Skip to main content
Version: v0.22.2

metal-stack v0.22.2

See original release note at https://github.com/metal-stack/releases/releases/tag/v0.22.2

General

Noteworthy

  • Starting with this release the cluster-api-provider-metal-stack supports the automatic deployment of static firewalls. All default templates are now adjusted accordingly. You can try this out by using the new MetalStackFirewallTemplate and MetalStackFirewallDeployment resources and reference the deployment within MetalStackCluster using the new spec.firewallDeploymentRef.name field. (metal-stack/cluster-api-provider-metal-stack#118)
  • CSI-Plugin architecture changed from a split controller-daemonset to an only daemonset architecture. Each daemonset now also provides its own controller (figure 3 of the possible csi-plugin architectures here). With this architecture it is not necessary anymore to spawn pods for volume provisioning and deletion. For users of the Helm chart and the gardener-extension-csi-driver-lvm this migration can be deployed seamlessly. Manually deployed csi-driver-lvm installations need to adapt to the new architecture and delete the existing controller stateful set. (metal-stack/csi-driver-lvm#128)
  • Gracefully handle audit event batches larger than 4MB by splitting them into smaller batches and limiting the size of individual audit events to 4MB. (metal-stack/gardener-extension-audit#65)

Required Actions

  • It is now possible to resolve metal-stack OCI release vectors and ansible-roles using the metal_stack_release_vector module that is now by default included in the metal-deployment-base image. Please check the the README or the latest mini-lab as an example for how to use it. Old deployments still continue to work, the old setup_yaml module will become deprecated over time. setup_yaml will be deprecated with metal-stack v0.23.0. (metal-stack/metal-deployment-base#40)

Component Releases

gardener-extension-ontap v0.2.10

  • update version to 25.06.3 (metal-stack/gardener-extension-ontap#75) @Honigeintopf

metal-ccm v0.9.9

  • Update to go-1.25, debian:13 (metal-stack/metal-ccm#120) @majst01

gardener-extension-provider-metal v0.27.2

  • Fix metallb webhook certificate. (metal-stack/gardener-extension-provider-metal#481) @Gerrit91

api v0.0.35

  • Fix admin token create (metal-stack/api#72) @majst01
  • Migrate to mockery v3 (metal-stack/api#73) @majst01
  • Add admin project service (metal-stack/api#74) @AnnaSchreiner

metal-hammer v0.13.16

  • Downgrade u-root to enable ctrl-c again (metal-stack/metal-hammer#174) @majst01

ansible-common v0.7.4

  • Provide metal_stack_release_vector module. (metal-stack/ansible-common#39) @Gerrit91
  • Template module variables in action plugin. (metal-stack/ansible-common#41) @Gerrit91

metal-apiserver v0.1.0

  • Authorize with expanded token permissions (metal-stack/metal-apiserver#94) @majst01
  • add project/tenant leave endpoint (metal-stack/metal-apiserver#92) @mac641
  • Implement switch infra get and heartbeat endpoints (metal-stack/metal-apiserver#84) @iljarotar
  • Implement admin tenant list. (metal-stack/metal-apiserver#88) @Gerrit91
  • Add Admin Token Service (metal-stack/metal-apiserver#87) @majst01

metal-deployment-base v0.9.0

  • Ship metal_stack_release_vector module. (metal-stack/metal-deployment-base#40) @Gerrit91
  • sshpass is required to use passwords with the ssh connection plugin (metal-stack/metal-deployment-base#46) @robertvolkmann

metal-roles v0.17.27

  • Cleanup old gardener images from before operator migration. (metal-stack/metal-roles#499) @Gerrit91
  • Fix improper API version field in namespace definition. (metal-stack/metal-roles#498) @Gerrit91
  • Add oci-mirror to image vector mapping. (metal-stack/metal-roles#501) @Gerrit91

mini-lab v0.5.0

  • Use metal_stack_release_vector module (metal-stack/mini-lab#247) @Gerrit91
  • update mini-lab illustration (metal-stack/mini-lab#274) @AnnaSchreiner
  • feat: allow capms-ubuntu in fsl (metal-stack/mini-lab#264) @vknabel
  • Ansible update for deployment base image v0.8.0. (metal-stack/mini-lab#263) @Gerrit91
  • Fix flakiness of virtual SONiC tests (metal-stack/mini-lab#262) @mwindower
  • Differentiate SONiC base image versions and use 202505 (metal-stack/mini-lab#260) @mwindower
  • Update firewall creation command in README (metal-stack/mini-lab#258) @dhilgarth
  • README.md: Add jq to apt install (metal-stack/mini-lab#257) @GeertJohan
  • Hotfix using archive.debian.org for bullseye-backports on SONiC. (metal-stack/mini-lab#253) @Gerrit91
  • Add sonic base image workflow (metal-stack/mini-lab#252) @ostempel
  • added sonic base image workflow (metal-stack/mini-lab#251) @ostempel
  • Remove Cumulus (metal-stack/mini-lab#246) @robertvolkmann
  • Create proxy registries after kind cluster. (metal-stack/mini-lab#248) @Gerrit91
  • Implement a health check for SONiC (metal-stack/mini-lab#195) @robertvolkmann
  • Pin ingress-nginx controller helm chart due to regression. (metal-stack/mini-lab#245) @Gerrit91
  • Adapt to latest metal-roles. (metal-stack/mini-lab#244) @Gerrit91
  • Add Headscale support (metal-stack/mini-lab#243) @majst01
  • Don't cancel each other's job in test matrix. (metal-stack/mini-lab#240) @Gerrit91
  • include sboms in container images (metal-stack/mini-lab#242) @mac641
  • Gardener operator (metal-stack/mini-lab#239) @Gerrit91
  • feat: remove unused meilisearch (metal-stack/mini-lab#241) @vknabel
  • Recreate update strategy for ingress-nginx (metal-stack/mini-lab#235) @Gerrit91
  • Add pull-through caches for common container registries (metal-stack/mini-lab#227) @ostempel
  • Use OpenIPMI for managing the power of the virtual machines. (metal-stack/mini-lab#223) @robertvolkmann
  • Use new flag --abort-on-container-failure (metal-stack/mini-lab#238) @robertvolkmann
  • Inline IP masquerade for SONiC switches (metal-stack/mini-lab#237) @iljarotar
  • docs: include missing step for make dev-env (metal-stack/mini-lab#226) @vknabel

cluster-api-provider-metal-stack v0.7.0

  • Static Firewall Deployments (metal-stack/cluster-api-provider-metal-stack#118) @vknabel

metal-core v0.14.1

  • Update go dependencies (metal-stack/metal-core#174) @majst01
  • Allow different VTEP name than vtep (metal-stack/metal-core#163) @iljarotar
  • Do not try to cleanup default VRF (metal-stack/metal-core#170) @iljarotar
  • Fix ethernet packet overflow (metal-stack/metal-core#176) @majst01

gardener-extension-audit v0.4.1

  • Limit audit log event size to prevent dropped events (metal-stack/gardener-extension-audit#65) @MichaelEischer

metal-api v0.42.5

  • Upgrade security with jwx v3 (metal-stack/metal-api#636) @majst01

Merged Pull Requests

This is a list of pull requests that were merged since the last release. The list does not contain pull requests from release-vector-repositories.

The fact that these pull requests were merged does not necessarily imply that they have already become part of this metal-stack release.

  • First set of refactorings. (metal-stack/metal-robot#91) @Gerrit91
  • Bump releases to version v0.22.1 (metal-stack/website#152) @metal-robot[bot]
  • Remove release vector repos to require CONTRIBUTING.md. (metal-stack/website#159) @Gerrit91
  • Bump lint-staged from 16.2.4 to 16.2.7 (metal-stack/website#153) @dependabot[bot]
  • Bump semver from 7.7.2 to 7.7.3 (metal-stack/website#154) @dependabot[bot]
  • Bump axios from 1.12.2 to 1.13.2 (metal-stack/website#157) @dependabot[bot]
  • Bump @carbon/icons-react from 11.67.0 to 11.70.0 (metal-stack/website#156) @dependabot[bot]
  • Bump react-dom from 19.1.1 to 19.2.0 (metal-stack/website#155) @dependabot[bot]
  • Fix for ethernet packet overflow (metal-stack/go-lldpd#32) @majst01
  • Add admin project list (metal-stack/cli#13) @AnnaSchreiner
  • add log message (metal-stack/zitadel-init#1) @ostempel
  • make init idempotent and initialize entities (metal-stack/zitadel-init#3) @ostempel
  • add code-owners and license (metal-stack/zitadel-init#4) @ostempel
  • gardener hackathon blog article (metal-stack/website#161) @Honigeintopf
  • Svg bg in dark mode (metal-stack/website#160) @AnnaSchreiner
  • Migrate to jwx v3 (metal-stack/security#64) @majst01
  • Bump metal-api to version v0.42.5 (metal-stack/metal-python#160) @metal-robot[bot]
  • Bump metal-api to version v0.42.5 (metal-stack/metal-go#221) @metal-robot[bot]
  • Bump go-github to v79. (metal-stack/metal-robot#96) @Gerrit91
  • Deprecate Swagger in contribution guideline. (metal-stack/website#167) @Gerrit91
  • Upgrade to go 1.25.5 (metal-stack/builder#87) @thheinel
  • add possibility to configure http client for oidc provider (metal-stack/goth#1) @ostempel
  • Bump tailwind-merge from 3.3.1 to 3.4.0 (metal-stack/website#166) @dependabot[bot]
  • Bump yaml from 2.8.1 to 2.8.2 (metal-stack/website#162) @dependabot[bot]
  • Bump @carbon/icons-react from 11.70.0 to 11.71.0 (metal-stack/website#164) @dependabot[bot]
  • Bump react from 19.2.0 to 19.2.1 (metal-stack/website#163) @dependabot[bot]
  • change default provider to openid-connect (metal-stack/cli#14) @ostempel
  • Allow connecting through kubernetes service instead of ingress. (metal-stack/zitadel-init#5) @Gerrit91
  • fix issue where line-breaks in rendered docs were missing (metal-stack/website#169) @mac641
  • Bump tailwindcss from 4.1.17 to 4.1.18 (metal-stack/website#172) @dependabot[bot]
  • Bump @scalar/api-reference-react from 0.8.1 to 0.8.11 (metal-stack/website#171) @dependabot[bot]
  • Bump @tailwindcss/postcss from 4.1.17 to 4.1.18 (metal-stack/website#175) @dependabot[bot]
  • Bump react from 19.2.1 to 19.2.3 (metal-stack/website#173) @dependabot[bot]
  • chore(deps): bump google.golang.org/protobuf from 1.36.10 to 1.36.11 (metal-stack/terraform-provider-metal#268) @dependabot[bot]
  • Bump @scalar/api-reference-react from 0.8.11 to 0.8.15 (metal-stack/website#176) @dependabot[bot]
  • Announcement for FOSDEM 2026 participation. (metal-stack/website#177) @Gerrit91
  • Next release (metal-stack/releases#258) @metal-robot[bot]