Skip to content

chore(deps): update terraform kubernetes to v2.38.0 #134

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 1 commit into
base: develop
Choose a base branch
from
Open

chore(deps): update terraform kubernetes to v2.38.0 #134

wants to merge 1 commit into from
+25 −15

Conversation

@renovate
Copy link
Contributor

@renovate renovate bot commented Nov 11, 2025

This PR contains the following updates:

Package Type Update Change
kubernetes (source) required_provider minor =2.24.0 -> 2.38.0

Release Notes

hashicorp/terraform-provider-kubernetes (kubernetes)

v2.38.0

Compare Source

ENHANCEMENTS:

  • Add ResourceIdentity support to kubernetes_manifest [GH-2737]
  • Add sub_path_expr to volume mount options pod spec [GH-2622]
  • Add support for ResourceIdentity to SDKv2 resources [GH-2751]

BUG FIXES:

  • Fixed goroutine-safety in the CRD and metadata cache, resulting in far fewer provider metadata requests. [GH-2699]
  • data_source/kubernetes_pod_v1: fix an issue when the provider cuts out toleration under pod spec(spec.toleration) if it uses a well-known taint. [GH-2380]
  • data_source/kubernetes_pod: fix an issue when the provider cuts out toleration under pod spec(spec.toleration) if it uses a well-known taint. [GH-2380]
  • resource/kubernetes_cron_job: fix an issue when the provider cuts out toleration under pod spec template(*.template.spec.toleration`) if it uses a well-known taint. That could lead to a perpetual diff behavior. [GH-2380]
  • resource/kubernetes_cron_job_v1: fix an issue when the provider cuts out toleration under pod spec template(*.template.spec.toleration`) if it uses a well-known taint. That could lead to a perpetual diff behavior. [GH-2380]
  • resource/kubernetes_daemon_set_v1: fix an issue when the provider cuts out toleration under pod spec template(*.template.spec.toleration`) if it uses a well-known taint. That could lead to a perpetual diff behavior. [GH-2380]
  • resource/kubernetes_daemonset: fix an issue when the provider cuts out toleration under pod spec template(*.template.spec.toleration`) if it uses a well-known taint. That could lead to a perpetual diff behavior. [GH-2380]
  • resource/kubernetes_deployment: fix an issue when the provider cuts out toleration under pod spec template(*.template.spec.toleration`) if it uses a well-known taint. That could lead to a perpetual diff behavior. [GH-2380]
  • resource/kubernetes_deployment_v1: fix an issue when the provider cuts out toleration under pod spec template(*.template.spec.toleration`) if it uses a well-known taint. That could lead to a perpetual diff behavior. [GH-2380]
  • resource/kubernetes_job: fix an issue when the provider cuts out toleration under pod spec template(*.template.spec.toleration`) if it uses a well-known taint. That could lead to a perpetual diff behavior. [GH-2380]
  • resource/kubernetes_job_v1: fix an issue when the provider cuts out toleration under pod spec template(*.template.spec.toleration`) if it uses a well-known taint. That could lead to a perpetual diff behavior. [GH-2380]
  • resource/kubernetes_replication_controller_v1: fix an issue when the provider cuts out toleration under pod spec template(*.template.spec.toleration) if it uses a well-known taint. That could lead to a perpetual diff behavior. [GH-2380]
  • resource/kubernetes_replication_controller: fix an issue when the provider cuts out toleration under pod spec template(*.template.spec.toleration) if it uses a well-known taint. That could lead to a perpetual diff behavior. [GH-2380]
  • resource/kubernetes_stateful_set: fix an issue when the provider cuts out toleration under pod spec template(*.template.spec.toleration`) if it uses a well-known taint. That could lead to a perpetual diff behavior. [GH-2380]
  • resource/kubernetes_stateful_set_v1: fix an issue when the provider cuts out toleration under pod spec template(*.template.spec.toleration`) if it uses a well-known taint. That could lead to a perpetual diff behavior. [GH-2380]

NOTES:

  • We have updated the logic of resources that use the Pod specification template, such as kubernetes_deployment_v1, kubernetes_stateful_set_v1, etc, and now the provider will keep all tolerations(spec.toleration) returned by Kubernetes. The same is applicable for the data sources kubernetes_pod_v1 and kubernetes_pod. The behavior of resources kubernetes_pod_v1 and kubernetes_pod remains unchanged, i.e. the provider will keep removing tolerations with well-known taints since they might be attached to the object by Kubernetes controller and could lead to a perpetual diff. [GH-2380]

v2.37.1

Compare Source

BUG FIXES:

  • Fixes issue #​2732 where the provider would fail when used with Terraform >= v1.12.1 due to missing GetResourceIdentitySchemas implementation. [GH-2732]

v2.37.0

Compare Source

ENHANCEMENTS:

  • kubernetes_config_map_v1: Add support for ResourceIdentity [GH-2721]

v2.36.0

Compare Source

ENHANCEMENTS:

  • resource/kubernetes_secret_v1: Add support for write only attributes for data_wo and binary_data_wo. [GH-2692]

v2.35.1

Compare Source

BUG FIXES:

  • resource/kubernetes_job_v1: revert the changes introduced in v2.34.0, where ttl_seconds_after_finished was set to 0. [GH-2650]
  • resource/kubernetes_daemon_set_v1: fix issue where fields spec.strategy.rolling_update.max_surge and spec.strategy.rolling_update.max_unavailable were not being validated correctly. [GH-2653]

v2.35.0

Compare Source

FEATURES:

  • resources_kubernetes_daemon_set_v1 : Added max_surge argument for to rolling_update block. [GH-2630]

v2.34.0

Compare Source

ENHANCEMENTS:

  • Added conditions attribute to kubernetes_nodes data source, which will provide detailed node health and status information [GH-2612]
  • Adding the kubernetes_secret_v1_data resource to the kubernetes provider. This resource will allow users to manage kubernetes secrets [GH-2604]
  • Properly handle Kubernetes Jobs with ttl_seconds_after_finished = 0 to prevent unnecessary recreation. [GH-2596]

FEATURES:

  • New ephemeral resource: kubernetes_certificate_signing_request_v1 [GH-2628]
  • New ephemeral resource: kubernetes_token_request_v1 [GH-2628]

v2.33.0

Compare Source

ENHANCEMENTS:

  • Add backoff_per_limit_index and max_failed_indexes fields in structure_job.go [GH-2421]
  • Added support for namespace_selector field in PodAffinityTerm to enhance pod affinity and anti-affinity rules, allowing selection of namespaces based on label selectors. [GH-2577]
  • kubernetes_manifest - handling "404 Not Found" errors during the deletion of Kubernetes resources, particularly in cases where the resource may have already been deleted by an operator managing the CRD before Terraform attempts to delete it. [GH-2592]
  • schema_container.go: Add VolumeDevices [GH-2573]

v2.32.0

Compare Source

FEATURES:

  • New data source: kubernetes_server_version [GH-2306]

ENHANCEMENTS:

  • resource/kubernetes_certificate_signing_request_v1: Add argument spec.expiration_seconds [GH-2559]
  • resource/kubernetes_persistent_volume_v1: support ReadWriteOncePod access mode for PVs [GH-2488]

v2.31.0

Compare Source

ENHANCEMENTS:

  • Add support for Terraform's experimental deferred actions [GH-2510]

v2.30.0

Compare Source

BUG FIXES:

  • data_source/kubernetes_resources: fix an issue where the provider exit with an error when the data source kubernetes_resources receives multiple Kubernetes objects containing tuples with different numbers of elements. [GH-2372]
  • kubernetes_manifest: fix issue preventing KUBE_PROXY_URL environment variable from being used in client configuration (#​1733) [GH-2485]
  • resource/kubernetes_node_taint: Fix the error check for nonexistant nodes so that terraform does not fail if there is a taint in the state file for a node that has been deleted. [GH-2402]

DOCS:

  • Migrate legacy structure to new tfplugindocs template structure [GH-2470]

v2.29.0

Compare Source

BUG FIXES:

  • data-sources: revert a recently introduced deviation on datasources where querying a non-existent resource would cause an error (#​2434). [GH-2464]

v2.28.1

Compare Source

HOTFIX:

  • manifest_decode(): fix handling of manifests containing null values [GH-2461]

v2.28.0

Compare Source

ENHANCEMENTS:

NOTE: Using Provider Defined Functions requires Terraform version 1.8.0.

  • Add provider defined functions: manifest_encode, manifest_decode, manifest_decode_multi [GH-2428]

v2.27.0

Compare Source

ENHANCEMENTS:

  • resource/kubernetes_pod_v1: add missing topology_spread_constraints: node_affinity_policy, node_taints_policy, match_label_keys, min_domains [GH-2429]

v2.26.0

Compare Source

ENHANCEMENTS:

  • kubernetes/kubernetes_deployment_v1: Add support for HugePages in emptyDir.medium [GH-2395]
  • resource/kubernetes_job_v1: add new attribute spec.pod_failure_policy to job spec [GH-2394]

NOTES:

  • Bump Kubernetes dependencies from x.27.8 to x.28.6. [GH-2404]

v2.25.2

Compare Source

BUG FIXES:

  • resource/kubernetes_cron_job_v1: fix an issue when the provider forces a resource recreation after upgrading to 2.25.0 and 2.25.1 due to changes in the resource schema. [GH-2387]
  • resource/kubernetes_cron_job: fix an issue when the provider forces a resource recreation after upgrading to 2.25.0 and 2.25.1 due to changes in the resource schema. [GH-2387]
  • resource/kubernetes_daemon_set_v1: fix an issue when the provider forces a resource recreation after upgrading to 2.25.0 and 2.25.1 due to changes in the resource schema. [GH-2387]
  • resource/kubernetes_daemonset: fix an issue when the provider forces a resource recreation after upgrading to 2.25.0 and 2.25.1 due to changes in the resource schema. [GH-2387]
  • resource/kubernetes_stateful_set_v1: fix an issue when the provider forces a resource recreation after upgrading to 2.25.0 and 2.25.1 due to changes in the resource schema. [GH-2387]
  • resource/kubernetes_stateful_set: fix an issue when the provider forces a resource recreation after upgrading to 2.25.0 and 2.25.1 due to changes in the resource schema. [GH-2387]

NOTES:

  • Resources kubernetes_cron_job_v1 and kubernetes_cron_job got a new attribute spec.job_template.metadata.namespace. It is a stub attribute that does not affect the namespace in which the Pod will be created. The Pod will be created in the same namespace as the main resource. However, modifying this field will force the resource recreation. [GH-2387]
  • Resources kubernetes_stateful_set_v1, kubernetes_stateful_set, kubernetes_daemon_set_v1, and kubernetes_daemonset got a new attribute spec.template.metadata.namespace. It is a stub attribute that does not affect the namespace in which the Pod will be created. The Pod will be created in the same namespace as the main resource. However, modifying this field will force the resource recreation. [GH-2387]

v2.25.1

Compare Source

HOTFIX:

  • kubernetes_manifest: Implement response for GetMetadata protocol function [GH-2384]

v2.25.0

Compare Source

ENHANCEMENTS:

  • Add terraform-plugin-framework provider [GH-2347]
  • data_source/kubernetes_persistent_volume_claim_v1: add a new attribute spec.volume_mode. [GH-2353]
  • data_source/kubernetes_persistent_volume_claim: add a new attribute spec.volume_mode. [GH-2353]
  • kubernetes/schema_stateful_set_spec.go: Add spec.persistentVolumeClaimRetentionPolicy in kubernetes_stateful_set [GH-2333]
  • resource/kubernetes_persistent_volume_claim_v1: add a new attribute spec.volume_mode. [GH-2353]
  • resource/kubernetes_persistent_volume_claim: add a new attribute spec.volume_mode. [GH-2353]
  • resource/kubernetes_stateful_set_v1: add a new attribute spec.volume_claim_template.spec.volume_mode. [GH-2353]
  • resource/kubernetes_stateful_set: add a new attribute spec.volume_claim_template.spec.volume_mode. [GH-2353]

BUG FIXES:

  • resource/kubernetes_cron_job_v1: Change the schema to include a namespace in jobTemplate
    resource/kubernetes_stateful_set_v1: Change the schema to include a namespace in template [GH-2362]
  • resource/kubernetes_ingress_v1: Fix an issue where the empty tls attribute in the configuration does not generate the corresponding Ingress object without any TLS configuration. [GH-2344]
  • resource/kubernetes_ingress: Fix an issue where the empty tls attribute in the configuration does not generate the corresponding Ingress object without any TLS configuration. [GH-2344]

NOTES:

  • We have updated the logic of data sources and now the provider will return all annotations and labels attached to the object, regardless of the ignore_annotations and ignore_labels provider settings. In addition to that, a list of ignored labels when they are attached to kubernetes_job(_v1) and kubernetes_cron_job(_v1) resources were extended with labels batch.kubernetes.io/controller-uid and batch.kubernetes.io/job-name since they aim to replace controller-uid and job-name in the future Kubernetes releases. [GH-2345]

A special and warm welcome to the first contribution from our teammate @​SarahFrench! 🚀

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

  • If you want to rebase/retry this PR, check this box

This PR was generated by Mend Renovate. View the repository job log.

@renovate renovate bot force-pushed the renovate/kubernetes-2.x branch from ac9737b to ebb071c Compare November 26, 2025 10:51
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant