v0.11.0-alpha.0

Changes since v0.10.0

⚠️ Breaking Changes

• Remove webhooks from api folder (#2503)
• Prevent changing ExternallyProvisioned in the webhook (#2472)

✨ New Features

• Bump CAPI to v1.11.0-alpha.0 and do CAPI v1beta2 related changes (#2527)
• Allow disabling drivers that require a provisioning network (#2477)

🐛 Bug Fixes

• Make firmware update handle only a subset of Spec.Updates (#2415)
• Redfish: correctly handle missing system ID (#2418)

📖 Documentation

• Add release-0.10 triggers to README.md (#2446)
• update CII badge (#2459)

🌱 Others

• Bump github.com/go-viper/mapstructure/v2 from 2.2.1 to 2.3.0 in /test (#2544)
• bump k8s.io/utils library (#2554)
• bump 6 k8s libraries and controller-runtime (#2552)
• Bump sigs.k8s.io/yaml from 1.4.0 to 1.5.0 (#2545)
• Bump sigs.k8s.io/kustomize/kustomize/v5 from 5.6.0 to 5.7.0 in /hack/tools (#2548)
• Bump sigs.k8s.io/kustomize/api from 0.19.0 to 0.20.0 in /test (#2550)
• e2e: wait for detachment to actually happen (#2541)
• Migrate to golangci-lint v2 (#2528)
• Bump github.com/cert-manager/cert-manager from 1.18.0 to 1.18.1 in /test (#2534)
• Bump CAPI to v1.11.0-alpha.1 (#2533)
• Bump the kubernetes group to v0.32.6 (#2532)
• Add validation to e2e ugrade config (#2497)
• Enable variable shadowing check in govet linter (#2521)
• Enable exhaustive linter (#2506)
• Enable nilnil linter, fix warnings (#2514)
• bump golang to 1.24.4 (#2522)
• Bump github.com/cloudflare/circl from 1.3.7 to 1.6.1 in /test (#2518)
• Use reusable link-checks and delete old link check (#2515)
• Bump golang.org/x/crypto from 0.38.0 to 0.39.0 in /test (#2512)
• Bump golang.org/x/crypto from 0.38.0 to 0.39.0 in /hack/tools (#2511)
• Bump libvirt.org/go/libvirt from 1.11002.0 to 1.11004.0 in /test (#2513)
• Bump go.etcd.io/etcd/client/pkg/v3 from 3.6.0 to 3.6.1 (#2510)
• Bump github.com/go-logr/logr from 1.4.2 to 1.4.3 (#2499)
• Bump the github-actions group with 2 updates (#2498)
• Replace errors pkg with stdlib (#2439)
• Fix optional e2e tests (#2493)
• Enable dupl linter (#2435)
• Bump the github-actions group with 5 updates (#2429)
• Bump sigs.k8s.io/kind from 0.27.0 to 0.29.0 in /test (#2482)
• Add e2e tests for release 0.10 (#2448)
• Enable forcetypeassert linter (#2443)
• Enable forbidigo linter (#2444)
• make BMO periodics manually triggerable (#2488)
• E2E: Override IRONIC_HTTP_URL (#2476)
• Enable tagliatelle linter (#2436)
• Bump golang.org/x/crypto from 0.37.0 to 0.38.0 in /test (#2453)
• Bump golang.org/x/crypto from 0.37.0 to 0.38.0 in /hack/tools (#2452)
• Bump golang.org/x/oauth2 from 0.29.0 to 0.30.0 in /hack/tools (#2451)
• Add a simple e2e test on externallyProvisioned (#2471)
• E2E: Temporary workaround for connection issues (#2454)
• Update periodic workflows for release-0.10 (#2450)
• enable mnd linter (#2438)
• add dependabot config for release-0.10 (#2427)

♻️ Superseded or Reverted

• #2424,#2480,#2425,#2526,#2474,#2441,#2481

The image for this release is: v0.11.0-alpha.0

Thanks to all our contributors! 😊

v0.9.2

Changes since v0.9.1

📖 Documentation

• update CII badge (#2463)
• remove optional e2e badge link (#2466)

🌱 Others

• Bump github.com/cert-manager/cert-manager from 1.16.4 to 1.16.5 in /test (#2422)
• Bump golang to 1.24.3 (#2504)
• Bump github.com/go-logr/logr from 1.4.2 to 1.4.3 (#2501)
• Bump golangci-lint to v1.64.7 (#2495)
• E2E: Override IRONIC_HTTP_URL (#2487)
• e2e: Revert temporary pinning of Ironic (#2489)
• Bump CAPI to v 1.9.8 (#2483)
• Bump kubernetes group to v0.31.9 (#2462)
• E2E: Temporary workaround for connection issues (#2470)
• Add Adil and Peppi-lotta as reviewers (#2409)
• Bump go.etcd.io/etcd/client/pkg/v3 from 3.5.19 to 3.5.21 (#2369)
• Bump github.com/onsi/ginkgo/v2 from 2.23.3 to 2.23.4 in /test (#2385)
• bump x/net to v0.38.0 (#2375)
• Bump actions/cache from 4.2.2 to 4.2.3 (#2372)
• Bump github.com/onsi/gomega from 1.36.2 to 1.36.3 (#2347)
• Bump github.com/onsi/gomega from 1.36.2 to 1.36.3 in /test (#2348)
• Move mquhuy to emeritus reviewers (#2338)

♻️ Superseded or Reverted

• #2345,#2421

The image for this release is: v0.9.2

Thanks to all our contributors! 😊

v0.10.2

Changes since v0.10.1

📖 Documentation

• Update badges and e2e triggers in README.md (#2445)
• update CII badge (#2468)

🌱 Others

• Bump golang to v1.24 (#2494)
• Bump CAPI to v1.10.2 (#2479)
• Bump github/codeql-action from 3.28.16 to 3.28.18 in the github-actions group (#2502)
• Bump github.com/go-logr/logr from 1.4.2 to 1.4.3 (#2500)
• E2E: Override IRONIC_HTTP_URL (#2486)
• Bump the kubernetes group to v0.32.5 (#2461)
• E2E: Temporary workaround for connection issues (#2469)
• Bump the github-actions group with 5 updates (#2430)

♻️ Superseded or Reverted

• #2431

The image for this release is: v0.10.2

Thanks to all our contributors! 😊

v0.10.1

Changes since v0.10.0

🐛 Bug Fixes

• Pin ironic to version 29.0 (#2419)

The image for this release is: v0.10.1

Thanks to all our contributors! 😊

v0.10.0

Changes since v0.9.0

⚠️ Breaking Changes

• Bump Kubernetes api, controller-runtime and decouple webhooks from api (#2390)
• Only accept HTTPHeadersRef in same namespace GHSA-c98h-7hp9-v9hq
• Remove keepalived from BMO repository (#2228)

✨ New Features

• Use standard GetVirtualMedia API for checking dataImage status (#2336)
• Add support for Disablepoweroff (#2229)
• add support for locally built ironic in e2e test (#2167)

🐛 Bug Fixes

• Fix few errors when making beta release notes (#2381)
• Handle dataImage before reboot annotation to prevent annotation removal before all actions are complete (#2333)
• fix broken release process (#2325)
• Define some IPA (downloader) related variables (#2264)
• bump x/net, x/crypto and x/oauth2 (#2316)
• update rescue iso used for e2e tests (#2315)
• Add BMH OwnerReference for DataImage right after its creation (#2249)
• Set ownerReference for dataImage during BMH Reconcile (#2238)
• Do not create HFC for non-redfish BMH (#2227)
• Add validation against cross-namespace secret references (#2190)
• Adding empty checksumType checks on BMH to automatically detect hashing algorithm (#2174)
• Fix BMO optional test by not checking metrics service (#2170)
• Fix metrics service validation (#2165)

🌱 Others

• Bump CAPI to v1.10.0 (#2416)
• bump golang to 1.23.6 (#2243)
• Set e2e timeout to 1.5h (#2191)
• Bump github.com/prometheus/client_golang from 1.21.1 to 1.22.0 (#2411)
• Bump golang.org/x/crypto from 0.36.0 to 0.37.0 in /hack/tools (#2412)
• Bump golang.org/x/crypto from 0.36.0 to 0.37.0 in /test (#2414)
• Bump github.com/onsi/ginkgo/v2 from 2.23.3 to 2.23.4 in /test (#2413)
• Refactoring: move ./controllers to ./internal/controller (#2405)
• Makefile: do not explicit include ./internal/ (#2404)
• Add Adil and Peppi-lotta as reviewers (#2407)
• Bump the kubernetes group across 2 directories with 1 update (#2400)
• Bump go.etcd.io/etcd/client/pkg/v3 from 3.5.19 to 3.5.21 (#2367)
• Minor fix release workflow (#2403)
• Enable intrange linter in golangci-lint (#2393)
• Bump github.com/onsi/gomega from 1.36.3 to 1.37.0 in /test (#2388)
• make osv-scanner scan run daily (#2389)
• add labels to Dockerfile (#2384)
• Enable testifylint linter in golangci-lint (#2383)
• Bump golang.org/x/oauth2 from 0.27.0 to 0.29.0 in /hack/tools (#2387)
• Bump github.com/onsi/gomega from 1.36.3 to 1.37.0 (#2386)
• bump golang to v1.23.8 and x/net to v0.38.0 (#2374)
• Enable usetesting linter in golangci-lint (#2380)
• cleanup build/ and obsolete publishing-images.md (#2379)
• Bump the github-actions group with 5 updates (#2378)
• do not bump major version of github actions (#2373)
• Minor logging improvements (#2370)
• Bump sigs.k8s.io/kind from 0.26.0 to 0.27.0 in /test (#2327)
• E2E: Avoid net-booting VMs unintentionally (#2266)
• update the used linters list (#2350)
• Bump golangci-lint to v1.64.7 (#2335)
• update osv-scanner to v2.0.0 (#2339)
• bump tj-actions/changed-files to v46.0.1 (#2331)
• Reduce logging noise from status reconstruction (#2330)
• Move @mquhuy to emeritus reviewers (#2329)
• group all github action bumps into single PR (#2326)
• Remove periodic upgrade tests from release branches (#2306)
• Bump the kubernetes group to v0.31.7 (#2308)
• Replace deprecated pkg/errors with stdlib in provisioner/ironic (#2303)
• Bump golang.org/x/net from 0.34.0 to 0.36.0 in /hack/tools (#2305)
• fix dependabot testing issues by re-adding "edited" (#2304)
• Bump github.com/gophercloud/gophercloud/v2 from 2.5.0 to 2.6.0 (#2289)
• bump local hack scripts to basic-checks:golang-1.23 (#2296)
• E2E: Fix ironic overlays for 25.0 and 26.0 (#2295)
• Bump sigs.k8s.io/controller-runtime from 0.19.6 to 0.19.7 (#2293)
• E2E: Remove ensure_kind.sh script (#2277)
• e2e: Revert temporary pinning of Ironic (#2113)
• Bump actions/cache from 4.2.0 to 4.2.2 (#2272)
• Bump actions/upload-artifact from 4.6.0 to 4.6.1 (#2271)
• Bump github/codeql-action from 3.28.8 to 3.28.10 (#2270)
• E2E: Bump cert-manager to v1.17.1 (#2268)
• E2E vbmctl and ssh boot check refactor (#2223)
• pin osv-scanner image in verify-release.sh (#2244)
• workflows: sync pull_request trigger types (#2242)
• Bump libvirt.org/go/libvirt from 1.10009.1 to 1.11001.0 in /test (#2237)
• Bump actions/setup-go from 5.2.0 to 5.3.0 (#2231)
• Bump softprops/action-gh-release from 2.2.0 to 2.2.1 (#2230)
• Bump github.com/cert-manager/cert-manager from 1.16.2 to 1.16.3 in /test (#2236)
• Fix ensure_kind.sh filename (#2221)
• Refactor and rename ValidateManagementAccess (#2154)
• Bump the k8s.io/* deps to v0.31.5 (#2203)
• Switch e2e to kind (#2209)
• Bump sigs.k8s.io/kustomize/api from 0.18.0 to 0.19.0 in /test (#2197)
• Bump sigs.k8s.io/kustomize/kustomize/v5 from 5.5.0 to 5.6.0 in /hack/tools (#2196)
• Take new release workflow into use (#2171)
• bump x/net to v0.34.0 (#2185)
• bump kubeconform to v0.6.7 (#2176)
• increase 1 timeout in external-inspection test (#2166)
• Add intervals while checking metrics service (#2161)
• Bump google/osv-scanner from 1.9.1 to 1.9.2 (#2163)
• Bump the capi group across 2 directories with 2 updates (#2156)
• Fix BMO fixture-release-0.8 tag names (#2144)
• update dependabot config for release-0.9 (#2135)
• Add release 0.9 e2e tests and branch release-0.9 to README (#2134)

♻️ Superseded or Reverted

• #2274, #2211, #2397, #2391, #2239, #2240, #2182, #2184, #2232. #2138, #2140, #2143, #2142. #2139, #2150, #2164, #2342, #2343, #2157, #2155, #2259, #2148, #2310, #2169, #2149, #2181, #2214, #2261, #2193, #2212, #2292, #2269, #2233, #2235, #2234, #2275, #2290, #2282, #2258, #2406, #2224

The image for this release is: v0.10.0

Thanks to all our contributors! 😊

v0.10.0-beta.0

Changes since v0.9.0

🚨 This is a BETA RELEASE. Use it only for testing purposes.
If you find any bugs, file an issue.

⚠️ Breaking Changes

• Bump Kubernetes api, controller-runtime and decouple webhooks from api (#2390)

More details about the release

✨ New Features

• Add support for Disablepoweroff (#2229)
• add support for locally built ironic in e2e test (#2167)

🐛 Bug Fixes

• Only accept HTTPHeadersRef in same namespace GHSA-c98h-7hp9-v9hq
• Fix few errors when making beta release notes (#2381)
• Handle dataImage before reboot annotation to prevent annotation removal before all actions are complete (#2333)
• fix broken release process (#2325)
• Define some IPA (downloader) related variables (#2264)
• bump x/net, x/crypto and x/oauth2 (#2316)
• update rescue iso used for e2e tests (#2315)
• Add BMH OwnerReference for DataImage right after its creation (#2249)
• bump golang to 1.23.6 (#2243)
• Set ownerReference for dataImage during BMH Reconcile (#2238)
• Do not create HFC for non-redfish BMH (#2227)
• bump golang to 1.23.5 (#2224)
• Set e2e timeout to 1.5h (#2191)
• Add validation against cross-namespace secret references (#2190)
• Adding empty checksumType checks on BMH to automatically detect hashing algorithm (#2174)
• Fix BMO optional test by not checking metrics service (#2170)
• Fix metrics service validation (#2165)

🌱 Others

• Bump CAPI to 1.10.0-rc.0 (#2397)
• Bump github.com/onsi/gomega from 1.36.3 to 1.37.0 in /test (#2388)
• Bump CAPI 1.10.0-beta.0 and Kubernetes api 0.32.3 and controller-runtime 0.20.4 (#2391)
• make osv-scanner scan run daily (#2389)
• add labels to Dockerfile (#2384)
• Enable testifylint linter in golangci-lint (#2383)
• Bump golang.org/x/oauth2 from 0.27.0 to 0.29.0 in /hack/tools (#2387)
• Bump github.com/onsi/gomega from 1.36.3 to 1.37.0 (#2386)
• bump golang to v1.23.8 and x/net to v0.38.0 (#2374)
• Enable usetesting linter in golangci-lint (#2380)
• cleanup build/ and obsolete publishing-images.md (#2379)
• Bump the github-actions group with 5 updates (#2378)
• do not bump major version of github actions (#2373)
• Minor logging improvements (#2370)
• Bump sigs.k8s.io/kind from 0.26.0 to 0.27.0 in /test (#2327)
• Bump github.com/onsi/gomega from 1.36.2 to 1.36.3 (#2342)
• Remove keepalived from BMO repository (#2228)
• E2E: Avoid net-booting VMs unintentionally (#2266)
• update the used linters list (#2350)
• Bump golangci-lint to v1.64.7 (#2335)
• update osv-scanner to v2.0.0 (#2339)
• Bump github.com/onsi/gomega from 1.36.2 to 1.36.3 in /test (#2343)
• bump tj-actions/changed-files to v46.0.1 (#2331)
• Reduce logging noise from status reconstruction (#2330)
• Move @mquhuy to emeritus reviewers (#2329)
• group all github action bumps into single PR (#2326)
• Bump github.com/onsi/ginkgo/v2 from 2.22.2 to 2.23.0 in /test (#2310)
• Remove periodic upgrade tests from release branches (#2306)
• Bump the kubernetes group to v0.31.7 (#2308)
• Replace deprecated pkg/errors with stdlib in provisioner/ironic (#2303)
• Bump golang.org/x/net from 0.34.0 to 0.36.0 in /hack/tools (#2305)
• fix dependabot testing issues by re-adding "edited" (#2304)
• Bump github.com/gophercloud/gophercloud/v2 from 2.5.0 to 2.6.0 (#2289)
• Bump go.etcd.io/etcd/client/pkg/v3 from 3.5.18 to 3.5.19 (#2292)
• bump local hack scripts to basic-checks:golang-1.23 (#2296)
• E2E: Fix ironic overlays for 25.0 and 26.0 (#2295)
• Bump sigs.k8s.io/controller-runtime from 0.19.6 to 0.19.7 (#2293)
• Bump github.com/prometheus/client_golang from 1.21.0 to 1.21.1 (#2290)
• E2E: Remove ensure_kind.sh script (#2277)
• bump golang to 1.23.7 (#2282)
• e2e: Revert temporary pinning of Ironic (#2113)
• Bump github.com/prometheus/client_golang from 1.20.5 to 1.21.0 (#2275)
• Bump CAPI to v1.9.5 (#2274)
• Bump actions/cache from 4.2.0 to 4.2.2 (#2272)
• Bump actions/upload-artifact from 4.6.0 to 4.6.1 (#2271)
• Bump tj-actions/changed-files from 45.0.6 to 45.0.7 (#2269)
• Bump github/codeql-action from 3.28.8 to 3.28.10 (#2270)
• E2E: Bump cert-manager to v1.17.1 (#2268)
• Bump github.com/gophercloud/gophercloud/v2 from 2.4.0 to 2.5.0 (#2259)
• Bump sigs.k8s.io/controller-runtime from 0.19.5 to 0.19.6 (#2261)
• Bump the dependency kubernetes group to v0.31.6 (#2258)
• E2E vbmctl and ssh boot check refactor (#2223)
• pin osv-scanner image in verify-release.sh (#2244)
• workflows: sync pull_request trigger types (#2242)
• Bump golang.org/x/crypto from 0.32.0 to 0.33.0 in /hack/tools (#2239)
• Bump golang.org/x/crypto from 0.32.0 to 0.33.0 in /test (#2240)
• Bump libvirt.org/go/libvirt from 1.10009.1 to 1.11001.0 in /test (#2237)
• Bump github/codeql-action from 3.28.0 to 3.28.8 (#2232)
• Bump actions/setup-go from 5.2.0 to 5.3.0 (#2231)
• Bump softprops/action-gh-release from 2.2.0 to 2.2.1 (#2230)
• Bump sigs.k8s.io/kind from 0.25.0 to 0.26.0 in /test (#2235)
• Bump actions/upload-artifact from 4.5.0 to 4.6.0 (#2234)
• Bump tj-actions/changed-files from 45.0.5 to 45.0.6 (#2233)
• Bump github.com/cert-manager/cert-manager from 1.16.2 to 1.16.3 in /test (#2236)
• Fix ensure_kind.sh filename (#2221)
• Refactor and rename ValidateManagementAccess (#2154)
• Bump sigs.k8s.io/controller-runtime from 0.19.4 to v0.19.5 (#2214)
• Bump go.etcd.io/etcd/client/pkg/v3 from 3.5.17 to 3.5.18 (#2212)
• Bump CAPI to v1.9.4 (#2211)
• Bump the k8s.io/* deps to v0.31.5 (#2193)
• Bump the k8s.io/* deps to v0.31.5 (#2203)
• Switch e2e to kind (#2209)
• Bump sigs.k8s.io/kustomize/api from 0.18.0 to 0.19.0 in /test (#2197)
• Bump sigs.k8s.io/kustomize/kustomize/v5 from 5.5.0 to 5.6.0 in /hack/tools (#2196)
• Take new release workflow into use (#2171)
• bump x/net to v0.34.0 (#2185)
• Bump golang.org/x/crypto from 0.31.0 to 0.32.0 in /hack/tools (#2182)
• Bump golang.org/x/crypto from 0.31.0 to 0.32.0 in /test (#2184)
• Bump sigs.k8s.io/controller-runtime from 0.19.3 to 0.19.4 (#2181)
• bump kubeconform to v0.6.7 (#2176)
• increase 1 timeout in external-inspection test (#2166)
• Bump github.com/onsi/ginkgo/v2 from 2.22.1 to 2.22.2 in /test (#2169)
• Bump github.com/onsi/gomega from 1.36.1 to 1.36.2 in /test (#2157)
• Add intervals while checking metrics service (#2161)
• Bump github.com/onsi/gomega from 1.36.1 to 1.36.2 (#2155)
• Bump github/codeql-action from 3.27.9 to 3.28.0 (#2164)
• Bump google/osv-scanner from 1.9.1 to 1.9.2 (#2163)
• Bump the capi group across 2 directories with 2 updates (#2156)
• Bump libvirt.org/go/libvirt from 1.10009.0 to 1.10009.1 in /test (#2150)
• Bump github.com/gophercloud/gophercloud/v2 from 2.3.0 to 2.4.0 (#2148)
• Bump github.com/onsi/ginkgo/v2 from 2.22.0 to 2.22.1 in /test (#2149)
• Fix BMO fixture-release-0.8 tag names (#2144)
• Bump github/codeql-action from 3.27.5 to 3.27.9 (#2138)
• Bump actions/upload-artifact from 4.4.3 to 4.5.0 (#2140)
• Bump actions/cache from 4.1.2 to 4.2.0 (#2143)
• Bump softprops/action-gh-release from 2.1.0 to 2.2.0 (#2142)
• Bump actions/setup-go from 5.1.0 to 5.2.0 (#2139)
• update dependabot config for release-0.9 (#2135)
• Add release 0.9 e2e tests and branch release-0.9 to README (#2134)

The image for this release is: v0.10.0-beta.0

Thanks to all our contributors! 😊

v0.9.1

Changes since v0.9.0

⚠️ Breaking Changes

This patch release contains fix for the security advisory GHSA-c98h-7hp9-v9hq:

• Only accept HTTPHeadersRef in same namespace (#2321)

🐛 Bug Fixes

• bump x/net, x/crypto and x/oauth2 (#2317)
• update rescue iso used for e2e tests (#2320)
• bump actions/cache to v4.2.2 (#2280)
• Fix metrics service validation (#2188)
• Add validation against cross-namespace secret references (#2206)

🌱 Others

• Bump the kubernetes group to v0.31.7 (#2312)
• Bump sigs.k8s.io/controller-runtime from 0.19.6 to 0.19.7 (#2286)
• Bump go.etcd.io/etcd/client/pkg/v3 from 3.5.18 to 3.5.19 (#2285)
• E2E: Fix ironic overlays for 25.0 and 26.0 (#2301)
• bump local hack scripts to basic-checks:golang-1.23 (#2299)
• bump golang to 1.23.7 (#2298)
• E2E: Remove ensure_kind.sh script (#2283)
• Bump CAPI to 1.9.5 (#2267)
• Bump github.com/cert-manager/cert-manager from 1.16.3 to 1.16.4 in /test (#2255)
• pin osv-scanner image in verify-release.sh (#2245)
• Switch e2e to kind (#2222)
• Bump sigs.k8s.io/controller-runtime from 0.19.4 to 0.19.5 (#2219)
• Bump go.etcd.io/etcd/client/pkg/v3 from 3.5.17 to 3.5.18 (#2218)
• Bump github.com/cert-manager/cert-manager from 1.16.2 to 1.16.3 in /test (#2200)
• Update README badges and e2e triggers (#2175)
• Bump github.com/onsi/ginkgo/v2 from 2.22.1 to 2.22.2 in /test (#2168)
• Bump libvirt.org/go/libvirt from 1.10009.0 to 1.10009.1 in /test (#2153)
• Bump github.com/onsi/gomega from 1.36.1 to 1.36.2 in /test (#2160)
• Bump github.com/onsi/gomega from 1.36.1 to 1.36.2 (#2158)
• Bump google/osv-scanner from 1.9.1 to 1.9.2 (#2162)
• Bump github/codeql-action from 3.27.5 to 3.27.9 (#2141)

♻️ Superseded or Reverted

• #2247, #2225, #2216, #2251, #2199, #2186, #2159, #2253, #2178, #2152

The image for this release is: v0.9.1

Thanks to all our contributors! 😊

v0.8.1

Changes since v0.8.0

⚠️ Breaking Changes

This patch release contains fix for the security advisory GHSA-c98h-7hp9-v9hq:

• Only accept HTTPHeadersRef in same namespace (#2322)

🐛 Bug Fixes

• bump x/net, x/crypto and x/oauth2 (#2318)
• update rescue iso used for e2e tests (#2319)
• bump actions/cache to v4.2.2 (#2281)
• bump cert-manager to v1.12.14 and x/crypto to v0.31.0 (#2136)
• Add RBAC files for metrics authentication and authorization (#2145)
• Remove kube-rbac-proxy and use controller run-time provided WithAuthenticationAndAuthorization filter instead (#2115)
• Add validation against cross-namespace secret references (#2205)

📖 Documentation

• Add e2e status badge to readme (#2065)
• Update readme on test triggers on release-0.8 (#1933)

🌱 Others

• Bump the kubernetes group to v0.29.15 (#2307)
• pin osv-scanner image in verify-release.sh (#2246)
• E2E: Fix kustomization for Ironic with inspector (#2302)
• Bump go.etcd.io/etcd/client/pkg/v3 from 3.5.18 to 3.5.19 (#2288)
• bump local hack scripts to basic-checks:golang-1.23 (#2300)
• bump golang to 1.23.7 (#2297)
• E2E: Use kind instead of minikube (#2276)
• Bump github.com/cert-manager/cert-manager from 1.12.15 to 1.12.16 in /test (#2257)
• Fix minikube restart in e2e by trying in a loop (#2250)
• Bump CAPI to v1.7.9 (#2120)
• Added Error message when reconciling loop is triggered more than once (#2083)
• Bump Go to 1.23.3 and golangci-lint to 1.60.3 (#2070)
• use uuidgen to generate random username/password (#2067)
• Add iurygregory as a reviewer (#2061)
• simplify go version handling in verify-release.sh (#2059)
• Bump softprops/action-gh-release from 2.0.8 to 2.0.9 (#2030)
• Add Riccardo and Adam as approvers (#2023)
• Bump golangci/golangci-lint-action from 6.1.0 to 6.1.1 (#2000)
• Bump github.com/prometheus/client_golang from 1.20.4 to 1.20.5 (#1999)
• bump markdownlint-cli2 to v0.12.0 (#1984)
• Bump sigs.k8s.io/cluster-api from 1.7.5 to 1.7.6 in /test (#1957)
• Bump sigs.k8s.io/cluster-api/test from 1.7.5 to 1.7.6 in /test (#1958)
• Bump github.com/onsi/ginkgo/v2 from 2.20.0 to 2.20.2 in /test (#1925)

♻️ Superseded or Reverted

• #2248, #2226, #2256, #2202, #2210, #2201, #2187, #2130, #2081, #2056, #2052,
  #2022, #2006, #1989, #1955, #1956, #1970, #1952, #1944

The image for this release is: v0.8.1

Thanks to all our contributors! 😊

v0.6.3

Changes since v0.6.2

📖 Documentation

• Add e2e status badge to readme (#2066)

🌱 Others

• Bump cert-manager to v1.12.14 and x/crypto to v0.31.0 (#2137)
• Bump the k8s.io/* deps to v0.29.12 (#2129)
• Bump go.etcd.io/etcd/client/pkg/v3 from 3.5.15 to 3.5.17 (#2054)
• use uuidgen to generate random username/password (#2068)
• Add iurygregory as a reviewer (#2062)
• Bump softprops/action-gh-release from 2.0.8 to 2.0.9 (#2031)
• Add Riccardo and Adam as approvers (#2024)
• bump golang to 1.22.8 (#1990)
• Bump actions/upload-artifact from 4.3.5 to 4.3.6 (#1915)

♻️ Superseded or Reverted

#2080, #2021, #1961, #1953

The image for this release is: v0.6.3

Thanks to all our contributors! 😊

v0.9.0

Changes since v0.8.0

✨ New Features

• Add RBAC files for metrics authentication and authorization (#2116)
• Remove kube-rbac-proxy and use controller run-time provided WithAuthenticationAndAuthorization filter instead (#2102)
• Allow FirmwareUpdates via Servicing with HostUpdatePolicy (#2044)
• Add reference to HostUpdatePolicy in Servicing with HFS Support (#2041)
• Add redfish-uefihttp driver (#1954)
• Add HostUpdatePolicy API (#1949)
• Add Golang-based deploy-cli (#1669)

🐛 Bug Fixes

• Disable deep image inspection for e2e (#2122)
• Add hack/tools to bed linted and fix errors in deploy-cli (#2123)
• Add missing update permissions for HostUpdatePolicy CR to BMH controller (#2099)
• Remove dataImage finalizer if BMH is missing (#1974)
• Update HFC Status when handling error in actionPreparing (#2060)
• Make custom deploy equivalent to image deploy (#2048)
• Fix update check in PreprovisioningImage controller (#1948)
• Disallow fetching secrets from namespaces different from the host's one

📖 Documentation

• Add e2e status badge to readme (#2064)
• Update test triggers on README (#1934)
• Migrate information away from docs/api.md (#1820)

🌱 Others

• Bump CAPI to v1.9.1 (#2133)
• Bump golang.org/x/crypto from 0.30.0 to 0.31.0 in /test (#2128 #2131)
• Bump the k8s.io/* deps to v0.31.4 (#2124)
• Bump github.com/onsi/gomega from 1.36.0 to 1.36.1 (#2125 #2127)
• Bump Golang to v1.23.4, CAPI to v1.9.0-rc.1 and, k8s.io/utils (#2114)
• Bump sigs.k8s.io/controller-runtime from 0.19.2 to 0.19.3 (#2106)
• Bump github.com/gophercloud/gophercloud/v2 from 2.2.0 to 2.3.0 (#2105)
• E2E: Pin ironic as workaround for failing tests (#2112)
• Add missing comment tags (#1985)
• Do not add colons to structured logging (#2084)
• Bump github/codeql-action from 3.27.3 to 3.27.5 (#2096)
• Bump softprops/action-gh-release from 2.0.9 to 2.1.0 (#2095)
• Bump github.com/onsi/ginkgo/v2 from 2.21.0 to 2.22.0 in /test (#2094)
• Remove deprecated ControllerManagerConfig (#2087)
• Bump github.com/stretchr/testify from 1.9.0 to 1.10.0 (#2077)
• Bump Go to 1.23.3 and golangci-lint to 1.60.3 (#2069)
• Bump github.com/cert-manager/cert-manager from 1.16.1 to 1.16.2 in /test (#2071)
• Use uuidgen to generate random username/password (#2063)
• Add iurygregory as a reviewer (#2047)
• Simplify go version handling in verify-release.sh (#2058)
• Add scheduled osv-scanner workflow (#2057)
• Bump go.etcd.io/etcd/client/pkg/v3 from 3.5.16 to 3.5.17 (#2055)
• Adjust test and linter timings (#2046)
• E2E: Add build tags (#2042)
• Adding ipxe builder to init container (#1966)
• Improve test coverage (#2013)
• Introduce inspection delay for the fixture provisioner (#2043)
• Fetch Ironic node list after each e2e test (#2028)
• Bump actions/cache from 4.1.1 to 4.1.2 (#2035)
• Bump libvirt.org/go/libvirt from 1.10006.0 to 1.10009.0 in /test (#2039)
• Bump actions/setup-go from 5.0.2 to 5.1.0 (#2034)
• Bump actions/checkout from 4.2.1 to 4.2.2 (#2032)
• Move TLS 1.3 from hardcoded default value to a config flag (#2027)
• Bump sigs.k8s.io/controller-tools from 0.16.3 to 0.16.5 (#2025)
• Add manifest generation while generating code (#2026)
• Fix misspelling in function name (#2014)
• Added Error message when reconciling loop is triggered more than once (#1792)
• Reuse PR verifier workflow from project-infra (#1968)
• Fix minor issues in the API help strings (#1936)
• Bump kustomize/kyaml v0.18.1 and kustomize/kustomize/v5 to v5.5.0 (#2007)
• Add Riccardo and Adam as approvers (#2008)
• Bump golangci/golangci-lint-action from 6.1.0 to 6.1.1 (#2001)
• Bump actions/upload-artifact from 4.4.0 to 4.4.3 (#2002)
• Make CAPI a pattern in dependabot config (#1991)
• Bump github.com/prometheus/client_golang from 1.20.3 to 1.20.5 (#1998)
• Fix minikube restart in e2e by trying in a loop (#1983)
• Improve deploy.sh to differentiate between build and run of kustomize (#1622)
• Bump controller runtime to v0.18.5 and CAPI to v1.8.3 (#1967)
• Bump markdownlint-cli2 to v0.12.0 (#1982)
• Use ubuntu-latest rather than hosted 4-core runner (#1978)
• Add test for baremetalhost controller updateEventHandler (#1881)
• Cleanup unused ironic:e2e tryload (#1963)
• Pin ginkgo cli to test/go.mod ginkgo package (#1947)
• Add BMO 0.8 e2e (#1945)
• Add resource dumping to e2e tests (#1939)
• Remove release-0.5 from dependabot config (#1932)
• Fix dependabot ignore rules for 0.8 branch (#1924)
• Add dependabot config for release-0.8 branch (#1911)

♻️ Superseded or Reverted

#1845, #1905, #1916, #1919, #1921, #1927, #1940, #1942, #1946, #1959, #1960, #1972, #1979, #1980, #1988, #1995, #2003, #2004, #2005, #2010, #2015, #2017, #2018, #2033, #2036, #2037, #2040, #2049, #2050, #2051, #2074, #2078, #2092, #2093, #2107, #2108, #2117

The image for this release is: v0.9.0

Thanks to all our contributors! 😊