diff --git a/.go-version b/.go-version index ae7bbdf047..2a0ba77cc5 100644 --- a/.go-version +++ b/.go-version @@ -1 +1 @@ -1.21.10 +1.22.4 diff --git a/images/base/Dockerfile b/images/base/Dockerfile index a70a97f737..63060aeebf 100644 --- a/images/base/Dockerfile +++ b/images/base/Dockerfile @@ -21,7 +21,7 @@ # for a kubernetes node image, it doesn't contain much (anything?) we don't need # this stage will install basic files and packages ARG BASE_IMAGE=debian:bookworm-slim -FROM $BASE_IMAGE as base +FROM $BASE_IMAGE AS base # copy in static files # all scripts and directories are 0755 (rwx r-x r-x) @@ -102,7 +102,7 @@ RUN echo "Ensuring /etc/kubernetes/manifests" \ # This is also why we start again FROM the same base image but a different # platform and only the files needed for building # We will copy the built binaries from later stages to the final stage(s) -FROM --platform=$BUILDPLATFORM $BASE_IMAGE as go-build +FROM --platform=$BUILDPLATFORM $BASE_IMAGE AS go-build COPY --chmod=0755 files/usr/local/bin/* /usr/local/bin/ COPY --chmod=0755 scripts/third_party/gimme/gimme /usr/local/bin/ COPY --chmod=0755 scripts/target-cc /usr/local/bin/ @@ -120,9 +120,9 @@ RUN eval "$(gimme "${GO_VERSION}")" \ # stage for building containerd -FROM go-build as build-containerd +FROM go-build AS build-containerd ARG TARGETARCH GO_VERSION -ARG CONTAINERD_VERSION="v1.7.16" +ARG CONTAINERD_VERSION="v1.7.18" ARG CONTAINERD_CLONE_URL="https://github.com/containerd/containerd" # we don't build with optional snapshotters, we never select any of these # they're not ideal inside kind anyhow, and we save some disk space @@ -138,9 +138,9 @@ RUN git clone --filter=tree:0 "${CONTAINERD_CLONE_URL}" /containerd \ ./cmd/ctr ./cmd/containerd ./cmd/containerd-shim-runc-v2 # stage for building runc -FROM go-build as build-runc +FROM go-build AS build-runc ARG TARGETARCH GO_VERSION -ARG RUNC_VERSION="v1.1.12" +ARG RUNC_VERSION="v1.1.13" ARG RUNC_CLONE_URL="https://github.com/opencontainers/runc" RUN git clone --filter=tree:0 "${RUNC_CLONE_URL}" /runc \ && cd /runc \ @@ -152,10 +152,10 @@ RUN git clone --filter=tree:0 "${RUNC_CLONE_URL}" /runc \ && GOARCH=$TARGETARCH go-licenses save --save_path=/_LICENSES . # stage for building crictl -FROM go-build as build-crictl +FROM go-build AS build-crictl ARG TARGETARCH GO_VERSION ARG CRI_TOOLS_CLONE_URL="https://github.com/kubernetes-sigs/cri-tools" -ARG CRICTL_VERSION="v1.29.0" +ARG CRICTL_VERSION="v1.30.0" RUN git clone --filter=tree:0 "${CRI_TOOLS_CLONE_URL}" /cri-tools \ && cd /cri-tools \ && git checkout "${CRICTL_VERSION}" \ @@ -166,9 +166,9 @@ RUN git clone --filter=tree:0 "${CRI_TOOLS_CLONE_URL}" /cri-tools \ && GOARCH=$TARGETARCH go-licenses save --save_path=/_LICENSES ./cmd/crictl # stage for building cni-plugins -FROM go-build as build-cni +FROM go-build AS build-cni ARG TARGETARCH GO_VERSION -ARG CNI_PLUGINS_VERSION="v1.4.1" +ARG CNI_PLUGINS_VERSION="v1.5.1" ARG CNI_PLUGINS_CLONE_URL="https://github.com/containernetworking/plugins" RUN git clone --filter=tree:0 "${CNI_PLUGINS_CLONE_URL}" /cni-plugins \ && cd /cni-plugins \ @@ -187,7 +187,7 @@ RUN git clone --filter=tree:0 "${CNI_PLUGINS_CLONE_URL}" /cni-plugins \ ./plugins/meta/portmap # stage for building containerd-fuse-overlayfs -FROM go-build as build-fuse-overlayfs +FROM go-build AS build-fuse-overlayfs ARG TARGETARCH GO_VERSION ARG CONTAINERD_FUSE_OVERLAYFS_VERSION="v1.0.8" ARG CONTAINERD_FUSE_OVERLAYFS_CLONE_URL="https://github.com/containerd/fuse-overlayfs-snapshotter" @@ -202,7 +202,7 @@ RUN git clone --filter=tree:0 "${CONTAINERD_FUSE_OVERLAYFS_CLONE_URL}" /fuse-ove # build final image layout from other stages -FROM base as build +FROM base AS build # copy over containerd build and install COPY --from=build-containerd /containerd/bin/containerd /usr/local/bin/ COPY --from=build-containerd /containerd/bin/ctr /usr/local/bin/ @@ -237,7 +237,7 @@ COPY --from=build / / # add metadata, must be done after the squashing # first tell systemd that it is in docker (it will check for the container env) # https://systemd.io/CONTAINER_INTERFACE/ -ENV container docker +ENV container=docker # systemd exits on SIGRTMIN+3, not SIGTERM (which re-executes it) # https://bugzilla.redhat.com/show_bug.cgi?id=1201657 STOPSIGNAL SIGRTMIN+3 diff --git a/images/haproxy/Dockerfile b/images/haproxy/Dockerfile index 77c205d88d..f924a8a60e 100644 --- a/images/haproxy/Dockerfile +++ b/images/haproxy/Dockerfile @@ -16,7 +16,7 @@ # while we rewrite the config at runtime and signal haproxy to reload. ARG BASE="registry.k8s.io/build-image/debian-base:bullseye-v1.4.3" -FROM ${BASE} as build +FROM ${BASE} AS build # NOTE: copyrights.tar.gz is a quirk of Kubernetes's debian-base image # We extract these here so we can grab the relevant files are easily diff --git a/images/local-path-helper/Dockerfile b/images/local-path-helper/Dockerfile index 1bb8845435..00901a8921 100644 --- a/images/local-path-helper/Dockerfile +++ b/images/local-path-helper/Dockerfile @@ -16,7 +16,7 @@ # helper pod. Currently that means: sh, rm, mkdir ARG BASE="registry.k8s.io/build-image/debian-base:bullseye-v1.4.3" -FROM ${BASE} as build +FROM ${BASE} AS build # NOTE: copyrights.tar.gz is a quirk of Kubernetes's debian-base image # We extract these here so we can grab the relevant files are easily diff --git a/pkg/apis/config/defaults/image.go b/pkg/apis/config/defaults/image.go index 9d31a9dd26..5d4be15cf3 100644 --- a/pkg/apis/config/defaults/image.go +++ b/pkg/apis/config/defaults/image.go @@ -18,4 +18,4 @@ limitations under the License. package defaults // Image is the default for the Config.Image field, aka the default node image. -const Image = "kindest/node:v1.30.0@sha256:047357ac0cfea04663786a612ba1eaba9702bef25227a794b52890dd8bcd692e" +const Image = "kindest/node:v1.30.2@sha256:ecfe5841b9bee4fe9690f49c118c33629fa345e3350a0c67a5a34482a99d6bba" diff --git a/pkg/build/nodeimage/defaults.go b/pkg/build/nodeimage/defaults.go index 802964b014..43d85d3169 100644 --- a/pkg/build/nodeimage/defaults.go +++ b/pkg/build/nodeimage/defaults.go @@ -22,4 +22,4 @@ const DefaultImage = "kindest/node:latest" // DefaultBaseImage is the default base image used // TODO: come up with a reasonable solution to digest pinning // https://github.com/moby/moby/issues/43188 -const DefaultBaseImage = "docker.io/kindest/base:v20240513-b9bba138" +const DefaultBaseImage = "docker.io/kindest/base:v20240701-2cec31c3"