Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

build(deps): bump the k8s-dependencies group across 1 directory with 5 updates #1298

Closed

Conversation

dependabot[bot]
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Nov 18, 2024

Bumps the k8s-dependencies group with 5 updates in the / directory:

Package From To
sigs.k8s.io/controller-runtime 0.19.0 0.19.1
sigs.k8s.io/gateway-api 1.1.0 1.2.0
k8s.io/kubernetes 1.31.0 1.31.2
sigs.k8s.io/apiserver-network-proxy/konnectivity-client 0.30.3 0.31.0
sigs.k8s.io/structured-merge-diff/v4 4.4.1 4.4.3

Updates sigs.k8s.io/controller-runtime from 0.19.0 to 0.19.1

Release notes

Sourced from sigs.k8s.io/controller-runtime's releases.

v0.19.1

What's Changed

Full Changelog: kubernetes-sigs/controller-runtime@v0.19.0...v0.19.1

Commits
  • 013f46f Merge pull request #2992 from k8s-infra-cherrypick-robot/cherry-pick-2980-to-...
  • 4421425 bug: Fakeclient: Fix TOCTOU races
  • aa14005 Merge pull request #2974 from k8s-infra-cherrypick-robot/cherry-pick-2973-to-...
  • f883b25 Fix PR verify action
  • 409ae31 Merge pull request #2965 from k8s-infra-cherrypick-robot/cherry-pick-2964-to-...
  • 465b62a pr-verify: use env var for passing the PR title
  • d32b491 Merge pull request #2962 from k8s-infra-cherrypick-robot/cherry-pick-2961-to-...
  • b400366 pr-verify: use env var for passing the PR title
  • 22d9eab Merge pull request #2951 from k8s-infra-cherrypick-robot/cherry-pick-2949-to-...
  • f0e55af Preserve TypeMeta for PartialObjectMeta resources
  • Additional commits viewable in compare view

Updates sigs.k8s.io/gateway-api from 1.1.0 to 1.2.0

Release notes

Sourced from sigs.k8s.io/gateway-api's releases.

v1.2.0

On behalf of Kubernetes SIG Network, we are excited to announce the release of v1.2! This release includes the graduation of 3 features to the standard channel and the introduction of 4 new features to the experimental channel, along with several improvements in many project areas.

Breaking Changes

GRPCRoute and ReferenceGrant v1alpha2 removal

As per a previous deprecation notice, in this version, both Experimental and Standard channel CRDs will no longer serve the v1alpha2 versions of GRPCRoute and ReferenceGrant.

Upgrades

Before upgrading to Gateway API v1.2, you'll want to confirm that any implementations of Gateway API have been upgraded to support the v1 API version of these resources instead of the v1alpha2 API version. Note that even if you've been using v1 in your YAML manifests, a controller may still be using v1alpha2 which would cause it to fail during this upgrade.

Once you've confirmed that the implementations you're relying on have upgraded to v1, it's time to install the v1.2 CRDs. In most cases, this will work without any additional effort.

If you ran into issues installing these CRDs, it likely means that you have v1alpha2 in the storedVersions of one or both of these CRDs. This field is used to indicate which API versions have ever been used to persist one of these resources. Unfortunately, this field is not automatically pruned. To check these values, you can run the following commands:

kubectl get crd grpcroutes.gateway.networking.k8s.io -ojsonpath="{.status.storedVersions}"
kubectl get crd referencegrants.gateway.networking.k8s.io -ojsonpath="{.status.storedVersions}"

If either of these return a list that includes "v1alpha2", it means that we need to manually remove that version from storedVersions.

Before doing that, it would be good to ensure that all your ReferenceGrants and GRPCRoutes have been updated to the latest storage version:

crds=("GRPCRoutes" "ReferenceGrants")

for crd in "${crds[@]}"; do output=$(kubectl get "${crd}" -A -o json)

</tr></table>

... (truncated)

Changelog

Sourced from sigs.k8s.io/gateway-api's changelog.

Release Process

Overview

The Gateway API project is an API project that has the following two components:

  • Kubernetes Custom Resource Definitions (CRDs)
  • Corresponding Go API in the form of sigs.k8s.io/gateway-api Go package

This repository is the home for both of the above components.

Versioning strategy

The versioning strategy for this project is covered in detail in the release documentation.

Releasing a new version

Writing a Changelog

To simplify release notes generation, we recommend using the Kubernetes release notes generator:

go install k8s.io/release/cmd/release-notes@latest
export GITHUB_TOKEN=your_token_here
release-notes --start-sha EXAMPLE_COMMIT --end-sha EXAMPLE_COMMIT --branch main --repo gateway-api --org kubernetes-sigs

This output will likely need to be reorganized and cleaned up a bit, but it provides a good starting point. Once you're satisfied with the changelog, create a PR. This must go through the regular PR review process and get merged into the main branch. Approval of the PR indicates community consensus for a new release.

Release Steps

The following steps must be done by one of the [Gateway API maintainers][gateway-api-team]:

For a PATCH release:

  • Create a new branch in your fork named something like <githubuser>/release-x.x.x. Use the new branch in the upcoming steps.
  • Use git to cherry-pick all relevant PRs into your branch.
  • Update pkg/consts/consts.go with the new semver tag and any updates to the API review URL.
  • Run the following command BASE_REF=vmajor.minor.patch make generate which will update generated docs with the correct version info. (Note that you can't test with these YAMLs yet as they contain references to elements which wont exist until the tag is cut and image is promoted to production registry.)
  • Create a pull request of the <githubuser>/release-x.x.x branch into the release-x.x branch upstream (which should already exist since this is a patch release). Add a hold on this PR waiting for at least

... (truncated)

Commits

Updates k8s.io/kubernetes from 1.31.0 to 1.31.2

Release notes

Sourced from k8s.io/kubernetes's releases.

Kubernetes v1.31.2

See kubernetes-announce@. Additional binary downloads are linked in the CHANGELOG.

See the CHANGELOG for more details.

Kubernetes v1.31.1

See kubernetes-announce@. Additional binary downloads are linked in the CHANGELOG.

See the CHANGELOG for more details.

Commits
  • 5864a46 Release commit for Kubernetes v1.31.2
  • f66782e Merge pull request #128132 from haitch/haitao/k131-on-go122p8
  • de071d2 bump golang to 1.22.8
  • 87bc649 Merge pull request #127328xuzhenglun/automated-cherry-pick-of-#127239
  • 988235a Merge pull request #127960SataQiu/automated-cherry-pick-of-#127650
  • 5ff0735 kubeadm: fix a bug where the RemoveMember function did not return the correct...
  • f1ca46f Merge pull request #127619SataQiu/automated-cherry-pick-of-#127491
  • 36493b1 Merge pull request #126983 from dashpole/fix_mem_leak_31
  • 4a04b72 Merge pull request #127806danwinship/automated-cherry-pick-of-#127780
  • 192c149 Merge pull request #127600 from haitch/haitao/k131-on-go122p7
  • Additional commits viewable in compare view

Updates sigs.k8s.io/apiserver-network-proxy/konnectivity-client from 0.30.3 to 0.31.0

Commits
  • 14f752e Merge pull request #668 from jkh52/lint-skip-dirs
  • be3ffb3 Remove deprecated golangci-lint flag.
  • 71572c2 Merge pull request #658 from jkh52/golint-122
  • 0fb666d Merge pull request #666 from kubernetes-sigs/dependabot/go_modules/gomod-depe...
  • d539245 Bump the gomod-dependencies group across 1 directory with 7 updates
  • dd110ca Merge pull request #655 from tosi3k/anp-pb
  • 88a6f04 Merge pull request #662 from jkh52/grpc-1.67.1
  • 8d8e7ae Fix tests after upgrading google.golang.org/grpc to v1.67.1
  • 8ef9c4a Upgrade google.golang.org/grpc to v1.67.1
  • a475a2d Merge pull request #659 from cheftako/updateDeps
  • Additional commits viewable in compare view

Updates sigs.k8s.io/structured-merge-diff/v4 from 4.4.1 to 4.4.3

Commits
  • db46cc3 Merge pull request #269 from jpbetz/fix-ignore-fields-break
  • adaddb2 Add back IgnoredFields
  • ccf7a06 Merge pull request #265 from jpbetz/reset-filter
  • b499124 Merge pull request #266 from jpbetz/add-owners
  • 39c90b6 Add volunteer reviewers
  • bda634e Apply feedback
  • a8ac1f5 Optimize merge, make wildcards always take precedence
  • f395ded Apply feedback
  • 1311e4d Add support for more field path pattern types, clarify comments
  • 1206de6 Clean up comments
  • Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

…5 updates

Bumps the k8s-dependencies group with 5 updates in the / directory:

| Package | From | To |
| --- | --- | --- |
| [sigs.k8s.io/controller-runtime](https://github.com/kubernetes-sigs/controller-runtime) | `0.19.0` | `0.19.1` |
| [sigs.k8s.io/gateway-api](https://github.com/kubernetes-sigs/gateway-api) | `1.1.0` | `1.2.0` |
| [k8s.io/kubernetes](https://github.com/kubernetes/kubernetes) | `1.31.0` | `1.31.2` |
| [sigs.k8s.io/apiserver-network-proxy/konnectivity-client](https://github.com/kubernetes-sigs/apiserver-network-proxy) | `0.30.3` | `0.31.0` |
| [sigs.k8s.io/structured-merge-diff/v4](https://github.com/kubernetes-sigs/structured-merge-diff) | `4.4.1` | `4.4.3` |



Updates `sigs.k8s.io/controller-runtime` from 0.19.0 to 0.19.1
- [Release notes](https://github.com/kubernetes-sigs/controller-runtime/releases)
- [Changelog](https://github.com/kubernetes-sigs/controller-runtime/blob/main/RELEASE.md)
- [Commits](kubernetes-sigs/controller-runtime@v0.19.0...v0.19.1)

Updates `sigs.k8s.io/gateway-api` from 1.1.0 to 1.2.0
- [Release notes](https://github.com/kubernetes-sigs/gateway-api/releases)
- [Changelog](https://github.com/kubernetes-sigs/gateway-api/blob/main/RELEASE.md)
- [Commits](kubernetes-sigs/gateway-api@v1.1.0...v1.2.0)

Updates `k8s.io/kubernetes` from 1.31.0 to 1.31.2
- [Release notes](https://github.com/kubernetes/kubernetes/releases)
- [Commits](kubernetes/kubernetes@v1.31.0...v1.31.2)

Updates `sigs.k8s.io/apiserver-network-proxy/konnectivity-client` from 0.30.3 to 0.31.0
- [Release notes](https://github.com/kubernetes-sigs/apiserver-network-proxy/releases)
- [Changelog](https://github.com/kubernetes-sigs/apiserver-network-proxy/blob/master/RELEASE.md)
- [Commits](kubernetes-sigs/apiserver-network-proxy@v0.30.3...v0.31.0)

Updates `sigs.k8s.io/structured-merge-diff/v4` from 4.4.1 to 4.4.3
- [Release notes](https://github.com/kubernetes-sigs/structured-merge-diff/releases)
- [Changelog](https://github.com/kubernetes-sigs/structured-merge-diff/blob/master/RELEASE.md)
- [Commits](kubernetes-sigs/structured-merge-diff@v4.4.1...v4.4.3)

---
updated-dependencies:
- dependency-name: sigs.k8s.io/controller-runtime
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: k8s-dependencies
- dependency-name: sigs.k8s.io/gateway-api
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: k8s-dependencies
- dependency-name: k8s.io/kubernetes
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: k8s-dependencies
- dependency-name: sigs.k8s.io/apiserver-network-proxy/konnectivity-client
  dependency-type: indirect
  update-type: version-update:semver-minor
  dependency-group: k8s-dependencies
- dependency-name: sigs.k8s.io/structured-merge-diff/v4
  dependency-type: indirect
  update-type: version-update:semver-patch
  dependency-group: k8s-dependencies
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot dependabot bot added area/dependency Issues or PRs related to dependency changes ok-to-test Indicates a non-member PR verified by an org member that is safe to test. release-note-none Denotes a PR that doesn't merit a release note. labels Nov 18, 2024
@k8s-ci-robot k8s-ci-robot added the cncf-cla: yes Indicates the PR's author has signed the CNCF CLA. label Nov 18, 2024
@k8s-ci-robot
Copy link
Contributor

Hi @dependabot[bot]. Thanks for your PR.

I'm waiting for a kubernetes-csi member to verify that this patch is reasonable to test. If it is, they should reply with /ok-to-test on its own line. Until that is done, I will not automatically test new commits in this PR, but the usual testing commands by org members will still work. Regular contributors should join the org to skip this step.

Once the patch is verified, the new status will be reflected by the ok-to-test label.

I understand the commands that are listed here.

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository.

@k8s-ci-robot
Copy link
Contributor

[APPROVALNOTIFIER] This PR is NOT APPROVED

This pull-request has been approved by: dependabot[bot]
Once this PR has been reviewed and has the lgtm label, please assign xing-yang for approval. For more information see the Kubernetes Code Review Process.

The full list of commands accepted by this bot can be found here.

Needs approval from an approver in each of these files:

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

@k8s-ci-robot k8s-ci-robot added the size/XXL Denotes a PR that changes 1000+ lines, ignoring generated files. label Nov 18, 2024
@k8s-ci-robot
Copy link
Contributor

@dependabot[bot]: The following test failed, say /retest to rerun all failed tests or /retest-required to rerun all mandatory failed tests:

Test name Commit Details Required Rerun command
pull-kubernetes-csi-external-provisioner-unit 51489bb link true /test pull-kubernetes-csi-external-provisioner-unit

Full PR test history. Your PR dashboard. Please help us cut down on flakes by linking to an open issue when you hit one in your PR.

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository. I understand the commands that are listed here.

Copy link
Contributor Author

dependabot bot commented on behalf of github Nov 25, 2024

Superseded by #1301.

@dependabot dependabot bot closed this Nov 25, 2024
@dependabot dependabot bot deleted the dependabot/go_modules/k8s-dependencies-a1abc5e4cd branch November 25, 2024 05:56
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
area/dependency Issues or PRs related to dependency changes cncf-cla: yes Indicates the PR's author has signed the CNCF CLA. ok-to-test Indicates a non-member PR verified by an org member that is safe to test. release-note-none Denotes a PR that doesn't merit a release note. size/XXL Denotes a PR that changes 1000+ lines, ignoring generated files.
Projects
None yet
Development

Successfully merging this pull request may close these issues.

1 participant