search

gardener / vpn2

Network connector between the control plane (deployed in a Seed cluster) and a Shoot cluster superseding the vpn repository.
Apache License 2.0
5 stars 21 forks source link

Bump github.com/cilium/cilium from 1.15.6 to 1.15.8 #103

Closed dependabot[bot] closed 2 months ago

dependabot[bot] commented 2 months ago

Bumps github.com/cilium/cilium from 1.15.6 to 1.15.8.

Release notes

Sourced from github.com/cilium/cilium's releases.

1.15.8

Summary of Changes

Minor Changes:

Bugfixes:

  • add support for validation of stringToString values in ConfigMap (Backport PR #33962, Upstream PR #33779, @​alex-berger)
  • auth: Fix data race in Upsert (Backport PR #34157, Upstream PR #33905, @​chaunceyjiang)
  • auth: fix fatal error: concurrent map iteration and map write (Backport PR #33809, Upstream PR #33634, @​chaunceyjiang)
  • cert: Adding H2 Protocol Support when Get gRPC Config For Client (Backport PR #33809, Upstream PR #33616, @​mrproliu)
  • DNS Proxy: Allow SO_LINGER to be set to the socket to upstream (Backport PR #33809, Upstream PR #33592, @​gandro)
  • Fix an issue in updates to node addresses which may have caused missing NodePort frontend IP addresses. May have affected NodePort/LoadBalancer services for users running with runtime device detection enabled when node's IP addresses were changed after Cilium had started. Node IP as defined in the Kubernetes Node is now preferred when selecting the NodePort frontend IPs. (Backport PR #33818, Upstream PR #33629, @​joamaki)
  • Fix bug causing etcd upsertion/deletion events to be potentially missed during the initial synchronization, when Cilium operates in KVStore mode, or Cluster Mesh is enabled. (Backport PR #34183, Upstream PR #34091, @​giorio94)
  • Fix issue in picking node IP addresses from the loopback device. This fixes a regression in v1.15 and v1.16 where VIPs assigned to the lo device were not considered by Cilium. Fix spurious updates node addresses to avoid unnecessary datapath reinitializations. (Backport PR #34086, Upstream PR #34012, @​joamaki)
  • Fix rare race condition afflicting clustermesh while stopping the retrieval of the remote cluster configuration, possibly causing a deadlock (Backport PR #33809, Upstream PR #33735, @​giorio94)
  • Fixes a race condition during agent startup that causes the k8s node label updates to not get propagated to the host endpoint. (Backport PR #33663, Upstream PR #33511, @​skmatti)
  • gateway-api: Add HTTP method condition in sortable routes (Backport PR #34157, Upstream PR #34109, @​sayboras)
  • gateway-api: Enqueue gateway for Reference Grant changes (Backport PR #34157, Upstream PR #34032, @​sayboras)
  • helm: remove duplicate metrics for Envoy pod (Backport PR #34157, Upstream PR #33803, @​mhofstetter)
  • lbipam: fixed bug in sharing key logic (Backport PR #34157, Upstream PR #34106, @​dylandreimerink)
  • pkg/metrics: fix data race warning on metrics init hook. (Backport PR #33962, Upstream PR #33823, @​tommyp1ckles)
  • Reduce conntrack lifetime for closing service connections. (Backport PR #33962, Upstream PR #33907, @​julianwiedmann)
  • Skip regenerating host endpoint on k8s node labels update if identity labels are unchanged (Backport PR #33809, Upstream PR #33306, @​skmatti)
  • The cilium agent will now recover from stale nodeID mappings which could occur in clusters with high node churn, possibly manifesting itself in dropped IPsec traffic. (Backport PR #34157, Upstream PR #33666, @​bimmlerd)

CI Changes:

Misc Changes:

... (truncated)

Changelog

Sourced from github.com/cilium/cilium's changelog.

v1.15.8

Summary of Changes

Minor Changes:

Bugfixes:

  • add support for validation of stringToString values in ConfigMap (Backport PR #33962, Upstream PR #33779, @​alex-berger)
  • auth: Fix data race in Upsert (Backport PR #34157, Upstream PR #33905, @​chaunceyjiang)
  • auth: fix fatal error: concurrent map iteration and map write (Backport PR #33809, Upstream PR #33634, @​chaunceyjiang)
  • cert: Adding H2 Protocol Support when Get gRPC Config For Client (Backport PR #33809, Upstream PR #33616, @​mrproliu)
  • DNS Proxy: Allow SO_LINGER to be set to the socket to upstream (Backport PR #33809, Upstream PR #33592, @​gandro)
  • Fix an issue in updates to node addresses which may have caused missing NodePort frontend IP addresses. May have affected NodePort/LoadBalancer services for users running with runtime device detection enabled when node's IP addresses were changed after Cilium had started. Node IP as defined in the Kubernetes Node is now preferred when selecting the NodePort frontend IPs. (Backport PR #33818, Upstream PR #33629, @​joamaki)
  • Fix bug causing etcd upsertion/deletion events to be potentially missed during the initial synchronization, when Cilium operates in KVStore mode, or Cluster Mesh is enabled. (Backport PR #34183, Upstream PR #34091, @​giorio94)
  • Fix issue in picking node IP addresses from the loopback device. This fixes a regression in v1.15 and v1.16 where VIPs assigned to the lo device were not considered by Cilium. Fix spurious updates node addresses to avoid unnecessary datapath reinitializations. (Backport PR #34086, Upstream PR #34012, @​joamaki)
  • Fix rare race condition afflicting clustermesh while stopping the retrieval of the remote cluster configuration, possibly causing a deadlock (Backport PR #33809, Upstream PR #33735, @​giorio94)
  • Fixes a race condition during agent startup that causes the k8s node label updates to not get propagated to the host endpoint. (Backport PR #33663, Upstream PR #33511, @​skmatti)
  • gateway-api: Add HTTP method condition in sortable routes (Backport PR #34157, Upstream PR #34109, @​sayboras)
  • gateway-api: Enqueue gateway for Reference Grant changes (Backport PR #34157, Upstream PR #34032, @​sayboras)
  • helm: remove duplicate metrics for Envoy pod (Backport PR #34157, Upstream PR #33803, @​mhofstetter)
  • lbipam: fixed bug in sharing key logic (Backport PR #34157, Upstream PR #34106, @​dylandreimerink)
  • pkg/metrics: fix data race warning on metrics init hook. (Backport PR #33962, Upstream PR #33823, @​tommyp1ckles)
  • Reduce conntrack lifetime for closing service connections. (Backport PR #33962, Upstream PR #33907, @​julianwiedmann)
  • Skip regenerating host endpoint on k8s node labels update if identity labels are unchanged (Backport PR #33809, Upstream PR #33306, @​skmatti)
  • The cilium agent will now recover from stale nodeID mappings which could occur in clusters with high node churn, possibly manifesting itself in dropped IPsec traffic. (Backport PR #34157, Upstream PR #33666, @​bimmlerd)

CI Changes:

Misc Changes:

... (truncated)

Commits
  • e629157 Prepare for release v1.15.8
  • 645c407 Revert "fix: support validation of stringToString values in ConfigMap"
  • 5c2c1e4 ci: use base and head SHAs from context in lint-build-commits workflow
  • c0c1cd4 helm: Add validation to prevent users from using deprecated values that have ...
  • 0198eb3 images: update cilium-{runtime,builder}
  • 06e24f0 chore(deps): update go to v1.22.6
  • 00fef5a Revert "docs: Update LRP feature status"
  • 995e2e1 etcd: fix paginated list missing events with parallel operations
  • b110279 Update Docker dependency
  • 7e77ee6 bugtool: enhance dumping Envoy information
  • Additional commits viewable in compare view


Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/gardener/vpn2/network/alerts).
gardener-robot commented 2 months ago

@dependabot[bot] Thank you for your contribution.

gardener-robot-ci-2 commented 2 months ago

Thank you @dependabot[bot] for your contribution. Before I can start building your PR, a member of the organization must set the required label(s) {'reviewed/ok-to-test'}. Once started, you can check the build status in the PR checks section below.