v3.0.1

3.0.1 (Dec 5, 2025)

HOTFIX:

• Fix missing ip_mode attribute in kubernetes_service_v1 data source. [GH-2807]

v3.0.0

3.0.0 (Dec 3, 2025)

ENHANCEMENTS:

• • Add support for sidecar containers via restart_policy field in init_container spec [GH-2786]
• Add ip_mode attribute to service status [GH-2784]
• Add support for ValidatingAdmissionPolicy [GH-2794]
• Bump Kubernetes dependencies to v1.33 [GH-2774]

DEPRECATIONS:

• Data Sources

• kubernetes_config_map → use kubernetes_config_map_v1
• kubernetes_namespace → use kubernetes_namespace_v1
• kubernetes_secret → use kubernetes_secret_v1
• kubernetes_service → use kubernetes_service_v1
• kubernetes_pod → use kubernetes_pod_v1
• kubernetes_service_account → use kubernetes_service_account_v1
• kubernetes_persistent_volume_claim → use kubernetes_persistent_volume_claim_v1
• kubernetes_storage_class → use kubernetes_storage_class_v1
• kubernetes_ingress → use kubernetes_ingress_v1

Resources

• kubernetes_namespace → use kubernetes_namespace_v1
• kubernetes_service → use kubernetes_service_v1
• kubernetes_service_account → use kubernetes_service_account_v1
• kubernetes_default_service_account → use kubernetes_default_service_account_v1
• kubernetes_config_map → use kubernetes_config_map_v1
• kubernetes_secret → use kubernetes_secret_v1
• kubernetes_pod → use kubernetes_pod_v1
• kubernetes_endpoints → use kubernetes_endpoints_v1
• kubernetes_limit_range → use kubernetes_limit_range_v1
• kubernetes_persistent_volume → use kubernetes_persistent_volume_v1
• kubernetes_persistent_volume_claim → use kubernetes_persistent_volume_claim_v1
• kubernetes_replication_controller → use kubernetes_replication_controller_v1
• kubernetes_resource_quota → use kubernetes_resource_quota_v1
• kubernetes_api_service → use kubernetes_api_service_v1
• kubernetes_deployment → use kubernetes_deployment_v1
• kubernetes_daemonset → use kubernetes_daemon_set_v1
• kubernetes_stateful_set → use kubernetes_stateful_set_v1
• kubernetes_job → use kubernetes_job_v1
• kubernetes_cron_job → use kubernetes_cron_job_v1
• kubernetes_horizontal_pod_autoscaler → use kubernetes_horizontal_pod_autoscaler_v1 or kubernetes_horizontal_pod_autoscaler_v2
• kubernetes_certificate_signing_request → use kubernetes_certificate_signing_request_v1
• kubernetes_role → use kubernetes_role_v1
• kubernetes_role_binding → use kubernetes_role_binding_v1
• kubernetes_cluster_role → use kubernetes_cluster_role_v1
• kubernetes_cluster_role_binding → use kubernetes_cluster_role_binding_v1
• kubernetes_ingress → use kubernetes_ingress_v1
• kubernetes_ingress_class → use kubernetes_ingress_class_v1
• kubernetes_network_policy → use kubernetes_network_policy_v1
• kubernetes_pod_disruption_budget → use kubernetes_pod_disruption_budget_v1
• kubernetes_pod_security_policy → removed upstream; use Pod Security Admission instead
• kubernetes_priority_class → use kubernetes_priority_class_v1
• kubernetes_validating_webhook_configuration → use kubernetes_validating_webhook_configuration_v1
• kubernetes_mutating_webhook_configuration → use kubernetes_mutating_webhook_configuration_v1
• kubernetes_storage_class → use kubernetes_storage_class_v1
• kubernetes_csi_driver → use kubernetes_csi_driver_v1 [GH-2770]

BUG FIXES:

• Environment variables should not override configuration when using kubernetes_manifest. [GH-2788]
• resource/kubernetes_daemon_set_v1: fix an issue with the provider not waiting for rollout with wait_for_rollout = true. [GH-2789]

v2.38.0

2.38.0 (Jul 21, 2025)

ENHANCEMENTS:

• Add ResourceIdentity support to kubernetes_manifest [GH-2737]
• Add sub_path_expr to volume mount options pod spec [GH-2622]
• Add support for ResourceIdentity to SDKv2 resources [GH-2751]

BUG FIXES:

• Fixed goroutine-safety in the CRD and metadata cache, resulting in far fewer provider metadata requests. [GH-2699]
• data_source/kubernetes_pod_v1: fix an issue when the provider cuts out toleration under pod spec(spec.toleration) if it uses a well-known taint. [GH-2380]
• data_source/kubernetes_pod: fix an issue when the provider cuts out toleration under pod spec(spec.toleration) if it uses a well-known taint. [GH-2380]
• resource/kubernetes_cron_job: fix an issue when the provider cuts out toleration under pod spec template(*.template.spec.toleration`) if it uses a well-known taint. That could lead to a perpetual diff behavior. [GH-2380]
• resource/kubernetes_cron_job_v1: fix an issue when the provider cuts out toleration under pod spec template(*.template.spec.toleration`) if it uses a well-known taint. That could lead to a perpetual diff behavior. [GH-2380]
• resource/kubernetes_daemon_set_v1: fix an issue when the provider cuts out toleration under pod spec template(*.template.spec.toleration`) if it uses a well-known taint. That could lead to a perpetual diff behavior. [GH-2380]
• resource/kubernetes_daemonset: fix an issue when the provider cuts out toleration under pod spec template(*.template.spec.toleration`) if it uses a well-known taint. That could lead to a perpetual diff behavior. [GH-2380]
• resource/kubernetes_deployment: fix an issue when the provider cuts out toleration under pod spec template(*.template.spec.toleration`) if it uses a well-known taint. That could lead to a perpetual diff behavior. [GH-2380]
• resource/kubernetes_deployment_v1: fix an issue when the provider cuts out toleration under pod spec template(*.template.spec.toleration`) if it uses a well-known taint. That could lead to a perpetual diff behavior. [GH-2380]
• resource/kubernetes_job: fix an issue when the provider cuts out toleration under pod spec template(*.template.spec.toleration`) if it uses a well-known taint. That could lead to a perpetual diff behavior. [GH-2380]
• resource/kubernetes_job_v1: fix an issue when the provider cuts out toleration under pod spec template(*.template.spec.toleration`) if it uses a well-known taint. That could lead to a perpetual diff behavior. [GH-2380]
• resource/kubernetes_replication_controller_v1: fix an issue when the provider cuts out toleration under pod spec template(*.template.spec.toleration) if it uses a well-known taint. That could lead to a perpetual diff behavior. [GH-2380]
• resource/kubernetes_replication_controller: fix an issue when the provider cuts out toleration under pod spec template(*.template.spec.toleration) if it uses a well-known taint. That could lead to a perpetual diff behavior. [GH-2380]
• resource/kubernetes_stateful_set: fix an issue when the provider cuts out toleration under pod spec template(*.template.spec.toleration`) if it uses a well-known taint. That could lead to a perpetual diff behavior. [GH-2380]
• resource/kubernetes_stateful_set_v1: fix an issue when the provider cuts out toleration under pod spec template(*.template.spec.toleration`) if it uses a well-known taint. That could lead to a perpetual diff behavior. [GH-2380]

NOTES:

• We have updated the logic of resources that use the Pod specification template, such as kubernetes_deployment_v1, kubernetes_stateful_set_v1, etc, and now the provider will keep all tolerations(spec.toleration) returned by Kubernetes. The same is applicable for the data sources kubernetes_pod_v1 and kubernetes_pod. The behavior of resources kubernetes_pod_v1 and kubernetes_pod remains unchanged, i.e. the provider will keep removing tolerations with well-known taints since they might be attached to the object by Kubernetes controller and could lead to a perpetual diff. [GH-2380]

v2.37.1

2.37.1 (May 21, 2025)

BUG FIXES:

• Fixes issue #2732 where the provider would fail when used with Terraform >= v1.12.1 due to missing GetResourceIdentitySchemas implementation. [GH-2732]

v2.37.0

2.37.0 (May 20, 2025)

ENHANCEMENTS:

• kubernetes_config_map_v1: Add support for ResourceIdentity [GH-2721]

v2.36.0

ENHANCEMENTS:

• resource/kubernetes_secret_v1: Add support for write only attributes for data_wo and binary_data_wo. [GH-2692]

v2.35.1

BUG FIXES:

• resource/kubernetes_job_v1: revert the changes introduced in v2.34.0, where ttl_seconds_after_finished was set to 0. [GH-2650]
• resource/kubernetes_daemon_set_v1: fix issue where fields spec.strategy.rolling_update.max_surge and spec.strategy.rolling_update.max_unavailable were not being validated correctly. [GH-2653]

v2.35.0

FEATURES:

• resources_kubernetes_daemon_set_v1 : Added max_surge argument for to rolling_update block. [GH-2630]

v2.34.0

ENHANCEMENTS:

• Added conditions attribute to kubernetes_nodes data source, which will provide detailed node health and status information [GH-2612]
• Adding the kubernetes_secret_v1_data resource to the kubernetes provider. This resource will allow users to manage kubernetes secrets [GH-2604]
• Properly handle Kubernetes Jobs with ttl_seconds_after_finished = 0 to prevent unnecessary recreation. [GH-2596]

FEATURES:

• New ephemeral resource: kubernetes_certificate_signing_request_v1 [GH-2628]
• New ephemeral resource: kubernetes_token_request_v1 [GH-2628]

v2.33.0

ENHANCEMENTS:

• Add backoff_per_limit_index and max_failed_indexes fields in structure_job.go [GH-2421]
• Added support for namespace_selector field in PodAffinityTerm to enhance pod affinity and anti-affinity rules, allowing selection of namespaces based on label selectors. [GH-2577]
• kubernetes_manifest - handling "404 Not Found" errors during the deletion of Kubernetes resources, particularly in cases where the resource may have already been deleted by an operator managing the CRD before Terraform attempts to delete it. [GH-2592]
• schema_container.go: Add VolumeDevices [GH-2573]
• kubernetes_manifest: add TypeCheck for x-kubernetes-preserve-unknown-fields to prevent unnecessary replacement [GH-2437]