kubevirt / kubevirt-tekton-tasks

VM specific tasks for Tekton Pipelines
Apache License 2.0
31 stars 34 forks source link

chore(deps): update module kubevirt.io/kubevirt to v1.2.1 [security] (release-v0.15) #512

Closed redhat-renovate-bot closed 3 months ago

redhat-renovate-bot commented 3 months ago

This PR contains the following updates:

Package Type Update Change
kubevirt.io/kubevirt require minor v1.0.0-alpha.0 -> v1.2.1

KubeVirt NULL pointer dereference flaw

CVE-2024-31420 / GHSA-vjhf-6xfr-5p9g / GO-2024-2688

More information #### Details A NULL pointer dereference flaw was found in KubeVirt. This flaw allows an attacker who has access to a virtual machine guest on a node with DownwardMetrics enabled to cause a denial of service by issuing a high number of calls to vm-dump-metrics --virtio and then deleting the virtual machine. #### Severity - CVSS Score: 6.5 / 10 (Medium) - Vector String: `CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H` #### References - [https://nvd.nist.gov/vuln/detail/CVE-2024-31420](https://nvd.nist.gov/vuln/detail/CVE-2024-31420) - [https://access.redhat.com/security/cve/CVE-2024-31420](https://access.redhat.com/security/cve/CVE-2024-31420) - [https://bugzilla.redhat.com/show_bug.cgi?id=2272951](https://bugzilla.redhat.com/show_bug.cgi?id=2272951) - [https://github.com/kubevirt/kubevirt](https://togithub.com/kubevirt/kubevirt) This data is provided by [OSV](https://osv.dev/vulnerability/GHSA-vjhf-6xfr-5p9g) and the [GitHub Advisory Database](https://togithub.com/github/advisory-database) ([CC-BY 4.0](https://togithub.com/github/advisory-database/blob/main/LICENSE.md)).

kubevirt allows a local attacker to execute arbitrary code via a crafted command

CVE-2024-33394 / GHSA-4q63-mr2m-57hf / GO-2024-2816

More information #### Details An issue in kubevirt kubevirt v1.2.0 and before allows a local attacker to execute arbitrary code via a crafted command to get the token component. #### Severity - CVSS Score: 5.9 / 10 (Medium) - Vector String: `CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L` #### References - [https://nvd.nist.gov/vuln/detail/CVE-2024-33394](https://nvd.nist.gov/vuln/detail/CVE-2024-33394) - [https://gist.github.com/HouqiyuA/1b75e23ece7ad98490aec1c887bdf49b](https://gist.github.com/HouqiyuA/1b75e23ece7ad98490aec1c887bdf49b) - [https://github.com/kubevirt/kubevirt](https://togithub.com/kubevirt/kubevirt) This data is provided by [OSV](https://osv.dev/vulnerability/GHSA-4q63-mr2m-57hf) and the [GitHub Advisory Database](https://togithub.com/github/advisory-database) ([CC-BY 4.0](https://togithub.com/github/advisory-database/blob/main/LICENSE.md)).

Release Notes

kubevirt/kubevirt (kubevirt.io/kubevirt) ### [`v1.2.1`](https://togithub.com/kubevirt/kubevirt/releases/tag/v1.2.1) [Compare Source](https://togithub.com/kubevirt/kubevirt/compare/v1.2.0...v1.2.1) tag v1.2.1 Tagger: Antonio Cardace This release follows v1.2.0 and consists of 288 changes, contributed by 31 people, leading to 423 files changed, 13593 insertions(+), 11123 deletions(-). The source code and selected binaries are available for download at: https://github.com/kubevirt/kubevirt/releases/tag/v1.2.1. The primary release artifact of KubeVirt is the git tree. The release tag is signed and can be verified using `git tag -v v1.2.1`. Pre-built containers are published on Quay and can be viewed at: . ## Notable changes - \[PR [#​11986](https://togithub.com/kubevirt/kubevirt/issues/11986)]\[fossedihelm] Restart of a VM is required when the CPU socket count is reduced - \[PR [#​11977](https://togithub.com/kubevirt/kubevirt/issues/11977)]\[fossedihelm] Bug fix: Correctly reflect RestartRequired condition - \[PR [#​11972](https://togithub.com/kubevirt/kubevirt/issues/11972)]\[fossedihelm] Fix RerunOnFailure RunStrategy - \[PR [#​11966](https://togithub.com/kubevirt/kubevirt/issues/11966)]\[lyarwood] `VirtualMachines` referencing an instance type are now allowed when the `LiveUpdate` feature is enabled and will trigger the `RestartRequired` condition if the reference within the `VirtualMachine` is changed. - \[PR [#​11649](https://togithub.com/kubevirt/kubevirt/issues/11649)]\[kubevirt-bot] Updated common-instancetypes bundles to v1.0.0 - \[PR [#​11866](https://togithub.com/kubevirt/kubevirt/issues/11866)]\[kubevirt-bot] Fix the live updates for volumes and disks - \[PR [#​11853](https://togithub.com/kubevirt/kubevirt/issues/11853)]\[fossedihelm] Updated go version of the client-go to 1.21 - \[PR [#​11691](https://togithub.com/kubevirt/kubevirt/issues/11691)]\[kubevirt-bot] Improve the handling of ordinal pod interface name for upgrade - \[PR [#​11675](https://togithub.com/kubevirt/kubevirt/issues/11675)]\[tiraboschi] Make 'image' field in hook sidecar annotation optional. - \[PR [#​11761](https://togithub.com/kubevirt/kubevirt/issues/11761)]\[avlitman] New memory statistics added named kubevirt_memory_delta_from_requested_bytes - \[PR [#​11720](https://togithub.com/kubevirt/kubevirt/issues/11720)]\[assafad] Collect VMI OS info from the Guest agent as `kubevirt_vmi_phase_count` metric labels - \[PR [#​11656](https://togithub.com/kubevirt/kubevirt/issues/11656)]\[kubevirt-bot] Build the `passt`custom CNI binary statically, for the `passt` network binding plugin. - \[PR [#​11582](https://togithub.com/kubevirt/kubevirt/issues/11582)]\[kubevirt-bot] Expose volumesnapshot error in vmsnapshot object - \[PR [#​11502](https://togithub.com/kubevirt/kubevirt/issues/11502)]\[kubevirt-bot] Allow to hotplug memory for VMs with memory limits set - \[PR [#​11510](https://togithub.com/kubevirt/kubevirt/issues/11510)]\[kubevirt-bot] Reduce the downwardMetrics server maximum number of request per second to 1. - \[PR [#​11464](https://togithub.com/kubevirt/kubevirt/issues/11464)]\[kubevirt-bot] Bugfix: Allow vmexport download redirections by printing logs into stderr - \[PR [#​11463](https://togithub.com/kubevirt/kubevirt/issues/11463)]\[kubevirt-bot] Bugfix: Improve handling of IOThreads with incompatible buses - \[PR [#​11480](https://togithub.com/kubevirt/kubevirt/issues/11480)]\[kubevirt-bot] Build KubeVirt with Go version 1.21.8 - \[PR [#​11371](https://togithub.com/kubevirt/kubevirt/issues/11371)]\[kubevirt-bot] More information in the migration state of VMI / migration objects - \[PR [#​11396](https://togithub.com/kubevirt/kubevirt/issues/11396)]\[kubevirt-bot] BugFix: Ensure DataVolumes created by virt-controller (DataVolumeTemplates) are recreated and owned by the VM in the case of DR and backup/restore. - \[PR [#​11263](https://togithub.com/kubevirt/kubevirt/issues/11263)]\[alromeros] Bugfix: Improve error reporting when fsfreeze fails - \[PR [#​11422](https://togithub.com/kubevirt/kubevirt/issues/11422)]\[kubevirt-bot] add perf-scale benchmarks for release v1.2 - \[PR [#​11318](https://togithub.com/kubevirt/kubevirt/issues/11318)]\[fossedihelm] fix(vmclone): delete vmclone resource when the target vm is deleted - \[PR [#​11393](https://togithub.com/kubevirt/kubevirt/issues/11393)]\[kubevirt-bot] Bug-fix: Fix nil panic if VM update fails - \[PR [#​11354](https://togithub.com/kubevirt/kubevirt/issues/11354)]\[kubevirt-bot] Fix perfscale buckets error - \[PR [#​11378](https://togithub.com/kubevirt/kubevirt/issues/11378)]\[fossedihelm] fix(ksm): set the `kubevirt.io/ksm-enabled` node label to true if the ksm is managed by KubeVirt, instead of reflect the actual ksm value. ## Contributors 31 people contributed to this release: 112 fossedihelm 22 Luboslav Pivarc 12 Shelly Kagan 8 Antonio Cardace 6 Alvaro Romero 5 João Vilaça 4 Alice Frosi 4 Assaf Admi 4 Dharmit Shah 4 Jed Lejosne 4 Lee Yarwood 3 Alex Kalenyuk 3 Felix Matouschek 3 Michael Henriksen 3 avlitman 3 bmordeha 2 Brian Carey 2 Javier Cano Cano 2 Ram Lavi 2 Vicente Cheng 2 howard zhang 1 Alay Patel 1 Andrea Bolognani 1 Andrej Krejcir 1 Daniel Hiller 1 Edu Gómez Escandell 1 Edward Haas 1 Orel Misan 1 Shahaf Bahar ## Additional Resources - Mailing list: - Slack: - An easy to use demo: - [How to contribute][contributing] - [License][license] [contributing]: https://togithub.com/kubevirt/kubevirt/blob/main/CONTRIBUTING.md [license]: https://togithub.com/kubevirt/kubevirt/blob/main/LICENSE *** \-----BEGIN PGP SIGNATURE----- iQJIBAABCAAyFiEEL3WFe2eU+K2zCASGa/gKvUPjd9MFAmZVlX8UHGFjYXJkYWNl QHJlZGhhdC5jb20ACgkQa/gKvUPjd9PHcg/9GKOBdiJvG4qKA/fLOvTyJrhFIoli S2OSnpEOEtQq2AnFrgQD8cIgpX9WahWYjKL841rbxmvOAKAuw868913/Y36R75Le xuyDVuN2dFdblCcx7oFw2USPWeThVqG283E+qhss+GHVuIFXGHatFYaI966QI9Xr qyNIj+hnjyLZsaq8CWowSlIWF73leRfj1csw5XkbcWU4rAgDzKHLJoYQeX3Ekkma rhn0NwYJi4jYHRxFzPhDGXwVn1ItwwtutyWQj1EnIxt04XojxZ8pyHJ6dBv96Hwc 3bo68aG9JmGI9P7bs7+5wbMlMFdHZVrSc44JxXcv6N6D1OVWQPJfSkFVKAMhHxZ9 vycFdBJ/1p3T4gu9loM063syw98L4UDBMmCZgfunn0gdgie9OsFTzVaFvi1brQ7E dMfvr1oj8t1TOWZo71rBIDWULlwryMS9NWsVT84CteTTaVOEUva02UIf6l7CV9oq DBax71hCK7vLGqBFT4evu8g9TNtmK9LArHVBeMwe16qXVlIyIqVeujBmLVr7Qly3 X6F96i+HqaUWyCRceTX1uOhD/r9AjghHzFJwDQX2C9+c3zFI/9/cy2ajwNemEHgx X1xf9vi17bn1HT+oRRoH+slf9JdHFW0T2pFvBcwNhakyaN45gG6k4K4nGGKNrw8U MDze3ObziJMJeuQ= \=gs80 \-----END PGP SIGNATURE----- ### [`v1.2.0`](https://togithub.com/kubevirt/kubevirt/releases/tag/v1.2.0) [Compare Source](https://togithub.com/kubevirt/kubevirt/compare/v1.1.1...v1.2.0) tag v1.2.0 Tagger: Antonio Cardace This release follows v1.1.1 and consists of 822 changes, contributed by 65 people, leading to 1234 files changed, 46897 insertions(+), 22403 deletions(-). v1.2.0 is a promotion of release candidate v1.2.0-rc.1 which was originally published 2024-02-26 The source code and selected binaries are available for download at: https://github.com/kubevirt/kubevirt/releases/tag/v1.2.0. The primary release artifact of KubeVirt is the git tree. The release tag is signed and can be verified using `git tag -v v1.2.0`. Pre-built containers are published on Quay and can be viewed at: . ## Notable changes ##### API change - [\[PR #​11064\]](https://togithub.com/kubevirt/kubevirt/pull/11064) \[AlonaKaplan] Introduce a new API to mark a binding plugin as migratable. - [\[PR #​10970\]](https://togithub.com/kubevirt/kubevirt/pull/10970) \[alromeros] Expose fs disk information via GuestOsInfo - [\[PR #​10905\]](https://togithub.com/kubevirt/kubevirt/pull/10905) \[tiraboschi] Aggregate DVs conditions on VMI (and so VM) - [\[PR #​10872\]](https://togithub.com/kubevirt/kubevirt/pull/10872) \[RamLavi] IsolateEmulatorThread: Add cluster-wide parity completion setting - [\[PR #​10846\]](https://togithub.com/kubevirt/kubevirt/pull/10846) \[RamLavi] Change vm.status.PrintableStatus default value to "Stopped" - [\[PR #​10774\]](https://togithub.com/kubevirt/kubevirt/pull/10774) \[victortoso] Windows offline activation with ACPI SLIC table - [\[PR #​10732\]](https://togithub.com/kubevirt/kubevirt/pull/10732) \[AlonaKaplan] Extend kubvirt CR by adding domain attachment option to the network binding plugin API. - [\[PR #​10658\]](https://togithub.com/kubevirt/kubevirt/pull/10658) \[matthewei] Support "Clone API" to filter VirtualMachine.spec.template.annotation and VirtualMachine.spec.template.label ##### Bug fix - [\[PR #​11271\]](https://togithub.com/kubevirt/kubevirt/pull/11271) \[kubevirt-bot] Bug fix: VM controller doesn't corrupt its cache anymore - [\[PR #​11242\]](https://togithub.com/kubevirt/kubevirt/pull/11242) \[kubevirt-bot] Fix migration breaking in case the VM has an rng device after hotplugging a block volume on cgroupsv2 - [\[PR #​11069\]](https://togithub.com/kubevirt/kubevirt/pull/11069) \[ormergi] Bug fix: Packet drops during the initial phase of VM live migration https://issues.redhat.com/browse/CNV-28040 - [\[PR #​11065\]](https://togithub.com/kubevirt/kubevirt/pull/11065) \[fossedihelm] fix(vmclone): Generate VM patches from vmsnapshotcontent, instead of current VM - [\[PR #​10963\]](https://togithub.com/kubevirt/kubevirt/pull/10963) \[alromeros] Bugfix: Reject volume exports when no output is specified - [\[PR #​10888\]](https://togithub.com/kubevirt/kubevirt/pull/10888) \[fossedihelm] \[Bugfix] Clone VM with WaitForFirstConsumer binding mode PVC now works. - [\[PR #​10860\]](https://togithub.com/kubevirt/kubevirt/pull/10860) \[akalenyu] BugFix: Double cloning with filter fails isolateEmulatorThread feature ([BZ#2228103](https://togithub.com/BZ/kubevirt/issues/2228103)). - [\[PR #​10845\]](https://togithub.com/kubevirt/kubevirt/pull/10845) \[orelmisan] Reject VirtualMachineClone creation when target name is equal to source name - [\[PR #​10753\]](https://togithub.com/kubevirt/kubevirt/pull/10753) \[victortoso] Fixes permission when using USB host passthrough - [\[PR #​10747\]](https://togithub.com/kubevirt/kubevirt/pull/10747) \[acardace] Fix KubeVirt for CRIO 1.28 by using checksums to verify containerdisks when migrating VMIs - [\[PR #​10699\]](https://togithub.com/kubevirt/kubevirt/pull/10699) \[qinqon] virt-launcher: fix qemu non root log path - [\[PR #​10689\]](https://togithub.com/kubevirt/kubevirt/pull/10689) \[akalenyu] BugFix: cgroupsv2 device allowlist is bound to virt-handler internal state/block disk device overwritten on hotplug - [\[PR #​10593\]](https://togithub.com/kubevirt/kubevirt/pull/10593) \[RamLavi] Fixes SMT Alignment Error in virt-launcher pod by optimizing - [\[PR #​11050\]](https://togithub.com/kubevirt/kubevirt/pull/11050) \[fossedihelm] restrict default cluster role to authenticated only users - [\[PR #​11047\]](https://togithub.com/kubevirt/kubevirt/pull/11047) \[jschintag] Fix potential crash when trying to list USB devices on host without any - [\[PR #​10916\]](https://togithub.com/kubevirt/kubevirt/pull/10916) \[orelmisan] Fix the value of VMI `Status.GuestOSInfo.Version` - [\[PR #​10046\]](https://togithub.com/kubevirt/kubevirt/pull/10046) \[victortoso] Add v1alpha3 for hooks and fix migration when using sidecars ##### Deprecation - [\[PR #​10924\]](https://togithub.com/kubevirt/kubevirt/pull/10924) \[AlonaKaplan] Deprecate macvtap ##### SIG-compute - [\[PR #​11054\]](https://togithub.com/kubevirt/kubevirt/pull/11054) \[jean-edouard] New cluster-wide `vmRolloutStrategy` setting to define whether changes to VMs should either be always staged or live-updated when possible. - [\[PR #​10961\]](https://togithub.com/kubevirt/kubevirt/pull/10961) \[jcanocan] Reduced VM rescheduling time on node failure - [\[PR #​10840\]](https://togithub.com/kubevirt/kubevirt/pull/10840) \[acardace] Requests/Limits can now be configured when using CPU/Memory hotplug - [\[PR #​10839\]](https://togithub.com/kubevirt/kubevirt/pull/10839) \[RamLavi] Change second emulator thread assign strategy to best-effort. - [\[PR #​10809\]](https://togithub.com/kubevirt/kubevirt/pull/10809) \[orelmisan] Source virt-launcher: Log migration info by default - [\[PR #​10783\]](https://togithub.com/kubevirt/kubevirt/pull/10783) \[RamLavi] Support multiple CPUs in Housekeeping cgroup - [\[PR #​11001\]](https://togithub.com/kubevirt/kubevirt/pull/11001) \[fossedihelm] Allow `kubevirt.io:default` clusterRole to get,list kubevirts - [\[PR #​10918\]](https://togithub.com/kubevirt/kubevirt/pull/10918) \[orelmisan] VMClone: Emit an event in case restore creation fails - [\[PR #​10898\]](https://togithub.com/kubevirt/kubevirt/pull/10898) \[matthewei] vmi status's guestOsInfo adds `Machine` ##### SIG-storage - [\[PR #​10657\]](https://togithub.com/kubevirt/kubevirt/pull/10657) \[germag] Exposing Filesystem Persistent Volumes (PVs) to the VM using unprivilege virtiofsd. - [\[PR #​10529\]](https://togithub.com/kubevirt/kubevirt/pull/10529) \[alromeros] Allow LUN disks to be hotplugged ##### SIG-network - [\[PR #​10981\]](https://togithub.com/kubevirt/kubevirt/pull/10981) \[AlonaKaplan] Report IP of interfaces using network binding plugin. - [\[PR #​10866\]](https://togithub.com/kubevirt/kubevirt/pull/10866) \[AlonaKaplan] Raise an error in case passt feature gate or API are used. - [\[PR #​10800\]](https://togithub.com/kubevirt/kubevirt/pull/10800) \[AlonaKaplan] Support macvtap as a binding plugin - [\[PR #​10425\]](https://togithub.com/kubevirt/kubevirt/pull/10425) \[ormergi] Introduce network binding plugin for Passt networking, interfacing with Kubevirt new network binding plugin API. ##### SIG-infra - [\[PR #​11025\]](https://togithub.com/kubevirt/kubevirt/pull/11025) \[0xFelix] Allow unprivileged users read-only access to VirtualMachineCluster{Instancetypes,Preferences} by default. - [\[PR #​10922\]](https://togithub.com/kubevirt/kubevirt/pull/10922) \[kubevirt-bot] Updated common-instancetypes bundles to v0.4.0 ##### SIG-scale - [\[PR #​10571\]](https://togithub.com/kubevirt/kubevirt/pull/10571) \[tiraboschi] vmi memory footprint increase by 35M when guest serial console logging is turned on (default on). ##### Monitoring - [\[PR #​10982\]](https://togithub.com/kubevirt/kubevirt/pull/10982) \[machadovilaca] Refactor monitoring metrics - [\[PR #​10962\]](https://togithub.com/kubevirt/kubevirt/pull/10962) \[machadovilaca] Update monitoring file structure - [\[PR #​10853\]](https://togithub.com/kubevirt/kubevirt/pull/10853) \[machadovilaca] Refactor monitoring collectors - [\[PR #​10700\]](https://togithub.com/kubevirt/kubevirt/pull/10700) \[machadovilaca] Refactor monitoring alerts - [\[PR #​10693\]](https://togithub.com/kubevirt/kubevirt/pull/10693) \[machadovilaca] Remove MigrateVmiDiskTransferRateMetric - [\[PR #​10651\]](https://togithub.com/kubevirt/kubevirt/pull/10651) \[machadovilaca] Refactor monitoring recording-rules - [\[PR #​10570\]](https://togithub.com/kubevirt/kubevirt/pull/10570) \[machadovilaca] Fix LowKVMNodesCount not firing - [\[PR #​10418\]](https://togithub.com/kubevirt/kubevirt/pull/10418) \[machadovilaca] Add total VMs created metric ##### Uncategorized - [\[PR #​11144\]](https://togithub.com/kubevirt/kubevirt/pull/11144) \[0xFelix] virtctl: Specifying size when creating a VM and using --volume-import to clone a PVC or a VolumeSnapshot is optional now - [\[PR #​11122\]](https://togithub.com/kubevirt/kubevirt/pull/11122) \[brianmcarey] Update runc dependency to v1.1.12 - [\[PR #​11068\]](https://togithub.com/kubevirt/kubevirt/pull/11068) \[brianmcarey] Update container base image to use current stable debian 12 base - [\[PR #​10914\]](https://togithub.com/kubevirt/kubevirt/pull/10914) \[brianmcarey] KubeVirt is now built with go 1.21.5 - [\[PR #​10879\]](https://togithub.com/kubevirt/kubevirt/pull/10879) \[brianmcarey] Built with golang 1.20.12 - [\[PR #​10863\]](https://togithub.com/kubevirt/kubevirt/pull/10863) \[dhiller] Remove year from generated code copyright - [\[PR #​10787\]](https://togithub.com/kubevirt/kubevirt/pull/10787) \[matthewei] virtctl support to add template label and annotation filters - [\[PR #​10720\]](https://togithub.com/kubevirt/kubevirt/pull/10720) \[awels] Restored hotplug attachment pod request/limit to original value - [\[PR #​10637\]](https://togithub.com/kubevirt/kubevirt/pull/10637) \[dharmit] Functional tests for sidecar hook with ConfigMap - [\[PR #​10615\]](https://togithub.com/kubevirt/kubevirt/pull/10615) \[orelmisan] Remove leftover NonRoot feature gate - [\[PR #​10598\]](https://togithub.com/kubevirt/kubevirt/pull/10598) \[alicefr] Add PVC option to the hook sidecars for supplying additional debugging tools - [\[PR #​10596\]](https://togithub.com/kubevirt/kubevirt/pull/10596) \[mhenriks] Disable HTTP/2 to mitigate CVE-2023-44487 - [\[PR #​10582\]](https://togithub.com/kubevirt/kubevirt/pull/10582) \[orelmisan] Remove leftover NonRootExperimental feature gate - [\[PR #​10567\]](https://togithub.com/kubevirt/kubevirt/pull/10567) \[awels] Attachment pod creation is now rate limited - [\[PR #​10526\]](https://togithub.com/kubevirt/kubevirt/pull/10526) \[cfilleke] Documents steps to build the KubeVirt builder container - [\[PR #​10479\]](https://togithub.com/kubevirt/kubevirt/pull/10479) \[dharmit] Ability to run scripts through hook sidecardevice - [\[PR #​10244\]](https://togithub.com/kubevirt/kubevirt/pull/10244) \[hshitomi] Added “adm” subcommand under “virtctl”, and “log-verbosity" subcommand under “adm”. The log-verbosity command is: to show the log verbosity of one or more components, to set the log verbosity of one or more components, and to reset the log verbosity of all components (reset to the default verbosity (2)). ## Contributors 65 people contributed to this release: 52 fossedihelm 38 Luboslav Pivarc 34 Alona Paz 33 Edward Haas 31 Brian Carey 27 João Vilaça 25 Or Mergi 24 Dan Kenigsberg 24 Jed Lejosne 19 Victor Toso 16 Alex Kalenyuk 16 Antonio Cardace 16 Ram Lavi 14 Orel Misan 13 Felix Matouschek 11 Alvaro Romero 11 Or Shoval 10 Dharmit Shah 8 Alice Frosi 7 Fabian Deutsch 7 howard zhang 7 stirabos 6 Vasiliy Ulyanov 6 prnaraya 5 Daniel Hiller 4 Denis Ollier 4 Igor Bezukh 3 Alexander Wels 3 Michael Henriksen 3 Nahshon Unna-Tsameret 2 Dalia Frank 2 Jan Schintag 2 Javier Cano Cano 2 Shelly Kagan 2 shenwei 2 wuhanqing 2 zhuanlan 1 Alay Patel 1 Andrea Bolognani 1 Andrej Krejcir 1 Andrew Burden 1 Bart Vercoulen 1 Ben Oukhanov 1 Eng Zer Jun 1 Enrique Llorente 1 Erik Panter 1 German Maglione 1 Hidehisa Shitomi 1 Karel Simon 1 Lee Yarwood 1 Marcelo Amaral 1 Ohad 1 Ondrej Pokorny 1 Romain Decker 1 Wenhui Zhang 1 cfillekes 1 haojue 1 matthewei <86186853+matthewei@users.noreply.github.com> 1 matthewei 1 muxuelan 1 rokkiter 1 wangjihai 1 xiaofang ## Additional Resources - Mailing list: - Slack: - An easy to use demo: - [How to contribute][contributing] - [License][license] [contributing]: https://togithub.com/kubevirt/kubevirt/blob/main/CONTRIBUTING.md [license]: https://togithub.com/kubevirt/kubevirt/blob/main/LICENSE *** \-----BEGIN PGP SIGNATURE----- iQJIBAABCAAyFiEEL3WFe2eU+K2zCASGa/gKvUPjd9MFAmXnf6AUHGFjYXJkYWNl QHJlZGhhdC5jb20ACgkQa/gKvUPjd9MnKhAAq7FarHyi742Ara/2KdSnICUrwx2w ud9VQvPuvb0t9PbH4feUZar5cGg1thFZXf7kx5xk+1vEvHD1Wue5h2t5i0+qq17C om5fs4ZRy7zIiFWftAglcqLC/3iMTODo3esmReY5ALkwgDgXWRMORBVTAt34xI9+ PO2zTDB3caO1Dr5oDXVVLrgxMl2uPmhZkh46nlgq3AGtmByWrWO3Zdg0S9ym7RMK pA0E+71MX32Tti25lMkdLs4I0+kKHMIdHoLjedYGDoJ8Z+rDqg1e/9JF6/4z/Zl5 ArxMo0HDXmDhLqE4zJN7UdQGUppjj+CiGe4Eiox0rj4nj34vjlHOQDvD2dYdOs4l \+Ca8vPzPMf7dCwuBra7VHJN1t62+wzoqxr1mNQ6Yhf2z87+MCm6i25h8V279ivSA qervlzzBjBDj9H+IwzSZET9sY8uAASz3lvSolhN9JBzX2J5vZXapYpKsbrSMBhOX nyaOUu75Ow7f67fJBnKkF+NR00gtMgPWTvu+rg1yvLFV0W3cTmFJK3aWkktNHwId SQVdCwODyDH9ZlYwceugiqBcEVPUaRcwpFC6kfJBejBsifG4OVgSzHQ5YDNmU2bc pzM6JMxpUnJw3o4VnsM0HdV2q0qb7jcASRVaHTs1lW/Xymiyrlq00sX8mf6Lz0fl Rwne5ssktT+kHd0= \=WB1r \-----END PGP SIGNATURE----- ### [`v1.1.1`](https://togithub.com/kubevirt/kubevirt/releases/tag/v1.1.1) [Compare Source](https://togithub.com/kubevirt/kubevirt/compare/v1.1.0...v1.1.1) tag v1.1.1 Tagger: Luboslav Pivarc This release follows v1.1.0 and consists of 110 changes, contributed by 17 people, leading to 258 files changed, 12215 insertions(+), 3245 deletions(-). The source code and selected binaries are available for download at: https://github.com/kubevirt/kubevirt/releases/tag/v1.1.1. The primary release artifact of KubeVirt is the git tree. The release tag is signed and can be verified using `git tag -v v1.1.1`. Pre-built containers are published on Quay and can be viewed at: . ## Notable changes - \[PR [#​10757](https://togithub.com/kubevirt/kubevirt/issues/10757)]\[RamLavi] Fixes SMT Alignment Error in virt-launcher pod by optimizing isolateEmulatorThread feature: https://issues.redhat.com/browse/CNV-31584. - \[PR [#​10873](https://togithub.com/kubevirt/kubevirt/issues/10873)]\[kubevirt-bot] Fix KubeVirt for CRIO 1.28 by using checksums to verify containerdisks when migrating VMIs - \[PR [#​10869](https://togithub.com/kubevirt/kubevirt/issues/10869)]\[akalenyu] BugFix: Double cloning with filter fails - \[PR [#​10854](https://togithub.com/kubevirt/kubevirt/issues/10854)]\[kubevirt-bot] Reject VirtualMachineClone creation when target name is equal to source name - \[PR [#​10831](https://togithub.com/kubevirt/kubevirt/issues/10831)]\[kubevirt-bot] Fix macvtap as a binding plugin - \[PR [#​10829](https://togithub.com/kubevirt/kubevirt/issues/10829)]\[kubevirt-bot] Fixes device permission when using USB host passthrough - \[PR [#​10820](https://togithub.com/kubevirt/kubevirt/issues/10820)]\[kubevirt-bot] Source virt-launcher: Log migration info by default - \[PR [#​10816](https://togithub.com/kubevirt/kubevirt/issues/10816)]\[kubevirt-bot] Extend kubvirt CR by adding domain attachment option to the network binding plugin API. - \[PR [#​10714](https://togithub.com/kubevirt/kubevirt/issues/10714)]\[kubevirt-bot] BugFix: cgroupsv2 device allowlist is bound to virt-handler internal state/block disk device overwritten on hotplug - \[PR [#​10709](https://togithub.com/kubevirt/kubevirt/issues/10709)]\[kubevirt-bot] virt-launcher: fix qemu non root log path - \[PR [#​10669](https://togithub.com/kubevirt/kubevirt/issues/10669)]\[kubevirt-bot] Introduce network binding plugin for Passt networking, interfacing with Kubevirt new network binding plugin API. ## Contributors 17 people contributed to this release: 18 Edward Haas 15 Ram Lavi 14 Alona Paz 6 Or Mergi 5 Antonio Cardace 5 Vasiliy Ulyanov 4 Alex Kalenyuk 4 Denis Ollier 3 fossedihelm 2 Orel Misan 2 Victor Toso 1 Enrique Llorente 1 Felix Matouschek 1 Karel Simon 1 Michael Henriksen ## Additional Resources - Mailing list: - Slack: - An easy to use demo: - [How to contribute][contributing] - [License][license] [contributing]: https://togithub.com/kubevirt/kubevirt/blob/main/CONTRIBUTING.md [license]: https://togithub.com/kubevirt/kubevirt/blob/main/LICENSE *** \-----BEGIN PGP SIGNATURE----- iIkEABEIADEWIQS5aL5huPTZew1hSy9m6XN7mspnmQUCZYlexhMcbHBpdmFyY0By ZWRoYXQuY29tAAoJEGbpc3uaymeZt1oA/RZZ8Ci4pBvm0KFbzAug28NiCXeTN0qn DPomhtehWMecAQCpKWSJBJz3r2E6eD8R8zECZPdQRRx3SrimSCQX2ZLoPA== \=uiB8 \-----END PGP SIGNATURE----- Merge pull request [#​10757](https://togithub.com/kubevirt/kubevirt/issues/10757) from RamLavi/release-1.1\_add-full-pcpu-only-support \[release 1.1] isolateEmulatorThread: Add full-pcpu-only support ### [`v1.1.0`](https://togithub.com/kubevirt/kubevirt/releases/tag/v1.1.0) [Compare Source](https://togithub.com/kubevirt/kubevirt/compare/v1.0.1...v1.1.0) tag v1.1.0 Tagger: Antonio Cardace This release follows v1.0.1 and consists of 1071 changes, contributed by 78 people, leading to 1108 files changed, 82781 insertions(+), 33012 deletions(-). v1.1.0 is a promotion of release candidate v1.1.0-rc.1 which was originally published 2023-11-03 The source code and selected binaries are available for download at: https://github.com/kubevirt/kubevirt/releases/tag/v1.1.0. The primary release artifact of KubeVirt is the git tree. The release tag is signed and can be verified using `git tag -v v1.1.0`. Pre-built containers are published on Quay and can be viewed at: . ## Notable changes ##### API change - \[[#​10568](https://togithub.com/kubevirt/kubevirt/issues/10568)]\[ormergi] Network binding plugin API support CNIs, new integration point on virt-launcher pod creation. - \[[#​10309](https://togithub.com/kubevirt/kubevirt/issues/10309)]\[lyarwood] cluster-wide [`common-instancetypes`](https://togithub.com/kubevirt/common-instancetypes) resources can now deployed by `virt-operator` using the `CommonInstancetypesDeploymentGate` feature gate - \[[#​10463](https://togithub.com/kubevirt/kubevirt/issues/10463)]\[0xFelix] VirtualMachines: Introduce InferFromVolumeFailurePolicy in Instancetype- and PreferenceMatchers - \[[#​10447](https://togithub.com/kubevirt/kubevirt/issues/10447)]\[fossedihelm] Add a Feature Gate to KV CR to automatically set memory limits when a resource quota with memory limits is associated to the creation namespace - \[[#​10477](https://togithub.com/kubevirt/kubevirt/issues/10477)]\[jean-edouard] Dynamic KSM enabling and configuration - \[[#​10110](https://togithub.com/kubevirt/kubevirt/issues/10110)]\[tiraboschi] Stream guest serial console logs from a dedicated container - \[[#​10015](https://togithub.com/kubevirt/kubevirt/issues/10015)]\[victortoso] Implements USB host passthrough in permittedHostDevices of KubeVirt CRD - \[[#​10184](https://togithub.com/kubevirt/kubevirt/issues/10184)]\[acardace] Add memory hotplug feature - \[[#​10231](https://togithub.com/kubevirt/kubevirt/issues/10231)]\[kvaps] Propogate public-keys to cloud-init NoCloud meta-data - \[[#​9673](https://togithub.com/kubevirt/kubevirt/issues/9673)]\[germag] DownwardMetrics: Expose DownwardMetrics through virtio-serial channel. - \[[#​10086](https://togithub.com/kubevirt/kubevirt/issues/10086)]\[vladikr] allow live updating VM affinity and node selector - \[[#​10272](https://togithub.com/kubevirt/kubevirt/issues/10272)]\[ormergi] Introduce network binding plugin for Slirp networking, interfacing with Kubevirt new network binding plugin API. - \[[#​10284](https://togithub.com/kubevirt/kubevirt/issues/10284)]\[AlonaKaplan] Introduce an API for network binding plugins. The feature is behind "NetworkBindingPlugins" gate. - \[[#​9878](https://togithub.com/kubevirt/kubevirt/issues/9878)]\[jean-edouard] The EFI NVRAM can now be configured to persist across reboots - \[[#​9932](https://togithub.com/kubevirt/kubevirt/issues/9932)]\[lyarwood] `ControllerRevisions` containing `instancetype.kubevirt.io` `CRDs` are now decorated with labels detailing specific metadata of the underlying stashed object - \[[#​10058](https://togithub.com/kubevirt/kubevirt/issues/10058)]\[alicefr] Add field errorPolicy for disks - \[[#​10004](https://togithub.com/kubevirt/kubevirt/issues/10004)]\[AlonaKaplan] Hoyplug/unplug interfaces should be done by updating the VM spec template. virtctl and REST API endpoints were removed. - \[[#​9896](https://togithub.com/kubevirt/kubevirt/issues/9896)]\[ormergi] The VM controller now replicates spec interfaces MAC addresses to the corresponding interfaces in the VMI spec. - \[[#​7708](https://togithub.com/kubevirt/kubevirt/issues/7708)]\[VirrageS] `nodeSelector` and `schedulerName` fields have been added to VirtualMachineInstancetype spec. - \[[#​7197](https://togithub.com/kubevirt/kubevirt/issues/7197)]\[vasiliy-ul] Experimantal support of SEV attestation via the new API endpoints - \[[#​9737](https://togithub.com/kubevirt/kubevirt/issues/9737)]\[AlonaKaplan] On hotunplug - remove bridge, tap and dummy interface from virt-launcher and the caches (file and volatile) from the node. ##### Bug fixes: - \[[#​10515](https://togithub.com/kubevirt/kubevirt/issues/10515)]\[iholder101] Bug-fix: Stop copying VMI spec to VM during snapshots - \[[#​10393](https://togithub.com/kubevirt/kubevirt/issues/10393)]\[iholder101] \[Bugfix] \[Clone API] Double-cloning is now working as expected. - \[[#​10391](https://togithub.com/kubevirt/kubevirt/issues/10391)]\[awels] BugFix: VMExport now works in a namespace with quotas defined. - \[[#​10380](https://togithub.com/kubevirt/kubevirt/issues/10380)]\[alromeros] Bugfix: Allow image-upload to recover from PendingPopulation phase - \[[#​10099](https://togithub.com/kubevirt/kubevirt/issues/10099)]\[iholder101] Bugfix: target virt-launcher pod hangs when migration is cancelled. - \[[#​10165](https://togithub.com/kubevirt/kubevirt/issues/10165)]\[awels] BugFix: deleting hotplug attachment pod will no longer detach volumes that were not removed. - \[[#​10067](https://togithub.com/kubevirt/kubevirt/issues/10067)]\[iholder101] Bug fix: `virtctl create clone` marshalling and replacement of `kubectl` with `kubectl virt` - \[[#​9935](https://togithub.com/kubevirt/kubevirt/issues/9935)]\[xpivarc] Bug fix - correct logging in container disk - \[[#​9872](https://togithub.com/kubevirt/kubevirt/issues/9872)]\[alromeros] Bugfix: Allow lun disks to be mapped to DataVolume sources - \[[#​10039](https://togithub.com/kubevirt/kubevirt/issues/10039)]\[simonyangcj] fix guaranteed qos of virt-launcher pod broken when use virtiofs - \[[#​9861](https://togithub.com/kubevirt/kubevirt/issues/9861)]\[rmohr] Fix the possibility of data corruption when requesting a force-restart via "virtctl restart" ##### Deprecation - \[[#​10486](https://togithub.com/kubevirt/kubevirt/issues/10486)]\[assafad] Deprecation notice for the metrics listed in the PR. Please update your systems to use the new metrics names. - \[[#​9821](https://togithub.com/kubevirt/kubevirt/issues/9821)]\[sradco] Deprecation notice for the metrics listed in the PR. Please update your systems to use the new metrics names. - \[[#​10101](https://togithub.com/kubevirt/kubevirt/issues/10101)]\[acardace] Deprecate `spec.config.machineType` in KubeVirt CR. ##### SIG-compute - \[[#​10566](https://togithub.com/kubevirt/kubevirt/issues/10566)]\[fossedihelm] Add 100Mi of memory overhead for vmi with dedicatedCPU or that wants GuaranteedQos - \[[#​10496](https://togithub.com/kubevirt/kubevirt/issues/10496)]\[fossedihelm] Automatically set cpu limits when a resource quota with cpu limits is associated to the creation namespace and the `AutoResourceLimits` FeatureGate is enabled - \[[#​10543](https://togithub.com/kubevirt/kubevirt/issues/10543)]\[0xFelix] Clear VM guest memory when ignoring inference failures - \[[#​10320](https://togithub.com/kubevirt/kubevirt/issues/10320)]\[victortoso] sidecar-shim implements PreCloudInitIso hook - \[[#​10253](https://togithub.com/kubevirt/kubevirt/issues/10253)]\[rmohr] Stop trying to create unused directory /var/run/kubevirt-ephemeral-disk in virt-controller - \[[#​10050](https://togithub.com/kubevirt/kubevirt/issues/10050)]\[victortoso] Updating the virt stack: QEMU 8.0.0, libvirt to 9.5.0, edk2 [`2023052`](https://togithub.com/kubevirt/kubevirt/commit/20230524), passt [`2023081`](https://togithub.com/kubevirt/kubevirt/commit/20230818), libguestfs and guestfs-tools 1.50.1, virtiofsd 1.7.2 - \[[#​9231](https://togithub.com/kubevirt/kubevirt/issues/9231)]\[victortoso] Introduces sidecar-shim container image - \[[#​10254](https://togithub.com/kubevirt/kubevirt/issues/10254)]\[rmohr] Don't mark the KubeVirt "Available" condition as false on up-to-date and ready but misscheduled virt-handler pods. - \[[#​10182](https://togithub.com/kubevirt/kubevirt/issues/10182)]\[iholder101] Stop considering nodes without `kubevirt.io/schedulable` label when finding lowest TSC frequency on the cluster - \[[#​10056](https://togithub.com/kubevirt/kubevirt/issues/10056)]\[jean-edouard] UEFI guests now use Bochs display instead of VGA emulation - \[[#​10106](https://togithub.com/kubevirt/kubevirt/issues/10106)]\[acardace] Add boot-menu wait time when starting the VM as paused. ##### SIG-storage - \[[#​10532](https://togithub.com/kubevirt/kubevirt/issues/10532)]\[alromeros] Add --volume-mode flag in image-upload - \[[#​10020](https://togithub.com/kubevirt/kubevirt/issues/10020)]\[akalenyu] Use auth API for DataVolumes, stop importing kubevirt.io/containerized-data-importer - \[[#​10400](https://togithub.com/kubevirt/kubevirt/issues/10400)]\[alromeros] Add new vmexport flags to download raw images, either directly (--raw) or by decompressing (--decompress) them - \[[#​10148](https://togithub.com/kubevirt/kubevirt/issues/10148)]\[alromeros] Add port-forward functionalities to vmexport - \[[#​10275](https://togithub.com/kubevirt/kubevirt/issues/10275)]\[awels] Ensure new hotplug attachment pod is ready before deleting old attachment pod - \[[#​10118](https://togithub.com/kubevirt/kubevirt/issues/10118)]\[akalenyu] Change exportserver default UID to succeed exporting CDI standalone PVCs (not attached to VM) - \[[#​9918](https://togithub.com/kubevirt/kubevirt/issues/9918)]\[ShellyKa13] Fix for hotplug with WFFC SCI storage class which uses CDI populators ##### SIG-network - \[[#​10366](https://togithub.com/kubevirt/kubevirt/issues/10366)]\[ormergi] Kubevirt now delegates Slirp networking configuration to Slirp network binding plugin. In case you haven't registered Slirp network binding plugin image yet (i.e.: specify in Kubevirt config) the following default image would be used: `quay.io/kubevirt/network-slirp-binding:20230830_638c60fc8`. On next release (v1.2.0) no default image will be set and registering an image would be mandatory. - \[[#​10185](https://togithub.com/kubevirt/kubevirt/issues/10185)]\[AlonaKaplan] Add support to migration based SRIOV hotplug. - \[[#​10116](https://togithub.com/kubevirt/kubevirt/issues/10116)]\[ormergi] Existing detached interfaces with 'absent' state will be cleared from VMI spec. - \[[#​9958](https://togithub.com/kubevirt/kubevirt/issues/9958)]\[AlonaKaplan] Disable network interface hotplug/unplug for VMIs. It will be supported for VMs only. - \[[#​10489](https://togithub.com/kubevirt/kubevirt/issues/10489)]\[maiqueb] Remove the network-attachment-definition `list` and `watch` verbs from virt-controller's RBAC ##### SIG-infra - \[[#​10438](https://togithub.com/kubevirt/kubevirt/issues/10438)]\[lyarwood] A new `instancetype.kubevirt.io:view` `ClusterRole` has been introduced that can be bound to users via a `ClusterRoleBinding` to provide read only access to the cluster scoped `VirtualMachineCluster{Instancetype,Preference}` resources. ##### SIG-scale - \[[#​9989](https://togithub.com/kubevirt/kubevirt/issues/9989)]\[alaypatel07] Add perf scale benchmarks for VMIs ##### Uncategorized - \[[#​9590](https://togithub.com/kubevirt/kubevirt/issues/9590)]\[xuzhenglun] fix embed version info of virt-operator - \[[#​10044](https://togithub.com/kubevirt/kubevirt/issues/10044)]\[machadovilaca] Add operator-observability package - \[[#​10450](https://togithub.com/kubevirt/kubevirt/issues/10450)]\[0xFelix] virtctl: Enable inference in create vm subcommand by default - \[[#​10386](https://togithub.com/kubevirt/kubevirt/issues/10386)]\[liuzhen21] KubeSphere added to the adopter's file! - \[[#​10167](https://togithub.com/kubevirt/kubevirt/issues/10167)]\[0xFelix] virtctl: Apply namespace to created manifests - \[[#​10173](https://togithub.com/kubevirt/kubevirt/issues/10173)]\[rmohr] Move coordination/lease RBAC permissions to Roles - \[[#​10138](https://togithub.com/kubevirt/kubevirt/issues/10138)]\[machadovilaca] Change `kubevirt_vmi_*_usage_seconds` from Gauge to Counter - \[[#​10107](https://togithub.com/kubevirt/kubevirt/issues/10107)]\[PiotrProkop] Expose `kubevirt_vmi_vcpu_delay_seconds_total` reporting amount of seconds VM spent in waiting in the queue instead of running. - \[[#​10070](https://togithub.com/kubevirt/kubevirt/issues/10070)]\[machadovilaca] Remove affinities label from `kubevirt_vmi_cpu_affinity` and use sum as value - \[[#​9982](https://togithub.com/kubevirt/kubevirt/issues/9982)]\[fabiand] Introduce a support lifecycle and Kubernetes target version. - \[[#​10001](https://togithub.com/kubevirt/kubevirt/issues/10001)]\[machadovilaca] Fix `kubevirt_vmi_phase_count` not being created - \[[#​9840](https://togithub.com/kubevirt/kubevirt/issues/9840)]\[dhiller] Increase probability for flake checker script to find flakes - \[[#​9988](https://togithub.com/kubevirt/kubevirt/issues/9988)]\[enp0s3] Always deploy the outdated VMI workload alert - \[[#​9882](https://togithub.com/kubevirt/kubevirt/issues/9882)]\[dhiller] Add some context for initial contributors about automated testing and draft pull requests. - \[[#​9552](https://togithub.com/kubevirt/kubevirt/issues/9552)]\[phoracek] gRPC client now works correctly with non-Go gRPC servers - \[[#​9818](https://togithub.com/kubevirt/kubevirt/issues/9818)]\[akrejcir] Added "virtctl credentials" commands to dynamically change SSH keys in a VM, and to set user's password. - \[[#​9073](https://togithub.com/kubevirt/kubevirt/issues/9073)]\[machadovilaca] Fix incorrect KubevirtVmHighMemoryUsage description ## Contributors 78 people contributed to this release: 62 Victor Toso 55 Edward Haas 43 Or Mergi 42 fossedihelm 39 Itamar Holder 38 Alona Paz 36 Vasiliy Ulyanov 27 Ondrej Pokorny 26 Daniel Hiller 26 Fabian Deutsch 21 Lee Yarwood 19 Antonio Cardace 19 Felix Matouschek 16 Luboslav Pivarc 15 Jed Lejosne 14 Alexander Wels 12 Alvaro Romero 12 João Vilaça 11 Roman Mohr 10 enp0s3 9 Varun Ramachandra Sekar 9 prnaraya 9 stirabos 8 Alex Kalenyuk 8 Alice Frosi 8 Brian Carey 7 Andrew Burden 6 L. Pivarc 6 Vladik Romanovsky 5 Andrej Krejcir 5 German Maglione 4 Javier Cano Cano 4 Michael Henriksen 4 Miguel Duarte Barroso 3 Alay Patel 3 Dan Kenigsberg 3 Daniel Hiller 3 Dharmit Shah 3 HHHskkk <913596231@​qq.com> 3 Janusz Marcinkiewicz 3 Or Shoval 3 Orel Misan 3 Pavel Tishkov 3 Shelly Kagan 3 Shirly Radco 3 bmordeha 2 Andrei Kvapil 2 Arnon Gilboa 2 Assaf Admi 2 Benjamin <72671586+benjx1990@​users.noreply.github.com> 2 Oliver Sabiniarz 2 PiotrProkop 2 howard zhang 2 liuzhen 2 rkishner 2 rokkiter <101091030+rokkiter@users.noreply.github.com> 2 yojay11717 1 Alay Patel 1 Andrea Bolognani 1 Aviv Litman 1 Aviv Litman 1 Aviv Litman 1 Eng Zer Jun 1 Itamar Holder <77444623+iholder101@​users.noreply.github.com> 1 Marcelo Tosatti 1 Maya Rashish 1 Nahshon Unna-Tsameret 1 Nijin Ashok 1 Petr Horacek 1 Reficul 1 SIMON COTER 1 akrgupta 1 grass-lu <284555125@​qq.com> 1 rokkiter 1 wangzihao05 1 yangchenjun ## Additional Resources - Mailing list: - Slack: - An easy to use demo: - [How to contribute][contributing] - [License][license] [contributing]: https://togithub.com/kubevirt/kubevirt/blob/main/CONTRIBUTING.md [license]: https://togithub.com/kubevirt/kubevirt/blob/main/LICENSE *** \-----BEGIN PGP SIGNATURE----- iQJIBAABCAAyFiEEL3WFe2eU+K2zCASGa/gKvUPjd9MFAmVJFEgUHGFjYXJkYWNl QHJlZGhhdC5jb20ACgkQa/gKvUPjd9MRHw/+JPPjMkrU7mFc/W1HmgVYXPJb8gJc cdcAHfMGVnEwyBlTnVarYwQ8jLnoh6Z31TnVv59q0kpWeoqDTrrFjUlGxjtUCEAV o1buoExdnVwe0/NJHskrg0Fi4wTu10eVSA+TQitJ4ms074QBFZJLVGwipjd7wfMU dP7BQ4HgjmE61IfmF2tVuemzcdSODCywyf7rF9tUxfIkvyUWF3evURVqEpaQ0ofZ noyjrdi+2ENm/Z+8qi6KhSsH3y8cmNAywtikCY+mqDUDki/Fo769Q/HwbZpMmOQk oV8MJQW2ll20FfQbRXBSfibFA/Jmk1PRRofsYnK7LFAiEjLsP1EF0UWCKdnWBE6z jibsaV4TQZgTfkyc8scBKW/brEQJbbawBZCvzn4HZ5ZI+GYW8Jr8/sUrIOIcCrna CxDDYQS0V1oGTLLozf48pGaCBt52Gdn6Ca48QZlzhIOOJU2ljA1wuO6yL63VpQus R6ggcidAB1G1B1aFW+KmQ0OLktA4icM43FfxPgDm8X2q0gHIMMRb5zVYwCJVrZij tRrnbwP5hefQY2/AaPkL3IFTJDu7izeyjd6MS3f1T98Gw5+1S4Ttjy5zCXfX89Gf 6odpr0Zp/AAz9uRpDBQ5olmd8qNyff4OkHLXb7b/Ju9cM3TuZ2VoavkeWVcvyArC c0nRNE0/o/0QRxo= \=cK5H \-----END PGP SIGNATURE----- ### [`v1.0.1`](https://togithub.com/kubevirt/kubevirt/releases/tag/v1.0.1) [Compare Source](https://togithub.com/kubevirt/kubevirt/compare/v1.0.0...v1.0.1) tag v1.0.1 Tagger: Luboslav Pivarc This release follows v1.0.0 and consists of 188 changes, contributed by 31 people, leading to 226 files changed, 4540 insertions(+), 7509 deletions(-). The source code and selected binaries are available for download at: https://github.com/kubevirt/kubevirt/releases/tag/v1.0.1. The primary release artifact of KubeVirt is the git tree. The release tag is signed and can be verified using `git tag -v v1.0.1`. Pre-built containers are published on Quay and can be viewed at: . ## Notable changes - \[PR [#​10554](https://togithub.com/kubevirt/kubevirt/issues/10554)]\[kubevirt-bot] fix embed version info of virt-operator - \[PR [#​10519](https://togithub.com/kubevirt/kubevirt/issues/10519)]\[kubevirt-bot] A new `instancetype.kubevirt.io:view` `ClusterRole` has been introduced that can be bound to users via a `ClusterRoleBinding` to provide read only access to the cluster scoped `VirtualMachineCluster{Instancetype,Preference}` resources. - \[PR [#​10493](https://togithub.com/kubevirt/kubevirt/issues/10493)]\[fossedihelm] Add a Feature Gate to KV CR to automatically set memory limits when a resource quota with memory limits is associated to the creation namespace - \[PR [#​10433](https://togithub.com/kubevirt/kubevirt/issues/10433)]\[iholder101] Stop considering nodes without `kubevirt.io/schedulable` label when finding lowest TSC frequency on the cluster - \[PR [#​10402](https://togithub.com/kubevirt/kubevirt/issues/10402)]\[kubevirt-bot] BugFix: VMExport now works in a namespace with quotas defined. - \[PR [#​10397](https://togithub.com/kubevirt/kubevirt/issues/10397)]\[kubevirt-bot] Bugfix: Allow image-upload to recover from PendingPopulation phase - \[PR [#​10273](https://togithub.com/kubevirt/kubevirt/issues/10273)]\[machadovilaca] Change kubevirt_vmi_\*\_usage_seconds from Gauges to Counters - \[PR [#​10292](https://togithub.com/kubevirt/kubevirt/issues/10292)]\[kubevirt-bot] Ensure new hotplug attachment pod is ready before deleting old attachment pod - \[PR [#​10266](https://togithub.com/kubevirt/kubevirt/issues/10266)]\[machadovilaca] Remove affinities label from kubevirt_vmi_cpu_affinity and use sum as value - \[PR [#​10205](https://togithub.com/kubevirt/kubevirt/issues/10205)]\[AlonaKaplan] hotplug interface bug fix- default interface won't disappear from a hotplugged VM after restart - \[PR [#​10153](https://togithub.com/kubevirt/kubevirt/issues/10153)]\[kubevirt-bot] `ControllerRevisions` containing `instancetype.kubevirt.io` `CRDs` are now decorated with labels detailing specific metadata of the underlying stashed object - \[PR [#​10207](https://togithub.com/kubevirt/kubevirt/issues/10207)]\[kubevirt-bot] Restrict coordination/lease RBAC permissions to install namespace - \[PR [#​10195](https://togithub.com/kubevirt/kubevirt/issues/10195)]\[kubevirt-bot] Deprecate `spec.config.machineType` in KubeVirt CR. - \[PR [#​10162](https://togithub.com/kubevirt/kubevirt/issues/10162)]\[kubevirt-bot] Add boot-menu wait time when starting the VM as paused. - \[PR [#​10191](https://togithub.com/kubevirt/kubevirt/issues/10191)]\[kubevirt-bot] Use auth API for DataVolumes, stop importing kubevirt.io/containerized-data-importer - \[PR [#​10193](https://togithub.com/kubevirt/kubevirt/issues/10193)]\[kubevirt-bot] Bugfix: target virt-launcher pod hangs when migration is cancelled. - \[PR [#​10176](https://togithub.com/kubevirt/kubevirt/issues/10176)]\[kubevirt-bot] BugFix: deleting hotplug attachment pod will no longer detach volumes that were not removed. - \[PR [#​10143](https://togithub.com/kubevirt/kubevirt/issues/10143)]\[ormergi] Existing detached interfaces with 'absent' state will be cleared from VMI spec. - \[PR [#​10068](https://togithub.com/kubevirt/kubevirt/issues/10068)]\[kubevirt-bot] Add perf scale benchmarks for VMIs - \[PR [#​10051](https://togithub.com/kubevirt/kubevirt/issues/10051)]\[kubevirt-bot] Fix kubevirt_vmi_phase_count not being created - \[PR [#​10037](https://togithub.com/kubevirt/kubevirt/issues/10037)]\[kubevirt-bot] The VM controller now replicates spec interfaces MAC addresses to the corresponding interfaces in the VMI spec. ## Contributors 31 people contributed to this release: 14 Vasiliy Ulyanov 11 Or Mergi 10 Lee Yarwood 10 fossedihelm 9 Alexander Wels 7 Antonio Cardace 5 Alex Kalenyuk 5 Itamar Holder 4 Edward Haas 4 João Vilaça 4 enp0s3 3 Alay Patel 3 Luboslav Pivarc 3 Pavel Tishkov 2 Alice Frosi 2 Alona Paz 2 Andrej Krejcir 2 Arnon Gilboa 2 Jed Lejosne 2 rokkiter <101091030+rokkiter@users.noreply.github.com> 1 Alay Patel 1 Alvaro Romero 1 Assaf Admi 1 Felix Matouschek 1 Reficul 1 Roman Mohr 1 Shelly Kagan 1 bmordeha 1 grass-lu <284555125@​qq.com> ## Additional Resources - Mailing list: - Slack: - An easy to use demo: - [How to contribute][contributing] - [License][license] [contributing]: https://togithub.com/kubevirt/kubevirt/blob/main/CONTRIBUTING.md [license]: https://togithub.com/kubevirt/kubevirt/blob/main/LICENSE *** \-----BEGIN PGP SIGNATURE----- iIkEABEIADEWIQS5aL5huPTZew1hSy9m6XN7mspnmQUCZS7aRxMcbHBpdmFyY0By ZWRoYXQuY29tAAoJEGbpc3uaymeZELwBAJSfthv1uKWRcUBPFUvGq8XcLR6Sll55 5Tt99EuSrRRlAP4wKhE/ibVyhXo9qJuwRoMM8YS9o2+3aq89OidA8G22Yw== \=LYJu \-----END PGP SIGNATURE----- Merge pull request [#​10554](https://togithub.com/kubevirt/kubevirt/issues/10554) from kubevirt-bot/cherry-pick-9590-to-release-1.0 \[release-1.0] fix stamp for virt-operator ### [`v1.0.0`](https://togithub.com/kubevirt/kubevirt/releases/tag/v1.0.0) [Compare Source](https://togithub.com/kubevirt/kubevirt/compare/v1.0.0-rc.1...v1.0.0) tag v1.0.0 Tagger: Luboslav Pivarc This release follows v0.59.2 and consists of 1089 changes, contributed by 74 people, leading to 2849 files changed, 232018 insertions(+), 168449 deletions(-) v1.0.0 is a promotion of release candidate v1.0.0-rc.1 which was originally published 2023-06-30 The source code and selected binaries are available for download at: https://github.com/kubevirt/kubevirt/releases/tag/v1.0.0. The primary release artifact of KubeVirt is the git tree. The release tag is signed and can be verified using `git tag -v v1.0.0`. Pre-built containers are published on Quay and can be viewed at: . ## Notable changes ##### API change - \[PR [#​9572](https://togithub.com/kubevirt/kubevirt/issues/9572)]\[fossedihelm] Enable freePageReporting for new non high performance vmi - \[PR [#​8156](https://togithub.com/kubevirt/kubevirt/issues/8156)]\[jean-edouard] TPM VM device can now be set to persistent - \[PR [#​8575](https://togithub.com/kubevirt/kubevirt/issues/8575)]\[iholder101] QEMU-level migration parallelism (a.k.a. multifd) + Upgrade QEMU to 7.2.0-11.el9 - \[PR [#​9322](https://togithub.com/kubevirt/kubevirt/issues/9322)]\[iholder101] Add guest-to-request memory headroom ratio. - \[PR [#​9422](https://togithub.com/kubevirt/kubevirt/issues/9422)]\[awels] Ability to specify cpu/mem request limit for supporting containers (hotplug/container disk/virtiofs/side car) - \[PR [#​9177](https://togithub.com/kubevirt/kubevirt/issues/9177)]\[alicefr] Adding SCSI persistent reservation - \[PR [#​9145](https://togithub.com/kubevirt/kubevirt/issues/9145)]\[awels] Show VirtualMachine name in the VMExport status - \[PR [#​9491](https://togithub.com/kubevirt/kubevirt/issues/9491)]\[orelmisan] API, AddInterfaceOptions: Rename NetworkName to NetworkAttachmentDefinitionName and InterfaceName to Name - \[PR [#​9442](https://togithub.com/kubevirt/kubevirt/issues/9442)]\[EdDev] Remove the VMI Status interface `podConfigDone` field in favor of a new source option in `infoSource`. - \[PR [#​6852](https://togithub.com/kubevirt/kubevirt/issues/6852)]\[maiqueb] Dev preview: Enables network interface hotplug for VMs / VMIs - \[PR [#​9193](https://togithub.com/kubevirt/kubevirt/issues/9193)]\[qinqon] Add annotation for live migration and bridged pod interface - \[PR [#​9421](https://togithub.com/kubevirt/kubevirt/issues/9421)]\[lyarwood] Requests to update the target `Name` of a `{Instancetype,Preference}Matcher` without also updating the `RevisionName` are now rejected. ##### Bug fixes: - \[PR [#​9591](https://togithub.com/kubevirt/kubevirt/issues/9591)]\[awels] BugFix: allow multiple NFS disks to be used/hotplugged - \[PR [#​9536](https://togithub.com/kubevirt/kubevirt/issues/9536)]\[akalenyu] BugFix: virtualmachineclusterinstancetypes/preferences show up for get all -n - \[PR [#​9300](https://togithub.com/kubevirt/kubevirt/issues/9300)]\[xpivarc] Bug fix: API and virtctl invoked migration is not rejected when the VM is paused - \[PR [#​9189](https://togithub.com/kubevirt/kubevirt/issues/9189)]\[xpivarc] Bug fix: DNS integration continues to work after migration - \[PR [#​9241](https://togithub.com/kubevirt/kubevirt/issues/9241)]\[akalenyu] BugFix: Guestfs image url not constructed correctly - \[PR [#​9260](https://togithub.com/kubevirt/kubevirt/issues/9260)]\[ShellyKa13] Fix bug of possible re-trigger of memory dump - \[PR [#​9478](https://togithub.com/kubevirt/kubevirt/issues/9478)]\[xpivarc] Bug fix: Fixes case when migration is not retried if the migration Pod gets denied. - \[PR [#​9330](https://togithub.com/kubevirt/kubevirt/issues/9330)]\[qinqon] Skip label kubevirt.io/migrationTargetNodeName from virtctl expose service selector -

Configuration

📅 Schedule: Branch creation - "" (UTC), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.



This PR has been generated by Renovate Bot.

redhat-renovate-bot commented 3 months ago

ℹ Artifact update notice

File name: modules/create-vm/go.mod

In order to perform the update(s) described in the table above, Renovate ran the go get command, which resulted in the following additional change(s):

Details:

Package Change
go 1.20 -> 1.22.6
github.com/onsi/ginkgo/v2 v2.2.0 -> v2.13.0
github.com/onsi/gomega v1.20.2 -> v1.29.0
k8s.io/api v0.25.2 -> v0.30.0
k8s.io/apimachinery v0.25.2 -> v0.30.0
kubevirt.io/api v1.0.0-alpha.0 -> v1.3.1
github.com/davecgh/go-spew v1.1.1 -> v1.1.2-0.20180830191138-d8f796af33cc
github.com/emicklei/go-restful/v3 v3.8.0 -> v3.11.0
github.com/go-kit/kit v0.9.0 -> v0.13.0
github.com/go-logfmt/logfmt v0.5.0 -> v0.6.0
github.com/go-logr/logr v1.2.3 -> v1.4.1
github.com/go-openapi/jsonpointer v0.19.5 -> v0.20.0
github.com/go-openapi/jsonreference v0.19.6 -> v0.20.2
github.com/golang/glog v1.0.0 -> v1.1.0
github.com/google/go-cmp v0.5.9 -> v0.6.0
github.com/google/gofuzz v1.1.0 -> v1.2.0
github.com/imdario/mergo v0.3.13 -> v0.3.16
go.uber.org/atomic v1.7.0 -> v1.9.0
go.uber.org/multierr v1.6.0 -> v1.7.0
google.golang.org/appengine v1.6.7 -> v1.6.8
k8s.io/apiextensions-apiserver v0.23.5 -> v0.30.0
k8s.io/klog/v2 v2.70.1 -> v2.120.1
k8s.io/kube-aggregator v0.23.5 -> v0.26.4
k8s.io/kube-openapi v0.0.0-20220803162953-67bda5d908f1 -> v0.0.0-20230905202853-d090da108d2f
k8s.io/utils v0.0.0-20220728103510-ee6ede2d64ed -> v0.0.0-20240423183400-0849a56e8f22
kubevirt.io/containerized-data-importer-api v1.55.0 -> v1.57.0-alpha1
sigs.k8s.io/json v0.0.0-20220713155537-f223a00ba0e2 -> v0.0.0-20221116044647-bc3834ca7abd
sigs.k8s.io/structured-merge-diff/v4 v4.2.3 -> v4.4.1
kubevirt-bot commented 3 months ago

[APPROVALNOTIFIER] This PR is NOT APPROVED

This pull-request has been approved by: Once this PR has been reviewed and has the lgtm label, please assign ksimon1 for approval. For more information see the Kubernetes Code Review Process.

The full list of commands accepted by this bot can be found here.

Needs approval from an approver in each of these files: - **[OWNERS](https://github.com/kubevirt/kubevirt-tekton-tasks/blob/release-v0.15/OWNERS)** Approvers can indicate their approval by writing `/approve` in a comment Approvers can cancel approval by writing `/approve cancel` in a comment
openshift-ci[bot] commented 3 months ago

[APPROVALNOTIFIER] This PR is NOT APPROVED

This pull-request has been approved by: redhat-renovate-bot Once this PR has been reviewed and has the lgtm label, please assign ksimon1 for approval. For more information see the Kubernetes Code Review Process.

The full list of commands accepted by this bot can be found here.

Needs approval from an approver in each of these files: - **[OWNERS](https://github.com/kubevirt/kubevirt-tekton-tasks/blob/release-v0.15/OWNERS)** Approvers can indicate their approval by writing `/approve` in a comment Approvers can cancel approval by writing `/approve cancel` in a comment
openshift-ci[bot] commented 3 months ago

@redhat-renovate-bot: The following tests failed, say /retest to rerun all failed tests or /retest-required to rerun all mandatory failed tests:

Test name Commit Details Required Rerun command
ci/prow/unit-tests e32ac5d8a2806fc605e831bb48184af5cea04e91 link true /test unit-tests
ci/prow/e2e-tests e32ac5d8a2806fc605e831bb48184af5cea04e91 link true /test e2e-tests

Full PR test history. Your PR dashboard.

Instructions for interacting with me using PR comments are available [here](https://git.k8s.io/community/contributors/guide/pull-requests.md). If you have questions or suggestions related to my behavior, please file an issue against the [kubernetes-sigs/prow](https://github.com/kubernetes-sigs/prow/issues/new?title=Prow%20issue:) repository. I understand the commands that are listed [here](https://go.k8s.io/bot-commands).
ksimon1 commented 3 months ago

/close this CVE is not fixable

openshift-ci[bot] commented 3 months ago

@ksimon1: Closed this PR.

In response to [this](https://github.com/kubevirt/kubevirt-tekton-tasks/pull/512#issuecomment-2315234791): >/close >this CVE is not fixable Instructions for interacting with me using PR comments are available [here](https://git.k8s.io/community/contributors/guide/pull-requests.md). If you have questions or suggestions related to my behavior, please file an issue against the [kubernetes-sigs/prow](https://github.com/kubernetes-sigs/prow/issues/new?title=Prow%20issue:) repository.
kubevirt-bot commented 3 months ago

@ksimon1: Closed this PR.

In response to [this](https://github.com/kubevirt/kubevirt-tekton-tasks/pull/512#issuecomment-2315234791): >/close >this CVE is not fixable Instructions for interacting with me using PR comments are available [here](https://git.k8s.io/community/contributors/guide/pull-requests.md). If you have questions or suggestions related to my behavior, please file an issue against the [kubernetes-sigs/prow](https://github.com/kubernetes-sigs/prow/issues/new?title=Prow%20issue:) repository.
redhat-renovate-bot commented 3 months ago

Renovate Ignore Notification

Because you closed this PR without merging, Renovate will ignore this update (v1.2.1). You will get a PR once a newer version is released. To ignore this dependency forever, add it to the ignoreDeps array of your Renovate config.

If you accidentally closed this PR, or if you changed your mind: rename this PR to get a fresh replacement PR.