search

kubernetes-csi / external-provisioner

Sidecar container that watches Kubernetes PersistentVolumeClaim objects and triggers CreateVolume/DeleteVolume against a CSI endpoint
Apache License 2.0
338 stars 324 forks source link

build(deps): bump the k8s-dependencies group across 1 directory with 3 updates #1204

Closed dependabot[bot] closed 4 months ago

dependabot[bot] commented 4 months ago

Bumps the k8s-dependencies group with 2 updates in the / directory: sigs.k8s.io/controller-runtime and sigs.k8s.io/apiserver-network-proxy/konnectivity-client.

Updates sigs.k8s.io/controller-runtime from 0.17.3 to 0.18.1

Release notes

Sourced from sigs.k8s.io/controller-runtime's releases.

v0.18.1

What's Changed

Full Changelog: https://github.com/kubernetes-sigs/controller-runtime/compare/v0.18.0...v0.18.1

v0.18.0

:warning: Breaking Changes

  • Bump to k8s.io/* v1.30 (#2693 #2754 #2765 #2776 #2786)
  • Remove deprecated v1alpha1.ControllerManagerConfiguration (#2648)
  • admission.Decoder is now an interface (#2736)
  • Source, Event, Predicate, Handler: Add generics support (#2783 #2796)
  • client: Fix SubResourceCreateOptions signature in subresource client (#2766)

:sparkles: New Features

  • cache: Add TransformStripManagedFields transform func (#2791)
  • client: Add client.WithFieldOwner to configure client-wide FieldManager (#2771 #2777)
  • controller: Add NewQueue option (#2767)
  • manager: Export HTTP server runnable implementation (#2473)
  • metrics/server: Add ListenConfig option (#2519)

:bug: Bug Fixes

  • builder/webhook: Return error if For() is used multiple times (#2740)
  • cache: Keep selectors when byObject.Namespaces is defaulted (#2747)
  • cache: Prevent race when informers are started more than once (#2758)
  • fake client: Allow fakeclient to patch CR with no resourceVersion (#2725)
  • fake client: Do not consider an apply patch to be a strategic merge patch (#2679)
  • manager: Prevent leader election when shutting down a non-elected manager (#2724)
  • manager: Runnable group should check if stopped before enqueueing (#2757)
  • restmapper: Clean restmapper cache if a version is notFound (#2663)
  • restmapper: Fix cache invalidation (#2687)

:seedling: Others

  • ci: Add OSSF scorecard action (#2714)
  • ci: Improve github actions dependencies versions and permissions (#2715)
  • ci: Pin checkout action in golangci-lint action, bump checkout action, use consistent tag format (#2729)
  • ci: Update golangci-lint to v1.57.2 (#2708 #2751)
  • ci: Update scorecard github action (#2728)
  • ci: Use go-install for versioned dependencies (#2710)
  • envtest: WaitForDefaultNamespace while starting up envtest (#2668)
  • owners: Cleanup owners files (#2730)
  • owners: Remove outdated testing framework approvers (#2709)
  • predicate: Compare labels and annotations using maps.Equal (#2705)

... (truncated)

Commits
  • cd2885e Merge pull request #2809 from k8s-infra-cherrypick-robot/cherry-pick-2806-to-...
  • 06acde3 🐛 correct kind source type
  • d6feaae Merge pull request #2808 from k8s-infra-cherrypick-robot/cherry-pick-2805-to-...
  • 87cae4c bug: Cache: Fix label defaulting of byObject when namespaces are configured
  • ed81fa6 Merge pull request #2796 from alvaroaleman/mark
  • b35cd6b :book: Mark Typed Handlers as experimental
  • b74908f Merge pull request #2793 from kubernetes-sigs/dependabot/github_actions/actio...
  • a9db208 Merge pull request #2794 from kubernetes-sigs/dependabot/github_actions/actio...
  • 757ae66 :seedling: Bump actions/upload-artifact from 4.3.1 to 4.3.3
  • 18ae9e0 :seedling: Bump actions/checkout from 4.1.2 to 4.1.3
  • Additional commits viewable in compare view


Updates k8s.io/kube-openapi from 0.0.0-20231010175941-2dd684a91f00 to 0.0.0-20240228011516-70dd3763d340

Commits


Updates sigs.k8s.io/apiserver-network-proxy/konnectivity-client from 0.30.2 to 0.30.3

Commits
  • a419d24 Merge pull request #614 from avrittrohwer/avritt/CVE-2023-45288
  • 8875e39 Merge pull request #617 from jkh52/release-0.30-fix-lint
  • 0141ee4 Fix lint: upgrade to first version that supports go1.21
  • 7ea1b7e Skip vendor directory in golangci
  • 0421818 CVE-2023-45288 (release-0.30): update golang.org/x/net to 1.23.0
  • See full diff in compare view


Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself) - `@dependabot ignore minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself) - `@dependabot ignore ` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself) - `@dependabot unignore ` will remove all of the ignore conditions of the specified dependency - `@dependabot unignore ` will remove the ignore condition of the specified dependency and ignore conditions
k8s-ci-robot commented 4 months ago

Hi @dependabot[bot]. Thanks for your PR.

I'm waiting for a kubernetes-csi member to verify that this patch is reasonable to test. If it is, they should reply with /ok-to-test on its own line. Until that is done, I will not automatically test new commits in this PR, but the usual testing commands by org members will still work. Regular contributors should join the org to skip this step.

Once the patch is verified, the new status will be reflected by the ok-to-test label.

I understand the commands that are listed here.

Instructions for interacting with me using PR comments are available [here](https://git.k8s.io/community/contributors/guide/pull-requests.md). If you have questions or suggestions related to my behavior, please file an issue against the [kubernetes-sigs/prow](https://github.com/kubernetes-sigs/prow/issues/new?title=Prow%20issue:) repository.
k8s-ci-robot commented 4 months ago

[APPROVALNOTIFIER] This PR is NOT APPROVED

This pull-request has been approved by: dependabot[bot] Once this PR has been reviewed and has the lgtm label, please assign saad-ali for approval. For more information see the Kubernetes Code Review Process.

The full list of commands accepted by this bot can be found here.

Needs approval from an approver in each of these files: - **[OWNERS](https://github.com/kubernetes-csi/external-provisioner/blob/master/OWNERS)** Approvers can indicate their approval by writing `/approve` in a comment Approvers can cancel approval by writing `/approve cancel` in a comment
k8s-ci-robot commented 4 months ago

@dependabot[bot]: The following test failed, say /retest to rerun all failed tests or /retest-required to rerun all mandatory failed tests:

Test name Commit Details Required Rerun command
pull-kubernetes-csi-external-provisioner-unit e94ff8de69d8ba5607a1391f9da12642591506c6 link true /test pull-kubernetes-csi-external-provisioner-unit

Full PR test history. Your PR dashboard. Please help us cut down on flakes by linking to an open issue when you hit one in your PR.

Instructions for interacting with me using PR comments are available [here](https://git.k8s.io/community/contributors/guide/pull-requests.md). If you have questions or suggestions related to my behavior, please file an issue against the [kubernetes-sigs/prow](https://github.com/kubernetes-sigs/prow/issues/new?title=Prow%20issue:) repository. I understand the commands that are listed [here](https://go.k8s.io/bot-commands).
dependabot[bot] commented 4 months ago

Looks like these dependencies are updatable in another way, so this is no longer needed.