search

kubernetes-csi / external-provisioner

Sidecar container that watches Kubernetes PersistentVolumeClaim objects and triggers CreateVolume/DeleteVolume against a CSI endpoint
Apache License 2.0
338 stars 324 forks source link

build(deps): bump the github-dependencies group with 28 updates #1170

Closed dependabot[bot] closed 6 months ago

dependabot[bot] commented 7 months ago

Bumps the github-dependencies group with 28 updates:

Package From To
github.com/prometheus/client_golang 1.18.0 1.19.0
github.com/stretchr/testify 1.8.4 1.9.0
google.golang.org/grpc 1.61.0 1.62.1
github.com/onsi/ginkgo/v2 2.15.0 2.16.0
github.com/emicklei/go-restful/v3 3.11.2 3.11.3
github.com/go-openapi/jsonpointer 0.20.2 0.20.3
github.com/go-openapi/jsonreference 0.20.4 0.20.5
github.com/go-openapi/swag 0.22.6 0.22.10
github.com/prometheus/client_model 0.5.0 0.6.0
github.com/prometheus/common 0.46.0 0.48.0
github.com/prometheus/procfs 0.12.0 0.13.0
go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc 0.48.0 0.49.0
go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp 0.48.0 0.49.0
go.opentelemetry.io/otel 1.23.1 1.24.0
go.opentelemetry.io/otel/exporters/otlp/otlptrace 1.23.1 1.24.0
go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracegrpc 1.23.1 1.24.0
go.opentelemetry.io/otel/metric 1.23.1 1.24.0
go.opentelemetry.io/otel/sdk 1.23.1 1.24.0
go.opentelemetry.io/otel/trace 1.23.1 1.24.0
go.uber.org/zap 1.26.0 1.27.0
golang.org/x/crypto 0.18.0 0.19.0
golang.org/x/mod 0.15.0 0.16.0
golang.org/x/net 0.20.0 0.21.0
golang.org/x/oauth2 0.16.0 0.18.0
golang.org/x/sys 0.16.0 0.18.0
golang.org/x/term 0.16.0 0.18.0
golang.org/x/tools 0.17.0 0.19.0
google.golang.org/genproto 0.0.0-20240116215550-a9fa1716bcac 0.0.0-20240123012728-ef4313101c80

Updates github.com/prometheus/client_golang from 1.18.0 to 1.19.0

Release notes

Sourced from github.com/prometheus/client_golang's releases.

v1.19.0

What's Changed

The module prometheus/common v0.48.0 introduced an incompatibility when used together with client_golang (See prometheus/client_golang#1448 for more details). If your project uses client_golang and you want to use prometheus/common v0.48.0 or higher, please update client_golang to v1.19.0.

  • [CHANGE] Minimum required go version is now 1.20 (we also test client_golang against new 1.22 version). #1445 #1449
  • [FEATURE] collectors: Add version collector. #1422 #1427

New Contributors

Full Changelog: https://github.com/prometheus/client_golang/compare/v1.18.0...v1.19.0

Changelog

Sourced from github.com/prometheus/client_golang's changelog.

1.19.0 / 2023-02-27

The module prometheus/common v0.48.0 introduced an incompatibility when used together with client_golang (See prometheus/client_golang#1448 for more details). If your project uses client_golang and you want to use prometheus/common v0.48.0 or higher, please update client_golang to v1.19.0.

  • [CHANGE] Minimum required go version is now 1.20 (we also test client_golang against new 1.22 version). #1445 #1449
  • [FEATURE] collectors: Add version collector. #1422 #1427
Commits
  • 77d4003 Add 1.19.0 changelog (#1451)
  • 14259fa Merge pull request #1448 from ywwg/owilliams/content-negotiation
  • 6d03920 deps: bump prometheus/common version
  • 353395b Remove support for go 1.19 (#1449)
  • 9dd5d2a Merge pull request #1445 from kavu/add_go122_metrics_test
  • c906a5e Add support for Go 1.22
  • 7ac9036 Merge pull request #1440 from prometheus/dependabot/github_actions/github-act...
  • 8c7e30f Merge pull request #1441 from prometheus/dependabot/go_modules/tutorial/whats...
  • 08769f8 Bump github.com/prometheus/common in /tutorial/whatsup
  • 83d5940 Bump the github-actions group with 2 updates
  • Additional commits viewable in compare view


Updates github.com/stretchr/testify from 1.8.4 to 1.9.0

Release notes

Sourced from github.com/stretchr/testify's releases.

v1.9.0

What's Changed

... (truncated)

Commits
  • bb548d0 Merge pull request #1552 from stretchr/dependabot/go_modules/github.com/stret...
  • 814075f build(deps): bump github.com/stretchr/objx from 0.5.1 to 0.5.2
  • e045612 Merge pull request #1339 from bogdandrutu/uintptr
  • 5b6926d Merge pull request #1385 from hslatman/not-implements
  • 9f97d67 Merge pull request #1550 from stretchr/release-notes
  • bcb0d3f Include the auto-release notes in releases
  • fb770f8 Merge pull request #1247 from ccoVeille/typos
  • 85d8bb6 fix typos in comments, tests and github templates
  • e2741fa Merge pull request #1548 from arjunmahishi/msgAndArgs
  • 6e59f20 http_assertions: assert that the msgAndArgs actually works in tests
  • Additional commits viewable in compare view


Updates google.golang.org/grpc from 1.61.0 to 1.62.1

Release notes

Sourced from google.golang.org/grpc's releases.

Release 1.62.1

Bug Fixes

  • xds: fix a bug that results in no matching virtual host found RPC errors due to a difference between the target and LDS resource names (#6997)
  • server: fixed stats handler data InPayload.Length for unary RPC calls (#6766)
  • grpc: the experimental RecvBufferPool DialOption and ServerOption are now active during unary RPCs with compression (#6766)
  • grpc: trim whitespaces in accept-encoding header before determining compressors

Release 1.62.0

New Features

  • grpc: Add StaticMethod CallOption as a signal to stats handler that a method is safe to use as an instrument key (#6986)

Behavior Changes

  • grpc: Return canonical target string from ClientConn.Target() and resolver.Address.String() (#6923)

Bug Fixes

  • server: wait to close connection until incoming socket is drained (with timeout) to prevent data loss on client-side (#6977)

Performance Improvements

  • *: Allow building without x/net/trace by using grpcnotrace to enable dead code elimination (#6954)
  • rand: improve performance and simplify implementation of grpcrand by adopting math/rand's top-level functions for go version 1.21.0 and newer. (#6925)

Dependencies

  • *: Use google.golang.org/protobuf/proto instead of github.com/golang/protobuf. (#6919)

[!NOTE] The above change in proto library usage introduces a minor behavior change within those libraries. The old github.com/golang/protobuf library would error if given a nil message to Marshal, while the new google.golang.org/protobuf library will successfully output zero bytes in this case. This means server method handlers that did return nil, nil will now return an empty message and no error, while it used to return an error. This also affects the client side, where clients sending nil messages used to fail without sending the RPC, and now they will send an empty message.

Release 1.61.1

Bug Fixes

  • server: wait to close connection until incoming socket is drained (with timeout) to prevent data loss on client-side (#6977)
Commits


Updates github.com/onsi/ginkgo/v2 from 2.15.0 to 2.16.0

Release notes

Sourced from github.com/onsi/ginkgo/v2's releases.

v2.16.0

2.16.0

Features

  • add SpecContext to reporting nodes

Fixes

  • merge coverages instead of combining them (#1329) (#1340) [23f0cc5]
  • core_dsl: disable Getwd() with environment variable (#1357) [cd418b7]

Maintenance

  • docs/index.md: Typo [2cebe8d]
  • fix docs [06de431]
  • chore: test with Go 1.22 (#1352) [898cba9]
  • Bump golang.org/x/tools from 0.16.1 to 0.17.0 (#1336) [17ae120]
  • Bump golang.org/x/sys from 0.15.0 to 0.16.0 (#1327) [5a179ed]
  • Bump github.com/go-logr/logr from 1.3.0 to 1.4.1 (#1321) [a1e6b69]
  • Bump github-pages and jekyll-feed in /docs (#1351) [d52951d]
  • Fix docs for handling failures in goroutines (#1339) [4471b2e]
Changelog

Sourced from github.com/onsi/ginkgo/v2's changelog.

2.16.0

Features

  • add SpecContext to reporting nodes

Fixes

  • merge coverages instead of combining them (#1329) (#1340) [23f0cc5]
  • core_dsl: disable Getwd() with environment variable (#1357) [cd418b7]

Maintenance

  • docs/index.md: Typo [2cebe8d]
  • fix docs [06de431]
  • chore: test with Go 1.22 (#1352) [898cba9]
  • Bump golang.org/x/tools from 0.16.1 to 0.17.0 (#1336) [17ae120]
  • Bump golang.org/x/sys from 0.15.0 to 0.16.0 (#1327) [5a179ed]
  • Bump github.com/go-logr/logr from 1.3.0 to 1.4.1 (#1321) [a1e6b69]
  • Bump github-pages and jekyll-feed in /docs (#1351) [d52951d]
  • Fix docs for handling failures in goroutines (#1339) [4471b2e]
Commits
  • a181ee2 v2.16.0
  • 2cebe8d docs/index.md: Typo
  • 881efde update documentation to reflect changes to reporting nodes
  • c4e219f add SpecContext to other reporting nodes and update tests
  • 06de431 fix docs
  • 372d26a update docs
  • fd929c6 update test description
  • fed9402 update documentation.
  • 5ff9d7f Add SpecContext to ReportAfterSuite callback body.
  • 9c771cd Add SpecContext to ReportAfterSuite callback body.
  • Additional commits viewable in compare view


Updates github.com/emicklei/go-restful/v3 from 3.11.2 to 3.11.3

Changelog

Sourced from github.com/emicklei/go-restful/v3's changelog.

Change history of go-restful

Commits


Updates github.com/go-openapi/jsonpointer from 0.20.2 to 0.20.3

Commits
  • 5d6253e updated dependencies
  • 8e6deda chore(lint): relinted
  • 9352cad fix(ci): remove dependency-type from dependabot groups
  • e344ef7 Bump the development-dependencies group with 1 update
  • e0c759b ci: remove paths-ignore
  • f9d3b1b Bump the development-dependencies group with 1 update
  • 92c7c39 chore(ci): prevents duplicate workflow runs
  • 5767083 ci: regroup & auto-approve all github actions updates
  • b635cd3 ci: auto-merge dependabot PRs
  • 60c301f ci: configured auto-approve & auto-merge for dependabot (#23)
  • Additional commits viewable in compare view


Updates github.com/go-openapi/jsonreference from 0.20.4 to 0.20.5

Commits
  • 12387f8 updated dependencies
  • 5aeffa5 fix(ci): remove dependency-type from dependabot groups
  • 95a16b7 Bump github.com/stretchr/testify from 1.8.4 to 1.9.0
  • 6a06213 Bump the development-dependencies group with 1 update
  • aad9db7 ci: remove paths-ignore
  • eef6c6a Bump the development-dependencies group with 1 update
  • 7c2c0ac chore(ci): prevents duplicate workflow runs
  • 19d90a5 ci: regroup & auto-approve all github actions updates
  • 6dced31 ci(dependencies): automate dependencies updates
  • 13b64b0 Bump actions/checkout from 3 to 4
  • Additional commits viewable in compare view


Updates github.com/go-openapi/swag from 0.22.6 to 0.22.10

Commits
  • 5e655d8 fix(ci): remove dependency-type from dependabot groups
  • 54f3f80 chore(lint): relinted
  • 4896833 Bump github.com/stretchr/testify from 1.8.4 to 1.9.0
  • 6b32215 Bump the development-dependencies group with 1 update
  • db91acc ci: remove paths-ignores
  • fec0b4e Bump the development-dependencies group with 1 update
  • 14fcae4 chore(ci): prevents duplicate workflow runs
  • d33767c Bump the development-dependencies group with 1 update
  • c877230 ci(dependencies): automate dependencies updates
  • a05020e Bump actions/setup-go from 4 to 5
  • Additional commits viewable in compare view


Updates github.com/prometheus/client_model from 0.5.0 to 0.6.0

Release notes

Sourced from github.com/prometheus/client_model's releases.

v0.6.0

What's Changed

New Contributors

Full Changelog: https://github.com/prometheus/client_model/compare/v0.5.0...v0.6.0

Commits
  • d56cd79 add exemplar to native histogram (#80)
  • f22bbab Merge pull request #79 from prometheus/repo_sync
  • 552c44f Update common Prometheus files
  • f68ef47 Merge pull request #78 from prometheus/dependabot/go_modules/google.golang.or...
  • 2aad054 Bump google.golang.org/protobuf from 1.31.0 to 1.32.0
  • 93dfe21 Merge pull request #77 from prometheus/repo_sync
  • d150866 Update common Prometheus files
  • 9b7b675 Merge pull request #76 from prometheus/repo_sync
  • 734da88 Update common Prometheus files
  • c26a8ee Merge pull request #75 from vesari/add-unit
  • Additional commits viewable in compare view


Updates github.com/prometheus/common from 0.46.0 to 0.48.0

Release notes

Sourced from github.com/prometheus/common's releases.

v0.48.0

This release will require changes of code that relies on direct access to content-type format strings. See the PR linked below for work-arounds. Please file an issue if your use case doesn't work anymore.

What's Changed

Full Changelog: https://github.com/prometheus/common/compare/v0.47.0...v0.48.0

v0.47.0

What's Changed

New Contributors

Full Changelog: https://github.com/prometheus/common/compare/v0.46.0...v0.47.0

Commits
  • bd41eb6 Merge pull request #576 from ywwg/owilliams/unexport
  • 05d7387 Unexport Format strings
  • 773d566 Merge pull request #570 from ywwg/owilliams/quoted-metric-name-02
  • 319c62c UTF-8 support in metric and label names
  • a3bdb9e Support empty OAuth2 inline secrets (#547)
  • bd0376d UTF-8 support in validation, and some parsers and formatters (#537)
  • See full diff in compare view


Updates github.com/prometheus/procfs from 0.12.0 to 0.13.0

Release notes

Sourced from github.com/prometheus/procfs's releases.

v0.13.0

What's Changed

New Contributors

Full Changelog: https://github.com/prometheus/procfs/compare/v0.12.0...v0.13.0

Commits
  • 72170b5 Bump golang.org/x/sys from 0.17.0 to 0.18.0 (#611)
  • b5cb3d2 Update common Prometheus files (#610)
  • 6ae6f98 Update common Prometheus files (#609)
  • 7b6eccc chore: class_fibrechannel: support optional attributes (#607)
  • da53333 Update common Prometheus files (#608)
  • 4b77c68 Bump golang.org/x/sys from 0.16.0 to 0.17.0 (#606)
  • 6d8714c Add support for for /proc/net/tls_stat kTLS stats (#579)
  • 0f527e6 Add /sys/class/watchdog statistics (#594)
  • d254b01 Add support for gtime and cgtime stats. (#597)
  • f5f033b feat: Add /sys/fs/btrfs/\<FSID>/commit_stats statistics (#580)
  • Additional commits viewable in compare view


Updates go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc from 0.48.0 to 0.49.0

Release notes

Sourced from go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc's releases.

Release v1.24.0/v0.49.0/v0.18.0/v0.4.0

This release is the last to support Go 1.20. The next release will require at least Go 1.21.

Added

  • Support Go 1.22. (#5082)
  • Add support for Summary metrics to go.opentelemetry.io/contrib/bridges/prometheus. (#5089)
  • Add support for Exponential (native) Histograms in go.opentelemetry.io/contrib/bridges/prometheus. (#5093)

Removed

  • The deprecated RequestCount constant in go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp is removed. (#4894)
  • The deprecated RequestContentLength constant in go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp is removed. (#4894)
  • The deprecated ResponseContentLength constant in go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp is removed. (#4894)
  • The deprecated ServerLatency constant in go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp is removed. (#4894)

Fixed

  • Retrieving the body bytes count in go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp does not cause a data race anymore. (#5080)

New Contributors

Full Changelog: https://github.com/open-telemetry/opentelemetry-go-contrib/compare/v1.23.0...v1.24.0

Release v1.23.0/v0.48.0/v0.17.0/v0.3.0

Added

  • Add client metric support to go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp. (#4707)
  • Add peer attributes to spans recorded by NewClientHandler, NewServerHandler in go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc. (#4873)
  • Add support for cloud.account.id, cloud.availability_zone and cloud.region in the AWS ECS detector. (#4860)

Changed

  • The fallback options in go.opentelemetry.io/contrib/exporters/autoexport now accept factory functions. (#4891)
    • WithFallbackMetricReader(metric.Reader) MetricOption is replaced with func WithFallbackMetricReader(func(context.Context) (metric.Reader, error)) MetricOption.
    • WithFallbackSpanExporter(trace.SpanExporter) SpanOption is replaced with WithFallbackSpanExporter(func(context.Context) (trace.SpanExporter, error)) SpanOption.
  • The http.server.request_content_length metric in go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp is changed to http.server.request.size.(#4707)
  • The http.server.response_content_length metric in go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp is changed to http.server.response.siz... _Description has been truncated_
k8s-ci-robot commented 7 months ago

Hi @dependabot[bot]. Thanks for your PR.

I'm waiting for a kubernetes-csi member to verify that this patch is reasonable to test. If it is, they should reply with /ok-to-test on its own line. Until that is done, I will not automatically test new commits in this PR, but the usual testing commands by org members will still work. Regular contributors should join the org to skip this step.

Once the patch is verified, the new status will be reflected by the ok-to-test label.

I understand the commands that are listed here.

Instructions for interacting with me using PR comments are available [here](https://git.k8s.io/community/contributors/guide/pull-requests.md). If you have questions or suggestions related to my behavior, please file an issue against the [kubernetes/test-infra](https://github.com/kubernetes/test-infra/issues/new?title=Prow%20issue:) repository.
k8s-ci-robot commented 7 months ago

[APPROVALNOTIFIER] This PR is NOT APPROVED

This pull-request has been approved by: dependabot[bot] Once this PR has been reviewed and has the lgtm label, please assign msau42 for approval. For more information see the Kubernetes Code Review Process.

The full list of commands accepted by this bot can be found here.

Needs approval from an approver in each of these files: - **[OWNERS](https://github.com/kubernetes-csi/external-provisioner/blob/master/OWNERS)** Approvers can indicate their approval by writing `/approve` in a comment Approvers can cancel approval by writing `/approve cancel` in a comment
msau42 commented 7 months ago 
vendor/k8s.io/component-base/metrics/testutil/metrics.go:73:59: undefined: expfmt.FmtText

Comes from https://github.com/kubernetes-csi/external-provisioner/blob/bc0ece5a0fdb597a4509d3a926228751f8b13797/vendor/k8s.io/component-base/metrics/testutil/metrics.go#L28

Looks like a breaking change was made in prometheus/common v0.48.0:

This release will require changes of code that relies on direct access to content-type format strings. See the PR linked below for work-arounds. Please file an issue if your use case doesn't work anymore.
msau42 commented 7 months ago

@dependabot ignore github.com/prometheus/common

dependabot[bot] commented 7 months ago

OK, I won't notify you about github.com/prometheus/common again, unless you unignore it.

k8s-ci-robot commented 6 months ago

rebase

Instructions for interacting with me using PR comments are available [here](https://git.k8s.io/community/contributors/guide/pull-requests.md). If you have questions or suggestions related to my behavior, please file an issue against the [kubernetes/test-infra](https://github.com/kubernetes/test-infra/issues/new?title=Prow%20issue:) repository.
k8s-ci-robot commented 6 months ago

@dependabot[bot]: The following tests failed, say /retest to rerun all failed tests or /retest-required to rerun all mandatory failed tests:

Test name Commit Details Required Rerun command
pull-kubernetes-csi-external-provisioner-distributed-on-kubernetes-1-26 1febf35472a358b6bdc1fc656fa2b50dd75d8336 link true /test pull-kubernetes-csi-external-provisioner-distributed-on-kubernetes-1-26
pull-kubernetes-csi-external-provisioner-1-29-on-kubernetes-1-29 1febf35472a358b6bdc1fc656fa2b50dd75d8336 link false /test pull-kubernetes-csi-external-provisioner-1-29-on-kubernetes-1-29
pull-kubernetes-csi-external-provisioner-1-27-on-kubernetes-1-27 1febf35472a358b6bdc1fc656fa2b50dd75d8336 link true /test pull-kubernetes-csi-external-provisioner-1-27-on-kubernetes-1-27
pull-kubernetes-csi-external-provisioner-1-28-on-kubernetes-1-28 1febf35472a358b6bdc1fc656fa2b50dd75d8336 link true /test pull-kubernetes-csi-external-provisioner-1-28-on-kubernetes-1-28
pull-kubernetes-csi-external-provisioner-unit 847f590cf968bb67adf5cfaf69b8815aa29ddf3b link true /test pull-kubernetes-csi-external-provisioner-unit

Full PR test history. Your PR dashboard. Please help us cut down on flakes by linking to an open issue when you hit one in your PR.

Instructions for interacting with me using PR comments are available [here](https://git.k8s.io/community/contributors/guide/pull-requests.md). If you have questions or suggestions related to my behavior, please file an issue against the [kubernetes/test-infra](https://github.com/kubernetes/test-infra/issues/new?title=Prow%20issue:) repository. I understand the commands that are listed [here](https://go.k8s.io/bot-commands).
msau42 commented 6 months ago

@dependabot ignore github.com/prometheus/client_golang

dependabot[bot] commented 6 months ago

OK, I won't notify you about github.com/prometheus/client_golang again, unless you unignore it.

dependabot[bot] commented 6 months ago

Looks like these dependencies are updatable in another way, so this is no longer needed.