RepoJournal
Kubernetes

@kubernetes

Container orchestration — what platform teams ship on

Pick a date

  1. Mon 4 may
  2. Tue 5 may
  3. Wed 6 may
  4. Thu 7 may
  5. Fri 8 may
  6. Sat 9 may
  7. Sun 10 may
  8. Mon 11 may
  9. Tue 12 may
  10. Wed 13 may
  11. Thu 14 may
  12. Fri 15 may
  13. Sat 16 may
  14. Sun 17 may
  15. Tue 19 may
  16. Wed 20 may
  17. Thu 21 may
  18. Sat 23 may
  19. Sun 24 may
  20. Mon 25 may
  21. Tue 26 may
  22. Wed 27 may
  23. Thu 28 may
  24. Fri 29 may
  25. Sat 30 may
  26. Sun 31 may
  27. Mon 1 jun
  28. Mon 8 jun
  29. Tue 9 jun
  30. Today 10 jun

The Wire · Showcase

GCP CLOUD PROVIDER ROLLBACK REVEALS RBAC REGRESSION—NODE DELETION BROKEN IN GKE

By RepoJournal · Filed · About Kubernetes

The cloud-provider-gcp team reverted a critical library update after discovering it broke node lifecycle permissions, leaving orphaned GCE instances stranded in clusters.

A v1.34.0 library bump [1] shipped yesterday but was reverted within hours [2] after exposing a cascading permission failure. The root cause: NodeLifecycleController was using a hardcoded client identity instead of respecting configured RBAC roles, preventing nodes from being deleted after their backing GCE instances vanished [3]. This regression was introduced by an earlier permission refactor [3], so the team is now carefully unwinding that work. In parallel, the cluster directory removal [4] continues as planned—kubetest2-gce dependency is gone, so that testing infrastructure is being cleaned up. Meanwhile, test-infra is tightening its own house: 14 periodic jobs with zero green builds in 90+ days are getting axed [5], and Windows Azure tests are coming back online after a capz provider fix [6].

Action items

References

  1. [1] Update GoogleCloudPlatform/k8s-cloud-provider to v1.34.0 ↗ kubernetes/cloud-provider-gcp
  2. [2] Revert "Update GoogleCloudPlatform/k8s-cloud-provider to v1.34.0" ↗ kubernetes/cloud-provider-gcp
  3. [3] fix: Ensure NodeLifecycleController has correct permissions (#1118) kubernetes/cloud-provider-gcp
  4. [4] Remove the cluster directory ↗ kubernetes/cloud-provider-gcp
  5. [5] config/jobs: delete 14 periodics with no green build in 90+ days ↗ kubernetes/test-infra
  6. [6] test(cloud-provider-azure): re-add Windows periodic jobs after capz fix ↗ kubernetes/test-infra

FAQ

What changed in Kubernetes on May 12, 2026?
The cloud-provider-gcp team reverted a critical library update after discovering it broke node lifecycle permissions, leaving orphaned GCE instances stranded in clusters.
What should Kubernetes teams do about it?
Do not upgrade cloud-provider-gcp to v1.34.0—revert to previous if already deployed • If running GKE with node autoscaling, verify node-controller RBAC permissions are correctly bound • Watch for the fixed NodeLifecycleController patch—expect it in the next cloud-provider-gcp release
Which Kubernetes repositories shipped on May 12, 2026?
kubernetes/cloud-provider-gcp, kubernetes/test-infra

Related across the cluster

For your repos

The showcase is a teaser.
Your wire is the product.

Same engine. Different stack. Below: what changes when the wire is yours.

Showcase wire

  • 14 famous open source orgs
  • One wire per day
  • Public, generic
  • Read on the web, when you remember

Your wire

  • Up to 1,500 of your repos - orgs, deps, vendors
  • Morning and evening briefs
  • Action items routed to your team
  • Slack delivery, email, breaking-news CVE alerts

Want a hands-on demo first? Ask a current user for an invite link.