From 997f6012b540617f7fda1603d169e6ec92be125c Mon Sep 17 00:00:00 2001
From: Dalton Hubble <dghubble@gmail.com>
Date: Mon, 20 Jan 2025 15:21:05 -0800
Subject: [PATCH] Update Kubernetes from v1.32.0 to v1.32.1

* Enable the Kubernetes MutatingAdmissionPolicy alpha via feature gate
* Update CoreDNS from v1.11.4 to v1.12.0
* Update flannel from v0.26.2 to v0.26.3

Docs: https://kubernetes.io/docs/reference/access-authn-authz/mutating-admission-policy/
---
 resources/static-manifests/kube-apiserver.yaml |  2 ++
 variables.tf                                   | 12 ++++++------
 2 files changed, 8 insertions(+), 6 deletions(-)

diff --git a/resources/static-manifests/kube-apiserver.yaml b/resources/static-manifests/kube-apiserver.yaml
index 833357d..fd69713 100644
--- a/resources/static-manifests/kube-apiserver.yaml
+++ b/resources/static-manifests/kube-apiserver.yaml
@@ -30,9 +30,11 @@ spec:
     - --etcd-certfile=/etc/kubernetes/pki/etcd-client.crt
     - --etcd-keyfile=/etc/kubernetes/pki/etcd-client.key
     - --etcd-servers=${etcd_servers}
+    - --feature-gates=kube:MutatingAdmissionPolicy=true
     - --kubelet-client-certificate=/etc/kubernetes/pki/apiserver.crt
     - --kubelet-client-key=/etc/kubernetes/pki/apiserver.key
     - --kubelet-preferred-address-types=InternalIP,ExternalIP,Hostname${aggregation_flags}
+    - --runtime-config=admissionregistration.k8s.io/v1alpha1=true
     - --secure-port=6443
     - --service-account-issuer=https://kubernetes.default.svc.cluster.local
     - --service-account-jwks-uri=https://kubernetes.default.svc.cluster.local/openid/v1/jwks
diff --git a/variables.tf b/variables.tf
index e91353e..5219c24 100644
--- a/variables.tf
+++ b/variables.tf
@@ -46,13 +46,13 @@ variable "container_images" {
   default = {
     cilium_agent            = "quay.io/cilium/cilium:v1.16.5"
     cilium_operator         = "quay.io/cilium/operator-generic:v1.16.5"
-    coredns                 = "registry.k8s.io/coredns/coredns:v1.11.4"
-    flannel                 = "docker.io/flannel/flannel:v0.26.2"
+    coredns                 = "registry.k8s.io/coredns/coredns:v1.12.0"
+    flannel                 = "docker.io/flannel/flannel:v0.26.3"
     flannel_cni             = "quay.io/poseidon/flannel-cni:v0.4.2"
-    kube_apiserver          = "registry.k8s.io/kube-apiserver:v1.32.0"
-    kube_controller_manager = "registry.k8s.io/kube-controller-manager:v1.32.0"
-    kube_scheduler          = "registry.k8s.io/kube-scheduler:v1.32.0"
-    kube_proxy              = "registry.k8s.io/kube-proxy:v1.32.0"
+    kube_apiserver          = "registry.k8s.io/kube-apiserver:v1.32.1"
+    kube_controller_manager = "registry.k8s.io/kube-controller-manager:v1.32.1"
+    kube_scheduler          = "registry.k8s.io/kube-scheduler:v1.32.1"
+    kube_proxy              = "registry.k8s.io/kube-proxy:v1.32.1"
   }
 }