v0.35.0

This release adds support for the spec.initProvider API and for the granular management policies alpha feature detailed here.

The generated example manifests from Terraform registry no longer contain the trailing YAML document separator (---).

The external client for Terraformed resources now explicitly requeue, up to 20 retries, a reconciliation request if a shared provider has expired. And only after 20 retries it propagates the error down to the managed reconciler. The ttl-expired error message has also been improved to hint at the --provider-ttl command-line option.

Also status updates and updates to certain annotations (crossplane.io/external-create-failed & crossplane.io/external-create-pending) no longer queue reconciliation requests, which decreases the resource utilization of upjet-based providers. This is especially important when errors happen during the external connecter's Create call, or in general, when an MR is failing to sync successfully.

Breaking API Changes

The API for the management policies alpha feature has a breaking change:

The old API of

spec:
  managmentPolicy: FullControl/ObserveOnly/OrphanOnDelete

is replaced by:

spec: 
  managementPolicies: ["*", "Observe", "Create", "Update", "LateInitialize", "Delete"]

After applying the updated provider, the spec.managementPolicy field will be removed automatically, and the spec.managementPolicies: ["*"] will be defaulted. This is equivalent to FullControl but for resources using ObserveOnly and OrphanOnDelete the it means that the behavior changes.

The suggested migration steps from spec.managementPolicy to spec.managementPolicies (if the alpha feature is being used) are:

• Pause your resources using non-default management policies before upgrading the provider version
• Noting down which ones those are (could be by adding labels managementPolicy: x )
• Upgrading the provider version
• Setting the desired management policies on the marked ones (those with label managementPolicy)

What's Changed

• Update actions/checkout action to v3 by @renovate in #272
• Update actions/setup-go action to v4 by @renovate in #273
• Update docker/setup-qemu-action action to v2 by @renovate in #274
• Fixes a typo on the required format for an identity provider when usi… by @jastang in #325
• Temporarily disable configuring auth with secrets by @jastang in #329
• Update README.md by @jeanduplessis in #330
• Update CODEOWNERS file by @turkenf in #332
• Adding backstage configuration by @Piotr1215 in #333
• fix(cluster): skip lateInit for node_config by @haarchri in #338
• Feature/add google access context manager resources by @bradkwadsworth-mw in #331
• Add an event filter with the resource.DesiredStateChanged predicate to filter status updates out by @ulucinar in #344
• Support granular management policies by @lsviben in #336
• Added google_compute_router_peer. by @bradkwadsworth-mw in #341
• Explicitly queue a reconcile request if a shared provider has expired by @ulucinar in #346

New Contributors

• @Piotr1215 made their first contribution in #333
• @haarchri made their first contribution in #338
• @lsviben made their first contribution in #336

Full Changelog: v0.34.0...v0.35.0

v0.34.0

What's Changed

• Revert "Remove family label from the config provider for proper search indexing" by @ulucinar in #317
• Add dependency to Crossplane min version of v1.12.1-0 by @ulucinar in #319
• Adds the required field spec.projectID for ProviderConfig creation … by @jastang in #320
• Scoped leader election by @stevendborrelli in #321
• Remove version input from publish-service-artifacts.yml by @turkenf in #323

New Contributors

• @stevendborrelli made their first contribution in #321

Full Changelog: v0.33.1...v0.34.0

v0.33.1

What's Changed

• [Backport release-0.33] Revert "Remove family label from the config provider for proper search indexing" by @github-actions in #318
• [Backport release-0.33] Adds the required field spec.projectID for ProviderConfig creation … by @github-actions in #322

Full Changelog: v0.33.0...v0.33.1

v0.33.0

What's Changed

• Rename family parent package from provider-gcp-config to provider-family-gcp by @ulucinar in #305
• Support auth annotations for Upbound by @jastang in #295
• Add examples for bigtable(4) resources by @turkenf in #287
• Fix minor issue in docs for creating a Cronjob for rotate the GCP access tokens by @rbrunan in #310
• Update token in native provider bump workflow by @turkenf in #311
• Bump native provider to version 4.66.0 by @upbound-bot in #312
• add service account impersonation by @bradkwadsworth-mw in #205
• Do not assume private_key attribute exists in ServiceAccountKey state by @ulucinar in #314
• Feature/add project shared vpc resources selectors by @bradkwadsworth-mw in #210
• Remove family label from the config provider for proper search indexing by @jastang in #315

New Contributors

• @jastang made their first contribution in #295
• @rbrunan made their first contribution in #310
• @upbound-bot made their first contribution in #312

Full Changelog: v0.32.0...v0.33.0

v0.32.0

What's Changed

• Add caller workflow for publishing service artifacts by @turkenf in #292
• Break provider-gcp up by service by @ulucinar in #288
• Use monolith for local run by @turkenf in #293
• Enable ESS support by @ezgidemirel in #294
• InterconnectAttachment - Use selflink instead of Id by @Pocokwins in #291
• add sharedVPCHostProject and sharedVPCServiceProject by @RemiVR in #254
• Batch build smaller provider packages using up xpkg batch by @ulucinar in #299
• Fix Publish Service Artifacts workflow call by @ulucinar in #302
• Add maintenance_version field to ignore list by @sergenyalcin in #298
• Bump Terraform provider version to v4.64.0 by @turkenf in #300
• Remove outdated statements on UXP requirement by @ytsarev in #303

New Contributors

• @RemiVR made their first contribution in #254
• @ytsarev made their first contribution in #303

Full Changelog: v0.31.0...v0.32.0

v0.31.0

What's Changed

• add google_storage_notification resource by @bradkwadsworth-mw in #229
• Add sizing and monitoring guide references by @sergenyalcin in #277
• Add Support for Observe Only Resources by @ulucinar in #284

Full Changelog: v0.30.0...v0.31.0

v0.30.0

What's Changed

• Remove old CI workflow and reuse new one by @turkenf in #247
• Remove old workflows and reuse new ones: Backport, Comment Commands and Tag by @turkenf in #248
• Add enable_autopilot attribute and some another attributes to LateInitializer ignore to fix issue 256 by @svscheg in #258
• Consume upjet ProviderScheduler by @ulucinar in #260
• Add caller workflow for publishing docs by @turkenf in #259
• Update module golang.org/x/net to v0.7.0 [SECURITY] by @renovate in #241
• Update alpine Docker tag to v3.17.2 by @renovate in #245
• Update module github.com/crossplane/crossplane-runtime to v0.19.2 [SECURITY] by @renovate in #253
• Remove workflow update by @dverveiko in #257
• Pin dependencies by @renovate in #243
• Regenerate the CRDs by @jeanduplessis in #270
• Conditionally use resource-scoped over provider-scoped project id for… by @djeremiah in #265

New Contributors

• @svscheg made their first contribution in #258
• @renovate made their first contribution in #241
• @djeremiah made their first contribution in #265

Full Changelog: v0.29.0...v0.30.0

v0.29.0

In addition to the new resource configurations and some fixes in the existing resources, with the v0.29.0 release, upbound/provider-gcp now exposes the following Prometheus metrics from the upjet runtime:

• upjet_terraform_cli_duration: This is a histogram metric and reports statistics, in seconds, on how long it takes a Terraform CLI invocation to complete.
• upjet_terraform_active_cli_invocations: This is a gauge metric and it's the number of active (running) Terraform CLI invocations.
• upjet_terraform_running_processes: This is a gauge metric and it's the number of running Terraform CLI and Terraform provider processes.
• upjet_resource_ttr: This is a histogram metric and it measures, in seconds, the time-to-readiness for managed resources. Time-to-readiness (TTR for short) is defined for managed resources with the Ready=True status condition and is defined as the time between the MR's metadata.creationTimestamp and the time it acquires the Ready=True condition.

A detailed account of the available custom Prometheus metrics together with examples showing them in action can be found in crossplane/upjet#170.

We also bump the underlying Terraform provider version to v4.56.0 with this release.

The provider's package is available as xpkg.upbound.io/upbound/provider-gcp:v0.29.0, and please don't forget to check the provider's Upbound Marketplace documentation.

What's Changed

• Moving certificatemanager (3) resources to v1beta1 version by @steperchuk in #235
• chore(cloudcomposer): fix ServiceAccuount typo by @DpoBoceka in #217
• ci: configure renovate by @phisco in #116
• Adding google_app_engine_firewall_rule resource to v1beta1 version by @mykolalosev in #238
• Add OWNERS.md and CODEOWNERS by @turkenf in #246
• Consume upjet with custom metrics by @turkenf in #250
• Add native provider version bump reusable workflow by @ulucinar in #232
• Bump Terraform provider version to v4.56.0 by @ulucinar in #252
• Add Prometheus metrics to the upjet runtime by @ulucinar in crossplane/upjet#170

New Contributors

• @steperchuk made their first contribution in #235
• @DpoBoceka made their first contribution in #217
• @phisco made their first contribution in #116

Full Changelog: v0.28.0...v0.29.0

v0.28.0

What's Changed

• Moving cloudplatform(1) resource to v1beta1 version by @MyzaTaras in #224
• Adding google_healthcare_dataset_iam_member, google_iap_app_engine_service_iam_member, google_iap_app_engine_version_iam_member, google_iap_tunnel_iam_member, google_apigee_environment_iam_member, google_artifact_registry_repository_iam_member, google_bigquery_analytics_hub_data_exchange_iam_member, google_compute_snapshot_iam_member, google_gke_hub_membership_iam_member, google_dns_managed_zone_iam_member resources to v1beta1 version by @mykolalosev in #230

Full Changelog: v0.27.0...v0.28.0

v0.27.0

What's Changed

• Add configurations of apigee (2), artifactregistry (2), beyondcorp (3), bigqueryanalyticshub (4), bigqueryconnection (1), certificatemanager (2) ids (1), cloudrun (2), cloudtasks (1), cloudfunctions2 (2), cloudiot (1) groups by @dverveiko in #170
• Add configurations of compute (11), containerattached (1), datafusion (1), dataplex (2), dataproc (3), datastream (2), dialogflow (1), dns (1), documentai (2), eventarc (2) groups by @dverveiko in #172
• Add configurations of filestore (2), gke (2), iam (4), identityplatform (2), kms (1), logging (1), monitoring (2), scc (1), storage (6), vertexai (7) groups by @dverveiko in #180
• Adding google_logging_log_view, google_logging_metric, google_logging_project_bucket_config, google_logging_project_exclusion, google_logging_project_sink to v1beta1 version by @mykolalosev in #178
• Moving certificatemanager(1), ids(1), cloudrun(2) resources to v1beta1 version by @MyzaTaras in #179
• Adding google_vertex_ai_dataset, google_vertex_ai_featurestor, google_vertex_ai_featurestore_entitytype, google_vertex_ai_tensorboard, google_filestore_backup, google_filestore_snapshot to v1beta1 version by @mykolalosev in #188
• Moving dataplex(3), datastream(2), dialogflow(1), documentai(1) resources to v1beta1 version by @MyzaTaras in #185
• Moving identityplatform (1), kms (1), monitoring (1) resources to v1b… by @MyzaTaras in #191
• Adding google_apigee_nat_address, google_artifact_registry_repository, google_beyondcorp_app_connection, google_beyondcorp_app_connector, google_beyondcorp_app_gateway, google_bigquery_analytics_hub_data_exchange, google_bigquery_analytics_hub_listing to v1beta1 version by @mykolalosev in #194
• Moving storage (3), iam (2), gke (1) resources to v1beta1 version by @MyzaTaras in #198
• Moving cloudfunctions2 resources to v1beta1 version by @MyzaTaras in #199
• Adding google_compute_backend_service_signed_url_key, google_compute_network_firewall_policy, google_compute_network_firewall_policy_association, google_compute_region_network_firewall_policy, google_compute_region_network_firewall_policy_association, google_compute_snapshot, google_compute_ssl_policy, google_eventarc_channel, google_eventarc_google_channel_config to v1beta1 version by @mykolalosev in #202
• Bump Terraform provider version to v4.51.0 by @ulucinar in #192
• Add Upbound auth source and support for federated identity by @hasheddan in #206
• Add configurations of cloudplatform (5), iap (1), orgpolicy (1), tags (5), tpu (1), vpcaccess (1), workflows (1) groups by @dverveiko in #203
• Moving dataproc(1) resources to v1beta1 version by @MyzaTaras in #208
• Moving tpu(1), workflows(1) resources to v1beta1 version by @MyzaTaras in #219
• Bump upjet to commit b1ed9245d05 by @ulucinar in #220
• Bumps dependencies used in Github workflows by @ulucinar in #215
• Instance - Use selflink instead of resourceId by @Pocokwins in #196

Full Changelog: v0.26.0...v0.27.0