fix(helm): update cilium ( 1.15.6 → 1.15.7 )

bot-ross[bot] commented 3 months ago

This PR contains the following updates:

Package	Update	Change
cilium (source)	patch	`1.15.6` -> `1.15.7`

Release Notes

cilium/cilium (cilium)

### [`v1.15.7`](https://togithub.com/cilium/cilium/releases/tag/v1.15.7): 1.15.7 [Compare Source](https://togithub.com/cilium/cilium/compare/1.15.6...1.15.7) ## Summary of Changes We are pleased to release Cilium v1.15.7, which makes the load balancer class of the Clustermesh API server configurable and includes stability and bug fixes. Thanks to all contributors, reviewers, testers, and users! **Minor Changes:** - helm: loadBalancerClass for Cluster Mesh APIserver (Backport PR [#33342](https://togithub.com/cilium/cilium/issues/33342), Upstream PR [#33033](https://togithub.com/cilium/cilium/issues/33033), [@PhilipSchmid](https://togithub.com/PhilipSchmid)) - ui: v0.13.1 release (Backport PR [#33223](https://togithub.com/cilium/cilium/issues/33223), Upstream PR [#32852](https://togithub.com/cilium/cilium/issues/32852), [@geakstr](https://togithub.com/geakstr)) **Bugfixes:** - bgpv1: reorder neighbor creation and deletion steps (Backport PR [#33378](https://togithub.com/cilium/cilium/issues/33378), Upstream PR [#33262](https://togithub.com/cilium/cilium/issues/33262), [@harsimran-pabla](https://togithub.com/harsimran-pabla)) - datapath: Fix redirect from from L3 netdev to tunnel (Backport PR [#33529](https://togithub.com/cilium/cilium/issues/33529), Upstream PR [#33421](https://togithub.com/cilium/cilium/issues/33421), [@brb](https://togithub.com/brb)) - Datasource error fixed for Hubble DNS and Network dashboards (Backport PR [#33631](https://togithub.com/cilium/cilium/issues/33631), Upstream PR [#30580](https://togithub.com/cilium/cilium/issues/30580), [@Pionerd](https://togithub.com/Pionerd)) - egress-gateway: Validate ep identity before fetching labels (Backport PR [#33529](https://togithub.com/cilium/cilium/issues/33529), Upstream PR [#33311](https://togithub.com/cilium/cilium/issues/33311), [@pippolo84](https://togithub.com/pippolo84)) - envoy: Avoid short circuit backend filtering (Backport PR [#33533](https://togithub.com/cilium/cilium/issues/33533), Upstream PR [#33403](https://togithub.com/cilium/cilium/issues/33403), [@sayboras](https://togithub.com/sayboras)) - Fix [#32587](https://togithub.com/cilium/cilium/issues/32587) concurrent hubble dynamic exporter stop and reload (Backport PR [#33098](https://togithub.com/cilium/cilium/issues/33098), Upstream PR [#33000](https://togithub.com/cilium/cilium/issues/33000), [@marqc](https://togithub.com/marqc)) - Fix hubble metrics leak by using CiliumEndpoint watcher to remove stale metrics. (Backport PR [#33529](https://togithub.com/cilium/cilium/issues/33529), Upstream PR [#33260](https://togithub.com/cilium/cilium/issues/33260), [@sgargan](https://togithub.com/sgargan)) - Fix rare spurious double reconnection upon clustermesh configuration change for remote cluster (Backport PR [#33378](https://togithub.com/cilium/cilium/issues/33378), Upstream PR [#33248](https://togithub.com/cilium/cilium/issues/33248), [@giorio94](https://togithub.com/giorio94)) - Fix too many open Unix sockets (Backport PR [#33631](https://togithub.com/cilium/cilium/issues/33631), Upstream PR [#33569](https://togithub.com/cilium/cilium/issues/33569), [@chaunceyjiang](https://togithub.com/chaunceyjiang)) - gateway-api: Check for matching controller name (Backport PR [#33223](https://togithub.com/cilium/cilium/issues/33223), Upstream PR [#33050](https://togithub.com/cilium/cilium/issues/33050), [@sayboras](https://togithub.com/sayboras)) - Generate SBOM from the correct release image ([#33052](https://togithub.com/cilium/cilium/issues/33052), [@ferozsalam](https://togithub.com/ferozsalam)) - helm: Decouple sysctlfix from cgroup.autoMount (Backport PR [#33010](https://togithub.com/cilium/cilium/issues/33010), Upstream PR [#32866](https://togithub.com/cilium/cilium/issues/32866), [@YutaroHayakawa](https://togithub.com/YutaroHayakawa)) - ipsec: do not nil out EncryptInterface when using IPAM ENI on netlink… (Backport PR [#33631](https://togithub.com/cilium/cilium/issues/33631), Upstream PR [#33512](https://togithub.com/cilium/cilium/issues/33512), [@jasonaliyetti](https://togithub.com/jasonaliyetti)) - IPv6 and IPv4 '0.0.0.0/0' CIDR parsing in policy processing has been fixed (Backport PR [#33529](https://togithub.com/cilium/cilium/issues/33529), Upstream PR [#33448](https://togithub.com/cilium/cilium/issues/33448), [@jrajahalme](https://togithub.com/jrajahalme)) - Recreate CT entries for non-TCP to fix L7 proxy redirect failures. (Backport PR [#33378](https://togithub.com/cilium/cilium/issues/33378), Upstream PR [#33222](https://togithub.com/cilium/cilium/issues/33222), [@ysksuzuki](https://togithub.com/ysksuzuki)) - Report the correct drop reason when a packet is dropped by the bpf_lxc program. (Backport PR [#33631](https://togithub.com/cilium/cilium/issues/33631), Upstream PR [#33551](https://togithub.com/cilium/cilium/issues/33551), [@julianwiedmann](https://togithub.com/julianwiedmann)) - Revert PR [#32244](https://togithub.com/cilium/cilium/issues/32244) which caused unintended side-effects that negatively impacted network performance. (Backport PR [#33378](https://togithub.com/cilium/cilium/issues/33378), Upstream PR [#33304](https://togithub.com/cilium/cilium/issues/33304), [@learnitall](https://togithub.com/learnitall)) - socketlb: tolerate cgroupv1 when detaching bpf programs (Backport PR [#33631](https://togithub.com/cilium/cilium/issues/33631), Upstream PR [#33599](https://togithub.com/cilium/cilium/issues/33599), [@rgo3](https://togithub.com/rgo3)) - Update IPsec to handle larger PSK values when using per-tunnel PSK (Backport PR [#33631](https://togithub.com/cilium/cilium/issues/33631), Upstream PR [#33472](https://togithub.com/cilium/cilium/issues/33472), [@jasonaliyetti](https://togithub.com/jasonaliyetti)) - When the Bandwidth Manager feature is enabled, don't apply Egress rate-limiting to "Port unreachable" ICMP replies by Cilium's North-South Loadbalancer. (Backport PR [#33631](https://togithub.com/cilium/cilium/issues/33631), Upstream PR [#33624](https://togithub.com/cilium/cilium/issues/33624), [@julianwiedmann](https://togithub.com/julianwiedmann)) **CI Changes:** - \[v1.15] Disable release SBOM asset uploads ([#33072](https://togithub.com/cilium/cilium/issues/33072), [@ferozsalam](https://togithub.com/ferozsalam)) - Bump CLI to v0.16.11 (Backport PR [#33529](https://togithub.com/cilium/cilium/issues/33529), Upstream PR [#33444](https://togithub.com/cilium/cilium/issues/33444), [@brb](https://togithub.com/brb)) - ci: Add IPsec leak detection for ci-ipsec-e2e (Backport PR [#33047](https://togithub.com/cilium/cilium/issues/33047), Upstream PR [#32930](https://togithub.com/cilium/cilium/issues/32930), [@jschwinger233](https://togithub.com/jschwinger233)) - ci: l4lb: Don't hang on gathering logs forever (Backport PR [#33010](https://togithub.com/cilium/cilium/issues/33010), Upstream PR [#32947](https://togithub.com/cilium/cilium/issues/32947), [@joestringer](https://togithub.com/joestringer)) - gh: ipsec: clarify check for leaked proxy traffic during key rotation (Backport PR [#33631](https://togithub.com/cilium/cilium/issues/33631), Upstream PR [#33509](https://togithub.com/cilium/cilium/issues/33509), [@julianwiedmann](https://togithub.com/julianwiedmann)) - gha: Only retrieve IPv4 CIDR from docker network (Backport PR [#33110](https://togithub.com/cilium/cilium/issues/33110), Upstream PR [#33093](https://togithub.com/cilium/cilium/issues/33093), [@sayboras](https://togithub.com/sayboras)) - workflows: e2e-upgrade: fix EXTRA parameters (Backport PR [#33223](https://togithub.com/cilium/cilium/issues/33223), Upstream PR [#33150](https://togithub.com/cilium/cilium/issues/33150), [@jibi](https://togithub.com/jibi)) **Misc Changes:** - .github: add workflow for renovate to build base images (Backport PR [#33346](https://togithub.com/cilium/cilium/issues/33346), Upstream PR [#33326](https://togithub.com/cilium/cilium/issues/33326), [@aanm](https://togithub.com/aanm)) - .github: fix cloud workflows for renovate (Backport PR [#33321](https://togithub.com/cilium/cilium/issues/33321), Upstream PR [#33320](https://togithub.com/cilium/cilium/issues/33320), [@aanm](https://togithub.com/aanm)) - .github: fix worfklows used by renovate (Backport PR [#33317](https://togithub.com/cilium/cilium/issues/33317), Upstream PR [#33309](https://togithub.com/cilium/cilium/issues/33309), [@aanm](https://togithub.com/aanm)) - \[v1.15] remove tracking of backports with MLH ([#33124](https://togithub.com/cilium/cilium/issues/33124), [@aanm](https://togithub.com/aanm)) - Add auto-merge for renovate for trusted dependencies (Backport PR [#33317](https://togithub.com/cilium/cilium/issues/33317), Upstream PR [#33287](https://togithub.com/cilium/cilium/issues/33287), [@aanm](https://togithub.com/aanm)) - bpf: ct: return actual error from CT lookup (Backport PR [#33378](https://togithub.com/cilium/cilium/issues/33378), Upstream PR [#33225](https://togithub.com/cilium/cilium/issues/33225), [@julianwiedmann](https://togithub.com/julianwiedmann)) - bpf: encap: fix ifindex in TO_OVERLAY trace notification (Backport PR [#33575](https://togithub.com/cilium/cilium/issues/33575), Upstream PR [#33083](https://togithub.com/cilium/cilium/issues/33083), [@julianwiedmann](https://togithub.com/julianwiedmann)) - bpf: lxc: fix ifindex in TO_ENDPOINT trace notification (Backport PR [#33575](https://togithub.com/cilium/cilium/issues/33575), Upstream PR [#33085](https://togithub.com/cilium/cilium/issues/33085), [@julianwiedmann](https://togithub.com/julianwiedmann)) - bpf: lxc: prefer SECLABEL_IPV4 over SECLABEL in ipv4\_policy() (Backport PR [#33378](https://togithub.com/cilium/cilium/issues/33378), Upstream PR [#33181](https://togithub.com/cilium/cilium/issues/33181), [@julianwiedmann](https://togithub.com/julianwiedmann)) - build(deps): bump urllib3 from 2.0.7 to 2.2.2 in /Documentation (Backport PR [#33378](https://togithub.com/cilium/cilium/issues/33378), Upstream PR [#33218](https://togithub.com/cilium/cilium/issues/33218), [@dependabot](https://togithub.com/dependabot)\[bot]) - build-images-base: cancel github runs based on branch name (Backport PR [#33378](https://togithub.com/cilium/cilium/issues/33378), Upstream PR [#33353](https://togithub.com/cilium/cilium/issues/33353), [@aanm](https://togithub.com/aanm)) - build-images-base: push to branch if pull request ref doesn't exist (Backport PR [#33378](https://togithub.com/cilium/cilium/issues/33378), Upstream PR [#33368](https://togithub.com/cilium/cilium/issues/33368), [@aanm](https://togithub.com/aanm)) - build-images: fetch artifacts with specific pattern (Backport PR [#33378](https://togithub.com/cilium/cilium/issues/33378), Upstream PR [#33216](https://togithub.com/cilium/cilium/issues/33216), [@aanm](https://togithub.com/aanm)) - chore(deps): update all github action dependencies (v1.15) ([#33177](https://togithub.com/cilium/cilium/issues/33177), [@cilium-renovate](https://togithub.com/cilium-renovate)\[bot]) - chore(deps): update all github action dependencies (v1.15) ([#33338](https://togithub.com/cilium/cilium/issues/33338), [@cilium-renovate](https://togithub.com/cilium-renovate)\[bot]) - chore(deps): update all github action dependencies (v1.15) ([#33492](https://togithub.com/cilium/cilium/issues/33492), [@cilium-renovate](https://togithub.com/cilium-renovate)\[bot]) - chore(deps): update all-dependencies (v1.15) ([#33175](https://togithub.com/cilium/cilium/issues/33175), [@cilium-renovate](https://togithub.com/cilium-renovate)\[bot]) - chore(deps): update all-dependencies (v1.15) ([#33337](https://togithub.com/cilium/cilium/issues/33337), [@cilium-renovate](https://togithub.com/cilium-renovate)\[bot]) - chore(deps): update all-dependencies (v1.15) ([#33571](https://togithub.com/cilium/cilium/issues/33571), [@cilium-renovate](https://togithub.com/cilium-renovate)\[bot]) - chore(deps): update cilium/cilium-cli action to v0.16.11 (v1.15) ([#33650](https://togithub.com/cilium/cilium/issues/33650), [@cilium-renovate](https://togithub.com/cilium-renovate)\[bot]) - chore(deps): update cilium/scale-tests-action digest to [`511e3d9`](https://togithub.com/cilium/cilium/commit/511e3d9) (v1.15) ([#33208](https://togithub.com/cilium/cilium/issues/33208), [@cilium-renovate](https://togithub.com/cilium-renovate)\[bot]) - chore(deps): update dependency cilium/cilium-cli to v0.16.10 (v1.15) ([#32990](https://togithub.com/cilium/cilium/issues/32990), [@cilium-renovate](https://togithub.com/cilium-renovate)\[bot]) - chore(deps): update dependency eksctl-io/eksctl to v0.182.0 (v1.15) ([#32991](https://togithub.com/cilium/cilium/issues/32991), [@cilium-renovate](https://togithub.com/cilium-renovate)\[bot]) - chore(deps): update docker.io/library/golang:1.21.11 docker digest to [`2eb85b8`](https://togithub.com/cilium/cilium/commit/2eb85b8) (v1.15) ([#33174](https://togithub.com/cilium/cilium/issues/33174), [@cilium-renovate](https://togithub.com/cilium-renovate)\[bot]) - chore(deps): update docker.io/library/golang:1.21.11 docker digest to [`b405b62`](https://togithub.com/cilium/cilium/commit/b405b62) (v1.15) ([#33336](https://togithub.com/cilium/cilium/issues/33336), [@cilium-renovate](https://togithub.com/cilium-renovate)\[bot]) - chore(deps): update docker.io/library/golang:1.21.12 docker digest to [`488f80a`](https://togithub.com/cilium/cilium/commit/488f80a) (v1.15) ([#33660](https://togithub.com/cilium/cilium/issues/33660), [@cilium-renovate](https://togithub.com/cilium-renovate)\[bot]) - chore(deps): update docker/build-push-action action to v5.4.0 (v1.15) ([#33018](https://togithub.com/cilium/cilium/issues/33018), [@cilium-renovate](https://togithub.com/cilium-renovate)\[bot]) - chore(deps): update docker/build-push-action action to v6 (v1.15) ([#33198](https://togithub.com/cilium/cilium/issues/33198), [@cilium-renovate](https://togithub.com/cilium-renovate)\[bot]) - chore(deps): update go to v1.21.12 (v1.15) ([#33539](https://togithub.com/cilium/cilium/issues/33539), [@cilium-renovate](https://togithub.com/cilium-renovate)\[bot]) - chore(deps): update stable lvh-images (v1.15) (patch) ([#33003](https://togithub.com/cilium/cilium/issues/33003), [@cilium-renovate](https://togithub.com/cilium-renovate)\[bot]) - chore(deps): update stable lvh-images (v1.15) (patch) ([#33176](https://togithub.com/cilium/cilium/issues/33176), [@cilium-renovate](https://togithub.com/cilium-renovate)\[bot]) - chore(deps): update stable lvh-images (v1.15) (patch) ([#33301](https://togithub.com/cilium/cilium/issues/33301), [@cilium-renovate](https://togithub.com/cilium-renovate)\[bot]) - chore(deps): update stable lvh-images (v1.15) (patch) ([#33657](https://togithub.com/cilium/cilium/issues/33657), [@cilium-renovate](https://togithub.com/cilium-renovate)\[bot]) - daemon: Allow DNS transparent mode to be turned off with encryption (Backport PR [#33631](https://togithub.com/cilium/cilium/issues/33631), Upstream PR [#33420](https://togithub.com/cilium/cilium/issues/33420), [@gandro](https://togithub.com/gandro)) - docs: Improve note on kube-apiserver entity limitations (Backport PR [#33529](https://togithub.com/cilium/cilium/issues/33529), Upstream PR [#33382](https://togithub.com/cilium/cilium/issues/33382), [@gandro](https://togithub.com/gandro)) - docs: ipsec: mention dependency on transparent mode for DNS proxy (Backport PR [#33098](https://togithub.com/cilium/cilium/issues/33098), Upstream PR [#33062](https://togithub.com/cilium/cilium/issues/33062), [@julianwiedmann](https://togithub.com/julianwiedmann)) - Documentation: accept ORG and REPO (Backport PR [#33631](https://togithub.com/cilium/cilium/issues/33631), Upstream PR [#33514](https://togithub.com/cilium/cilium/issues/33514), [@aanm](https://togithub.com/aanm)) - examples: Fix subject selector in ingress policy (Backport PR [#33378](https://togithub.com/cilium/cilium/issues/33378), Upstream PR [#33292](https://togithub.com/cilium/cilium/issues/33292), [@joestringer](https://togithub.com/joestringer)) - Fix renovate's concurrency group (Backport PR [#33559](https://togithub.com/cilium/cilium/issues/33559), Upstream PR [#33528](https://togithub.com/cilium/cilium/issues/33528), [@aanm](https://togithub.com/aanm)) - images: update cilium-{runtime,builder} ([#33714](https://togithub.com/cilium/cilium/issues/33714), [@aanm](https://togithub.com/aanm)) - Increase usability of Makefile.override (Backport PR [#33098](https://togithub.com/cilium/cilium/issues/33098), Upstream PR [#32660](https://togithub.com/cilium/cilium/issues/32660), [@learnitall](https://togithub.com/learnitall)) - install/kubernetes: update nodeinit image to latest version (Backport PR [#33529](https://togithub.com/cilium/cilium/issues/33529), Upstream PR [#33427](https://togithub.com/cilium/cilium/issues/33427), [@marseel](https://togithub.com/marseel)) - ipcache: Fix orphaned ipcache entries when mixing Upsert and Inject (Backport PR [#33152](https://togithub.com/cilium/cilium/issues/33152), Upstream PR [#33120](https://togithub.com/cilium/cilium/issues/33120), [@squeed](https://togithub.com/squeed)) - LRP: Misc fix-ups (Backport PR [#33529](https://togithub.com/cilium/cilium/issues/33529), Upstream PR [#33442](https://togithub.com/cilium/cilium/issues/33442), [@aditighag](https://togithub.com/aditighag)) - Miscellaneous fixes in the usage of Makefile.override and build modifiers (Backport PR [#33098](https://togithub.com/cilium/cilium/issues/33098), Upstream PR [#33129](https://togithub.com/cilium/cilium/issues/33129), [@giorio94](https://togithub.com/giorio94)) - Miscellaneous improvements to clustermesh-related troubleshooting tools (Backport PR [#33378](https://togithub.com/cilium/cilium/issues/33378), Upstream PR [#32951](https://togithub.com/cilium/cilium/issues/32951), [@giorio94](https://togithub.com/giorio94)) - Remove release scripts (Backport PR [#33010](https://togithub.com/cilium/cilium/issues/33010), Upstream PR [#32938](https://togithub.com/cilium/cilium/issues/32938), [@aanm](https://togithub.com/aanm)) - Renovate changes (Backport PR [#33559](https://togithub.com/cilium/cilium/issues/33559), Upstream PR [#33519](https://togithub.com/cilium/cilium/issues/33519), [@aanm](https://togithub.com/aanm)) - renovate: add auto-approve bot for renovate PRs (Backport PR [#33642](https://togithub.com/cilium/cilium/issues/33642), Upstream PR [#33604](https://togithub.com/cilium/cilium/issues/33604), [@aanm](https://togithub.com/aanm)) **Other Changes:** - (v1.15) Add permissions to read generated SBOMs ([#33059](https://togithub.com/cilium/cilium/issues/33059), [@ferozsalam](https://togithub.com/ferozsalam)) - \[v1.15] bpf: ct: return actual error from CT lookup (fixup) ([#33484](https://togithub.com/cilium/cilium/issues/33484), [@julianwiedmann](https://togithub.com/julianwiedmann)) - \[v1.15] gh/workflows: fix skipping of no-frag test in ipsec-e2e workflow ([#33671](https://togithub.com/cilium/cilium/issues/33671), [@julianwiedmann](https://togithub.com/julianwiedmann)) - Bump GoBGP to v3.27.0 ([#32993](https://togithub.com/cilium/cilium/issues/32993), [@YutaroHayakawa](https://togithub.com/YutaroHayakawa)) - envoy: Bump golang version to v1.22.5 ([#33555](https://togithub.com/cilium/cilium/issues/33555), [@sayboras](https://togithub.com/sayboras)) - envoy: Update envoy 1.28.x to v1.28.5 ([#33483](https://togithub.com/cilium/cilium/issues/33483), [@sayboras](https://togithub.com/sayboras)) - install: Update image digests for v1.15.6 ([#33015](https://togithub.com/cilium/cilium/issues/33015), [@qmonnet](https://togithub.com/qmonnet)) ##### Docker Manifests ##### cilium `quay.io/cilium/cilium:v1.15.7@sha256:2e432bf6879feb8b891c497d6fd784b13e53456017d2b8e4ea734145f0282ef0` `quay.io/cilium/cilium:stable@sha256:2e432bf6879feb8b891c497d6fd784b13e53456017d2b8e4ea734145f0282ef0` ##### clustermesh-apiserver `quay.io/cilium/clustermesh-apiserver:v1.15.7@sha256:f8fc26060e0f0c131200b762667f91788a4499362fc72209ce30b4032e926c68` `quay.io/cilium/clustermesh-apiserver:stable@sha256:f8fc26060e0f0c131200b762667f91788a4499362fc72209ce30b4032e926c68` ##### docker-plugin `quay.io/cilium/docker-plugin:v1.15.7@sha256:1091cd5586fd5bac23816a05f8828758442a134255e0f73f0ac384310395d304` `quay.io/cilium/docker-plugin:stable@sha256:1091cd5586fd5bac23816a05f8828758442a134255e0f73f0ac384310395d304` ##### hubble-relay `quay.io/cilium/hubble-relay:v1.15.7@sha256:12870e87ec6c105ca86885c4ee7c184ece6b706cc0f22f63d2a62a9a818fd68f` `quay.io/cilium/hubble-relay:stable@sha256:12870e87ec6c105ca86885c4ee7c184ece6b706cc0f22f63d2a62a9a818fd68f` ##### operator-alibabacloud `quay.io/cilium/operator-alibabacloud:v1.15.7@sha256:2dcd7e3305cb47e4b5fbbb9bc2451d6aacb18788a87cab95cf86aec65ec19329` `quay.io/cilium/operator-alibabacloud:stable@sha256:2dcd7e3305cb47e4b5fbbb9bc2451d6aacb18788a87cab95cf86aec65ec19329` ##### operator-aws `quay.io/cilium/operator-aws:v1.15.7@sha256:bb4085da666a5c7a7c6f8135f0de10f0b6895dbf561e9fccda0e272b51bb936e` `quay.io/cilium/operator-aws:stable@sha256:bb4085da666a5c7a7c6f8135f0de10f0b6895dbf561e9fccda0e272b51bb936e` ##### operator-azure `quay.io/cilium/operator-azure:v1.15.7@sha256:8e189549bc3c31a44a1171cc970b8e502ae8bf55cd07035735c4b3a24a16f80b` `quay.io/cilium/operator-azure:stable@sha256:8e189549bc3c31a44a1171cc970b8e502ae8bf55cd07035735c4b3a24a16f80b` ##### operator-generic `quay.io/cilium/operator-generic:v1.15.7@sha256:6840a6dde703b3e73dd31e03390327a9184fcb888efbad9d9d098d65b9035b54` `quay.io/cilium/operator-generic:stable@sha256:6840a6dde703b3e73dd31e03390327a9184fcb888efbad9d9d098d65b9035b54` ##### operator `quay.io/cilium/operator:v1.15.7@sha256:9a599861adc64631c134f86c95823321b59948f35ebc5af31586987d74166341` `quay.io/cilium/operator:stable@sha256:9a599861adc64631c134f86c95823321b59948f35ebc5af31586987d74166341`

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about these updates again.

[ ] If you want to rebase/retry this PR, check this box

This PR has been generated by Renovate Bot.

bot-ross[bot] commented 3 months ago

--- kubernetes/main/apps/kube-system/cilium/app Kustomization: flux-system/cilium HelmRelease: kube-system/cilium

+++ kubernetes/main/apps/kube-system/cilium/app Kustomization: flux-system/cilium HelmRelease: kube-system/cilium

@@ -13,13 +13,13 @@

     spec:
       chart: cilium
       sourceRef:
         kind: HelmRepository
         name: cilium
         namespace: flux-system
-      version: 1.15.6
+      version: 1.15.7
   install:
     remediation:
       retries: 3
   interval: 30m
   upgrade:
     cleanupOnFail: true

bot-ross[bot] commented 3 months ago

--- HelmRelease: kube-system/cilium DaemonSet: kube-system/cilium

+++ HelmRelease: kube-system/cilium DaemonSet: kube-system/cilium

@@ -27,13 +27,13 @@

     spec:
       securityContext:
         appArmorProfile:
           type: Unconfined
       containers:
       - name: cilium-agent
-        image: quay.io/cilium/cilium:v1.15.6@sha256:6aa840986a3a9722cd967ef63248d675a87add7e1704740902d5d3162f0c0def
+        image: quay.io/cilium/cilium:v1.15.7@sha256:2e432bf6879feb8b891c497d6fd784b13e53456017d2b8e4ea734145f0282ef0
         imagePullPolicy: IfNotPresent
         command:
         - cilium-agent
         args:
         - --config-dir=/tmp/cilium/config-map
         startupProbe:
@@ -183,13 +183,13 @@

         - name: xtables-lock
           mountPath: /run/xtables.lock
         - name: tmp
           mountPath: /tmp
       initContainers:
       - name: config
-        image: quay.io/cilium/cilium:v1.15.6@sha256:6aa840986a3a9722cd967ef63248d675a87add7e1704740902d5d3162f0c0def
+        image: quay.io/cilium/cilium:v1.15.7@sha256:2e432bf6879feb8b891c497d6fd784b13e53456017d2b8e4ea734145f0282ef0
         imagePullPolicy: IfNotPresent
         command:
         - cilium-dbg
         - build-config
         env:
         - name: K8S_NODE_NAME
@@ -208,13 +208,13 @@

           value: '7445'
         volumeMounts:
         - name: tmp
           mountPath: /tmp
         terminationMessagePolicy: FallbackToLogsOnError
       - name: mount-cgroup
-        image: quay.io/cilium/cilium:v1.15.6@sha256:6aa840986a3a9722cd967ef63248d675a87add7e1704740902d5d3162f0c0def
+        image: quay.io/cilium/cilium:v1.15.7@sha256:2e432bf6879feb8b891c497d6fd784b13e53456017d2b8e4ea734145f0282ef0
         imagePullPolicy: IfNotPresent
         env:
         - name: CGROUP_ROOT
           value: /sys/fs/cgroup
         - name: BIN_PATH
           value: /opt/cni/bin
@@ -240,13 +240,13 @@

             - SYS_ADMIN
             - SYS_CHROOT
             - SYS_PTRACE
             drop:
             - ALL
       - name: apply-sysctl-overwrites
-        image: quay.io/cilium/cilium:v1.15.6@sha256:6aa840986a3a9722cd967ef63248d675a87add7e1704740902d5d3162f0c0def
+        image: quay.io/cilium/cilium:v1.15.7@sha256:2e432bf6879feb8b891c497d6fd784b13e53456017d2b8e4ea734145f0282ef0
         imagePullPolicy: IfNotPresent
         env:
         - name: BIN_PATH
           value: /opt/cni/bin
         command:
         - sh
@@ -270,13 +270,13 @@

             - SYS_ADMIN
             - SYS_CHROOT
             - SYS_PTRACE
             drop:
             - ALL
       - name: mount-bpf-fs
-        image: quay.io/cilium/cilium:v1.15.6@sha256:6aa840986a3a9722cd967ef63248d675a87add7e1704740902d5d3162f0c0def
+        image: quay.io/cilium/cilium:v1.15.7@sha256:2e432bf6879feb8b891c497d6fd784b13e53456017d2b8e4ea734145f0282ef0
         imagePullPolicy: IfNotPresent
         args:
         - mount | grep "/sys/fs/bpf type bpf" || mount -t bpf bpf /sys/fs/bpf
         command:
         - /bin/bash
         - -c
@@ -286,13 +286,13 @@

           privileged: true
         volumeMounts:
         - name: bpf-maps
           mountPath: /sys/fs/bpf
           mountPropagation: Bidirectional
       - name: clean-cilium-state
-        image: quay.io/cilium/cilium:v1.15.6@sha256:6aa840986a3a9722cd967ef63248d675a87add7e1704740902d5d3162f0c0def
+        image: quay.io/cilium/cilium:v1.15.7@sha256:2e432bf6879feb8b891c497d6fd784b13e53456017d2b8e4ea734145f0282ef0
         imagePullPolicy: IfNotPresent
         command:
         - /init-container.sh
         env:
         - name: CILIUM_ALL_STATE
           valueFrom:
@@ -334,13 +334,13 @@

         - name: cilium-cgroup
           mountPath: /sys/fs/cgroup
           mountPropagation: HostToContainer
         - name: cilium-run
           mountPath: /var/run/cilium
       - name: install-cni-binaries
-        image: quay.io/cilium/cilium:v1.15.6@sha256:6aa840986a3a9722cd967ef63248d675a87add7e1704740902d5d3162f0c0def
+        image: quay.io/cilium/cilium:v1.15.7@sha256:2e432bf6879feb8b891c497d6fd784b13e53456017d2b8e4ea734145f0282ef0
         imagePullPolicy: IfNotPresent
         command:
         - /install-plugin.sh
         resources:
           requests:
             cpu: 100m
--- HelmRelease: kube-system/cilium Deployment: kube-system/cilium-operator

+++ HelmRelease: kube-system/cilium Deployment: kube-system/cilium-operator

@@ -31,13 +31,13 @@

         name: cilium-operator
         app.kubernetes.io/part-of: cilium
         app.kubernetes.io/name: cilium-operator
     spec:
       containers:
       - name: cilium-operator
-        image: quay.io/cilium/operator-generic:v1.15.6@sha256:5789f0935eef96ad571e4f5565a8800d3a8fbb05265cf6909300cd82fd513c3d
+        image: quay.io/cilium/operator-generic:v1.15.7@sha256:6840a6dde703b3e73dd31e03390327a9184fcb888efbad9d9d098d65b9035b54
         imagePullPolicy: IfNotPresent
         command:
         - cilium-operator-generic
         args:
         - --config-dir=/tmp/cilium/config-map
         - --debug=$(CILIUM_DEBUG)

onedr0p / home-ops

fix(helm): update cilium ( 1.15.6 → 1.15.7 ) #7886

Release Notes

Configuration