search

kubevirt / ssp-operator

Operator that deploys additional KubeVirt resources
Apache License 2.0
29 stars 47 forks source link

chore(deps): Bump the production-dependencies group across 1 directory with 19 updates #977

Closed dependabot[bot] closed 4 months ago

dependabot[bot] commented 4 months ago

Bumps the production-dependencies group with 10 updates in the / directory:

Package From To
github.com/onsi/gomega 1.32.0 1.33.1
github.com/prometheus-operator/prometheus-operator/pkg/apis/monitoring 0.73.1 0.73.2
github.com/prometheus/common 0.52.3 0.53.0
github.com/tektoncd/pipeline 0.58.0 0.59.0
k8s.io/api 0.29.4 0.30.0
k8s.io/apiextensions-apiserver 0.29.4 0.30.0
k8s.io/kube-aggregator 0.29.4 0.30.0
sigs.k8s.io/controller-runtime 0.17.3 0.18.1
github.com/prometheus/procfs 0.13.0 0.14.0
google.golang.org/api 0.173.0 0.177.0

Updates github.com/onsi/gomega from 1.32.0 to 1.33.1

Release notes

Sourced from github.com/onsi/gomega's releases.

v1.33.1

1.33.1

Fixes

  • fix confusing eventually docs [3a66379]

Maintenance

  • Bump github.com/onsi/ginkgo/v2 from 2.17.1 to 2.17.2 [e9bc35a]

v1.33.0

1.33.0

Features

Receive not accepts Receive(<POINTER>, MATCHER>), allowing you to pick out a specific value on the channel that satisfies the provided matcher and is stored in the provided pointer.

Maintenance

  • Bump github.com/onsi/ginkgo/v2 from 2.15.0 to 2.17.1 (#745) [9999deb]
  • Bump github-pages from 229 to 230 in /docs (#735) [cb5ff21]
  • Bump golang.org/x/net from 0.20.0 to 0.23.0 (#746) [bac6596]
Changelog

Sourced from github.com/onsi/gomega's changelog.

1.33.1

Fixes

  • fix confusing eventually docs [3a66379]

Maintenance

  • Bump github.com/onsi/ginkgo/v2 from 2.17.1 to 2.17.2 [e9bc35a]

1.33.0

Features

Receive not accepts Receive(<POINTER>, MATCHER>), allowing you to pick out a specific value on the channel that satisfies the provided matcher and is stored in the provided pointer.

Maintenance

  • Bump github.com/onsi/ginkgo/v2 from 2.15.0 to 2.17.1 (#745) [9999deb]
  • Bump github-pages from 229 to 230 in /docs (#735) [cb5ff21]
  • Bump golang.org/x/net from 0.20.0 to 0.23.0 (#746) [bac6596]
Commits
  • 8a658bb v1.33.1
  • e9bc35a Bump github.com/onsi/ginkgo/v2 from 2.17.1 to 2.17.2
  • 3a66379 fix confusing eventually docs
  • f2e65fc v1.33.0
  • 02e8706 docs: Receive(POINTER, MATCHER)
  • ec1f186 feat: receiver matcher accepting (POINTER, MATCHER), includes unit tests
  • 9999deb Bump github.com/onsi/ginkgo/v2 from 2.15.0 to 2.17.1 (#745)
  • cb5ff21 Bump github-pages from 229 to 230 in /docs (#735)
  • bac6596 Bump golang.org/x/net from 0.20.0 to 0.23.0 (#746)
  • See full diff in compare view


Updates github.com/prometheus-operator/prometheus-operator/pkg/apis/monitoring from 0.73.1 to 0.73.2

Release notes

Sourced from github.com/prometheus-operator/prometheus-operator/pkg/apis/monitoring's releases.

0.73.2 / 2024-04-18

  • [BUGFIX] Fix ScrapeClassTLSConfig nil pointer exception. #6526
  • [BUGFIX] Fix missing prometheus_operator_kubernetes_client_http_requests_total metric. #6525
Changelog

Sourced from github.com/prometheus-operator/prometheus-operator/pkg/apis/monitoring's changelog.

0.73.2 / 2024-04-18

  • [BUGFIX] Fix ScrapeClassTLSConfig nil pointer exception. #6526
  • [BUGFIX] Fix missing prometheus_operator_kubernetes_client_http_requests_total metric. #6525
Commits


Updates github.com/prometheus/common from 0.52.3 to 0.53.0

Release notes

Sourced from github.com/prometheus/common's releases.

v0.53.0

What's Changed

New Contributors

Full Changelog: https://github.com/prometheus/common/compare/v0.52.3...v0.53.0

Commits
  • e54e4df Merge pull request #620 from bboreham/test-string
  • e25b951 Merge pull request #619 from bboreham/restore-sort
  • c1b9b72 Fix up config test (#621)
  • de5ed88 Merge pull request #487 from GiedriusS/allow_exposing_real_value
  • ea817bb Merge pull request #618 from grobinson-grafana/grobinson/add-status-at
  • a1ca958 LabelSet: add unit test for String method
  • be294f1 LabelSet.String: restore faster sort call
  • 506a12c Fix comment
  • fb6970a Add StatusAt method for Alert struct
  • See full diff in compare view


Updates github.com/tektoncd/pipeline from 0.58.0 to 0.59.0

Release notes

Sourced from github.com/tektoncd/pipeline's releases.

Tekton Pipeline release v0.59.0 "Scottish Fold Sox" LTS

🎉 Artifact Metadata, Improved StepActions and Improved Stability 🎉

-Docs @ v0.59.0 -Examples @ v0.59.0

Installation one-liner

kubectl apply -f https://storage.googleapis.com/tekton-releases/pipeline/previous/v0.59.0/release.yaml

Attestation

The Rekor UUID for this release is 24296fb24b8ad77afedce0421f9d0b300ed47db5907cad59970fed93f978290fd32680173c43e675

Obtain the attestation:

REKOR_UUID=24296fb24b8ad77afedce0421f9d0b300ed47db5907cad59970fed93f978290fd32680173c43e675
rekor-cli get --uuid $REKOR_UUID --format json | jq -r .Attestation | jq .

Verify that all container images in the attestation are in the release file:

RELEASE_FILE=https://storage.googleapis.com/tekton-releases/pipeline/previous/v0.59.0/release.yaml
REKOR_UUID=24296fb24b8ad77afedce0421f9d0b300ed47db5907cad59970fed93f978290fd32680173c43e675

Obtains the list of images with sha from the attestation


REKOR_ATTESTATION_IMAGES=$(rekor-cli get --uuid "$REKOR_UUID" --format json | jq -r .Attestation | jq -r '.subject[]|.name + ":v0.59.0@sha256:" + .digest.sha256')


Download the release file


curl "$RELEASE_FILE" > release.yaml


For each image in the attestation, match it to the release file


for image in $REKOR_ATTESTATION_IMAGES; do
printf $image; grep -q $image release.yaml && echo " ===> ok" || echo " ===> no match";
done

Upgrade Notices

Tekton v0.59 minimum Kubernetes version is 1.27.

Changes

Features

  • :sparkles: Add a feature flag to disable inline spec (#7844)

Add a feature flag disable-inline-spec to disable embedded spec in Pipeline(PipelineSpec/TaskSpec), Taskrun(TaskSpec), and Pipelinerun. (PipelineSpec) By default, the inline specs will be enabled. Only if the flag is set to "pipeline", "pipelinerun" and "taskrun" or a combination like "pipeline,pipelinerun" would the inline spec be disabled for Pipeline, PipelineRun, or TaskRun.

... (truncated)

Changelog

Sourced from github.com/tektoncd/pipeline's changelog.

Tekton Pipeline Releases

Release Frequency

Tekton Pipelines follows the Tekton community [release policy][release-policy] as follows:

  • Versions are numbered according to semantic versioning: vX.Y.Z
  • A new release is produced on a monthly basis
  • Four releases a year are chosen for long term support (LTS). All remaining releases are supported for approximately 1 month (until the next release is produced)
    • LTS releases take place in January, April, July and October every year
    • The first Tekton Pipelines LTS release will be v0.41.0 in October 2022
    • Releases happen towards the middle of the month, between the 13th and the 20th, depending on week-ends and readiness

Tekton Pipelines produces nightly builds, publicly available on gcr.io/tekton-nightly.

Transition Process

Before release v0.41 Tekton Pipelines has worked on the basis of an undocumented support period of four months, which will be maintained for the releases between v0.37 and v0.40.

Release Process

Tekton Pipeline releases are made of YAML manifests and container images. Manifests are published to cloud object-storage as well as [GitHub][tekton-pipeline-releases]. Container images are signed by [Sigstore][sigstore] via [Tekton Chains][tekton-chains]; signatures can be verified through the [public key][chains-public-key] hosted by the Tekton Chains project.

Further documentation available:

  • The Tekton Pipeline [release process][tekton-releases-docs]
  • [Installing Tekton][tekton-installation]
  • Standard for [release notes][release-notes-standards]

Release

v0.59 (LTS)

  • Latest Release: [v0.59.0][v0.59-0] (2024-04-25) ([docs][v0.59-0-docs], [examples][v0.59-0-examples])
  • Initial Release: [v0.59.0][v0.59-0] (2024-04-25)
  • Estimated End of Life: 2025-04-24
  • Patch Releases: [v0.59.0][v0.59-0]

... (truncated)

Commits
  • 34d8c0f chore(deps): bump go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptrace...
  • e556bc7 fix: resolve pod creation failure on retry when using workspace.\<name>.volume
  • a494d6a fix(taskrun): emit warning for missing secret in ServiceAccount instead of fa...
  • fba68b7 Fix shell for tag-images step
  • b712fc5 chore(deps): bump go.opentelemetry.io/otel/sdk from 1.25.0 to 1.26.0
  • 91bbee5 fix: do not set default kind when taskRef resolver is present
  • 30e389b fix: ensure default type for params in remote tasks to prevent pipeline failures
  • faccef8 Fix the shell in crane image
  • b419b2c Add a feature flag to disable inline spec
  • 356b30d chore(deps): bump actions/checkout from 4.1.2 to 4.1.3
  • Additional commits viewable in compare view


Updates k8s.io/api from 0.29.4 to 0.30.0

Commits
  • fb932d2 Update dependencies to v0.30.0 tag
  • d014286 Merge remote-tracking branch 'origin/master' into release-1.30
  • 581c1b8 Update x/net for CVE-2023-45288
  • 35ca1f4 Merge pull request #123932 from pohly/dra-api-resource-model-rename
  • b048bd8 Merge pull request #123909 from AkihiroSuda/fix-123906
  • f06d24a dra api: NodeResourceModel -> ResourceModel
  • 30e3187 api: NodeStatus: rename RuntimeClasses to RuntimeHandlers
  • 96558b9 Merge pull request #123792 from mimowo/propose-api-comments-fix
  • 089c7ca Merge pull request #123180 from AkihiroSuda/rro
  • b50824d api: KEP-3857: Recursive Read-only (RRO) mounts
  • Additional commits viewable in compare view


Updates k8s.io/apiextensions-apiserver from 0.29.4 to 0.30.0

Commits
  • 03da840 Update dependencies to v0.30.0 tag
  • cb47ad4 Merge remote-tracking branch 'origin/master' into release-1.30
  • 6ce7f38 Update x/net for CVE-2023-45288
  • a2f312c Merge remote-tracking branch 'origin/master' into release-1.30
  • d3649bc fix test flake caused by not waiting for CRD schema update
  • 9624e52 Merge pull request #123732 from serathius/parallel-featureflags
  • 24438a9 Merge pull request #123758 from liggitt/protobump
  • 916521e Bump github.com/golang/protobuf v1.5.4, google.golang.org/protobuf v1.33.0
  • fe10ad0 Merge pull request #123405 from cici37/vapGA
  • a853d25 Fix SetFeatureGateDuringTest handling of Parallel tests
  • Additional commits viewable in compare view


Updates k8s.io/apimachinery from 0.29.4 to 0.30.0

Commits
  • 37988e5 Merge remote-tracking branch 'origin/master' into release-1.30
  • c857a38 Update x/net for CVE-2023-45288
  • 0407311 followup to allow special characters
  • 25164f7 Merge pull request #123435 from tallclair/apparmor-ga
  • cbfe0a1 Merge pull request #123758 from liggitt/protobump
  • 21d26b6 Bump github.com/golang/protobuf v1.5.4, google.golang.org/protobuf v1.33.0
  • 0c29f84 Merge pull request #123385 from HirazawaUi/allow-special-characters
  • 60d24f2 Merge pull request #123708 from p0lyn0mial/upstream-const-watchlist-bookmark-...
  • 513d23a apimachinery/meta/types.go: define InitialEventsAnnotationKey const
  • 67cb3a8 Merge pull request #123413 from seans3/tunneling-spdy-websockets
  • Additional commits viewable in compare view


Updates k8s.io/client-go from 0.29.4 to 0.30.0

Commits
  • 3aa4577 Update dependencies to v0.30.0 tag
  • 2df4de1 Merge remote-tracking branch 'origin/master' into release-1.30
  • ade2ae2 Update x/net for CVE-2023-45288
  • b4632b7 Merge pull request #123932 from pohly/dra-api-resource-model-rename
  • 4467b1e Merge pull request #123909 from AkihiroSuda/fix-123906
  • 650f392 dra api: NodeResourceModel -> ResourceModel
  • 00e4609 api: NodeStatus: rename RuntimeClasses to RuntimeHandlers
  • 7ebe0ea Merge pull request #123180 from AkihiroSuda/rro
  • 3be09aa api: KEP-3857: Recursive Read-only (RRO) mounts
  • 110b75b Merge pull request #123344 from nilekhc/svm-controller
  • Additional commits viewable in compare view


Updates k8s.io/kube-aggregator from 0.29.4 to 0.30.0

Commits
  • 5544326 Update dependencies to v0.30.0 tag
  • 8a05ec9 Merge remote-tracking branch 'origin/master' into release-1.30
  • a85034b Update x/net for CVE-2023-45288
  • 03409cd Merge pull request #123770 from Jefftree/go-restful
  • 0ff135f fix aggregator path filtering to include /
  • 0484f16 Merge pull request #123758 from liggitt/protobump
  • 9355ef1 Bump github.com/golang/protobuf v1.5.4, google.golang.org/protobuf v1.33.0
  • 76cea3f Merge pull request #123684 from hakuna-matatah/123570
  • 4133c02 Addd negative case for the fix in #123570
  • 2e25c05 Merge pull request #123634 from liggitt/handler-race
  • Additional commits viewable in compare view


Updates sigs.k8s.io/controller-runtime from 0.17.3 to 0.18.1

Release notes

Sourced from sigs.k8s.io/controller-runtime's releases.

v0.18.1

What's Changed

Full Changelog: https://github.com/kubernetes-sigs/controller-runtime/compare/v0.18.0...v0.18.1

v0.18.0

:warning: Breaking Changes

  • Bump to k8s.io/* v1.30 (#2693 #2754 #2765 #2776 #2786)
  • Remove deprecated v1alpha1.ControllerManagerConfiguration (#2648)
  • admission.Decoder is now an interface (#2736)
  • Source, Event, Predicate, Handler: Add generics support (#2783 #2796)
  • client: Fix SubResourceCreateOptions signature in subresource client (#2766)

:sparkles: New Features

  • cache: Add TransformStripManagedFields transform func (#2791)
  • client: Add client.WithFieldOwner to configure client-wide FieldManager (#2771 #2777)
  • controller: Add NewQueue option (#2767)
  • manager: Export HTTP server runnable implementation (#2473)
  • metrics/server: Add ListenConfig option (#2519)

:bug: Bug Fixes

  • builder/webhook: Return error if For() is used multiple times (#2740)
  • cache: Keep selectors when byObject.Namespaces is defaulted (#2747)
  • cache: Prevent race when informers are started more than once (#2758)
  • fake client: Allow fakeclient to patch CR with no resourceVersion (#2725)
  • fake client: Do not consider an apply patch to be a strategic merge patch (#2679)
  • manager: Prevent leader election when shutting down a non-elected manager (#2724)
  • manager: Runnable group should check if stopped before enqueueing (#2757)
  • restmapper: Clean restmapper cache if a version is notFound (#2663)
  • restmapper: Fix cache invalidation (#2687)

:seedling: Others

  • ci: Add OSSF scorecard action (#2714)
  • ci: Improve github actions dependencies versions and permissions (#2715)
  • ci: Pin checkout action in golangci-lint action, bump checkout action, use consistent tag format (#2729)
  • ci: Update golangci-lint to v1.57.2 (#2708 #2751)
  • ci: Update scorecard github action (#2728)
  • ci: Use go-install for versioned dependencies (#2710)
  • envtest: WaitForDefaultNamespace while starting up envtest (#2668)
  • owners: Cleanup owners files (#2730)
  • owners: Remove outdated testing framework approvers (#2709)
  • predicate: Compare labels and annotations using maps.Equal (#2705)

... (truncated)

Commits
  • cd2885e Merge pull request #2809 from k8s-infra-cherrypick-robot/cherry-pick-2806-to-...
  • 06acde3 🐛 correct kind source type
  • d6feaae Merge pull request #2808 from k8s-infra-cherrypick-robot/cherry-pick-2805-to-...
  • 87cae4c bug: Cache: Fix label defaulting of byObject when namespaces are configured
  • ed81fa6 Merge pull request #2796 from alvaroaleman/mark
  • b35cd6b :book: Mark Typed Handlers as experimental
  • b74908f Merge pull request #2793 from kubernetes-sigs/dependabot/github_actions/actio...
  • a9db208 Merge pull request #2794 from kubernetes-sigs/dependabot/github_actions/actio...
  • 757ae66 :seedling: Bump actions/upload-artifact from 4.3.1 to 4.3.3
  • 18ae9e0 :seedling: Bump actions/checkout from 4.1.2 to 4.1.3
  • Additional commits viewable in compare view


Updates github.com/google/pprof from 0.0.0-20230510103437-eeec1cb781c3 to 0.0.0-20240424215950-a892ee059fd6

Commits


Updates github.com/prometheus/procfs from 0.13.0 to 0.14.0

Release notes

Sourced from github.com/prometheus/procfs's releases.

v0.14.0

What's Changed

New Contributors

Full Changelog: https://github.com/prometheus/procfs/compare/v0.13.0...v0.14.0

Commits


Updates google.golang.org/api from 0.173.0 to 0.177.0

Release notes

Sourced from google.golang.org/api's releases.

v0.177.0

0.177.0 (2024-04-30)

Features

Bug Fixes

v0.176.1

0.176.1 (2024-04-23)

Bug Fixes

  • transport/http: Pass through base transport (#2541) (8d0b2b5)

v0.176.0

0.176.0 (2024-04-22)

Features

Bug Fixes

v0.175.0

0.175.0 (2024-04-19)

Features

... (truncated)

Changelog

Sourced from google.golang.org/api's changelog.

0.177.0 (2024-04-30)

Features

Bug Fixes

0.176.1 (2024-04-23)

Bug Fixes

  • transport/http: Pass through base transport (#2541) (8d0b2b5)

0.176.0 (2024-04-22)

Features

Bug Fixes

0.175.0 (2024-04-19)

Features

Bug Fixes

... (truncated)

Commits


Updates google.golang.org/genproto/googleapis/api from 0.0.0-20240227224415-6ceb2ff114de to 0.0.0-20240314234333-6e1732d8331c

Commits


Updates google.golang.org/genproto/googleapis/rpc from 0.0.0-20240325203815-454cdb8f5daa to 0.0.0-20240429193739-8cf5692501f6

Commits


Updates google.golang.org/protobuf from 1.33.0 to 1.34.0

Updates k8s.io/apiserver from 0.29.4 to 0.30.0

Commits
  • 9b2e61f Update dependencies to v0.30.0 tag
  • 15c77ce Merge remote-tracking branch 'origin/master' into release-1.30
  • 61d3001 Rename cluster to storage_cluster_id for apiserver_storage_size_bytes metric
  • d97582e Merge remote-tracking branch 'origin/master' into release-1.30
  • 2071c4d Update x/net for CVE-2023-45288
  • 341f6df Merge pull request #123994 from serathius/undo-double-run-test-watch-semantics
  • 7a3a726 Undo double run of the TestWatchSemantics test to avoid hitting timeout
  • e166c44 Merge pull request #123785 from seans3/streamtunnel-unit-tests
  • ec72042 Merge pull request #123935 from serathius/consistent-watch-from-etcd
  • 13a815b Serve watch without resourceVersion from cache and introduce a WatchFromStora...
  • Additional commits viewable in compare view


Updates k8s.io/kube-openapi from 0.0.0-20240221221325-2ac9dc51f3f1 to 0.0.0-20240228011516-70dd3763d340

Commits


Updates knative.dev/pkg from 0.0.0-20231023150739-56bfe0dd9626 to 0.0.0-20...

Description has been truncated

kubevirt-bot commented 4 months ago

[APPROVALNOTIFIER] This PR is NOT APPROVED

This pull-request has been approved by: Once this PR has been reviewed and has the lgtm label, please assign akrejcir for approval. For more information see the Kubernetes Code Review Process.

The full list of commands accepted by this bot can be found here.

Needs approval from an approver in each of these files: - **[OWNERS](https://github.com/kubevirt/ssp-operator/blob/main/OWNERS)** Approvers can indicate their approval by writing `/approve` in a comment Approvers can cancel approval by writing `/approve cancel` in a comment
sonarcloud[bot] commented 4 months ago

Quality Gate Passed Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
No data about Coverage
No data about Duplication

See analysis details on SonarCloud

openshift-ci[bot] commented 4 months ago

@dependabot[bot]: The following tests failed, say /retest to rerun all failed tests or /retest-required to rerun all mandatory failed tests:

Test name Commit Details Required Rerun command
ci/prow/e2e-upgrade-functests c12cabef2c2f655ac6623becc881b15b195497e8 link true /test e2e-upgrade-functests
ci/prow/e2e-functests c12cabef2c2f655ac6623becc881b15b195497e8 link true /test e2e-functests
ci/prow/e2e-single-node-functests c12cabef2c2f655ac6623becc881b15b195497e8 link true /test e2e-single-node-functests

Full PR test history. Your PR dashboard.

Instructions for interacting with me using PR comments are available [here](https://git.k8s.io/community/contributors/guide/pull-requests.md). If you have questions or suggestions related to my behavior, please file an issue against the [kubernetes/test-infra](https://github.com/kubernetes/test-infra/issues/new?title=Prow%20issue:) repository. I understand the commands that are listed [here](https://go.k8s.io/bot-commands).
dependabot[bot] commented 4 months ago

Looks like these dependencies are updatable in another way, so this is no longer needed.