kubevirt / ssp-operator

Operator that deploys additional KubeVirt resources
Apache License 2.0
29 stars 47 forks source link

chore(deps): Bump the production-dependencies group across 1 directory with 21 updates #1055

Closed dependabot[bot] closed 2 months ago

dependabot[bot] commented 2 months ago

Bumps the production-dependencies group with 11 updates in the / directory:

Package From To
github.com/operator-framework/api 0.26.0 0.27.0
github.com/prometheus-operator/prometheus-operator/pkg/apis/monitoring 0.75.2 0.76.0
github.com/prometheus/client_golang 1.19.1 1.20.2
github.com/prometheus/common 0.55.0 0.56.0
github.com/tektoncd/pipeline 0.62.1 0.62.2
k8s.io/kube-aggregator 0.30.3 0.31.0
kubevirt.io/api 1.3.0 1.3.1
kubevirt.io/containerized-data-importer-api 1.59.0 1.60.2
github.com/grpc-ecosystem/grpc-gateway/v2 2.21.0 2.22.0
github.com/prometheus/statsd_exporter 0.26.1 0.27.1
google.golang.org/api 0.191.0 0.194.0

Updates github.com/operator-framework/api from 0.26.0 to 0.27.0

Release notes

Sourced from github.com/operator-framework/api's releases.

v0.27.0

What's Changed

New Contributors

Full Changelog: https://github.com/operator-framework/api/compare/v0.26.0...v0.27.0

Commits
  • 41cb4ae Bump kubernetes libraries to v0.31.0 and controller-runtime to v0.19.0 (#357)
  • 46fd7e5 Bump sigs.k8s.io/controller-runtime from 0.18.4 to 0.18.5 (#356)
  • a5729e2 Bump k8s.io/apiextensions-apiserver from 0.30.2 to 0.30.3 (#353)
  • ce8a923 Fix codecov-action params (#349)
  • 2e3c15f Bump github.com/spf13/cobra from 1.8.0 to 1.8.1
  • fa102cb Bump k8s.io/apiextensions-apiserver from 0.30.1 to 0.30.2
  • e122588 Fix some typos in cel.go (#343)
  • See full diff in compare view


Updates github.com/prometheus-operator/prometheus-operator/pkg/apis/monitoring from 0.75.2 to 0.76.0

Release notes

Sourced from github.com/prometheus-operator/prometheus-operator/pkg/apis/monitoring's releases.

v0.76.0

0.76.0 / 2025-08-08

  • [CHANGE] Enhanced secret management in Prometheus and PrometheusAgent CRDs by switching the secrets field from atomic to listType: set, allowing independent handling of entries by different managers to prevent conflicts and improve deployment stability. #6762
  • [CHANGE] Add API-level validations to Kubernetes SD in the ScrapeConfig CRD. #6678
  • [FEATURE] Add TLS and Proxy settings to OAuth2 configuration for Prometheus and PrometheusAgent CRDs. #6735
  • [FEATURE] Add support for OAuth2 in the ScrapeConfig CRD. #6814
  • [FEATURE] Add scale subresource to the Alertmanger CRD. #6728
  • [FEATURE] Add Scaleway service discovery to the ScrapeConfig CRD. #6711
  • [FEATURE] Add serviceDiscoveryRole field to the Prometheus and PrometheusAgent CRDs to select between Endpoints (default) and EndpointSlice for discovering scrape and alerting targets. #6672
  • [ENHANCEMENT] Make the namespace field optional in the Alertmanager endpoints configuration of the Prometheus CRD, if not defined it will use the default namespace. #6338
  • [ENHANCEMENT] Add support to configure the TLS version for Prometheus, PrometheusAgent and Alertmanager CRDs. #6736
  • [ENHANCEMENT] Add -secret-label-selector argument to the operator to filter the Secrets being watched. #6731
  • [ENHANCEMENT] Add attachMetadata field to ScrapeClasses. #6756
  • [BUGFIX] Add support for all proxy settings in the Alertmanager configuration. #6818
Changelog

Sourced from github.com/prometheus-operator/prometheus-operator/pkg/apis/monitoring's changelog.

0.76.0 / 2025-08-08

  • [CHANGE] Enhanced secret management in Prometheus and PrometheusAgent CRDs by switching the secrets field from atomic to listType: set, allowing independent handling of entries by different managers to prevent conflicts and improve deployment stability. #6762
  • [CHANGE] Add API-level validations to Kubernetes SD in the ScrapeConfig CRD. #6678
  • [FEATURE] Add TLS and Proxy settings to OAuth2 configuration for Prometheus and PrometheusAgent CRDs. #6735
  • [FEATURE] Add support for OAuth2 in the ScrapeConfig CRD. #6814
  • [FEATURE] Add scale subresource to the Alertmanger CRD. #6728
  • [FEATURE] Add Scaleway service discovery to the ScrapeConfig CRD. #6711
  • [FEATURE] Add serviceDiscoveryRole field to the Prometheus and PrometheusAgent CRDs to select between Endpoints (default) and EndpointSlice for discovering scrape and alerting targets. #6672
  • [ENHANCEMENT] Make the namespace field optional in the Alertmanager endpoints configuration of the Prometheus CRD, if not defined it will use the default namespace. #6338
  • [ENHANCEMENT] Add support to configure the TLS version for Prometheus, PrometheusAgent and Alertmanager CRDs. #6736
  • [ENHANCEMENT] Add -secret-label-selector argument to the operator to filter the Secrets being watched. #6731
  • [ENHANCEMENT] Add attachMetadata field to ScrapeClasses. #6756
  • [BUGFIX] Add support for all proxy settings in the Alertmanager configuration. #6818
Commits
  • 022a289 Merge pull request #6834 from prometheus-operator/nicolas/prepare-0.76
  • e12ef9a Update CHANGELOG.md
  • 1565ea0 Update CHANGELOG.md
  • 2ea3a03 Update CHANGELOG.md
  • 7da8459 [CHORE] updating change log
  • 46076a5 [CHORE] generating templates 0.76
  • 6b6c773 [CHORE] upgrading prometheus
  • 6ad25e9 [CHORE] updating dependencies
  • a7a1ad6 Merge pull request #6827 from prometheus-operator/arthur-affiliation
  • 99f737f chore: replace go kit log in alertmanager package (#6828)
  • Additional commits viewable in compare view


Updates github.com/prometheus/client_golang from 1.19.1 to 1.20.2

Release notes

Sourced from github.com/prometheus/client_golang's releases.

v1.20.2

  • [BUGFIX] promhttp: Unset Content-Encoding header when data is uncompressed. #1596

v1.20.1

This release contains the critical fix for the issue. Thanks to @​geberl, @​CubicrootXYZ, @​zetaab and @​timofurrer for helping us with the investigation!

  • [BUGFIX] process-collector: Fixed unregistered descriptor error when using process collector with PedanticRegistry on Linux machines. #1587

v1.20.0

Thanks everyone for contributions!

:warning: In this release we remove one (broken anyway, given Go runtime changes) metric and add three new (representing GOGC, GOMEMLIMIT and GOMAXPROCS flags) to the default collectors.NewGoCollector() collector. Given its popular usage, expect your binary to expose two additional metric.

Changes

  • [CHANGE] :warning: go-collector: Remove go_memstat_lookups_total metric which was always 0; Go runtime stopped sharing pointer lookup statistics. #1577
  • [FEATURE] :warning: go-collector: Add 3 default metrics: go_gc_gogc_percent, go_gc_gomemlimit_bytes and go_sched_gomaxprocs_threads as those are recommended by the Go team. #1559
  • [FEATURE] go-collector: Add more information to all metrics' HELP e.g. the exact runtime/metrics sourcing each metric (if relevant). #1568 #1578
  • [FEATURE] testutil: Add CollectAndFormat method. #1503
  • [FEATURE] histograms: Add support for exemplars in native histograms. #1471
  • [FEATURE] promhttp: Add experimental support for zstd on scrape, controlled by the request Accept-Encoding header. #1496
  • [FEATURE] api/v1: Add WithLimit parameter to all API methods that supports it. #1544
  • [FEATURE] prometheus: Add support for created timestamps in constant histograms and constant summaries. #1537
  • [FEATURE] process-collectors: Add network usage metrics: process_network_receive_bytes_total and process_network_transmit_bytes_total. #1555
  • [FEATURE] promlint: Add duplicated metric lint rule. #1472
  • [BUGFIX] promlint: Relax metric type in name linter rule. #1455
  • [BUGFIX] promhttp: Make sure server instrumentation wrapping supports new and future extra responseWriter methods. #1480
  • [BUGFIX] testutil: Functions using compareMetricFamilies are now failing if filtered metricNames are not in the input. #1424

... (truncated)

Changelog

Sourced from github.com/prometheus/client_golang's changelog.

1.20.2 / 2024-08-23

  • [BUGFIX] promhttp: Unset Content-Encoding header when data is uncompressed. #1596

1.20.1 / 2024-08-20

  • [BUGFIX] process-collector: Fixed unregistered descriptor error when using process collector with PedanticRegistry on linux machines. #1587

1.20.0 / 2024-08-14

  • [CHANGE] :warning: go-collector: Remove go_memstat_lookups_total metric which was always 0; Go runtime stopped sharing pointer lookup statistics. #1577
  • [FEATURE] :warning: go-collector: Add 3 default metrics: go_gc_gogc_percent, go_gc_gomemlimit_bytes and go_sched_gomaxprocs_threads as those are recommended by the Go team. #1559
  • [FEATURE] go-collector: Add more information to all metrics' HELP e.g. the exact runtime/metrics sourcing each metric (if relevant). #1568 #1578
  • [FEATURE] testutil: Add CollectAndFormat method. #1503
  • [FEATURE] histograms: Add support for exemplars in native histograms. #1471
  • [FEATURE] promhttp: Add experimental support for zstd on scrape, controlled by the request Accept-Encoding header. #1496
  • [FEATURE] api/v1: Add WithLimit parameter to all API methods that supports it. #1544
  • [FEATURE] prometheus: Add support for created timestamps in constant histograms and constant summaries. #1537
  • [FEATURE] process-collector: Add network usage metrics: process_network_receive_bytes_total and process_network_transmit_bytes_total. #1555
  • [FEATURE] promlint: Add duplicated metric lint rule. #1472
  • [BUGFIX] promlint: Relax metric type in name linter rule. #1455
  • [BUGFIX] promhttp: Make sure server instrumentation wrapping supports new and future extra responseWriter methods. #1480
  • [BUGFIX] testutil: Functions using compareMetricFamilies are now failing if filtered metricNames are not in the input. #1424

1.19.0 / 2024-02-27

The module prometheus/common v0.48.0 introduced an incompatibility when used together with client_golang (See prometheus/client_golang#1448 for more details). If your project uses client_golang and you want to use prometheus/common v0.48.0 or higher, please update client_golang to v1.19.0.

  • [CHANGE] Minimum required go version is now 1.20 (we also test client_golang against new 1.22 version). #1445 #1449
  • [FEATURE] collectors: Add version collector. #1422 #1427

1.18.0 / 2023-12-22

  • [FEATURE] promlint: Allow creation of custom metric validations. #1311
  • [FEATURE] Go programs using client_golang can be built in wasip1 OS. #1350
  • [BUGFIX] histograms: Add timer to reset ASAP after bucket limiting has happened. #1367
  • [BUGFIX] testutil: Fix comparison of metrics with empty Help strings. #1378
  • [ENHANCEMENT] Improved performance of MetricVec.WithLabelValues(...). #1360

1.17.0 / 2023-09-27

  • [CHANGE] Minimum required go version is now 1.19 (we also test client_golang against new 1.21 version). #1325
  • [FEATURE] Add support for Created Timestamps in Counters, Summaries and Historams. #1313
  • [ENHANCEMENT] Enable detection of a native histogram without observations. #1314

1.16.0 / 2023-06-15

  • [BUGFIX] api: Switch to POST for LabelNames, Series, and QueryExemplars. #1252
  • [BUGFIX] api: Fix undefined execution order in return statements. #1260
  • [BUGFIX] native histograms: Fix bug in bucket key calculation. #1279

... (truncated)

Commits
  • 67121dc Merge pull request #1596 from mrueg/fix-uncompressed-content-header
  • 187acd4 Cut 1.20.2
  • f7f8f3a fix: Unset Content-Encoding header when uncompressed
  • 2254d6c Merge pull request #1587 from prometheus/fix-processcollector
  • 4a15d05 Cut 1.20.1
  • f2dd7b3 Use pedantic registry in other places too, to double check.
  • 261fe84 bugfix: Pass network metrics to processCollector's Describe() function
  • 5bf3341 Use NewPedanticRegistry in Process' Collector tests
  • 73b811c Cut 1.20.0 release. (#1580)
  • 7ce5089 gocollector: Attach original runtime/metrics metric name to help. (#1578)
  • Additional commits viewable in compare view


Updates github.com/prometheus/common from 0.55.0 to 0.56.0

Release notes

Sourced from github.com/prometheus/common's releases.

v0.56.0

What's Changed

New Contributors

Full Changelog: https://github.com/prometheus/common/compare/v0.55.0...v0.56.0

Commits
  • 6623230 Provide a method for explicitly checking label names for legacy validity. (#682)
  • 19d0796 Merge pull request #681 from prometheus/repo_sync
  • 29a2d2c Update common Prometheus files
  • 8968b6c expfmt: Add UTF-8 syntax support in text_parse.go (#670)
  • cd4bcc0 Update golangci lint (#679)
  • 2cac84e Update client_golang (#676)
  • 79c0459 Merge pull request #675 from dswarbrick/fix-32bit-overflows
  • 008d7b8 Fix overflows of untyped int constants on 32-bit
  • 1dade5b sigv4: support nil body (#673)
  • 430dbfe Bump github.com/aws/aws-sdk-go from 1.54.19 to 1.55.5 in /sigv4 (#671)
  • Additional commits viewable in compare view


Updates github.com/tektoncd/pipeline from 0.62.1 to 0.62.2

Release notes

Sourced from github.com/tektoncd/pipeline's releases.

Tekton Pipeline release v0.62.2 "Birman HAL LTS"

-Docs @ v0.62.2 -Examples @ v0.62.2

Installation one-liner

kubectl apply -f https://storage.googleapis.com/tekton-releases/pipeline/previous/v0.62.2/release.yaml

Attestation

The Rekor UUID for this release is 108e9186e8c5677a6e62d0e6c909ccb98a5768c17110fecb8c493b0a3c670644a0e1d3cdf4a584b5

Obtain the attestation:

REKOR_UUID=108e9186e8c5677a6e62d0e6c909ccb98a5768c17110fecb8c493b0a3c670644a0e1d3cdf4a584b5
rekor-cli get --uuid $REKOR_UUID --format json | jq -r .Attestation | jq .

Verify that all container images in the attestation are in the release file:

RELEASE_FILE=https://storage.googleapis.com/tekton-releases/pipeline/previous/v0.62.2/release.yaml
REKOR_UUID=108e9186e8c5677a6e62d0e6c909ccb98a5768c17110fecb8c493b0a3c670644a0e1d3cdf4a584b5

Obtains the list of images with sha from the attestation

REKOR_ATTESTATION_IMAGES=$(rekor-cli get --uuid "$REKOR_UUID" --format json | jq -r .Attestation | jq -r '.subject[]|.name + ":v0.62.2@sha256:" + .digest.sha256')

Download the release file

curl "$RELEASE_FILE" > release.yaml

For each image in the attestation, match it to the release file

for image in $REKOR_ATTESTATION_IMAGES; do
printf $image; grep -q $image release.yaml && echo " ===> ok" || echo " ===> no match";
done

Changes

Features

... (truncated)

Commits
  • ecad3fa check namespace config for node throttle metric
  • 3429744 {taskrun,pipelinerun}metrics: make sure config is up-to-date
  • 9cf9672 pkg/taskrunmetrics/fake shouldn't be imported…
  • See full diff in compare view


Updates k8s.io/api from 0.30.3 to 0.31.0

Commits


Updates k8s.io/apiextensions-apiserver from 0.30.3 to 0.31.0

Commits


Updates k8s.io/apimachinery from 0.30.3 to 0.31.0

Commits
  • a8f449e Falls back to SPDY for gorilla/websocket https proxy error
  • 62791ec Merge pull request #125571 from liggitt/filter-auth-02-sar
  • cc2ba35 add field and label selectors to authorization attributes
  • ce76a8f generate
  • 35052c5 add subjectaccessreview field and label selectors
  • ab06869 Merge pull request #126105 from benluddy/cbor-framer
  • 429f4e4 Implement runtime.Framer for CBOR Sequences.
  • d7e1c53 Merge pull request #126018 from aroradaman/bump-k8s-utils
  • 07cb122 Merge pull request #125748 from benluddy/cbor-custom-marshalers
  • dd17456 bump k8s.io/utils
  • Additional commits viewable in compare view


Updates k8s.io/client-go from 0.30.3 to 0.31.0

Commits
  • 02a19c3 Update dependencies to v0.31.0 tag
  • 5e3e8ea informers: add comment that Start does not block
  • f71a5cc Call non-blocking informerFactory.Start synchronously to avoid races
  • 4536e5a Merge pull request #124012 from Jefftree/le-controller
  • 93c6a5b Merge pull request #126353 from liggitt/fix-vendor
  • 6a9911a revendor dependencies
  • fe54892 Merge pull request #126243 from SergeyKanzhelev/devicePluginFailures
  • 825f52e Change PingTime to be persistent
  • f45c451 fix ordering issue in candidates
  • 18dd587 feedback: leasecandidate clients
  • Additional commits viewable in compare view


Updates k8s.io/kube-aggregator from 0.30.3 to 0.31.0

Commits
  • ce70bea Update dependencies to v0.31.0 tag
  • f5edbf4 informers: add comment that Start does not block
  • 2433e7a Merge pull request #125661 from mjudeikis/mjudeikis/poststarthookctx.stopch.c...
  • d4566e5 Merge pull request #126149 from sttts/sttts-aggregator-availability-controlle...
  • 87f8e9e aggregator: split availability controller into local and remote part
  • 006e6b9 aggregator: make linter happy
  • 34c473f aggregator: (pre-)move availability controller
  • 8942dc0 aggregator: separate out status controller metrics
  • bb33e4e Merge pull request #125571 from liggitt/filter-auth-02-sar
  • 62b6dfb clean ctx
  • Additional commits viewable in compare view


Updates k8s.io/utils from 0.0.0-20240502163921-fe8a2dddb1d0 to 0.0.0-20240711033017-18e509b52bc8

Commits


Updates kubevirt.io/api from 1.3.0 to 1.3.1

Commits
  • 4eb2693 api update by KubeVirt Prow build 1826539953216032768
  • 9d6ee0e api update by KubeVirt Prow build 1826294852254437376
  • 0d0c046 api update by KubeVirt Prow build 1821543908778184704
  • 40aea84 api update by KubeVirt Prow build 1819295154511548416
  • 4c4d6b6 api update by KubeVirt Prow build 1818954032295710720
  • See full diff in compare view


Updates kubevirt.io/containerized-data-importer-api from 1.59.0 to 1.60.2

Release notes

Sourced from kubevirt.io/containerized-data-importer-api's releases.

v1.60.2

This release follows v1.60.1 and consists of 2 changes, contributed by 2 people, leading to 5 files changed, 80 insertions(+), 20 deletions(-).

The source code and selected binaries are available for download at: https://github.com/kubevirt/containerized-data-importer/releases/tag/v1.60.2.

Pre-built CDI containers are published on Quay.io and can be viewed at: https://quay.io/repository/kubevirt/cdi-controller/ https://quay.io/repository/kubevirt/cdi-importer/ https://quay.io/repository/kubevirt/cdi-cloner/ https://quay.io/repository/kubevirt/cdi-uploadproxy/ https://quay.io/repository/kubevirt/cdi-apiserver/ https://quay.io/repository/kubevirt/cdi-uploadserver/ https://quay.io/repository/kubevirt/cdi-operator/

Notable changes

Enhancement: Add nbdkit command line parameters to improve reliability of multi-stage VDDK imports.

Contributors

2 people contributed to this release:

     1   Alex Kalenyuk <akalenyu@redhat.com>
     1  kubevirt-bot <kubevirtbot@redhat.com>

Additional Resources

v1.60.1

This release follows v1.59.0 and consists of 120 changes, contributed by 28 people, leading to 3579 files changed, 609903 insertions(+), 176669 deletions(-).

The source code and selected binaries are available for download at: https://github.com/kubevirt/containerized-data-importer/releases/tag/v1.60.1.

Pre-built CDI containers are published on Quay.io and can be viewed at: https://quay.io/repository/kubevirt/cdi-controller/ https://quay.io/repository/kubevirt/cdi-importer/

... (truncated)

Changelog

Sourced from kubevirt.io/containerized-data-importer-api's changelog.

v1.60.2 Enhancement: Add nbdkit command line parameters to improve reliability of multi-stage VDDK imports.

Commits
  • f5138c8 v1.60.2 release notes
  • fc6f48e [release-v1.60] VDDK: pass snapshot ID through to nbdkit. (#3400)
  • c186264 fix post submit issue in order to release properly
  • b375def v1.60.0 release notes
  • d68f59e remove gradle dep when running gen-swagger-docs.sh (#3390)
  • 6269010 apidocs: remove gradle dep (#3389)
  • 79e6b97 Retry pulling builder image (#3387)
  • 2d9c82e Setup ginkgo cli build properly to avoid double dep (#3378)
  • f357368 feat: Copy labels from source to DataSource (#3377)
  • c15ad1d nbdkit: Use password=+filename to send passwords securely (#3363)
  • Additional commits viewable in compare view


Updates sigs.k8s.io/controller-runtime from 0.18.5 to 0.19.0

Release notes

Sourced from sigs.k8s.io/controller-runtime's releases.

v0.19.0

:warning: Deprecation Warnings

Please note that admission.Defaulter/Validator have been deprecated in favor of admission.CustomDefaulter/CustomValidator since v0.17 and will be removed with v0.20.

:warning: Breaking Changes

:sparkles: New Features

  • client: Add WithFieldValidation client (#2860 #2913)
  • controller & webhook: Recover panics per default & add panic metrics (#2905)
  • controllerutil: configure BlockOwnerDeletion when setting OwnerReference (#2847)
  • fake client: Add scale subresource logic (#2855)
  • predicate: Add missing generic version of ResourceVersionChangedPredicate (#2812)
  • setup-envtest: Download binaries from controller-tools releases instead of GCS (#2811)
  • setup-envtest: Publish setup-envtest binaries via release attachments (#2911)
  • workqueue: Add controller label to workqueue metrics (... _Description has been truncated_
kubevirt-bot commented 2 months ago

[APPROVALNOTIFIER] This PR is NOT APPROVED

This pull-request has been approved by: Once this PR has been reviewed and has the lgtm label, please assign lyarwood for approval. For more information see the Kubernetes Code Review Process.

The full list of commands accepted by this bot can be found here.

Needs approval from an approver in each of these files: - **[OWNERS](https://github.com/kubevirt/ssp-operator/blob/main/OWNERS)** Approvers can indicate their approval by writing `/approve` in a comment Approvers can cancel approval by writing `/approve cancel` in a comment
sonarcloud[bot] commented 2 months ago

Quality Gate Passed Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarCloud

openshift-ci[bot] commented 2 months ago

@dependabot[bot]: The following tests failed, say /retest to rerun all failed tests or /retest-required to rerun all mandatory failed tests:

Test name Commit Details Required Rerun command
ci/prow/unittests f6a188398611dffd9a69f8fefbd90d990daa0cca link true /test unittests
ci/prow/images f6a188398611dffd9a69f8fefbd90d990daa0cca link true /test images
ci/prow/e2e-upgrade-functests f6a188398611dffd9a69f8fefbd90d990daa0cca link true /test e2e-upgrade-functests
ci/prow/e2e-single-node-functests f6a188398611dffd9a69f8fefbd90d990daa0cca link true /test e2e-single-node-functests
ci/prow/e2e-functests f6a188398611dffd9a69f8fefbd90d990daa0cca link true /test e2e-functests

Full PR test history. Your PR dashboard.

Instructions for interacting with me using PR comments are available [here](https://git.k8s.io/community/contributors/guide/pull-requests.md). If you have questions or suggestions related to my behavior, please file an issue against the [kubernetes-sigs/prow](https://github.com/kubernetes-sigs/prow/issues/new?title=Prow%20issue:) repository. I understand the commands that are listed [here](https://go.k8s.io/bot-commands).
dependabot[bot] commented 2 months ago

Looks like these dependencies are updatable in another way, so this is no longer needed.