.
+changes_categories:
+- Managed Apps
+changes_entry:
+  repository: giantswarm/falco-app
+  url: https://github.com/giantswarm/falco-app/blob/master/CHANGELOG.md#090---2024-08-12
+  version: 0.9.0
+  version_tag: v0.9.0
+date: '2024-08-13T07:44:25'
+description: Changelog entry for giantswarm/falco-app version 0.9.0, published on
+  13 August 2024, 07:44.
+title: falco-app release v0.9.0
+---
+
+### Added
+- Add custom rule to detect access to root CA key file in control plane nodes
+- Added the falco-k8s-metacollector.
+- Added team label to the daemonset.
+### Changed
+- Remove API check on PolicyException.
+- Updated `Falco` chart version from `3.8.1` to `4.6.1`.
+- Updated `Falco-exporter` chart version from `0.9.9` to `0.11.0`
+- Updated `Falcosidekick` chart version from `0.7.5` to `0.8.2`
+- Updated `Falco` to upstream version `0.38.1`.
+- Edited Kyverno Policy Exceptions to allow falco-k8s-metacollector.
+- Edited the Falco Cilium Network Policy to allow traffing from the falco-k8s-metacollector.

src/content/changes/managed-apps/grafana-app/v2.14.0.md

@@ -0,0 +1,18 @@
+---
+# Generated by scripts/aggregate-changelogs. WARNING: Manual edits to this files will be overwritten.
+changes_categories:
+- Managed Apps
+changes_entry:
+  repository: giantswarm/grafana-app
+  url: https://github.com/giantswarm/grafana-app/blob/master/CHANGELOG.md#2140---2024-08-13
+  version: 2.14.0
+  version_tag: v2.14.0
+date: '2024-08-13T12:55:58'
+description: Changelog entry for giantswarm/grafana-app version 2.14.0, published
+  on 13 August 2024, 12:55.
+title: grafana-app release v2.14.0
+---
+
+### Changed
+- upgrade grafana chart: 8.3.4 => 8.4.4
+- upgrade grafana : 11.1.0 => 11.1.3

src/content/changes/managed-apps/loki-app/v0.22.0.md

@@ -0,0 +1,17 @@
+---
+# Generated by scripts/aggregate-changelogs. WARNING: Manual edits to this files will be overwritten.
+changes_categories:
+- Managed Apps
+changes_entry:
+  repository: giantswarm/loki-app
+  url: https://github.com/giantswarm/loki-app/blob/master/CHANGELOG.md#0220---2024-08-12
+  version: 0.22.0
+  version_tag: v0.22.0
+date: '2024-08-12T10:34:00'
+description: Changelog entry for giantswarm/loki-app version 0.22.0, published on
+  12 August 2024, 10:34.
+title: loki-app release v0.22.0
+---
+
+### Changed
+- Upgraded upstream chart from 6.7.4 to 6.10.0 - see [changelog](https://github.com/grafana/loki/blob/main/production/helm/loki/CHANGELOG.md) for more information.

src/content/changes/management-api/organization-operator/v2.0.1.md

@@ -0,0 +1,18 @@
+---
+# Generated by scripts/aggregate-changelogs. WARNING: Manual edits to this files will be overwritten.
+changes_categories:
+- Management API
+changes_entry:
+  repository: giantswarm/organization-operator
+  url: https://github.com/giantswarm/organization-operator/blob/master/CHANGELOG.md#201---2024-08-13
+  version: 2.0.1
+  version_tag: v2.0.1
+date: '2024-08-13T11:02:34'
+description: Changelog entry for giantswarm/organization-operator version 2.0.1, published
+  on 13 August 2024, 11:02.
+title: organization-operator release v2.0.1
+---
+
+### Changed
+- Workflows update with `devctl`
+- Implemented fixes on `organization/namespace` deletion

src/content/changes/workload-cluster-releases-azure/releases/azure-27.0.0.md

@@ -0,0 +1,164 @@
+---
+# Generated by scripts/aggregate-changelogs. WARNING: Manual edits to this files will be overwritten.
+aliases:
+- /changes/tenant-cluster-releases-azure/releases/azure-azure-27.0.0/
+changes_categories:
+- Workload cluster releases for Azure
+changes_entry:
+  repository: giantswarm/releases
+  url: https://github.com/giantswarm/releases/tree/master/azure/v27.0.0
+  version: azure-27.0.0
+  version_tag: azure-27.0.0
+date: '2024-08-12T12:00:00'
+description: Release notes for Azure workload cluster release azure-27.0.0, published
+  on 12 August 2024, 12:00.
+title: Workload cluster release azure-27.0.0 for Azure
+---
+
+## Changes compared to v26.0.0
+
+### Components
+
+- cluster-azure from v0.18.0 to v1.0.0
+- Flatcar from v3815.2.4 to v3815.2.5
+- Kubernetes from v1.26.15 to v1.27.16
+
+### cluster-azure [v0.18.0...v1.0.0](https://github.com/giantswarm/cluster-azure/compare/v0.18.0...v1.0.0)
+
+#### Changed
+
+- Chart: Update `cluster` to v1.1.0. ([#325](https://github.com/giantswarm/cluster-azure/pull/325))
+  - Machine Template: Adapt new image format.
+  - Apps: Enable `observability-policies`.
+
+### Apps
+
+- azure-cloud-controller-manager from v1.26.22-gs2 to v1.27.18-gs1
+- azure-cloud-node-manager from v1.26.22-gs2 to v1.27.18-gs1
+- cert-exporter from v2.9.0 to v2.9.1
+- cert-manager from v3.7.6 to v3.8.1
+- k8s-audit-metrics from v0.9.0 to v0.10.0
+- k8s-dns-node-cache from v2.6.2 to v2.8.1
+- net-exporter from v1.19.0 to v1.21.0
+- observability-bundle from v1.3.4 to v1.5.3
+- observability-policies v0.0.1
+- security-bundle from v1.7.1 to v1.8.0
+- teleport-kube-agent from v0.9.0 to v0.9.2
+- vertical-pod-autoscaler from v5.2.2 to v5.2.4
+
+### azure-cloud-controller-manager [v1.26.22-gs2...v1.27.18-gs1](https://github.com/giantswarm/azure-cloud-controller-manager-app/compare/v1.26.22-gs2...v1.27.18-gs1)
+
+#### Changed
+
+- Chart: Update to upstream v1.27.18. ([#81](https://github.com/giantswarm/azure-cloud-controller-manager-app/pull/81))
+
+### azure-cloud-node-manager [v1.26.22-gs2...v1.27.18-gs1](https://github.com/giantswarm/azure-cloud-node-manager-app/compare/v1.26.22-gs2...v1.27.18-gs1)
+
+#### Changed
+
+- Chart: Update to upstream v1.27.18. ([#70](https://github.com/giantswarm/azure-cloud-node-manager-app/pull/70))
+
+### cert-exporter [v2.9.0...v2.9.1](https://github.com/giantswarm/cert-exporter/compare/v2.9.0...v2.9.1)
+
+#### Changed
+
+- Chart: Update PolicyExceptions to v2beta1. ([#358](https://github.com/giantswarm/cert-exporter/pull/358))
+
+### cert-manager [v3.7.6...v3.8.1](https://github.com/giantswarm/cert-manager-app/compare/v3.7.6...v3.8.1)
+
+#### Added
+
+- Improves container security by setting `runAsGroup` and `runAsUser` greater than zero for all deployments.
+
+#### Changed
+
+- Bump [email protected] to fix CVE-2024-24790.
+- Improves `cainjector`'s Vertical Pod Autoscaler
+- Remove quotes from acme-http01-solver-image argument. The quotes are used when looking up the image which causes an error.
+- Changed the way registry is being parsed in helm templates
+- Enable VPA by default
+
+### k8s-audit-metrics [v0.9.0...v0.10.0](https://github.com/giantswarm/k8s-audit-metrics/compare/v0.9.0...v0.10.0)
+
+#### Changed
+
+- Add `securityContext.readOnlyRootFilesystem` helm value (default true).
+
+### k8s-dns-node-cache [v2.6.2...v2.8.1](https://github.com/giantswarm/k8s-dns-node-cache-app/compare/v2.6.2...v2.8.1)
+
+#### Changed
+
+- Make the app visible for all providers.
+- Reduce security exceptions [#89](https://github.com/giantswarm/k8s-dns-node-cache-app/pull/89).
+  - Enable readOnly FS moving config to emptyDir volume.
+  - Remove `NET_ADMIN` and drop `ALL` capabilities.
+  - Add `NET_BIND_SERVICE` capability.
+  - Add policy exception for `require-non-root-groups/autogen-check-runasgroup`.
+  - Remove disallow-capabilities-* policy exceptions.
+- Update PolicyException CR version to v2beta1.
+
+### net-exporter [v1.19.0...v1.21.0](https://github.com/giantswarm/net-exporter/compare/v1.19.0...v1.21.0)
+
+#### Changed
+
+- Enable readOnlyRootFilesystem in securityContext (#376)[https://github.com/giantswarm/net-exporter/pull/376].
+- Update module google.golang.org/grpc to v1.65.0 (#373).
+- Update k8s modules to v0.30.2 (#375).
+- Update quay.io/giantswarm/alpine Docker tag to v3.20.1 (#372).
+- Add `node` and `app` labels in ServiceMonitor.
+
+### observability-bundle [v1.3.4...v1.5.3](https://github.com/giantswarm/observability-bundle/compare/v1.3.4...v1.5.3)
+
+#### Added
+
+- Add `alloy` v0.3.0 as `alloy-logs`
+
+#### Changed
+
+- Rename `alloy-logs` app to camel case `alloyLogs`.
+- Fix CNP issues (allow traffic from pods in kube-system to nginx-ingress-controller)
+  - Upgrade `grafana-agent` to 0.4.5.
+  - Upgrade `alloy` to 0.3.1.
+  - Upgrade `promtail` to 1.5.4.
+- Upgrade `prometheus-operator-crd` to 11.0.1.
+- prometheus-operator will not check promql syntax for prometheusRules that are labelled `application.giantswarm.io/prometheus-rule-kind: loki`
+- Upgrade `kube-prometheus-stack` to 11.0.0 and `prometheus-operator-crd` to 11.0.0. This upgrade mainly consists in:
+  - kube-prometheus-stack dependency chart upgraded from [56.21.2](https://github.com/prometheus-community/helm-charts/releases/tag/kube-prometheus-stack-56.21.2) to [61.0.0](https://github.com/prometheus-community/helm-charts/releases/tag/kube-prometheus-stack-61.0.0)
+  - prometheus upgrade from 2.50.1 to [2.53.0](https://github.com/prometheus-community/helm-charts/releases/tag/prometheus-25.22.0)
+  - thanos ruler upgrade from 0.34.1 to [0.35.1](https://github.com/thanos-io/thanos/releases/tag/v0.35.1)
+  - kube-state-metrics from 2.10.0 to 2.12.0
+  - prometheus-operator from 0.71.2 [0.75.0](https://github.com/prometheus-operator/prometheus-operator/releases/tag/v0.75.0) - adding remoteWrite.proxyFromEnvironment and Scrape Class support
+  - prometheus-node-exporter upgraded from 1.8.0 to [1.8.1](https://github.com/prometheus/node_exporter/releases/tag/v1.8.1)
+- Upgrade `grafana-agent` from 0.4.3 to 0.4.4
+  - This version enables the override the grafana agent `CiliumNetworkPolicy` egress and ingress sections.
+
+### observability-policies [v0.0.1](https://github.com/giantswarm/observability-policies-app/releases/v0.0.1)
+
+#### Added
+
+- Add a ClusterPolicy to prevent prometheus-operator CRDs deletion.
+- Create `observability-policies` app to deploy Kyverno Observability Policies into clusters.
+
+### security-bundle [v1.7.1...v1.8.0](https://github.com/giantswarm/security-bundle/compare/v1.7.1...v1.8.0)
+
+#### Added
+
+- Add `kyverno-crds` app to handle Kyverno CRD install.
+
+#### Changed
+
+- Update `kyverno` (app) to v0.17.15. This version disables the CRD install job in favor of `kyverno-crds` App.
+
+### teleport-kube-agent [v0.9.0...v0.9.2](https://github.com/giantswarm/teleport-kube-agent-app/compare/v0.9.0...v0.9.2)
+
+#### Changed
+
+- Introduced `podAntiAffinity` so `teleport-kube-agent` pods run on different `control-plane` nodes also increased the number of replicas to 3 to maintain better high availability.
+- Changed the way registry is being parsed in helm templates
+
+### vertical-pod-autoscaler [v5.2.2...v5.2.4](https://github.com/giantswarm/vertical-pod-autoscaler-app/compare/v5.2.2...v5.2.4)
+
+#### Changed
+
+- Chart: Update Helm release vertical-pod-autoscaler to v9.8.3. ([#301](https://github.com/giantswarm/vertical-pod-autoscaler-app/pull/301))
+- Chart: Change `restartPolicy` to `OnFailure` for the CRD job. ([#298](https://github.com/giantswarm/vertical-pod-autoscaler-app/pull/298))

src/content/changes/workload-cluster-releases-azure/releases/azure-28.0.0.md

@@ -0,0 +1,39 @@
+---
+# Generated by scripts/aggregate-changelogs. WARNING: Manual edits to this files will be overwritten.
+aliases:
+- /changes/tenant-cluster-releases-azure/releases/azure-azure-28.0.0/
+changes_categories:
+- Workload cluster releases for Azure
+changes_entry:
+  repository: giantswarm/releases
+  url: https://github.com/giantswarm/releases/tree/master/azure/v28.0.0
+  version: azure-28.0.0
+  version_tag: azure-28.0.0
+date: '2024-08-12T18:00:00'
+description: Release notes for Azure workload cluster release azure-28.0.0, published
+  on 12 August 2024, 18:00.
+title: Workload cluster release azure-28.0.0 for Azure
+---
+
+## Changes compared to v27.0.0
+
+### Components
+
+- Kubernetes from v1.27.16 to v1.28.12
+
+### Apps
+
+- azure-cloud-controller-manager from v1.27.18-gs1 to v1.28.10-gs1
+- azure-cloud-node-manager from v1.27.18-gs1 to v1.28.10-gs1
+
+### azure-cloud-controller-manager [v1.27.18-gs1...v1.28.10-gs1](https://github.com/giantswarm/azure-cloud-controller-manager-app/compare/v1.27.18-gs1...v1.28.10-gs1)
+
+#### Changed
+
+- Chart: Update to upstream v1.28.10. ([#82](https://github.com/giantswarm/azure-cloud-controller-manager-app/pull/82))
+
+### azure-cloud-node-manager [v1.27.18-gs1...v1.28.10-gs1](https://github.com/giantswarm/azure-cloud-node-manager-app/compare/v1.27.18-gs1...v1.28.10-gs1)
+
+#### Changed
+
+- Chart: Update to upstream v1.28.10. ([#71](https://github.com/giantswarm/azure-cloud-node-manager-app/pull/71))

src/content/changes/workload-cluster-releases-azure/releases/azure-29.0.0.md

@@ -0,0 +1,39 @@
+---
+# Generated by scripts/aggregate-changelogs. WARNING: Manual edits to this files will be overwritten.
+aliases:
+- /changes/tenant-cluster-releases-azure/releases/azure-azure-29.0.0/
+changes_categories:
+- Workload cluster releases for Azure
+changes_entry:
+  repository: giantswarm/releases
+  url: https://github.com/giantswarm/releases/tree/master/azure/v29.0.0
+  version: azure-29.0.0
+  version_tag: azure-29.0.0
+date: '2024-08-13T12:00:00'
+description: Release notes for Azure workload cluster release azure-29.0.0, published
+  on 13 August 2024, 12:00.
+title: Workload cluster release azure-29.0.0 for Azure
+---
+
+## Changes compared to v28.0.0
+
+### Components
+
+- Kubernetes from v1.28.12 to v1.29.7
+
+### Apps
+
+- azure-cloud-controller-manager from v1.28.10-gs1 to v1.29.8-gs1
+- azure-cloud-node-manager from v1.28.10-gs1 to v1.29.8-gs1
+
+### azure-cloud-controller-manager [v1.28.10-gs1...v1.29.8-gs1](https://github.com/giantswarm/azure-cloud-controller-manager-app/compare/v1.28.10-gs1...v1.29.8-gs1)
+
+#### Changed
+
+- Chart: Update to upstream v1.29.8. ([#83](https://github.com/giantswarm/azure-cloud-controller-manager-app/pull/83))
+
+### azure-cloud-node-manager [v1.28.10-gs1...v1.29.8-gs1](https://github.com/giantswarm/azure-cloud-node-manager-app/compare/v1.28.10-gs1...v1.29.8-gs1)
+
+#### Changed
+
+- Chart: Update to upstream v1.29.8. ([#72](https://github.com/giantswarm/azure-cloud-node-manager-app/pull/72))