diff --git a/Makefile.kube_git.var b/Makefile.kube_git.var index 1558b39f0b..d10a47a3e6 100644 --- a/Makefile.kube_git.var +++ b/Makefile.kube_git.var @@ -1,5 +1,5 @@ KUBE_GIT_MAJOR=1 KUBE_GIT_MINOR=32 -KUBE_GIT_VERSION=v1.32.5 -KUBE_GIT_COMMIT=106d0409dd6b36020d8a12ea5ca00ce97ac986ed +KUBE_GIT_VERSION=v1.32.6 +KUBE_GIT_COMMIT=38c60a516ecb061270b0f0f05239b8fe2ce4bf0e KUBE_GIT_TREE_STATE=clean diff --git a/Makefile.version.aarch64.var b/Makefile.version.aarch64.var index 650a75fac9..ba4b11be45 100644 --- a/Makefile.version.aarch64.var +++ b/Makefile.version.aarch64.var @@ -1 +1 @@ -OCP_VERSION := 4.19.0-0.nightly-arm64-2025-07-02-164926 +OCP_VERSION := 4.19.0-0.nightly-arm64-2025-07-09-224827 diff --git a/Makefile.version.x86_64.var b/Makefile.version.x86_64.var index 2df7a46be2..2415728587 100644 --- a/Makefile.version.x86_64.var +++ b/Makefile.version.x86_64.var @@ -1 +1 @@ -OCP_VERSION := 4.19.0-0.nightly-2025-07-02-143253 +OCP_VERSION := 4.19.0-0.nightly-2025-07-09-145247 diff --git a/assets/components/multus/kustomization.aarch64.yaml b/assets/components/multus/kustomization.aarch64.yaml index 5b4228483b..51b2d0b25e 100644 --- a/assets/components/multus/kustomization.aarch64.yaml +++ b/assets/components/multus/kustomization.aarch64.yaml @@ -2,7 +2,7 @@ images: - name: multus-cni-microshift newName: quay.io/openshift-release-dev/ocp-v4.0-art-dev - digest: sha256:b3746511cfee0a00e2bda79a315373c119c48fdd683c33c67585e16ef2e83d48 + digest: sha256:72a3e7029fb6ab149963daaa51e5501db84c9f16dbe5655a2ed7be00bbad2d4c - name: containernetworking-plugins-microshift newName: quay.io/openshift-release-dev/ocp-v4.0-art-dev - digest: sha256:d5dc61fff8e761687619486d18141269e0afde72f1354d195e2493860c607181 + digest: sha256:04e97e0d56f7ca1f8d7f9e7507b5c6a8c1786fb058628afe42ac374f3d60ab9a diff --git a/assets/components/multus/kustomization.x86_64.yaml b/assets/components/multus/kustomization.x86_64.yaml index 45cdf78247..cd7d03c789 100644 --- a/assets/components/multus/kustomization.x86_64.yaml +++ b/assets/components/multus/kustomization.x86_64.yaml @@ -2,7 +2,7 @@ images: - name: multus-cni-microshift newName: quay.io/openshift-release-dev/ocp-v4.0-art-dev - digest: sha256:94d4a1569711b374bb0447bb6ce3e67bf9ccb22ba0e88d1180631b6e5baac885 + digest: sha256:75f8adef2ed9e5a4c428990e6b6b22f0293e19d2e83e8543626d17c3eec7b696 - name: containernetworking-plugins-microshift newName: quay.io/openshift-release-dev/ocp-v4.0-art-dev - digest: sha256:7fa7ee3b878f14d106f9fdcf40b1f65deff31752b0c5ca896d9b6beb5118f440 + digest: sha256:b04587e168db89061c68f045ab5190caecf64dd502f39b29c50e7e63b233ea51 diff --git a/assets/components/multus/release-multus-aarch64.json b/assets/components/multus/release-multus-aarch64.json index c2bd87be5d..3079672d78 100644 --- a/assets/components/multus/release-multus-aarch64.json +++ b/assets/components/multus/release-multus-aarch64.json @@ -1,9 +1,9 @@ { "release": { - "base": "4.19.0-0.nightly-arm64-2025-07-02-164926" + "base": "4.19.0-0.nightly-arm64-2025-07-09-224827" }, "images": { - "multus-cni-microshift": "quay.io/openshift-release-dev/ocp-v4.0-art-dev@sha256:b3746511cfee0a00e2bda79a315373c119c48fdd683c33c67585e16ef2e83d48", - "containernetworking-plugins-microshift": "quay.io/openshift-release-dev/ocp-v4.0-art-dev@sha256:d5dc61fff8e761687619486d18141269e0afde72f1354d195e2493860c607181" + "multus-cni-microshift": "quay.io/openshift-release-dev/ocp-v4.0-art-dev@sha256:72a3e7029fb6ab149963daaa51e5501db84c9f16dbe5655a2ed7be00bbad2d4c", + "containernetworking-plugins-microshift": "quay.io/openshift-release-dev/ocp-v4.0-art-dev@sha256:04e97e0d56f7ca1f8d7f9e7507b5c6a8c1786fb058628afe42ac374f3d60ab9a" } } diff --git a/assets/components/multus/release-multus-x86_64.json b/assets/components/multus/release-multus-x86_64.json index f8d6a85531..b4b714f3b3 100644 --- a/assets/components/multus/release-multus-x86_64.json +++ b/assets/components/multus/release-multus-x86_64.json @@ -1,9 +1,9 @@ { "release": { - "base": "4.19.0-0.nightly-2025-07-02-143253" + "base": "4.19.0-0.nightly-2025-07-09-145247" }, "images": { - "multus-cni-microshift": "quay.io/openshift-release-dev/ocp-v4.0-art-dev@sha256:94d4a1569711b374bb0447bb6ce3e67bf9ccb22ba0e88d1180631b6e5baac885", - "containernetworking-plugins-microshift": "quay.io/openshift-release-dev/ocp-v4.0-art-dev@sha256:7fa7ee3b878f14d106f9fdcf40b1f65deff31752b0c5ca896d9b6beb5118f440" + "multus-cni-microshift": "quay.io/openshift-release-dev/ocp-v4.0-art-dev@sha256:75f8adef2ed9e5a4c428990e6b6b22f0293e19d2e83e8543626d17c3eec7b696", + "containernetworking-plugins-microshift": "quay.io/openshift-release-dev/ocp-v4.0-art-dev@sha256:b04587e168db89061c68f045ab5190caecf64dd502f39b29c50e7e63b233ea51" } } diff --git a/assets/optional/kube-proxy/kustomization.aarch64.yaml b/assets/optional/kube-proxy/kustomization.aarch64.yaml index b443523220..f098d13daf 100644 --- a/assets/optional/kube-proxy/kustomization.aarch64.yaml +++ b/assets/optional/kube-proxy/kustomization.aarch64.yaml @@ -2,4 +2,4 @@ images: - name: kube-proxy newName: quay.io/openshift-release-dev/ocp-v4.0-art-dev - digest: sha256:9886daa1b9a25a21bab1c2db2858c7e8bda1e56c4f5896404c4cd414daa74cf1 + digest: sha256:de5ccb134977b7a40f4d12f493a7a2823c302721f8c6d0303a663bbb01748c08 diff --git a/assets/optional/kube-proxy/kustomization.x86_64.yaml b/assets/optional/kube-proxy/kustomization.x86_64.yaml index 6755dded5f..783a8a1552 100644 --- a/assets/optional/kube-proxy/kustomization.x86_64.yaml +++ b/assets/optional/kube-proxy/kustomization.x86_64.yaml @@ -2,4 +2,4 @@ images: - name: kube-proxy newName: quay.io/openshift-release-dev/ocp-v4.0-art-dev - digest: sha256:2d997716723bbe1add3ab122be06a2f6bea2fe5e36da8d778a6ad98ca0161211 + digest: sha256:5dc91a4ed96111b7908f35a242fed7e6c0652a5247791e22911eb134f39d6f67 diff --git a/assets/optional/kube-proxy/release-kube-proxy-aarch64.json b/assets/optional/kube-proxy/release-kube-proxy-aarch64.json index f28dbef351..b8f9c9c98f 100644 --- a/assets/optional/kube-proxy/release-kube-proxy-aarch64.json +++ b/assets/optional/kube-proxy/release-kube-proxy-aarch64.json @@ -1,8 +1,8 @@ { "release": { - "base": "4.19.0-0.nightly-arm64-2025-07-02-164926" + "base": "4.19.0-0.nightly-arm64-2025-07-09-224827" }, "images": { - "kube-proxy": "quay.io/openshift-release-dev/ocp-v4.0-art-dev@sha256:9886daa1b9a25a21bab1c2db2858c7e8bda1e56c4f5896404c4cd414daa74cf1" + "kube-proxy": "quay.io/openshift-release-dev/ocp-v4.0-art-dev@sha256:de5ccb134977b7a40f4d12f493a7a2823c302721f8c6d0303a663bbb01748c08" } } diff --git a/assets/optional/kube-proxy/release-kube-proxy-x86_64.json b/assets/optional/kube-proxy/release-kube-proxy-x86_64.json index 88dc76b376..f0328a263d 100644 --- a/assets/optional/kube-proxy/release-kube-proxy-x86_64.json +++ b/assets/optional/kube-proxy/release-kube-proxy-x86_64.json @@ -1,8 +1,8 @@ { "release": { - "base": "4.19.0-0.nightly-2025-07-02-143253" + "base": "4.19.0-0.nightly-2025-07-09-145247" }, "images": { - "kube-proxy": "quay.io/openshift-release-dev/ocp-v4.0-art-dev@sha256:2d997716723bbe1add3ab122be06a2f6bea2fe5e36da8d778a6ad98ca0161211" + "kube-proxy": "quay.io/openshift-release-dev/ocp-v4.0-art-dev@sha256:5dc91a4ed96111b7908f35a242fed7e6c0652a5247791e22911eb134f39d6f67" } } diff --git a/assets/optional/operator-lifecycle-manager/kustomization.aarch64.yaml b/assets/optional/operator-lifecycle-manager/kustomization.aarch64.yaml index 72f1725716..a955c79000 100644 --- a/assets/optional/operator-lifecycle-manager/kustomization.aarch64.yaml +++ b/assets/optional/operator-lifecycle-manager/kustomization.aarch64.yaml @@ -2,13 +2,13 @@ images: - name: quay.io/operator-framework/olm newName: quay.io/openshift-release-dev/ocp-v4.0-art-dev - digest: sha256:4348fc993f1492485f3a9f49cfe19b8a9f12f35d69d239deea41580ee7e78de0 + digest: sha256:3b553e5c258de186195c4c6d2da243a06cf44727c4e701818bc96de0f9d082a3 - name: quay.io/operator-framework/configmap-operator-registry newName: quay.io/openshift-release-dev/ocp-v4.0-art-dev - digest: sha256:1827977b49de12cd7c3ba4bbe4b403403b3e3dba410c81c564138bc332e20c11 + digest: sha256:c0847c52711c8a36c594b57270270028562ea965ba3b0910ef53ae2183092b5d - name: quay.io/openshift/origin-kube-rbac-proxy newName: quay.io/openshift-release-dev/ocp-v4.0-art-dev - digest: sha256:d90a434b2fbb9a841f6a47663ff227c15fcc3e541a313636ce7ff6de51086904 + digest: sha256:5baa4a0ae51c34579b7866d103217f36feaada6ea42539da9b8c311122a3a104 patches: - patch: |- @@ -16,12 +16,12 @@ patches: path: /spec/template/spec/containers/0/env/- value: name: OPERATOR_REGISTRY_IMAGE - value: quay.io/openshift-release-dev/ocp-v4.0-art-dev@sha256:1827977b49de12cd7c3ba4bbe4b403403b3e3dba410c81c564138bc332e20c11 + value: quay.io/openshift-release-dev/ocp-v4.0-art-dev@sha256:c0847c52711c8a36c594b57270270028562ea965ba3b0910ef53ae2183092b5d - op: add path: /spec/template/spec/containers/0/env/- value: name: OLM_IMAGE - value: quay.io/openshift-release-dev/ocp-v4.0-art-dev@sha256:4348fc993f1492485f3a9f49cfe19b8a9f12f35d69d239deea41580ee7e78de0 + value: quay.io/openshift-release-dev/ocp-v4.0-art-dev@sha256:3b553e5c258de186195c4c6d2da243a06cf44727c4e701818bc96de0f9d082a3 target: kind: Deployment labelSelector: app=catalog-operator diff --git a/assets/optional/operator-lifecycle-manager/kustomization.x86_64.yaml b/assets/optional/operator-lifecycle-manager/kustomization.x86_64.yaml index 8f3c6a59cb..c02c1fd1db 100644 --- a/assets/optional/operator-lifecycle-manager/kustomization.x86_64.yaml +++ b/assets/optional/operator-lifecycle-manager/kustomization.x86_64.yaml @@ -2,13 +2,13 @@ images: - name: quay.io/operator-framework/olm newName: quay.io/openshift-release-dev/ocp-v4.0-art-dev - digest: sha256:228705150587704426f0580cce99b21c67f98319907fd1250040054b71afc59f + digest: sha256:2f3613780ee10a9ea351b1490b339db4533b2ad70798854e9acecbfcf7aaf173 - name: quay.io/operator-framework/configmap-operator-registry newName: quay.io/openshift-release-dev/ocp-v4.0-art-dev - digest: sha256:28537d6b566e577f970d8f583b80ae955b8e781c34b1796bf9cb931472cb26e3 + digest: sha256:35e8f6b0403ec48111c8b10c694d327e4c27f51673397add3ef856c7c1b963d8 - name: quay.io/openshift/origin-kube-rbac-proxy newName: quay.io/openshift-release-dev/ocp-v4.0-art-dev - digest: sha256:523e20f023049cfd3857f6868bc453227cec0a314c8caf23a2802813acf7138e + digest: sha256:971174692a1aae68ac07ffa132254eb3c018a52507eb32621b6dc286fd25ca0d patches: - patch: |- @@ -16,12 +16,12 @@ patches: path: /spec/template/spec/containers/0/env/- value: name: OPERATOR_REGISTRY_IMAGE - value: quay.io/openshift-release-dev/ocp-v4.0-art-dev@sha256:28537d6b566e577f970d8f583b80ae955b8e781c34b1796bf9cb931472cb26e3 + value: quay.io/openshift-release-dev/ocp-v4.0-art-dev@sha256:35e8f6b0403ec48111c8b10c694d327e4c27f51673397add3ef856c7c1b963d8 - op: add path: /spec/template/spec/containers/0/env/- value: name: OLM_IMAGE - value: quay.io/openshift-release-dev/ocp-v4.0-art-dev@sha256:228705150587704426f0580cce99b21c67f98319907fd1250040054b71afc59f + value: quay.io/openshift-release-dev/ocp-v4.0-art-dev@sha256:2f3613780ee10a9ea351b1490b339db4533b2ad70798854e9acecbfcf7aaf173 target: kind: Deployment labelSelector: app=catalog-operator diff --git a/assets/optional/operator-lifecycle-manager/release-olm-aarch64.json b/assets/optional/operator-lifecycle-manager/release-olm-aarch64.json index dfd97e05c6..dba643e778 100644 --- a/assets/optional/operator-lifecycle-manager/release-olm-aarch64.json +++ b/assets/optional/operator-lifecycle-manager/release-olm-aarch64.json @@ -1,10 +1,10 @@ { "release": { - "base": "4.19.0-0.nightly-arm64-2025-07-02-164926" + "base": "4.19.0-0.nightly-arm64-2025-07-09-224827" }, "images": { - "operator-lifecycle-manager": "quay.io/openshift-release-dev/ocp-v4.0-art-dev@sha256:4348fc993f1492485f3a9f49cfe19b8a9f12f35d69d239deea41580ee7e78de0", - "operator-registry": "quay.io/openshift-release-dev/ocp-v4.0-art-dev@sha256:1827977b49de12cd7c3ba4bbe4b403403b3e3dba410c81c564138bc332e20c11", - "kube-rbac-proxy": "quay.io/openshift-release-dev/ocp-v4.0-art-dev@sha256:d90a434b2fbb9a841f6a47663ff227c15fcc3e541a313636ce7ff6de51086904" + "operator-lifecycle-manager": "quay.io/openshift-release-dev/ocp-v4.0-art-dev@sha256:3b553e5c258de186195c4c6d2da243a06cf44727c4e701818bc96de0f9d082a3", + "operator-registry": "quay.io/openshift-release-dev/ocp-v4.0-art-dev@sha256:c0847c52711c8a36c594b57270270028562ea965ba3b0910ef53ae2183092b5d", + "kube-rbac-proxy": "quay.io/openshift-release-dev/ocp-v4.0-art-dev@sha256:5baa4a0ae51c34579b7866d103217f36feaada6ea42539da9b8c311122a3a104" } } diff --git a/assets/optional/operator-lifecycle-manager/release-olm-x86_64.json b/assets/optional/operator-lifecycle-manager/release-olm-x86_64.json index 5340f4c5d2..1460e0d74a 100644 --- a/assets/optional/operator-lifecycle-manager/release-olm-x86_64.json +++ b/assets/optional/operator-lifecycle-manager/release-olm-x86_64.json @@ -1,10 +1,10 @@ { "release": { - "base": "4.19.0-0.nightly-2025-07-02-143253" + "base": "4.19.0-0.nightly-2025-07-09-145247" }, "images": { - "operator-lifecycle-manager": "quay.io/openshift-release-dev/ocp-v4.0-art-dev@sha256:228705150587704426f0580cce99b21c67f98319907fd1250040054b71afc59f", - "operator-registry": "quay.io/openshift-release-dev/ocp-v4.0-art-dev@sha256:28537d6b566e577f970d8f583b80ae955b8e781c34b1796bf9cb931472cb26e3", - "kube-rbac-proxy": "quay.io/openshift-release-dev/ocp-v4.0-art-dev@sha256:523e20f023049cfd3857f6868bc453227cec0a314c8caf23a2802813acf7138e" + "operator-lifecycle-manager": "quay.io/openshift-release-dev/ocp-v4.0-art-dev@sha256:2f3613780ee10a9ea351b1490b339db4533b2ad70798854e9acecbfcf7aaf173", + "operator-registry": "quay.io/openshift-release-dev/ocp-v4.0-art-dev@sha256:35e8f6b0403ec48111c8b10c694d327e4c27f51673397add3ef856c7c1b963d8", + "kube-rbac-proxy": "quay.io/openshift-release-dev/ocp-v4.0-art-dev@sha256:971174692a1aae68ac07ffa132254eb3c018a52507eb32621b6dc286fd25ca0d" } } diff --git a/assets/release/release-aarch64.json b/assets/release/release-aarch64.json index 89351e54ec..0347d7ef57 100644 --- a/assets/release/release-aarch64.json +++ b/assets/release/release-aarch64.json @@ -1,16 +1,16 @@ { "release": { - "base": "4.19.0-0.nightly-arm64-2025-07-02-164926" + "base": "4.19.0-0.nightly-arm64-2025-07-09-224827" }, "images": { - "cli": "quay.io/openshift-release-dev/ocp-v4.0-art-dev@sha256:f2bc697f78d2e6ec67cdd268d315c601707c4808578c3f21a23a7844c8b3cd49", - "coredns": "quay.io/openshift-release-dev/ocp-v4.0-art-dev@sha256:159854c6651531176fc7bee70d7be83e91757ec300ccb73e95003c9cc8e9ef65", - "haproxy-router": "quay.io/openshift-release-dev/ocp-v4.0-art-dev@sha256:99e2c2ba141c2b78e5ac2f482dab57ed5478c3ae9427f8fd3329ceb2a4c4988e", - "kube-rbac-proxy": "quay.io/openshift-release-dev/ocp-v4.0-art-dev@sha256:d90a434b2fbb9a841f6a47663ff227c15fcc3e541a313636ce7ff6de51086904", - "ovn-kubernetes-microshift": "quay.io/openshift-release-dev/ocp-v4.0-art-dev@sha256:f5c22a0045f07c1407186a3dd308c97639174ea32360779172b3621ec090a5cd", - "pod": "quay.io/openshift-release-dev/ocp-v4.0-art-dev@sha256:5727f343f2226bfa5d5846c96ec5840c9deac1fc7edd350bc5ac09f160267038", - "service-ca-operator": "quay.io/openshift-release-dev/ocp-v4.0-art-dev@sha256:abb2a75f1f0a13c9633443b3ea3405d7d51ffa137a594e459a4fda243c4520d2", + "cli": "quay.io/openshift-release-dev/ocp-v4.0-art-dev@sha256:55c07486718716ec52320e42e3d14990f4b4863f7d3a56da21b969790a32cf45", + "coredns": "quay.io/openshift-release-dev/ocp-v4.0-art-dev@sha256:e96fa8cc3ab1bc9c04a7fad82a3494b663b375ba0ee91b35d3b246f72953eba9", + "haproxy-router": "quay.io/openshift-release-dev/ocp-v4.0-art-dev@sha256:c48d65a845d322c587a10d527877f1ea654fb1d92b2578f59baffe6824c2d45b", + "kube-rbac-proxy": "quay.io/openshift-release-dev/ocp-v4.0-art-dev@sha256:5baa4a0ae51c34579b7866d103217f36feaada6ea42539da9b8c311122a3a104", + "ovn-kubernetes-microshift": "quay.io/openshift-release-dev/ocp-v4.0-art-dev@sha256:d403cb409a51f160bb1015eb43a135f6e4c4a1a55ae3a38143c3b03cd638b14b", + "pod": "quay.io/openshift-release-dev/ocp-v4.0-art-dev@sha256:fa6290de6a96c9fcd3c641782b08aad8aabd0c79a17d204ca5204038eb92cad4", + "service-ca-operator": "quay.io/openshift-release-dev/ocp-v4.0-art-dev@sha256:ff994bf0f29d22aad79ea8ab1871a53633ab5849bb53d1855e83991fa1be0e17", "lvms_operator": "registry.redhat.io/lvms4/lvms-rhel9-operator@sha256:03771d66c0ed8a422c012ffaf6f390d8c3191e02330ef9b9dee00af518928d6e", - "csi-snapshot-controller": "quay.io/openshift-release-dev/ocp-v4.0-art-dev@sha256:8d0e5566526e813ffafe57c006db221c8b82eb1cc30f37b8dfeb57c4b11415db" + "csi-snapshot-controller": "quay.io/openshift-release-dev/ocp-v4.0-art-dev@sha256:f181d8187b7ebd0ea15382a235ad23bd9f687b752f574343d41bfb8d81ae9ff0" } } diff --git a/assets/release/release-x86_64.json b/assets/release/release-x86_64.json index 34c6ddf77f..df6440f4a1 100644 --- a/assets/release/release-x86_64.json +++ b/assets/release/release-x86_64.json @@ -1,16 +1,16 @@ { "release": { - "base": "4.19.0-0.nightly-2025-07-02-143253" + "base": "4.19.0-0.nightly-2025-07-09-145247" }, "images": { - "cli": "quay.io/openshift-release-dev/ocp-v4.0-art-dev@sha256:2cc6c5c5b4a4b45ff71c439824cf06278544b3cef9d87867348589b910961cf0", - "coredns": "quay.io/openshift-release-dev/ocp-v4.0-art-dev@sha256:e3e965a1e1f887b72a5aec2860e56b9521c09c74af711979737f817e9ad9b0c6", - "haproxy-router": "quay.io/openshift-release-dev/ocp-v4.0-art-dev@sha256:35e38bd88d06c55288a6e2a8c7a39598f80eebab99728961b285677a579eb9d2", - "kube-rbac-proxy": "quay.io/openshift-release-dev/ocp-v4.0-art-dev@sha256:523e20f023049cfd3857f6868bc453227cec0a314c8caf23a2802813acf7138e", - "ovn-kubernetes-microshift": "quay.io/openshift-release-dev/ocp-v4.0-art-dev@sha256:d543a402ce0a662574ce8d9ec41c1152cf5aabb6686d9e3aa3b0d6c54da72bc0", - "pod": "quay.io/openshift-release-dev/ocp-v4.0-art-dev@sha256:c4cc43556a30d72412e20dd97cd121ca2eee35074e0d1c4a6ba35f828e2cdfe0", - "service-ca-operator": "quay.io/openshift-release-dev/ocp-v4.0-art-dev@sha256:01be737b7bb2b9ded9543ca63aff7fbe96c01728a074b80c81f168a09b7d91ea", + "cli": "quay.io/openshift-release-dev/ocp-v4.0-art-dev@sha256:457d82eb181032777f0c581c04bec74fe33d37a412d695ad69d0cef54e75a1d7", + "coredns": "quay.io/openshift-release-dev/ocp-v4.0-art-dev@sha256:5703684131ddeb382cd769ad2cfbcaf618a484259d0fea298f3745752dd04167", + "haproxy-router": "quay.io/openshift-release-dev/ocp-v4.0-art-dev@sha256:363b6ef1ef0143febd564f0be09ce8668de615dc93c47e78335f0115773063a6", + "kube-rbac-proxy": "quay.io/openshift-release-dev/ocp-v4.0-art-dev@sha256:971174692a1aae68ac07ffa132254eb3c018a52507eb32621b6dc286fd25ca0d", + "ovn-kubernetes-microshift": "quay.io/openshift-release-dev/ocp-v4.0-art-dev@sha256:2c6451ea70d63de441fc27775d390cd8894e4020b9977fc96c24ac790b7adc7d", + "pod": "quay.io/openshift-release-dev/ocp-v4.0-art-dev@sha256:db230ce535ebafb9adb365e557a6c9f0cfda932739e541b7b374b6f4b11108c6", + "service-ca-operator": "quay.io/openshift-release-dev/ocp-v4.0-art-dev@sha256:ee47ef3d6bcb3d28dc1e939dd96acecbdf21e3c86ea30a8a20628a6858e78345", "lvms_operator": "registry.redhat.io/lvms4/lvms-rhel9-operator@sha256:c5f0ad26372afdd4d3e6a37fdb5cdf0c91304c0e994ec885e2db89e851081504", - "csi-snapshot-controller": "quay.io/openshift-release-dev/ocp-v4.0-art-dev@sha256:090a30919a5f227b053b049a0792c785eeda27545abe5e6d4d8dd0aa7c53c398" + "csi-snapshot-controller": "quay.io/openshift-release-dev/ocp-v4.0-art-dev@sha256:c98a5c86fa5467f3080f51cda9b7b151b02790fd917821ee96ba8753a0853602" } } diff --git a/deps/github.com/openshift/kubernetes/.go-version b/deps/github.com/openshift/kubernetes/.go-version index 82bfa5ce3f..b6773170a5 100644 --- a/deps/github.com/openshift/kubernetes/.go-version +++ b/deps/github.com/openshift/kubernetes/.go-version @@ -1 +1 @@ -1.23.8 +1.23.10 diff --git a/deps/github.com/openshift/kubernetes/CHANGELOG/CHANGELOG-1.32.md b/deps/github.com/openshift/kubernetes/CHANGELOG/CHANGELOG-1.32.md index 1c6bc92ef0..70eb6a428d 100644 --- a/deps/github.com/openshift/kubernetes/CHANGELOG/CHANGELOG-1.32.md +++ b/deps/github.com/openshift/kubernetes/CHANGELOG/CHANGELOG-1.32.md @@ -1,214 +1,320 @@ -- [v1.32.4](#v1324) - - [Downloads for v1.32.4](#downloads-for-v1324) +- [v1.32.5](#v1325) + - [Downloads for v1.32.5](#downloads-for-v1325) - [Source Code](#source-code) - [Client Binaries](#client-binaries) - [Server Binaries](#server-binaries) - [Node Binaries](#node-binaries) - [Container Images](#container-images) - - [Changelog since v1.32.3](#changelog-since-v1323) + - [Changelog since v1.32.4](#changelog-since-v1324) - [Changes by Kind](#changes-by-kind) + - [Feature](#feature) - [Bug or Regression](#bug-or-regression) - [Dependencies](#dependencies) - [Added](#added) - [Changed](#changed) - [Removed](#removed) -- [v1.32.3](#v1323) - - [Downloads for v1.32.3](#downloads-for-v1323) +- [v1.32.4](#v1324) + - [Downloads for v1.32.4](#downloads-for-v1324) - [Source Code](#source-code-1) - [Client Binaries](#client-binaries-1) - [Server Binaries](#server-binaries-1) - [Node Binaries](#node-binaries-1) - [Container Images](#container-images-1) - - [Changelog since v1.32.2](#changelog-since-v1322) + - [Changelog since v1.32.3](#changelog-since-v1323) - [Changes by Kind](#changes-by-kind-1) - - [API Change](#api-change) - [Bug or Regression](#bug-or-regression-1) - [Dependencies](#dependencies-1) - [Added](#added-1) - [Changed](#changed-1) - [Removed](#removed-1) -- [v1.32.2](#v1322) - - [Downloads for v1.32.2](#downloads-for-v1322) +- [v1.32.3](#v1323) + - [Downloads for v1.32.3](#downloads-for-v1323) - [Source Code](#source-code-2) - [Client Binaries](#client-binaries-2) - [Server Binaries](#server-binaries-2) - [Node Binaries](#node-binaries-2) - [Container Images](#container-images-2) - - [Changelog since v1.32.1](#changelog-since-v1321) - - [Important Security Information](#important-security-information) - - [CVE-2025-0426: Node Denial of Service via Kubelet Checkpoint API](#cve-2025-0426-node-denial-of-service-via-kubelet-checkpoint-api) + - [Changelog since v1.32.2](#changelog-since-v1322) - [Changes by Kind](#changes-by-kind-2) - - [Feature](#feature) + - [API Change](#api-change) - [Bug or Regression](#bug-or-regression-2) - - [Other (Cleanup or Flake)](#other-cleanup-or-flake) - [Dependencies](#dependencies-2) - [Added](#added-2) - [Changed](#changed-2) - [Removed](#removed-2) -- [v1.32.1](#v1321) - - [Downloads for v1.32.1](#downloads-for-v1321) +- [v1.32.2](#v1322) + - [Downloads for v1.32.2](#downloads-for-v1322) - [Source Code](#source-code-3) - [Client Binaries](#client-binaries-3) - [Server Binaries](#server-binaries-3) - [Node Binaries](#node-binaries-3) - [Container Images](#container-images-3) - - [Changelog since v1.32.0](#changelog-since-v1320) - - [Important Security Information](#important-security-information-1) - - [CVE-2024-9042: Command Injection affecting Windows nodes via nodes/*/logs/query API](#cve-2024-9042-command-injection-affecting-windows-nodes-via-nodeslogsquery-api) + - [Changelog since v1.32.1](#changelog-since-v1321) + - [Important Security Information](#important-security-information) + - [CVE-2025-0426: Node Denial of Service via Kubelet Checkpoint API](#cve-2025-0426-node-denial-of-service-via-kubelet-checkpoint-api) - [Changes by Kind](#changes-by-kind-3) - - [API Change](#api-change-1) - [Feature](#feature-1) - [Bug or Regression](#bug-or-regression-3) + - [Other (Cleanup or Flake)](#other-cleanup-or-flake) - [Dependencies](#dependencies-3) - [Added](#added-3) - [Changed](#changed-3) - [Removed](#removed-3) -- [v1.32.0](#v1320) - - [Downloads for v1.32.0](#downloads-for-v1320) +- [v1.32.1](#v1321) + - [Downloads for v1.32.1](#downloads-for-v1321) - [Source Code](#source-code-4) - [Client Binaries](#client-binaries-4) - [Server Binaries](#server-binaries-4) - [Node Binaries](#node-binaries-4) - [Container Images](#container-images-4) - - [Changelog since v1.31.0](#changelog-since-v1310) - - [Urgent Upgrade Notes](#urgent-upgrade-notes) + - [Changelog since v1.32.0](#changelog-since-v1320) + - [Important Security Information](#important-security-information-1) + - [CVE-2024-9042: Command Injection affecting Windows nodes via nodes/*/logs/query API](#cve-2024-9042-command-injection-affecting-windows-nodes-via-nodeslogsquery-api) - [Changes by Kind](#changes-by-kind-4) - - [Deprecation](#deprecation) - - [API Change](#api-change-2) + - [API Change](#api-change-1) - [Feature](#feature-2) - - [Documentation](#documentation) - - [Failing Test](#failing-test) - [Bug or Regression](#bug-or-regression-4) - - [Other (Cleanup or Flake)](#other-cleanup-or-flake-1) - [Dependencies](#dependencies-4) - [Added](#added-4) - [Changed](#changed-4) - [Removed](#removed-4) -- [v1.32.0-rc.2](#v1320-rc2) - - [Downloads for v1.32.0-rc.2](#downloads-for-v1320-rc2) +- [v1.32.0](#v1320) + - [Downloads for v1.32.0](#downloads-for-v1320) - [Source Code](#source-code-5) - [Client Binaries](#client-binaries-5) - [Server Binaries](#server-binaries-5) - [Node Binaries](#node-binaries-5) - [Container Images](#container-images-5) - - [Changelog since v1.32.0-rc.1](#changelog-since-v1320-rc1) + - [Changelog since v1.31.0](#changelog-since-v1310) + - [Urgent Upgrade Notes](#urgent-upgrade-notes) - [Changes by Kind](#changes-by-kind-5) - - [API Change](#api-change-3) + - [Deprecation](#deprecation) + - [API Change](#api-change-2) + - [Feature](#feature-3) + - [Documentation](#documentation) + - [Failing Test](#failing-test) - [Bug or Regression](#bug-or-regression-5) + - [Other (Cleanup or Flake)](#other-cleanup-or-flake-1) - [Dependencies](#dependencies-5) - [Added](#added-5) - [Changed](#changed-5) - [Removed](#removed-5) -- [v1.32.0-rc.1](#v1320-rc1) - - [Downloads for v1.32.0-rc.1](#downloads-for-v1320-rc1) +- [v1.32.0-rc.2](#v1320-rc2) + - [Downloads for v1.32.0-rc.2](#downloads-for-v1320-rc2) - [Source Code](#source-code-6) - [Client Binaries](#client-binaries-6) - [Server Binaries](#server-binaries-6) - [Node Binaries](#node-binaries-6) - [Container Images](#container-images-6) - - [Changelog since v1.32.0-rc.0](#changelog-since-v1320-rc0) + - [Changelog since v1.32.0-rc.1](#changelog-since-v1320-rc1) + - [Changes by Kind](#changes-by-kind-6) + - [API Change](#api-change-3) + - [Bug or Regression](#bug-or-regression-6) - [Dependencies](#dependencies-6) - [Added](#added-6) - [Changed](#changed-6) - [Removed](#removed-6) -- [v1.32.0-rc.0](#v1320-rc0) - - [Downloads for v1.32.0-rc.0](#downloads-for-v1320-rc0) +- [v1.32.0-rc.1](#v1320-rc1) + - [Downloads for v1.32.0-rc.1](#downloads-for-v1320-rc1) - [Source Code](#source-code-7) - [Client Binaries](#client-binaries-7) - [Server Binaries](#server-binaries-7) - [Node Binaries](#node-binaries-7) - [Container Images](#container-images-7) - - [Changelog since v1.32.0-beta.0](#changelog-since-v1320-beta0) - - [Changes by Kind](#changes-by-kind-6) - - [API Change](#api-change-4) - - [Feature](#feature-3) - - [Bug or Regression](#bug-or-regression-6) - - [Other (Cleanup or Flake)](#other-cleanup-or-flake-2) + - [Changelog since v1.32.0-rc.0](#changelog-since-v1320-rc0) - [Dependencies](#dependencies-7) - [Added](#added-7) - [Changed](#changed-7) - [Removed](#removed-7) -- [v1.32.0-beta.0](#v1320-beta0) - - [Downloads for v1.32.0-beta.0](#downloads-for-v1320-beta0) +- [v1.32.0-rc.0](#v1320-rc0) + - [Downloads for v1.32.0-rc.0](#downloads-for-v1320-rc0) - [Source Code](#source-code-8) - [Client Binaries](#client-binaries-8) - [Server Binaries](#server-binaries-8) - [Node Binaries](#node-binaries-8) - [Container Images](#container-images-8) - - [Changelog since v1.32.0-alpha.3](#changelog-since-v1320-alpha3) - - [Urgent Upgrade Notes](#urgent-upgrade-notes-1) - - [(No, really, you MUST read this before you upgrade)](#no-really-you-must-read-this-before-you-upgrade) + - [Changelog since v1.32.0-beta.0](#changelog-since-v1320-beta0) - [Changes by Kind](#changes-by-kind-7) - - [Deprecation](#deprecation-1) - - [API Change](#api-change-5) + - [API Change](#api-change-4) - [Feature](#feature-4) - [Bug or Regression](#bug-or-regression-7) - - [Other (Cleanup or Flake)](#other-cleanup-or-flake-3) + - [Other (Cleanup or Flake)](#other-cleanup-or-flake-2) - [Dependencies](#dependencies-8) - [Added](#added-8) - [Changed](#changed-8) - [Removed](#removed-8) -- [v1.32.0-alpha.3](#v1320-alpha3) - - [Downloads for v1.32.0-alpha.3](#downloads-for-v1320-alpha3) +- [v1.32.0-beta.0](#v1320-beta0) + - [Downloads for v1.32.0-beta.0](#downloads-for-v1320-beta0) - [Source Code](#source-code-9) - [Client Binaries](#client-binaries-9) - [Server Binaries](#server-binaries-9) - [Node Binaries](#node-binaries-9) - [Container Images](#container-images-9) - - [Changelog since v1.32.0-alpha.2](#changelog-since-v1320-alpha2) + - [Changelog since v1.32.0-alpha.3](#changelog-since-v1320-alpha3) + - [Urgent Upgrade Notes](#urgent-upgrade-notes-1) + - [(No, really, you MUST read this before you upgrade)](#no-really-you-must-read-this-before-you-upgrade) - [Changes by Kind](#changes-by-kind-8) - - [API Change](#api-change-6) + - [Deprecation](#deprecation-1) + - [API Change](#api-change-5) - [Feature](#feature-5) - - [Documentation](#documentation-1) - [Bug or Regression](#bug-or-regression-8) - - [Other (Cleanup or Flake)](#other-cleanup-or-flake-4) + - [Other (Cleanup or Flake)](#other-cleanup-or-flake-3) - [Dependencies](#dependencies-9) - [Added](#added-9) - [Changed](#changed-9) - [Removed](#removed-9) -- [v1.32.0-alpha.2](#v1320-alpha2) - - [Downloads for v1.32.0-alpha.2](#downloads-for-v1320-alpha2) +- [v1.32.0-alpha.3](#v1320-alpha3) + - [Downloads for v1.32.0-alpha.3](#downloads-for-v1320-alpha3) - [Source Code](#source-code-10) - [Client Binaries](#client-binaries-10) - [Server Binaries](#server-binaries-10) - [Node Binaries](#node-binaries-10) - [Container Images](#container-images-10) - - [Changelog since v1.32.0-alpha.1](#changelog-since-v1320-alpha1) + - [Changelog since v1.32.0-alpha.2](#changelog-since-v1320-alpha2) - [Changes by Kind](#changes-by-kind-9) - - [API Change](#api-change-7) + - [API Change](#api-change-6) - [Feature](#feature-6) - - [Documentation](#documentation-2) + - [Documentation](#documentation-1) - [Bug or Regression](#bug-or-regression-9) - - [Other (Cleanup or Flake)](#other-cleanup-or-flake-5) + - [Other (Cleanup or Flake)](#other-cleanup-or-flake-4) - [Dependencies](#dependencies-10) - [Added](#added-10) - [Changed](#changed-10) - [Removed](#removed-10) -- [v1.32.0-alpha.1](#v1320-alpha1) - - [Downloads for v1.32.0-alpha.1](#downloads-for-v1320-alpha1) +- [v1.32.0-alpha.2](#v1320-alpha2) + - [Downloads for v1.32.0-alpha.2](#downloads-for-v1320-alpha2) - [Source Code](#source-code-11) - [Client Binaries](#client-binaries-11) - [Server Binaries](#server-binaries-11) - [Node Binaries](#node-binaries-11) - [Container Images](#container-images-11) - - [Changelog since v1.31.0](#changelog-since-v1310-1) + - [Changelog since v1.32.0-alpha.1](#changelog-since-v1320-alpha1) - [Changes by Kind](#changes-by-kind-10) - - [Deprecation](#deprecation-2) - - [API Change](#api-change-8) + - [API Change](#api-change-7) - [Feature](#feature-7) - - [Documentation](#documentation-3) - - [Failing Test](#failing-test-1) + - [Documentation](#documentation-2) - [Bug or Regression](#bug-or-regression-10) - - [Other (Cleanup or Flake)](#other-cleanup-or-flake-6) + - [Other (Cleanup or Flake)](#other-cleanup-or-flake-5) - [Dependencies](#dependencies-11) - [Added](#added-11) - [Changed](#changed-11) - [Removed](#removed-11) +- [v1.32.0-alpha.1](#v1320-alpha1) + - [Downloads for v1.32.0-alpha.1](#downloads-for-v1320-alpha1) + - [Source Code](#source-code-12) + - [Client Binaries](#client-binaries-12) + - [Server Binaries](#server-binaries-12) + - [Node Binaries](#node-binaries-12) + - [Container Images](#container-images-12) + - [Changelog since v1.31.0](#changelog-since-v1310-1) + - [Changes by Kind](#changes-by-kind-11) + - [Deprecation](#deprecation-2) + - [API Change](#api-change-8) + - [Feature](#feature-8) + - [Documentation](#documentation-3) + - [Failing Test](#failing-test-1) + - [Bug or Regression](#bug-or-regression-11) + - [Other (Cleanup or Flake)](#other-cleanup-or-flake-6) + - [Dependencies](#dependencies-12) + - [Added](#added-12) + - [Changed](#changed-12) + - [Removed](#removed-12) +# v1.32.5 + + +## Downloads for v1.32.5 + + + +### Source Code + +filename | sha512 hash +-------- | ----------- +[kubernetes.tar.gz](https://dl.k8s.io/v1.32.5/kubernetes.tar.gz) | 44328286555a09be90799b7adbd0799b42528310b4cbfe0bc3b7031f1fcfd504af4c101b1847ddbf0f1b656e833fa97566fdf3077089ed2bb9aae25870edf22a +[kubernetes-src.tar.gz](https://dl.k8s.io/v1.32.5/kubernetes-src.tar.gz) | 56043a1898e8006dde2349703dd82fd3b4880a81605f27774c98b8388b8d1a916462f6024390b84c234770e20e3da4b92be3cad3b0ef7a15f2c5cf262bfc7fa8 + +### Client Binaries + +filename | sha512 hash +-------- | ----------- +[kubernetes-client-darwin-amd64.tar.gz](https://dl.k8s.io/v1.32.5/kubernetes-client-darwin-amd64.tar.gz) | fddf95f3f34ea8ffa5572552a7e3341e393e90aa02aa9441d5c8a3c3f9178f44cd391706c3f69c9784575f2a83cfa0553ce3424a2d0ba45e890b299db9893541 +[kubernetes-client-darwin-arm64.tar.gz](https://dl.k8s.io/v1.32.5/kubernetes-client-darwin-arm64.tar.gz) | 22851771df65177e0e025d780d9f084b9419374bc026d861bc814deac531547dd958820283330b46e693a5ee73fe958d42d9374e804511ffcf2ac32fab055db9 +[kubernetes-client-linux-386.tar.gz](https://dl.k8s.io/v1.32.5/kubernetes-client-linux-386.tar.gz) | f25a2df0305fb9f1f3ad05de8d007edd178757c1b5419cf9b095b1e0ce47e243432dafa18736f0684bb21da9aedd0c73908d8a1e5f35a0994b47a42b262745ce +[kubernetes-client-linux-amd64.tar.gz](https://dl.k8s.io/v1.32.5/kubernetes-client-linux-amd64.tar.gz) | df5c80e94d0fedd88c980579fc92e0f9a978fab1d2106bee26a08844d5c11b602fa3a4e163d8fb5d2b0abbc1590762e2bb08697a4512e4666582d4262437672e +[kubernetes-client-linux-arm.tar.gz](https://dl.k8s.io/v1.32.5/kubernetes-client-linux-arm.tar.gz) | 07afef414432046dc4456a296c2110ced17a34e7e4a1b1844a8f2caa599cd373364768874be4d2a0dbbf26b3d4f7e5157ac9eb4bb1728d6a2af12603672aee8e +[kubernetes-client-linux-arm64.tar.gz](https://dl.k8s.io/v1.32.5/kubernetes-client-linux-arm64.tar.gz) | b84a29c864e1f143c199249fcb540db7948b47ad499a31f26a0fd727c0254f8f3bfc04de87aed76a9d8a4dcad42103021b897b7298f05f23ba439920b81057d1 +[kubernetes-client-linux-ppc64le.tar.gz](https://dl.k8s.io/v1.32.5/kubernetes-client-linux-ppc64le.tar.gz) | 56dbf6f373dd59e721f41fb8730733bec01cff7e50281d7d0f858354348a8a0c98e705f97e5a2aa96d48116f80bc77b472a33526ac2c41f4884f7202ab6dee94 +[kubernetes-client-linux-s390x.tar.gz](https://dl.k8s.io/v1.32.5/kubernetes-client-linux-s390x.tar.gz) | 708fda263618b5a8034062d7d909025bf1269fd932d698dea2cb4126c717df6bcb2c4a529c5df15bdd28f0262e4fd0947510628bc8485073f195773d0dc2a1c2 +[kubernetes-client-windows-386.tar.gz](https://dl.k8s.io/v1.32.5/kubernetes-client-windows-386.tar.gz) | 5a4a3e4806a93cc4f585d258a4bb7ee0ceaee1496fbeb7fd4f18eb071a3885cb53df25a33384a43e1575a36e48305e05f0020f65a73533b34253f60a7a077625 +[kubernetes-client-windows-amd64.tar.gz](https://dl.k8s.io/v1.32.5/kubernetes-client-windows-amd64.tar.gz) | 5753f52c866caeef5b514035aa9e80b5ef6abdf9b868831953abb5cafda209dc87b8d1a807dd1b2e7712d516bb79d59931b8928d73aca2bdd196389cdc35dbc4 +[kubernetes-client-windows-arm64.tar.gz](https://dl.k8s.io/v1.32.5/kubernetes-client-windows-arm64.tar.gz) | bd21beaff8befa02074624d5ae93a3f90ef51de3d5c9414ad6c5f291c2ba043b1c3002299043415c257eb1adbcf22d425e979f0b5e419246aa37e1ab9b4569f7 + +### Server Binaries + +filename | sha512 hash +-------- | ----------- +[kubernetes-server-linux-amd64.tar.gz](https://dl.k8s.io/v1.32.5/kubernetes-server-linux-amd64.tar.gz) | d74bd56b2776bb4d140d4a4a3a87a61313425625e7d9a7271e9043f01b5be464c45a52f2f131e4707c34ed04940739f676caf0b0ac1adff698c77aabf6375617 +[kubernetes-server-linux-arm64.tar.gz](https://dl.k8s.io/v1.32.5/kubernetes-server-linux-arm64.tar.gz) | 4b9ee5704be840b05b0ec6914e5312d42a8213cf805c90d7ed687785fd1267bce09178490696919a568b0e50c3bdd1eb5dce3eb364c566332fa14c4f4c356f03 +[kubernetes-server-linux-ppc64le.tar.gz](https://dl.k8s.io/v1.32.5/kubernetes-server-linux-ppc64le.tar.gz) | 0b1faef272044dc37fde4436beb9ba9d104b18a153094cc75e4d16c398c38a5aeffb17f2328446338bba72c160b5bfc1c318f40802efec85ff1eae99e7e56ac9 +[kubernetes-server-linux-s390x.tar.gz](https://dl.k8s.io/v1.32.5/kubernetes-server-linux-s390x.tar.gz) | b7b4e692bce25f4a3f29b99e5763a94378c33756f988a9647034212e445962170d3de445f375d06586e0521f5caf4c66235b721574a3e25be36d4f7c8bd4c6e0 + +### Node Binaries + +filename | sha512 hash +-------- | ----------- +[kubernetes-node-linux-amd64.tar.gz](https://dl.k8s.io/v1.32.5/kubernetes-node-linux-amd64.tar.gz) | acfbdd3e62d8d04dc51d3539405d858173ca05ab00f60c1072cbf98b924d9e612e8d667440a897bd5796d723036970e526dc20f1943b76f43f00679011437288 +[kubernetes-node-linux-arm64.tar.gz](https://dl.k8s.io/v1.32.5/kubernetes-node-linux-arm64.tar.gz) | e834d3a604d1a3fdb4560c5e5f287fb72feed3a08f071a1da4bce38d32d0b9645ae7ee278f8fd72b84d6703d26b87f7f6b5d6036fbf4b469e130013cd938b8b9 +[kubernetes-node-linux-ppc64le.tar.gz](https://dl.k8s.io/v1.32.5/kubernetes-node-linux-ppc64le.tar.gz) | 1f48c67471e59205137f0fdc8b6c7383c3e63e53416d26b4966043d76b6ffc04be9612c175e4c5343662f6b29ca99ad91a6be7fbf6992f7b75d5999554a0562a +[kubernetes-node-linux-s390x.tar.gz](https://dl.k8s.io/v1.32.5/kubernetes-node-linux-s390x.tar.gz) | 0bf4dd7a28399b330b333e395c4dcdb4ffaec1e5b8e6abc90fe06d463f0355a4a623acbb244f73197d284f67a9f34b65d86b730bd7dc4fab4a29c3c4207c77d5 +[kubernetes-node-windows-amd64.tar.gz](https://dl.k8s.io/v1.32.5/kubernetes-node-windows-amd64.tar.gz) | bd69ca2e91cdc6eac66c9812edce5c30989eb23328514716da4c47be16bb62ffc2e5a50b0fe80ab6081e0e8f2b1e2d9587908644b108bfaa76156356e6fce826 + +### Container Images + +All container images are available as manifest lists and support the described +architectures. It is also possible to pull a specific architecture directly by +adding the "-$ARCH" suffix to the container image name. + +name | architectures +---- | ------------- +[registry.k8s.io/conformance:v1.32.5](https://console.cloud.google.com/artifacts/docker/k8s-artifacts-prod/southamerica-east1/images/conformance) | [amd64](https://console.cloud.google.com/artifacts/docker/k8s-artifacts-prod/southamerica-east1/images/conformance-amd64), [arm64](https://console.cloud.google.com/artifacts/docker/k8s-artifacts-prod/southamerica-east1/images/conformance-arm64), [ppc64le](https://console.cloud.google.com/artifacts/docker/k8s-artifacts-prod/southamerica-east1/images/conformance-ppc64le), [s390x](https://console.cloud.google.com/artifacts/docker/k8s-artifacts-prod/southamerica-east1/images/conformance-s390x) +[registry.k8s.io/kube-apiserver:v1.32.5](https://console.cloud.google.com/artifacts/docker/k8s-artifacts-prod/southamerica-east1/images/kube-apiserver) | [amd64](https://console.cloud.google.com/artifacts/docker/k8s-artifacts-prod/southamerica-east1/images/kube-apiserver-amd64), [arm64](https://console.cloud.google.com/artifacts/docker/k8s-artifacts-prod/southamerica-east1/images/kube-apiserver-arm64), [ppc64le](https://console.cloud.google.com/artifacts/docker/k8s-artifacts-prod/southamerica-east1/images/kube-apiserver-ppc64le), [s390x](https://console.cloud.google.com/artifacts/docker/k8s-artifacts-prod/southamerica-east1/images/kube-apiserver-s390x) +[registry.k8s.io/kube-controller-manager:v1.32.5](https://console.cloud.google.com/artifacts/docker/k8s-artifacts-prod/southamerica-east1/images/kube-controller-manager) | [amd64](https://console.cloud.google.com/artifacts/docker/k8s-artifacts-prod/southamerica-east1/images/kube-controller-manager-amd64), [arm64](https://console.cloud.google.com/artifacts/docker/k8s-artifacts-prod/southamerica-east1/images/kube-controller-manager-arm64), [ppc64le](https://console.cloud.google.com/artifacts/docker/k8s-artifacts-prod/southamerica-east1/images/kube-controller-manager-ppc64le), [s390x](https://console.cloud.google.com/artifacts/docker/k8s-artifacts-prod/southamerica-east1/images/kube-controller-manager-s390x) +[registry.k8s.io/kube-proxy:v1.32.5](https://console.cloud.google.com/artifacts/docker/k8s-artifacts-prod/southamerica-east1/images/kube-proxy) | [amd64](https://console.cloud.google.com/artifacts/docker/k8s-artifacts-prod/southamerica-east1/images/kube-proxy-amd64), [arm64](https://console.cloud.google.com/artifacts/docker/k8s-artifacts-prod/southamerica-east1/images/kube-proxy-arm64), [ppc64le](https://console.cloud.google.com/artifacts/docker/k8s-artifacts-prod/southamerica-east1/images/kube-proxy-ppc64le), [s390x](https://console.cloud.google.com/artifacts/docker/k8s-artifacts-prod/southamerica-east1/images/kube-proxy-s390x) +[registry.k8s.io/kube-scheduler:v1.32.5](https://console.cloud.google.com/artifacts/docker/k8s-artifacts-prod/southamerica-east1/images/kube-scheduler) | [amd64](https://console.cloud.google.com/artifacts/docker/k8s-artifacts-prod/southamerica-east1/images/kube-scheduler-amd64), [arm64](https://console.cloud.google.com/artifacts/docker/k8s-artifacts-prod/southamerica-east1/images/kube-scheduler-arm64), [ppc64le](https://console.cloud.google.com/artifacts/docker/k8s-artifacts-prod/southamerica-east1/images/kube-scheduler-ppc64le), [s390x](https://console.cloud.google.com/artifacts/docker/k8s-artifacts-prod/southamerica-east1/images/kube-scheduler-s390x) +[registry.k8s.io/kubectl:v1.32.5](https://console.cloud.google.com/artifacts/docker/k8s-artifacts-prod/southamerica-east1/images/kubectl) | [amd64](https://console.cloud.google.com/artifacts/docker/k8s-artifacts-prod/southamerica-east1/images/kubectl-amd64), [arm64](https://console.cloud.google.com/artifacts/docker/k8s-artifacts-prod/southamerica-east1/images/kubectl-arm64), [ppc64le](https://console.cloud.google.com/artifacts/docker/k8s-artifacts-prod/southamerica-east1/images/kubectl-ppc64le), [s390x](https://console.cloud.google.com/artifacts/docker/k8s-artifacts-prod/southamerica-east1/images/kubectl-s390x) + +## Changelog since v1.32.4 + +## Changes by Kind + +### Feature + +- Kubernetes is now built with Go 1.23.8 ([#131528](https://github.com/kubernetes/kubernetes/pull/131528), [@ameukam](https://github.com/ameukam)) [SIG Release and Testing] + +### Bug or Regression + +- Check for newer resize fields when deciding recovery feature's status in kubelet ([#131438](https://github.com/kubernetes/kubernetes/pull/131438), [@gnufied](https://github.com/gnufied)) [SIG Storage] +- Kubelet: fix a bug where the unexpected NodeResizeError condition was in PVC status when the csi driver does not support node volume expansion and the pvc has the ReadWriteMany access mode. ([#131524](https://github.com/kubernetes/kubernetes/pull/131524), [@carlory](https://github.com/carlory)) [SIG Storage] +- Resolve a regression introduced in version 1.31 on Windows Proxy, where the creation of HNS endpoints fails if remote HNS endpoints with the same IP address have already been created. ([#131428](https://github.com/kubernetes/kubernetes/pull/131428), [@princepereira](https://github.com/princepereira)) [SIG Network and Windows] + +## Dependencies + +### Added +_Nothing has changed._ + +### Changed +_Nothing has changed._ + +### Removed +_Nothing has changed._ + + + # v1.32.4 diff --git a/deps/github.com/openshift/kubernetes/build/build-image/cross/VERSION b/deps/github.com/openshift/kubernetes/build/build-image/cross/VERSION index f1b969720e..0d4ae66aa1 100644 --- a/deps/github.com/openshift/kubernetes/build/build-image/cross/VERSION +++ b/deps/github.com/openshift/kubernetes/build/build-image/cross/VERSION @@ -1 +1 @@ -v1.32.0-go1.23.8-bullseye.0 +v1.32.0-go1.23.10-bullseye.0 diff --git a/deps/github.com/openshift/kubernetes/build/common.sh b/deps/github.com/openshift/kubernetes/build/common.sh index 6e1aa07b99..e79b172ae8 100755 --- a/deps/github.com/openshift/kubernetes/build/common.sh +++ b/deps/github.com/openshift/kubernetes/build/common.sh @@ -97,8 +97,8 @@ readonly KUBE_RSYNC_PORT="${KUBE_RSYNC_PORT:-}" readonly KUBE_CONTAINER_RSYNC_PORT=8730 # These are the default versions (image tags) for their respective base images. -readonly __default_distroless_iptables_version=v0.6.9 -readonly __default_go_runner_version=v2.4.0-go1.23.8-bookworm.0 +readonly __default_distroless_iptables_version=v0.6.11 +readonly __default_go_runner_version=v2.4.0-go1.23.10-bookworm.0 readonly __default_setcap_version=bookworm-v1.0.4 # These are the base images for the Docker-wrapped binaries. diff --git a/deps/github.com/openshift/kubernetes/build/dependencies.yaml b/deps/github.com/openshift/kubernetes/build/dependencies.yaml index 5bfae6a58e..4d4bc159e3 100644 --- a/deps/github.com/openshift/kubernetes/build/dependencies.yaml +++ b/deps/github.com/openshift/kubernetes/build/dependencies.yaml @@ -116,7 +116,7 @@ dependencies: # Golang - name: "golang: upstream version" - version: 1.23.8 + version: 1.23.10 refPaths: - path: .go-version - path: build/build-image/cross/VERSION @@ -140,7 +140,7 @@ dependencies: match: golang:([0-9]+\.[0-9]+).0-bullseye - name: "registry.k8s.io/kube-cross: dependents" - version: v1.32.0-go1.23.8-bullseye.0 + version: v1.32.0-go1.23.10-bullseye.0 refPaths: - path: build/build-image/cross/VERSION @@ -178,7 +178,7 @@ dependencies: match: registry\.k8s\.io\/build-image\/debian-base:[a-zA-Z]+\-v((([0-9]+)\.([0-9]+)\.([0-9]+)(?:-([0-9a-zA-Z-]+(?:\.[0-9a-zA-Z-]+)*))?)(?:\+([0-9a-zA-Z-]+(?:\.[0-9a-zA-Z-]+)*))?) - name: "registry.k8s.io/distroless-iptables: dependents" - version: v0.6.9 + version: v0.6.11 refPaths: - path: build/common.sh match: __default_distroless_iptables_version= @@ -186,7 +186,7 @@ dependencies: match: configs\[DistrolessIptables\] = Config{list\.BuildImageRegistry, "distroless-iptables", "v([0-9]+)\.([0-9]+)\.([0-9]+)"} - name: "registry.k8s.io/go-runner: dependents" - version: v2.4.0-go1.23.8-bookworm.0 + version: v2.4.0-go1.23.10-bookworm.0 refPaths: - path: build/common.sh match: __default_go_runner_version= diff --git a/deps/github.com/openshift/kubernetes/go.mod b/deps/github.com/openshift/kubernetes/go.mod index ef71d00603..3d64357018 100644 --- a/deps/github.com/openshift/kubernetes/go.mod +++ b/deps/github.com/openshift/kubernetes/go.mod @@ -16,7 +16,7 @@ require ( bitbucket.org/bertimus9/systemstat v0.5.0 github.com/JeffAshton/win_pdh v0.0.0-20161109143554-76bb4ee9f0ab github.com/Microsoft/go-winio v0.6.2 - github.com/Microsoft/hnslib v0.0.8 + github.com/Microsoft/hnslib v0.1.1 github.com/armon/circbuf v0.0.0-20190214190532-5111143e8da2 github.com/armon/go-socks5 v0.0.0-20160902184237-e75332964ef5 github.com/blang/semver/v4 v4.0.0 diff --git a/deps/github.com/openshift/kubernetes/go.sum b/deps/github.com/openshift/kubernetes/go.sum index 3c56b908dc..5e171eec49 100644 --- a/deps/github.com/openshift/kubernetes/go.sum +++ b/deps/github.com/openshift/kubernetes/go.sum @@ -132,8 +132,8 @@ github.com/MakeNowJust/heredoc v1.0.0 h1:cXCdzVdstXyiTqTvfqk9SDHpKNjxuom+DOlyEeQ github.com/MakeNowJust/heredoc v1.0.0/go.mod h1:mG5amYoWBHf8vpLOuehzbGGw0EHxpZZ6lCpQ4fNJ8LE= github.com/Microsoft/go-winio v0.6.2 h1:F2VQgta7ecxGYO8k3ZZz3RS8fVIXVxONVUPlNERoyfY= github.com/Microsoft/go-winio v0.6.2/go.mod h1:yd8OoFMLzJbo9gZq8j5qaps8bJ9aShtEA8Ipt1oGCvU= -github.com/Microsoft/hnslib v0.0.8 h1:EBrIiRB7i/UYIXEC2yw22dn+RLzOmsc5S0bw2xf0Qus= -github.com/Microsoft/hnslib v0.0.8/go.mod h1:EYveQJlhKh2obmEIRB3uKN6dBd9pj1frPsrTGFppKuk= +github.com/Microsoft/hnslib v0.1.1 h1:JsZy681SnvSOUAfCZVAxkX4LgQGp+CZZwPbLV0/pdF8= +github.com/Microsoft/hnslib v0.1.1/go.mod h1:DRQR4IjLae6WHYVhW7uqe44hmFUiNhmaWA+jwMbz5tM= github.com/NYTimes/gziphandler v1.1.1 h1:ZUDjpQae29j0ryrS0u/B8HZfJBtBQHjqw2rQ2cqUQ3I= github.com/NYTimes/gziphandler v1.1.1/go.mod h1:n/CVRwUEOgIxrgPvAQhUUr9oeUtvrhMomdKFjzJNB0c= github.com/RangelReale/osincli v0.0.0-20160924135400-fababb0555f2/go.mod h1:XyjUkMA8GN+tOOPXvnbi3XuRxWFvTJntqvTFnjmhzbk= diff --git a/deps/github.com/openshift/kubernetes/openshift-hack/images/hyperkube/Dockerfile.rhel b/deps/github.com/openshift/kubernetes/openshift-hack/images/hyperkube/Dockerfile.rhel index 732dfea12f..37904c7fa1 100644 --- a/deps/github.com/openshift/kubernetes/openshift-hack/images/hyperkube/Dockerfile.rhel +++ b/deps/github.com/openshift/kubernetes/openshift-hack/images/hyperkube/Dockerfile.rhel @@ -14,4 +14,4 @@ COPY --from=builder /tmp/build/* /usr/bin/ LABEL io.k8s.display-name="OpenShift Kubernetes Server Commands" \ io.k8s.description="OpenShift is a platform for developing, building, and deploying containerized applications." \ io.openshift.tags="openshift,hyperkube" \ - io.openshift.build.versions="kubernetes=1.32.5" \ No newline at end of file + io.openshift.build.versions="kubernetes=1.32.6" \ No newline at end of file diff --git a/deps/github.com/openshift/kubernetes/openshift-hack/rebase.sh b/deps/github.com/openshift/kubernetes/openshift-hack/rebase.sh index 70ea50b38b..ed2fdbbed5 100755 --- a/deps/github.com/openshift/kubernetes/openshift-hack/rebase.sh +++ b/deps/github.com/openshift/kubernetes/openshift-hack/rebase.sh @@ -126,7 +126,7 @@ fi # openshift-hack/images/hyperkube/Dockerfile.rhel still has FROM pointing to old tag # we need to remove the prefix "v" from the $k8s_tag to stay compatible sed -i -E "s/(io.openshift.build.versions=\"kubernetes=)(1.[1-9]+.[1-9]+)/\1${k8s_tag:1}/" openshift-hack/images/hyperkube/Dockerfile.rhel -go_mod_go_ver=$(grep -E 'go 1\.[1-9][0-9]?' go.mod | sed -E 's/go (1\.[1-9][0-9]?)/\1/') +go_mod_go_ver=$(grep -E 'go 1\.[1-9][0-9]?' go.mod | sed -E 's/go (1\.[1-9][0-9]?)/\1/' | cut -d '.' -f 1,2) # Need to handle mod versions like 1.23 and 1.23.4; our release images only have major.minor tag="rhel-8-release-golang-${go_mod_go_ver}-openshift-${openshift_release#release-}" # update openshift go.mod dependencies diff --git a/deps/github.com/openshift/kubernetes/pkg/apis/core/validation/validation.go b/deps/github.com/openshift/kubernetes/pkg/apis/core/validation/validation.go index 15a5f48905..c108da5d0c 100644 --- a/deps/github.com/openshift/kubernetes/pkg/apis/core/validation/validation.go +++ b/deps/github.com/openshift/kubernetes/pkg/apis/core/validation/validation.go @@ -3031,6 +3031,13 @@ func gatherPodResourceClaimNames(claims []core.PodResourceClaim) sets.Set[string } func validatePodResourceClaim(podMeta *metav1.ObjectMeta, claim core.PodResourceClaim, podClaimNames *sets.Set[string], fldPath *field.Path) field.ErrorList { + // static pods don't support resource claims + if podMeta != nil { + if _, ok := podMeta.Annotations[core.MirrorPodAnnotationKey]; ok { + return field.ErrorList{field.Forbidden(field.NewPath(""), "static pods do not support resource claims")} + } + } + var allErrs field.ErrorList if claim.Name == "" { allErrs = append(allErrs, field.Required(fldPath.Child("name"), "")) diff --git a/deps/github.com/openshift/kubernetes/pkg/apis/core/validation/validation_test.go b/deps/github.com/openshift/kubernetes/pkg/apis/core/validation/validation_test.go index 7c70af236e..dc9eededcd 100644 --- a/deps/github.com/openshift/kubernetes/pkg/apis/core/validation/validation_test.go +++ b/deps/github.com/openshift/kubernetes/pkg/apis/core/validation/validation_test.go @@ -24293,6 +24293,8 @@ func TestValidateDynamicResourceAllocation(t *testing.T) { } failureCases := map[string]*core.Pod{ + "static pod with resource claim reference": goodClaimReference, + "static pod with resource claim template": goodClaimTemplate, "pod claim name with prefix": podtest.MakePod("", podtest.SetResourceClaims(core.PodResourceClaim{ Name: "../my-claim", @@ -24422,7 +24424,14 @@ func TestValidateDynamicResourceAllocation(t *testing.T) { }(), } for k, v := range failureCases { - if errs := ValidatePodSpec(&v.Spec, nil, field.NewPath("field"), PodValidationOptions{}); len(errs) == 0 { + podMeta := shortPodName + if strings.HasPrefix(k, "static pod") { + podMeta = podMeta.DeepCopy() + podMeta.Annotations = map[string]string{ + core.MirrorPodAnnotationKey: "True", + } + } + if errs := ValidatePodSpec(&v.Spec, podMeta, field.NewPath("field"), PodValidationOptions{}); len(errs) == 0 { t.Errorf("expected failure for %q", k) } } diff --git a/deps/github.com/openshift/kubernetes/pkg/kubelet/config/common.go b/deps/github.com/openshift/kubernetes/pkg/kubelet/config/common.go index 69d6712623..a73d6372a4 100644 --- a/deps/github.com/openshift/kubernetes/pkg/kubelet/config/common.go +++ b/deps/github.com/openshift/kubernetes/pkg/kubelet/config/common.go @@ -106,6 +106,9 @@ type defaultFunc func(pod *api.Pod) error // A static pod tried to use a ClusterTrustBundle projected volume source. var ErrStaticPodTriedToUseClusterTrustBundle = errors.New("static pods may not use ClusterTrustBundle projected volume sources") +// A static pod tried to use a resource claim. +var ErrStaticPodTriedToUseResourceClaims = errors.New("static pods may not use ResourceClaims") + // tryDecodeSinglePod takes data and tries to extract valid Pod config information from it. func tryDecodeSinglePod(data []byte, defaultFn defaultFunc) (parsed bool, pod *v1.Pod, err error) { // JSON is valid YAML, so this should work for everything. @@ -152,6 +155,9 @@ func tryDecodeSinglePod(data []byte, defaultFn defaultFunc) (parsed bool, pod *v } } } + if len(v1Pod.Spec.ResourceClaims) > 0 { + return true, nil, ErrStaticPodTriedToUseResourceClaims + } return true, v1Pod, nil } diff --git a/deps/github.com/openshift/kubernetes/pkg/kubelet/config/common_test.go b/deps/github.com/openshift/kubernetes/pkg/kubelet/config/common_test.go index c6025d85f9..e58de0c1c9 100644 --- a/deps/github.com/openshift/kubernetes/pkg/kubelet/config/common_test.go +++ b/deps/github.com/openshift/kubernetes/pkg/kubelet/config/common_test.go @@ -180,6 +180,62 @@ func TestDecodeSinglePodRejectsClusterTrustBundleVolumes(t *testing.T) { } } +func TestDecodeSinglePodRejectsResourceClaims(t *testing.T) { + grace := int64(30) + enableServiceLinks := v1.DefaultEnableServiceLinks + pod := &v1.Pod{ + TypeMeta: metav1.TypeMeta{ + APIVersion: "", + }, + ObjectMeta: metav1.ObjectMeta{ + Name: "test", + UID: "12345", + Namespace: "mynamespace", + }, + Spec: v1.PodSpec{ + RestartPolicy: v1.RestartPolicyAlways, + DNSPolicy: v1.DNSClusterFirst, + TerminationGracePeriodSeconds: &grace, + Containers: []v1.Container{{ + Name: "image", + Image: "test/image", + ImagePullPolicy: "IfNotPresent", + TerminationMessagePath: "/dev/termination-log", + TerminationMessagePolicy: v1.TerminationMessageReadFile, + SecurityContext: securitycontext.ValidSecurityContextWithContainerDefaults(), + Resources: v1.ResourceRequirements{ + Claims: []v1.ResourceClaim{{ + Name: "my-claim", + }}, + }, + }}, + ResourceClaims: []v1.PodResourceClaim{{ + Name: "my-claim", + ResourceClaimName: ptr.To("some-external-claim"), + }}, + SecurityContext: &v1.PodSecurityContext{}, + SchedulerName: v1.DefaultSchedulerName, + EnableServiceLinks: &enableServiceLinks, + }, + Status: v1.PodStatus{ + PodIP: "1.2.3.4", + PodIPs: []v1.PodIP{ + { + IP: "1.2.3.4", + }, + }, + }, + } + json, err := runtime.Encode(clientscheme.Codecs.LegacyCodec(v1.SchemeGroupVersion), pod) + if err != nil { + t.Errorf("unexpected error: %v", err) + } + _, _, err = tryDecodeSinglePod(json, noDefault) + if !errors.Is(err, ErrStaticPodTriedToUseResourceClaims) { + t.Errorf("Got error %q, want %q", err, ErrStaticPodTriedToUseResourceClaims) + } +} + func TestDecodePodList(t *testing.T) { grace := int64(30) enableServiceLinks := v1.DefaultEnableServiceLinks diff --git a/deps/github.com/openshift/kubernetes/pkg/kubelet/kubelet_getters.go b/deps/github.com/openshift/kubernetes/pkg/kubelet/kubelet_getters.go index ec22cde460..3e3532a391 100644 --- a/deps/github.com/openshift/kubernetes/pkg/kubelet/kubelet_getters.go +++ b/deps/github.com/openshift/kubernetes/pkg/kubelet/kubelet_getters.go @@ -120,8 +120,9 @@ func (kl *Kubelet) ListPodsFromDisk() ([]types.UID, error) { // user namespaces. func (kl *Kubelet) HandlerSupportsUserNamespaces(rtHandler string) (bool, error) { rtHandlers := kl.runtimeState.runtimeHandlers() - if rtHandlers == nil { - return false, fmt.Errorf("runtime handlers are not set") + if len(rtHandlers) == 0 { + // The slice is empty if the runtime is old and doesn't support this message. + return false, nil } for _, h := range rtHandlers { if h.Name == rtHandler { diff --git a/deps/github.com/openshift/kubernetes/pkg/kubelet/kubelet_pods.go b/deps/github.com/openshift/kubernetes/pkg/kubelet/kubelet_pods.go index 8bc0b56044..96c743d7ba 100644 --- a/deps/github.com/openshift/kubernetes/pkg/kubelet/kubelet_pods.go +++ b/deps/github.com/openshift/kubernetes/pkg/kubelet/kubelet_pods.go @@ -40,7 +40,6 @@ import ( "k8s.io/apimachinery/pkg/types" "k8s.io/apimachinery/pkg/util/sets" utilvalidation "k8s.io/apimachinery/pkg/util/validation" - "k8s.io/apimachinery/pkg/util/version" utilfeature "k8s.io/apiserver/pkg/util/feature" runtimeapi "k8s.io/cri-api/pkg/apis/runtime/v1" "k8s.io/klog/v2" @@ -62,7 +61,6 @@ import ( kubetypes "k8s.io/kubernetes/pkg/kubelet/types" "k8s.io/kubernetes/pkg/kubelet/util/format" utilfs "k8s.io/kubernetes/pkg/util/filesystem" - utilkernel "k8s.io/kubernetes/pkg/util/kernel" utilpod "k8s.io/kubernetes/pkg/util/pod" volumeutil "k8s.io/kubernetes/pkg/volume/util" "k8s.io/kubernetes/pkg/volume/util/hostutil" @@ -131,16 +129,11 @@ func (kl *Kubelet) getKubeletMappings() (uint32, uint32, error) { if !utilfeature.DefaultFeatureGate.Enabled(features.UserNamespacesSupport) { return defaultFirstID, defaultLen, nil - } else { - kernelVersion, err := utilkernel.GetVersion() - if err != nil { - return 0, 0, fmt.Errorf("failed to get kernel version, unable to determine if feature %s can be supported : %w", - features.UserNamespacesSupport, err) - } - if kernelVersion != nil && !kernelVersion.AtLeast(version.MustParseGeneric(utilkernel.UserNamespacesSupportKernelVersion)) { - klog.InfoS("WARNING: the kernel version is incompatible with the feature gate, which needs as a minimum kernel version", - "kernelVersion", kernelVersion, "feature", features.UserNamespacesSupport, "minKernelVersion", utilkernel.UserNamespacesSupportKernelVersion) - } + } + + // Windows doesn't support user namespaces, let's return the default mappings. + if runtime.GOOS == "windows" { + return defaultFirstID, defaultLen, nil } _, err := user.Lookup(kubeletUser) diff --git a/deps/github.com/openshift/kubernetes/pkg/kubelet/userns/types.go b/deps/github.com/openshift/kubernetes/pkg/kubelet/userns/types.go new file mode 100644 index 0000000000..a0422d0042 --- /dev/null +++ b/deps/github.com/openshift/kubernetes/pkg/kubelet/userns/types.go @@ -0,0 +1,29 @@ +/* +Copyright 2025 The Kubernetes Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +package userns + +import "k8s.io/apimachinery/pkg/types" + +// Here go types that are common for all supported OS (windows, linux). + +type userNsPodsManager interface { + HandlerSupportsUserNamespaces(runtimeHandler string) (bool, error) + GetPodDir(podUID types.UID) string + ListPodsFromDisk() ([]types.UID, error) + GetKubeletMappings() (uint32, uint32, error) + GetMaxPods() int +} diff --git a/deps/github.com/openshift/kubernetes/pkg/kubelet/userns/userns_manager.go b/deps/github.com/openshift/kubernetes/pkg/kubelet/userns/userns_manager.go index 7316778329..98849afaf3 100644 --- a/deps/github.com/openshift/kubernetes/pkg/kubelet/userns/userns_manager.go +++ b/deps/github.com/openshift/kubernetes/pkg/kubelet/userns/userns_manager.go @@ -1,3 +1,6 @@ +//go:build !windows +// +build !windows + /* Copyright 2022 The Kubernetes Authors. @@ -43,14 +46,6 @@ const userNsLength = (1 << 16) // since Go maps never free memory. const mapReInitializeThreshold = 1000 -type userNsPodsManager interface { - HandlerSupportsUserNamespaces(runtimeHandler string) (bool, error) - GetPodDir(podUID types.UID) string - ListPodsFromDisk() ([]types.UID, error) - GetKubeletMappings() (uint32, uint32, error) - GetMaxPods() int -} - type UsernsManager struct { used *allocator.AllocationBitmap usedBy map[types.UID]uint32 // Map pod.UID to range used @@ -132,7 +127,7 @@ func (m *UsernsManager) readMappingsFromFile(pod types.UID) ([]byte, error) { func MakeUserNsManager(kl userNsPodsManager) (*UsernsManager, error) { kubeletMappingID, kubeletMappingLen, err := kl.GetKubeletMappings() if err != nil { - return nil, err + return nil, fmt.Errorf("kubelet mappings: %w", err) } if kubeletMappingID%userNsLength != 0 { @@ -411,10 +406,15 @@ func (m *UsernsManager) GetOrCreateUserNamespaceMappings(pod *v1.Pod, runtimeHan // From here onwards, hostUsers=false and the feature gate is enabled. // if the pod requested a user namespace and the runtime doesn't support user namespaces then return an error. - if handlerSupportsUserns, err := m.kl.HandlerSupportsUserNamespaces(runtimeHandler); err != nil { - return nil, err - } else if !handlerSupportsUserns { - return nil, fmt.Errorf("RuntimeClass handler %q does not support user namespaces", runtimeHandler) + if handlerSupportsUserns, err := m.kl.HandlerSupportsUserNamespaces(runtimeHandler); err != nil || !handlerSupportsUserns { + msg := "can't set `spec.hostUsers: false`, runtime does not support user namespaces" + if runtimeHandler != "" { + msg = fmt.Sprintf("can't set `spec.hostUsers: false`, RuntimeClass handler %q does not support user namespaces", runtimeHandler) + } + if err != nil { + return nil, fmt.Errorf("%v: %w", msg, err) + } + return nil, fmt.Errorf("%v", msg) } m.lock.Lock() @@ -429,12 +429,12 @@ func (m *UsernsManager) GetOrCreateUserNamespaceMappings(pod *v1.Pod, runtimeHan if string(content) != "" { userNs, err = m.parseUserNsFileAndRecord(pod.UID, content) if err != nil { - return nil, err + return nil, fmt.Errorf("user namespace: %w", err) } } else { userNs, err = m.createUserNs(pod) if err != nil { - return nil, err + return nil, fmt.Errorf("create user namespace: %w", err) } } @@ -485,7 +485,7 @@ func (m *UsernsManager) CleanupOrphanedPodUsernsAllocations(pods []*v1.Pod, runn allFound := sets.New[string]() found, err := m.kl.ListPodsFromDisk() if err != nil { - return err + return fmt.Errorf("user namespace: read pods from disk: %w", err) } for _, podUID := range found { diff --git a/deps/github.com/openshift/kubernetes/pkg/kubelet/userns/userns_manager_disabled_test.go b/deps/github.com/openshift/kubernetes/pkg/kubelet/userns/userns_manager_disabled_test.go index 5d97233e3d..a4099d0a79 100644 --- a/deps/github.com/openshift/kubernetes/pkg/kubelet/userns/userns_manager_disabled_test.go +++ b/deps/github.com/openshift/kubernetes/pkg/kubelet/userns/userns_manager_disabled_test.go @@ -1,3 +1,6 @@ +//go:build !windows +// +build !windows + /* Copyright 2022 The Kubernetes Authors. diff --git a/deps/github.com/openshift/kubernetes/pkg/kubelet/userns/userns_manager_switch_test.go b/deps/github.com/openshift/kubernetes/pkg/kubelet/userns/userns_manager_switch_test.go index 9ce59971fb..233b5c7fab 100644 --- a/deps/github.com/openshift/kubernetes/pkg/kubelet/userns/userns_manager_switch_test.go +++ b/deps/github.com/openshift/kubernetes/pkg/kubelet/userns/userns_manager_switch_test.go @@ -1,3 +1,6 @@ +//go:build !windows +// +build !windows + /* Copyright 2024 The Kubernetes Authors. diff --git a/deps/github.com/openshift/kubernetes/pkg/kubelet/userns/userns_manager_test.go b/deps/github.com/openshift/kubernetes/pkg/kubelet/userns/userns_manager_test.go index fd20a2d28e..b2d0cc85f6 100644 --- a/deps/github.com/openshift/kubernetes/pkg/kubelet/userns/userns_manager_test.go +++ b/deps/github.com/openshift/kubernetes/pkg/kubelet/userns/userns_manager_test.go @@ -1,3 +1,6 @@ +//go:build !windows +// +build !windows + /* Copyright 2022 The Kubernetes Authors. @@ -20,7 +23,6 @@ import ( "errors" "fmt" "os" - goruntime "runtime" "testing" "github.com/stretchr/testify/assert" @@ -289,7 +291,6 @@ func TestGetOrCreateUserNamespaceMappings(t *testing.T) { runtimeUserns bool runtimeHandler string success bool - skipOnWindows bool }{ { name: "no user namespace", @@ -323,7 +324,6 @@ func TestGetOrCreateUserNamespaceMappings(t *testing.T) { expMode: runtimeapi.NamespaceMode_POD, runtimeUserns: true, success: true, - skipOnWindows: true, }, { name: "user namespace, but no runtime support", @@ -348,10 +348,6 @@ func TestGetOrCreateUserNamespaceMappings(t *testing.T) { for _, tc := range cases { t.Run(tc.name, func(t *testing.T) { - if tc.skipOnWindows && goruntime.GOOS == "windows" { - // TODO: remove skip once the failing test has been fixed. - t.Skip("Skip failing test on Windows.") - } // These tests will create the userns file, so use an existing podDir. testUserNsPodsManager := &testUserNsPodsManager{ podDir: t.TempDir(), diff --git a/deps/github.com/openshift/kubernetes/pkg/kubelet/userns/userns_manager_windows.go b/deps/github.com/openshift/kubernetes/pkg/kubelet/userns/userns_manager_windows.go new file mode 100644 index 0000000000..bc40b71879 --- /dev/null +++ b/deps/github.com/openshift/kubernetes/pkg/kubelet/userns/userns_manager_windows.go @@ -0,0 +1,50 @@ +/* +Copyright 2025 The Kubernetes Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +package userns + +import ( + v1 "k8s.io/api/core/v1" + "k8s.io/apimachinery/pkg/types" + runtimeapi "k8s.io/cri-api/pkg/apis/runtime/v1" + kubecontainer "k8s.io/kubernetes/pkg/kubelet/container" +) + +type UsernsManager struct{} + +func MakeUserNsManager(kl userNsPodsManager) (*UsernsManager, error) { + return nil, nil +} + +// Release releases the user namespace allocated to the specified pod. +func (m *UsernsManager) Release(podUID types.UID) { + return +} + +func (m *UsernsManager) GetOrCreateUserNamespaceMappings(pod *v1.Pod, runtimeHandler string) (*runtimeapi.UserNamespace, error) { + return nil, nil +} + +// CleanupOrphanedPodUsernsAllocations reconciliates the state of user namespace +// allocations with the pods actually running. It frees any user namespace +// allocation for orphaned pods. +func (m *UsernsManager) CleanupOrphanedPodUsernsAllocations(pods []*v1.Pod, runningPods []*kubecontainer.Pod) error { + return nil +} + +func EnabledUserNamespacesSupport() bool { + return false +} diff --git a/deps/github.com/openshift/kubernetes/pkg/volume/util/operationexecutor/node_expander.go b/deps/github.com/openshift/kubernetes/pkg/volume/util/operationexecutor/node_expander.go index a7c9872554..9c7767955c 100644 --- a/deps/github.com/openshift/kubernetes/pkg/volume/util/operationexecutor/node_expander.go +++ b/deps/github.com/openshift/kubernetes/pkg/volume/util/operationexecutor/node_expander.go @@ -96,12 +96,13 @@ func (ne *NodeExpander) runPreCheck() bool { ne.markExpansionInfeasibleOnFailure = true } + if ne.pvcStatusCap.Cmp(ne.pluginResizeOpts.NewSize) >= 0 && ne.resizeStatus == "" { + ne.pvcAlreadyUpdated = true + } + // PVC is already expanded but we are still trying to expand the volume because // last recorded size in ASOW is older. This can happen for RWX volume types. - if ne.pvcStatusCap.Cmp(ne.pluginResizeOpts.NewSize) >= 0 && - ne.resizeStatus == "" && - storage.ContainsAccessMode(ne.pvc.Spec.AccessModes, v1.ReadWriteMany) { - ne.pvcAlreadyUpdated = true + if ne.pvcAlreadyUpdated && storage.ContainsAccessMode(ne.pvc.Spec.AccessModes, v1.ReadWriteMany) { return true } @@ -124,6 +125,14 @@ func (ne *NodeExpander) runPreCheck() bool { func (ne *NodeExpander) expandOnPlugin() (bool, resource.Quantity, error) { allowExpansion := ne.runPreCheck() if !allowExpansion { + if ne.pvcAlreadyUpdated { + // if pvc is already updated, then we could be here because size stored in ASOW is smaller and controller did full + // expansion and hence no node expansion is needed. + // This will stop reconciler from retrying expansion on the node. + ne.testStatus = testResponseData{assumeResizeFinished: true, resizeCalledOnPlugin: false} + return true, ne.pluginResizeOpts.NewSize, nil + } + klog.V(3).Infof("NodeExpandVolume is not allowed to proceed for volume %s with resizeStatus %s", ne.vmt.VolumeName, ne.resizeStatus) ne.testStatus = testResponseData{false /* resizeCalledOnPlugin */, true /* assumeResizeFinished */} return false, ne.pluginResizeOpts.OldSize, nil diff --git a/deps/github.com/openshift/kubernetes/pkg/volume/util/operationexecutor/node_expander_test.go b/deps/github.com/openshift/kubernetes/pkg/volume/util/operationexecutor/node_expander_test.go index 6b339d71c9..6f8c4d83c9 100644 --- a/deps/github.com/openshift/kubernetes/pkg/volume/util/operationexecutor/node_expander_test.go +++ b/deps/github.com/openshift/kubernetes/pkg/volume/util/operationexecutor/node_expander_test.go @@ -60,10 +60,14 @@ func TestNodeExpander(t *testing.T) { actualSize *resource.Quantity // expectations of test - expectedResizeStatus v1.ClaimResourceStatus - expectedStatusSize resource.Quantity - expectResizeCall bool - expectFinalErrors bool + expectedResizeStatus v1.ClaimResourceStatus + expectedStatusSize resource.Quantity + // whether resize call was made to the plugin + expectResizeCall bool + expectFinalErrors bool + expectedReturnValue bool + + // whether resize operation was assumed as finished assumeResizeOpAsFinished bool expectError bool }{ @@ -75,6 +79,7 @@ func TestNodeExpander(t *testing.T) { expectedResizeStatus: nodeResizeFailed, expectResizeCall: false, + expectedReturnValue: false, assumeResizeOpAsFinished: true, expectFinalErrors: false, expectedStatusSize: resource.MustParse("1G"), @@ -87,6 +92,7 @@ func TestNodeExpander(t *testing.T) { expectedResizeStatus: "", expectResizeCall: true, + expectedReturnValue: true, assumeResizeOpAsFinished: true, expectFinalErrors: false, expectedStatusSize: resource.MustParse("2G"), @@ -100,6 +106,7 @@ func TestNodeExpander(t *testing.T) { expectedResizeStatus: nodeResizeFailed, expectResizeCall: true, assumeResizeOpAsFinished: true, + expectedReturnValue: false, expectFinalErrors: true, expectedStatusSize: resource.MustParse("1G"), }, @@ -111,6 +118,7 @@ func TestNodeExpander(t *testing.T) { expectError: true, expectedResizeStatus: v1.PersistentVolumeClaimNodeResizeInProgress, expectResizeCall: true, + expectedReturnValue: false, assumeResizeOpAsFinished: true, expectFinalErrors: true, expectedStatusSize: resource.MustParse("1G"), @@ -124,6 +132,7 @@ func TestNodeExpander(t *testing.T) { expectedResizeStatus: "", expectResizeCall: false, assumeResizeOpAsFinished: true, + expectedReturnValue: true, expectFinalErrors: false, expectedStatusSize: resource.MustParse("2G"), }, @@ -136,6 +145,7 @@ func TestNodeExpander(t *testing.T) { expectedResizeStatus: "", expectResizeCall: true, assumeResizeOpAsFinished: true, + expectedReturnValue: true, expectFinalErrors: false, expectedStatusSize: resource.MustParse("2G"), }, @@ -148,19 +158,22 @@ func TestNodeExpander(t *testing.T) { expectedResizeStatus: "", expectResizeCall: true, assumeResizeOpAsFinished: true, + expectedReturnValue: true, expectFinalErrors: false, expectedStatusSize: resource.MustParse("2G"), }, { - name: "RWX pv.spec.cap = pvc.status.cap, resizeStatus='', desiredSize > actualSize, reize_op=unsupported", - pvc: addAccessMode(getTestPVC(volumetesting.FailWithUnSupportedVolumeName, "2G", "2G", "2G", nil), v1.ReadWriteMany), - pv: getTestPV(volumetesting.FailWithUnSupportedVolumeName, "2G"), - expectError: false, - expectedResizeStatus: "", - expectResizeCall: false, - assumeResizeOpAsFinished: true, - expectFinalErrors: false, - expectedStatusSize: resource.MustParse("2G"), + name: "RWX pv.spec.cap = pvc.status.cap, resizeStatus='', desiredSize > actualSize, reize_op=unsupported", + pvc: addAccessMode(getTestPVC(volumetesting.FailWithUnSupportedVolumeName, "2G", "2G", "2G", nil), v1.ReadWriteMany), + pv: getTestPV(volumetesting.FailWithUnSupportedVolumeName, "2G"), + expectError: false, + recoverVolumeExpansionFailure: true, + expectedResizeStatus: "", + expectResizeCall: false, + expectedReturnValue: true, + assumeResizeOpAsFinished: true, + expectFinalErrors: false, + expectedStatusSize: resource.MustParse("2G"), }, } @@ -204,7 +217,7 @@ func TestNodeExpander(t *testing.T) { ogInstance, _ := og.(*operationGenerator) nodeExpander := newNodeExpander(resizeOp, ogInstance.kubeClient, ogInstance.recorder) - _, _, err := nodeExpander.expandOnPlugin() + returnValue, _, err := nodeExpander.expandOnPlugin() expansionResponse := nodeExpander.testStatus pvc = nodeExpander.pvc @@ -217,6 +230,10 @@ func TestNodeExpander(t *testing.T) { t.Errorf("For test %s, expected error but got none", test.name) } + if test.expectedReturnValue != returnValue { + t.Errorf("For test %s, expected return value %t, got %t", test.name, test.expectedReturnValue, returnValue) + } + if test.expectResizeCall != expansionResponse.resizeCalledOnPlugin { t.Errorf("For test %s, expected resize called %t, got %t", test.name, test.expectResizeCall, expansionResponse.resizeCalledOnPlugin) } diff --git a/deps/github.com/openshift/kubernetes/pkg/volume/util/operationexecutor/operation_generator.go b/deps/github.com/openshift/kubernetes/pkg/volume/util/operationexecutor/operation_generator.go index 7b8a765583..61e6150613 100644 --- a/deps/github.com/openshift/kubernetes/pkg/volume/util/operationexecutor/operation_generator.go +++ b/deps/github.com/openshift/kubernetes/pkg/volume/util/operationexecutor/operation_generator.go @@ -1910,10 +1910,8 @@ func (og *operationGenerator) GenerateExpandInUseVolumeFunc( if resizeDone { return volumetypes.NewOperationContext(nil, nil, migrated) } - // This is a placeholder error - we should NEVER reach here. - err = fmt.Errorf("volume resizing failed for unknown reason") - eventErr, detailedErr = volumeToMount.GenerateError("NodeExpandVolume.NodeExpandVolume failed to resize volume", err) - return volumetypes.NewOperationContext(eventErr, detailedErr, migrated) + klog.InfoS("Waiting for volume to be expandable on the node", "volumeName", volumeToMount.VolumeName) + return volumetypes.NewOperationContext(nil, nil, migrated) } eventRecorderFunc := func(err *error) { diff --git a/deps/github.com/openshift/kubernetes/plugin/pkg/admission/noderestriction/admission.go b/deps/github.com/openshift/kubernetes/plugin/pkg/admission/noderestriction/admission.go index 86265037f9..419de31a99 100644 --- a/deps/github.com/openshift/kubernetes/plugin/pkg/admission/noderestriction/admission.go +++ b/deps/github.com/openshift/kubernetes/plugin/pkg/admission/noderestriction/admission.go @@ -317,6 +317,10 @@ func (p *Plugin) admitPodCreate(nodeName string, a admission.Attributes) error { } } + if len(pod.Spec.ResourceClaims) > 0 { + return admission.NewForbidden(a, fmt.Errorf("node %q can not create pods that reference resourceclaims", nodeName)) + } + return nil } diff --git a/deps/github.com/openshift/kubernetes/plugin/pkg/admission/noderestriction/admission_test.go b/deps/github.com/openshift/kubernetes/plugin/pkg/admission/noderestriction/admission_test.go index ed83cd2f47..86a2666ef8 100644 --- a/deps/github.com/openshift/kubernetes/plugin/pkg/admission/noderestriction/admission_test.go +++ b/deps/github.com/openshift/kubernetes/plugin/pkg/admission/noderestriction/admission_test.go @@ -519,6 +519,9 @@ func Test_nodePlugin_Admit(t *testing.T) { pvcpod, _ := makeTestPod("ns", "mypvcpod", "mynode", true) pvcpod.Spec.Volumes = []api.Volume{{VolumeSource: api.VolumeSource{PersistentVolumeClaim: &api.PersistentVolumeClaimVolumeSource{ClaimName: "foo"}}}} + claimpod, _ := makeTestPod("ns", "myclaimpod", "mynode", true) + claimpod.Spec.ResourceClaims = []api.PodResourceClaim{{Name: "myclaim", ResourceClaimName: pointer.String("myexternalclaim")}} + tests := []admitTestCase{ // Mirror pods bound to us { @@ -1000,6 +1003,12 @@ func Test_nodePlugin_Admit(t *testing.T) { attributes: admission.NewAttributesRecord(pvcpod, nil, podKind, pvcpod.Namespace, pvcpod.Name, podResource, "", admission.Create, &metav1.CreateOptions{}, false, mynode), err: "reference persistentvolumeclaims", }, + { + name: "forbid create of pod referencing resourceclaim", + podsGetter: noExistingPods, + attributes: admission.NewAttributesRecord(claimpod, nil, podKind, claimpod.Namespace, claimpod.Name, podResource, "", admission.Create, &metav1.CreateOptions{}, false, mynode), + err: "reference resourceclaim", + }, // My node object { diff --git a/deps/github.com/openshift/kubernetes/staging/publishing/rules.yaml b/deps/github.com/openshift/kubernetes/staging/publishing/rules.yaml index d07783f16b..e3db4a7fc3 100644 --- a/deps/github.com/openshift/kubernetes/staging/publishing/rules.yaml +++ b/deps/github.com/openshift/kubernetes/staging/publishing/rules.yaml @@ -2900,4 +2900,4 @@ rules: - staging/src/k8s.io/externaljwt recursive-delete-patterns: - '*/.gitattributes' -default-go-version: 1.23.8 +default-go-version: 1.23.10 diff --git a/deps/github.com/openshift/kubernetes/test/images/Makefile b/deps/github.com/openshift/kubernetes/test/images/Makefile index 65910b90e4..a96a629816 100644 --- a/deps/github.com/openshift/kubernetes/test/images/Makefile +++ b/deps/github.com/openshift/kubernetes/test/images/Makefile @@ -16,7 +16,7 @@ REGISTRY ?= registry.k8s.io/e2e-test-images GOARM ?= 7 DOCKER_CERT_BASE_PATH ?= QEMUVERSION=v5.1.0-2 -GOLANG_VERSION=1.23.8 +GOLANG_VERSION=1.23.10 export ifndef WHAT diff --git a/deps/github.com/openshift/kubernetes/test/utils/image/manifest.go b/deps/github.com/openshift/kubernetes/test/utils/image/manifest.go index 3210068bf3..135e121def 100644 --- a/deps/github.com/openshift/kubernetes/test/utils/image/manifest.go +++ b/deps/github.com/openshift/kubernetes/test/utils/image/manifest.go @@ -223,7 +223,7 @@ func initImageConfigs(list RegistryList) (map[ImageID]Config, map[ImageID]Config configs[APIServer] = Config{list.PromoterE2eRegistry, "sample-apiserver", "1.29.2"} configs[AppArmorLoader] = Config{list.PromoterE2eRegistry, "apparmor-loader", "1.4"} configs[BusyBox] = Config{list.PromoterE2eRegistry, "busybox", "1.36.1-1"} - configs[DistrolessIptables] = Config{list.BuildImageRegistry, "distroless-iptables", "v0.6.9"} + configs[DistrolessIptables] = Config{list.BuildImageRegistry, "distroless-iptables", "v0.6.11"} configs[Etcd] = Config{list.GcEtcdRegistry, "etcd", "3.5.16-0"} configs[Httpd] = Config{list.PromoterE2eRegistry, "httpd", "2.4.38-4"} configs[HttpdNew] = Config{list.PromoterE2eRegistry, "httpd", "2.4.39-4"} diff --git a/deps/github.com/openshift/kubernetes/vendor/github.com/Microsoft/hnslib/hcn/hcnglobals.go b/deps/github.com/openshift/kubernetes/vendor/github.com/Microsoft/hnslib/hcn/hcnglobals.go index 33fd9af877..fb74386242 100644 --- a/deps/github.com/openshift/kubernetes/vendor/github.com/Microsoft/hnslib/hcn/hcnglobals.go +++ b/deps/github.com/openshift/kubernetes/vendor/github.com/Microsoft/hnslib/hcn/hcnglobals.go @@ -87,8 +87,10 @@ var ( //HNS 15.1 allows support for DisableHostPort flag. DisableHostPortVersion = VersionRanges{VersionRange{MinVersion: Version{Major: 15, Minor: 1}, MaxVersion: Version{Major: math.MaxInt32, Minor: math.MaxInt32}}} - // HNS 15.4 allows for Modify Loadbalancer support - ModifyLoadbalancerVersion = VersionRanges{VersionRange{MinVersion: Version{Major: 15, Minor: 4}, MaxVersion: Version{Major: math.MaxInt32, Minor: math.MaxInt32}}} + // HNS 15.5+ allows for Modify Loadbalancer support in Zn + ModifyLoadbalancerVersion = VersionRanges{ + VersionRange{MinVersion: Version{Major: 15, Minor: 5}, MaxVersion: Version{Major: 15, Minor: math.MaxInt32}}, + } // HNS 15.4 allows for Accelnet support AccelnetVersion = VersionRanges{VersionRange{MinVersion: Version{Major: 15, Minor: 4}, MaxVersion: Version{Major: math.MaxInt32, Minor: math.MaxInt32}}} ) diff --git a/deps/github.com/openshift/kubernetes/vendor/modules.txt b/deps/github.com/openshift/kubernetes/vendor/modules.txt index c0da386bec..d28e456f21 100644 --- a/deps/github.com/openshift/kubernetes/vendor/modules.txt +++ b/deps/github.com/openshift/kubernetes/vendor/modules.txt @@ -25,7 +25,7 @@ github.com/Microsoft/go-winio/internal/fs github.com/Microsoft/go-winio/internal/socket github.com/Microsoft/go-winio/internal/stringbuffer github.com/Microsoft/go-winio/pkg/guid -# github.com/Microsoft/hnslib v0.0.8 +# github.com/Microsoft/hnslib v0.1.1 ## explicit; go 1.22.0 github.com/Microsoft/hnslib github.com/Microsoft/hnslib/hcn diff --git a/etcd/go.mod b/etcd/go.mod index 243859324a..1283751608 100644 --- a/etcd/go.mod +++ b/etcd/go.mod @@ -15,11 +15,11 @@ require ( github.com/openshift/build-machinery-go v0.0.0-20250602125535-1b6d00b8c37c github.com/spf13/cobra v1.8.1 go.etcd.io/etcd/server/v3 v3.5.16 - k8s.io/apimachinery v1.32.5 - k8s.io/cli-runtime v1.32.5 - k8s.io/component-base v1.32.5 + k8s.io/apimachinery v1.32.6 + k8s.io/cli-runtime v1.32.6 + k8s.io/component-base v1.32.6 k8s.io/klog/v2 v2.130.1 - k8s.io/kubectl v1.32.5 + k8s.io/kubectl v1.32.6 sigs.k8s.io/yaml v1.4.0 ) @@ -43,7 +43,7 @@ require ( google.golang.org/genproto/googleapis/api v0.0.0-20250115164207-1a7da9e5054f // indirect google.golang.org/genproto/googleapis/rpc v0.0.0-20250115164207-1a7da9e5054f // indirect gopkg.in/evanphx/json-patch.v4 v4.12.0 // indirect - k8s.io/apiserver v1.32.5 // indirect + k8s.io/apiserver v1.32.6 // indirect ) require ( @@ -132,8 +132,8 @@ require ( gopkg.in/inf.v0 v0.9.1 // indirect gopkg.in/natefinch/lumberjack.v2 v2.2.1 // indirect gopkg.in/yaml.v3 v3.0.1 // indirect - k8s.io/api v1.32.5 // indirect - k8s.io/client-go v1.32.5 // indirect + k8s.io/api v1.32.6 // indirect + k8s.io/client-go v1.32.6 // indirect k8s.io/kube-openapi v0.0.0-20241105132330-32ad38e42d3f // indirect k8s.io/utils v0.0.0-20241210054802-24370beab758 // indirect sigs.k8s.io/json v0.0.0-20241014173422-cfa47c3a1cc8 // indirect diff --git a/etcd/vendor/modules.txt b/etcd/vendor/modules.txt index 9e8d61fd6a..a59b563c73 100644 --- a/etcd/vendor/modules.txt +++ b/etcd/vendor/modules.txt @@ -631,7 +631,7 @@ gopkg.in/natefinch/lumberjack.v2 # gopkg.in/yaml.v3 v3.0.1 ## explicit gopkg.in/yaml.v3 -# k8s.io/api v1.32.5 => ../deps/github.com/openshift/kubernetes/staging/src/k8s.io/api +# k8s.io/api v1.32.6 => ../deps/github.com/openshift/kubernetes/staging/src/k8s.io/api ## explicit; go 1.23.0 k8s.io/api/admission/v1 k8s.io/api/admission/v1beta1 @@ -692,7 +692,7 @@ k8s.io/api/storage/v1 k8s.io/api/storage/v1alpha1 k8s.io/api/storage/v1beta1 k8s.io/api/storagemigration/v1alpha1 -# k8s.io/apimachinery v1.32.5 => ../deps/github.com/openshift/kubernetes/staging/src/k8s.io/apimachinery +# k8s.io/apimachinery v1.32.6 => ../deps/github.com/openshift/kubernetes/staging/src/k8s.io/apimachinery ## explicit; go 1.23.0 k8s.io/apimachinery/pkg/api/equality k8s.io/apimachinery/pkg/api/errors @@ -754,18 +754,18 @@ k8s.io/apimachinery/pkg/watch k8s.io/apimachinery/third_party/forked/golang/json k8s.io/apimachinery/third_party/forked/golang/netutil k8s.io/apimachinery/third_party/forked/golang/reflect -# k8s.io/apiserver v1.32.5 => ../deps/github.com/openshift/kubernetes/staging/src/k8s.io/apiserver +# k8s.io/apiserver v1.32.6 => ../deps/github.com/openshift/kubernetes/staging/src/k8s.io/apiserver ## explicit; go 1.23.0 k8s.io/apiserver/pkg/apis/audit k8s.io/apiserver/pkg/apis/audit/v1 k8s.io/apiserver/pkg/authentication/user -# k8s.io/cli-runtime v1.32.5 => ../deps/github.com/openshift/kubernetes/staging/src/k8s.io/cli-runtime +# k8s.io/cli-runtime v1.32.6 => ../deps/github.com/openshift/kubernetes/staging/src/k8s.io/cli-runtime ## explicit; go 1.23.0 k8s.io/cli-runtime/pkg/genericclioptions k8s.io/cli-runtime/pkg/genericiooptions k8s.io/cli-runtime/pkg/printers k8s.io/cli-runtime/pkg/resource -# k8s.io/client-go v1.32.5 => ../deps/github.com/openshift/kubernetes/staging/src/k8s.io/client-go +# k8s.io/client-go v1.32.6 => ../deps/github.com/openshift/kubernetes/staging/src/k8s.io/client-go ## explicit; go 1.23.0 k8s.io/client-go/applyconfigurations/admissionregistration/v1 k8s.io/client-go/applyconfigurations/admissionregistration/v1alpha1 @@ -924,7 +924,7 @@ k8s.io/client-go/util/jsonpath k8s.io/client-go/util/keyutil k8s.io/client-go/util/watchlist k8s.io/client-go/util/workqueue -# k8s.io/component-base v1.32.5 => ../deps/github.com/openshift/kubernetes/staging/src/k8s.io/component-base +# k8s.io/component-base v1.32.6 => ../deps/github.com/openshift/kubernetes/staging/src/k8s.io/component-base ## explicit; go 1.23.0 k8s.io/component-base/cli k8s.io/component-base/cli/flag @@ -961,7 +961,7 @@ k8s.io/kube-openapi/pkg/spec3 k8s.io/kube-openapi/pkg/util/proto k8s.io/kube-openapi/pkg/util/proto/validation k8s.io/kube-openapi/pkg/validation/spec -# k8s.io/kubectl v1.32.5 => ../deps/github.com/openshift/kubernetes/staging/src/k8s.io/kubectl +# k8s.io/kubectl v1.32.6 => ../deps/github.com/openshift/kubernetes/staging/src/k8s.io/kubectl ## explicit; go 1.23.0 k8s.io/kubectl/pkg/cmd/util k8s.io/kubectl/pkg/scheme diff --git a/go.mod b/go.mod index 344bf071c6..ada953a046 100644 --- a/go.mod +++ b/go.mod @@ -38,16 +38,16 @@ require ( github.com/prometheus/common v0.62.0 github.com/prometheus/prometheus v0.302.1 gopkg.in/yaml.v2 v2.4.0 - k8s.io/api v1.32.5 - k8s.io/apiextensions-apiserver v1.32.5 - k8s.io/apimachinery v1.32.5 - k8s.io/apiserver v1.32.5 - k8s.io/cli-runtime v1.32.5 - k8s.io/client-go v1.32.5 - k8s.io/cloud-provider v1.32.5 - k8s.io/component-base v1.32.5 - k8s.io/kube-aggregator v1.32.5 - k8s.io/kubectl v1.32.5 + k8s.io/api v1.32.6 + k8s.io/apiextensions-apiserver v1.32.6 + k8s.io/apimachinery v1.32.6 + k8s.io/apiserver v1.32.6 + k8s.io/cli-runtime v1.32.6 + k8s.io/client-go v1.32.6 + k8s.io/cloud-provider v1.32.6 + k8s.io/component-base v1.32.6 + k8s.io/kube-aggregator v1.32.6 + k8s.io/kubectl v1.32.6 k8s.io/utils v0.0.0-20241210054802-24370beab758 sigs.k8s.io/kube-storage-version-migrator v0.0.6-0.20230721195810-5c8923c5ff96 sigs.k8s.io/kustomize/api v0.18.0 @@ -61,7 +61,7 @@ require ( github.com/JeffAshton/win_pdh v0.0.0-20161109143554-76bb4ee9f0ab // indirect github.com/MakeNowJust/heredoc v1.0.0 // indirect github.com/Microsoft/go-winio v0.6.2 // indirect - github.com/Microsoft/hnslib v0.0.8 // indirect + github.com/Microsoft/hnslib v0.1.1 // indirect github.com/NYTimes/gziphandler v1.1.1 // indirect github.com/antlr4-go/antlr/v4 v4.13.0 // indirect github.com/armon/circbuf v0.0.0-20190214190532-5111143e8da2 // indirect @@ -146,22 +146,22 @@ require ( gopkg.in/inf.v0 v0.9.1 // indirect gopkg.in/natefinch/lumberjack.v2 v2.2.1 // indirect gopkg.in/square/go-jose.v2 v2.6.0 // indirect - k8s.io/cluster-bootstrap v1.32.5 // indirect - k8s.io/component-helpers v1.32.5 // indirect - k8s.io/controller-manager v1.32.5 // indirect - k8s.io/cri-api v1.32.5 // indirect - k8s.io/cri-client v1.32.5 // indirect - k8s.io/csi-translation-lib v1.32.5 // indirect - k8s.io/dynamic-resource-allocation v1.32.5 // indirect - k8s.io/endpointslice v1.32.5 // indirect - k8s.io/externaljwt v1.32.5 // indirect - k8s.io/kms v1.32.5 // indirect - k8s.io/kube-controller-manager v1.32.5 // indirect - k8s.io/kube-scheduler v1.32.5 // indirect - k8s.io/kubelet v1.32.5 // indirect - k8s.io/metrics v1.32.5 // indirect - k8s.io/mount-utils v1.32.5 // indirect - k8s.io/pod-security-admission v1.32.5 // indirect + k8s.io/cluster-bootstrap v1.32.6 // indirect + k8s.io/component-helpers v1.32.6 // indirect + k8s.io/controller-manager v1.32.6 // indirect + k8s.io/cri-api v1.32.6 // indirect + k8s.io/cri-client v1.32.6 // indirect + k8s.io/csi-translation-lib v1.32.6 // indirect + k8s.io/dynamic-resource-allocation v1.32.6 // indirect + k8s.io/endpointslice v1.32.6 // indirect + k8s.io/externaljwt v1.32.6 // indirect + k8s.io/kms v1.32.6 // indirect + k8s.io/kube-controller-manager v1.32.6 // indirect + k8s.io/kube-scheduler v1.32.6 // indirect + k8s.io/kubelet v1.32.6 // indirect + k8s.io/metrics v1.32.6 // indirect + k8s.io/mount-utils v1.32.6 // indirect + k8s.io/pod-security-admission v1.32.6 // indirect sigs.k8s.io/apiserver-network-proxy/konnectivity-client v0.31.0 // indirect sigs.k8s.io/json v0.0.0-20241014173422-cfa47c3a1cc8 // indirect ) @@ -210,7 +210,7 @@ require ( google.golang.org/protobuf v1.36.4 // indirect k8s.io/gengo/v2 v2.0.0-20240911193312-2b36238f13e9 // indirect k8s.io/klog/v2 v2.130.1 - k8s.io/kubernetes v1.32.5 + k8s.io/kubernetes v1.32.6 sigs.k8s.io/structured-merge-diff/v4 v4.5.0 // indirect ) diff --git a/go.sum b/go.sum index 3de06e41f4..06349bff9c 100644 --- a/go.sum +++ b/go.sum @@ -10,8 +10,8 @@ github.com/MakeNowJust/heredoc v1.0.0 h1:cXCdzVdstXyiTqTvfqk9SDHpKNjxuom+DOlyEeQ github.com/MakeNowJust/heredoc v1.0.0/go.mod h1:mG5amYoWBHf8vpLOuehzbGGw0EHxpZZ6lCpQ4fNJ8LE= github.com/Microsoft/go-winio v0.6.2 h1:F2VQgta7ecxGYO8k3ZZz3RS8fVIXVxONVUPlNERoyfY= github.com/Microsoft/go-winio v0.6.2/go.mod h1:yd8OoFMLzJbo9gZq8j5qaps8bJ9aShtEA8Ipt1oGCvU= -github.com/Microsoft/hnslib v0.0.8 h1:EBrIiRB7i/UYIXEC2yw22dn+RLzOmsc5S0bw2xf0Qus= -github.com/Microsoft/hnslib v0.0.8/go.mod h1:EYveQJlhKh2obmEIRB3uKN6dBd9pj1frPsrTGFppKuk= +github.com/Microsoft/hnslib v0.1.1 h1:JsZy681SnvSOUAfCZVAxkX4LgQGp+CZZwPbLV0/pdF8= +github.com/Microsoft/hnslib v0.1.1/go.mod h1:DRQR4IjLae6WHYVhW7uqe44hmFUiNhmaWA+jwMbz5tM= github.com/NYTimes/gziphandler v1.1.1 h1:ZUDjpQae29j0ryrS0u/B8HZfJBtBQHjqw2rQ2cqUQ3I= github.com/NYTimes/gziphandler v1.1.1/go.mod h1:n/CVRwUEOgIxrgPvAQhUUr9oeUtvrhMomdKFjzJNB0c= github.com/antlr4-go/antlr/v4 v4.13.0 h1:lxCg3LAv+EUK6t1i0y1V6/SLeUi0eKEKdhQAlS8TVTI= diff --git a/packaging/crio.conf.d/10-microshift_amd64.conf b/packaging/crio.conf.d/10-microshift_amd64.conf index 8cf5ca5938..bf1eaa0fc4 100644 --- a/packaging/crio.conf.d/10-microshift_amd64.conf +++ b/packaging/crio.conf.d/10-microshift_amd64.conf @@ -24,6 +24,6 @@ plugin_dirs = [ # for community builds on top of OKD, this setting has no effect [crio.image] global_auth_file="/etc/crio/openshift-pull-secret" -pause_image = "quay.io/openshift-release-dev/ocp-v4.0-art-dev@sha256:c4cc43556a30d72412e20dd97cd121ca2eee35074e0d1c4a6ba35f828e2cdfe0" +pause_image = "quay.io/openshift-release-dev/ocp-v4.0-art-dev@sha256:db230ce535ebafb9adb365e557a6c9f0cfda932739e541b7b374b6f4b11108c6" pause_image_auth_file = "/etc/crio/openshift-pull-secret" pause_command = "/usr/bin/pod" diff --git a/packaging/crio.conf.d/10-microshift_arm64.conf b/packaging/crio.conf.d/10-microshift_arm64.conf index 6ebcf4717c..73afdaa2e3 100644 --- a/packaging/crio.conf.d/10-microshift_arm64.conf +++ b/packaging/crio.conf.d/10-microshift_arm64.conf @@ -24,6 +24,6 @@ plugin_dirs = [ # for community builds on top of OKD, this setting has no effect [crio.image] global_auth_file="/etc/crio/openshift-pull-secret" -pause_image = "quay.io/openshift-release-dev/ocp-v4.0-art-dev@sha256:5727f343f2226bfa5d5846c96ec5840c9deac1fc7edd350bc5ac09f160267038" +pause_image = "quay.io/openshift-release-dev/ocp-v4.0-art-dev@sha256:fa6290de6a96c9fcd3c641782b08aad8aabd0c79a17d204ca5204038eb92cad4" pause_image_auth_file = "/etc/crio/openshift-pull-secret" pause_command = "/usr/bin/pod" diff --git a/scripts/auto-rebase/changelog.txt b/scripts/auto-rebase/changelog.txt index e69de29bb2..8c2b76858c 100644 --- a/scripts/auto-rebase/changelog.txt +++ b/scripts/auto-rebase/changelog.txt @@ -0,0 +1,78 @@ +- cluster-ingress-operator embedded-component 6d54169d4c6643ae9b6ff81b3a21b929934062fa to 137807b212e6c24b59073a43fb10ccf6fed2a250 + - d1bae98 2025-07-04T13:33:49+00:00 desiredIstio: Do not enable a default PDB + +- cluster-kube-apiserver-operator embedded-component 34bd8a7860802d310b4b0c124dc7975b6fa52773 to 4986945df44e4288cdd76f1f437bc3ba81e5700c + - 44369de 2025-07-03T19:20:35+00:00 certregenerationcontroller: start configInformers again + +- kubernetes embedded-component 106d0409dd6b36020d8a12ea5ca00ce97ac986ed to 38c60a516ecb061270b0f0f05239b8fe2ce4bf0e + - b1689fcb1 2025-07-01T17:03:27-04:00 UPSTREAM: : hack/update-vendor.sh, make update and update image + - b8c23df4a 2025-07-01T16:40:20-04:00 UPSTREAM: : manually resolve conflicts + - 2804ee3d8 2025-06-24T13:45:24+00:00 UPSTREAM: : Update rebase.sh to handle go versions major.minor.patch instead of just major.minor + - 036f7ed3f 2025-06-17T21:01:12+00:00 Release commit for Kubernetes v1.32.6 + - 7246ec90c 2025-06-11T08:32:50+02:00 Bump images, dependencies and versions to go 1.23.10 and distroless iptables + - de8292ad6 2025-06-04T11:36:02-04:00 Remove warning about resizing failed for unknown reason + - ec4c71b70 2025-05-28T22:22:54-04:00 Add tests that validate the return value of resize operation + - 40849d37e 2025-05-23T09:17:51-04:00 Bump images, dependencies and versions to go 1.23.9 and distroless iptables + - 9a67ee4a7 2025-05-21T08:40:28+02:00 DRA node: reject static pods which reference ResourceClaims + - 07011c05b 2025-05-15T12:30:21+02:00 pkg/kubelet/userns: Remove skip on windows + - 1d923fbc7 2025-05-15T12:30:21+02:00 pkg/kubelet/userns: Wrap error to get mappings + - 3755f8e2f 2025-05-15T12:30:21+02:00 pkg/kubelet/userns: Provide stub implementation for windows + - b5d6f06fe 2025-05-15T12:30:21+02:00 pkg/kubelet: Fix userns tests on Windows + - 5e7201df6 2025-05-15T12:26:08+02:00 Revert "Enforce the Minimum Kernel Version 6.3 for UserNamespacesSupport feature" + - a35311c35 2025-05-15T12:26:08+02:00 Revert "Switch hard error to a WARNING for kernel version check" + - 54889f053 2025-05-15T12:21:30+02:00 userns: Wrap more errors + - 9326fc309 2025-05-15T12:21:30+02:00 userns: Improve error returned if userns is not supported + - fd5862185 2025-05-15T12:21:30+02:00 userns: Use len to handle empty non-nil slices + - 95c119b50 2025-05-15T09:27:49+00:00 Update CHANGELOG/CHANGELOG-1.32.md for v1.32.5 + - 9a57de0ec 2025-05-07T09:48:49-07:00 Update hnslib version in Windows KubeProxy. + +- machine-config-operator embedded-component 7df542080017dcd0e57c007ac25af47fd7c800c2 to 023231898840e2a9173899da72639556397917df + - ed4a9a2a 2025-07-08T12:53:42+00:00 Add control-plane label for master nodes on legacy clusters + +- operator-framework-olm embedded-component 4a6530a4cf4e8e81d8f04923f36dd36023f45902 to 0e4e456e8183103a071b57bf19e989eda5162f8c + - 00d6504d 2025-06-30T13:47:15-04:00 :bug: OCPBUGS-37982: Reduce Frequency of Update Requests for Copied CSVs (#3597) + +- kubernetes image-amd64 106d0409dd6b36020d8a12ea5ca00ce97ac986ed to 38c60a516ecb061270b0f0f05239b8fe2ce4bf0e + - b1689fcb1 2025-07-01T17:03:27-04:00 UPSTREAM: : hack/update-vendor.sh, make update and update image + - b8c23df4a 2025-07-01T16:40:20-04:00 UPSTREAM: : manually resolve conflicts + - 2804ee3d8 2025-06-24T13:45:24+00:00 UPSTREAM: : Update rebase.sh to handle go versions major.minor.patch instead of just major.minor + - 036f7ed3f 2025-06-17T21:01:12+00:00 Release commit for Kubernetes v1.32.6 + - 7246ec90c 2025-06-11T08:32:50+02:00 Bump images, dependencies and versions to go 1.23.10 and distroless iptables + - de8292ad6 2025-06-04T11:36:02-04:00 Remove warning about resizing failed for unknown reason + - ec4c71b70 2025-05-28T22:22:54-04:00 Add tests that validate the return value of resize operation + - 40849d37e 2025-05-23T09:17:51-04:00 Bump images, dependencies and versions to go 1.23.9 and distroless iptables + - 9a67ee4a7 2025-05-21T08:40:28+02:00 DRA node: reject static pods which reference ResourceClaims + - 07011c05b 2025-05-15T12:30:21+02:00 pkg/kubelet/userns: Remove skip on windows + - 1d923fbc7 2025-05-15T12:30:21+02:00 pkg/kubelet/userns: Wrap error to get mappings + - 3755f8e2f 2025-05-15T12:30:21+02:00 pkg/kubelet/userns: Provide stub implementation for windows + - b5d6f06fe 2025-05-15T12:30:21+02:00 pkg/kubelet: Fix userns tests on Windows + - 5e7201df6 2025-05-15T12:26:08+02:00 Revert "Enforce the Minimum Kernel Version 6.3 for UserNamespacesSupport feature" + - a35311c35 2025-05-15T12:26:08+02:00 Revert "Switch hard error to a WARNING for kernel version check" + - 54889f053 2025-05-15T12:21:30+02:00 userns: Wrap more errors + - 9326fc309 2025-05-15T12:21:30+02:00 userns: Improve error returned if userns is not supported + - fd5862185 2025-05-15T12:21:30+02:00 userns: Use len to handle empty non-nil slices + - 95c119b50 2025-05-15T09:27:49+00:00 Update CHANGELOG/CHANGELOG-1.32.md for v1.32.5 + - 9a57de0ec 2025-05-07T09:48:49-07:00 Update hnslib version in Windows KubeProxy. + +- kubernetes image-arm64 106d0409dd6b36020d8a12ea5ca00ce97ac986ed to 38c60a516ecb061270b0f0f05239b8fe2ce4bf0e + - b1689fcb1 2025-07-01T17:03:27-04:00 UPSTREAM: : hack/update-vendor.sh, make update and update image + - b8c23df4a 2025-07-01T16:40:20-04:00 UPSTREAM: : manually resolve conflicts + - 2804ee3d8 2025-06-24T13:45:24+00:00 UPSTREAM: : Update rebase.sh to handle go versions major.minor.patch instead of just major.minor + - 036f7ed3f 2025-06-17T21:01:12+00:00 Release commit for Kubernetes v1.32.6 + - 7246ec90c 2025-06-11T08:32:50+02:00 Bump images, dependencies and versions to go 1.23.10 and distroless iptables + - de8292ad6 2025-06-04T11:36:02-04:00 Remove warning about resizing failed for unknown reason + - ec4c71b70 2025-05-28T22:22:54-04:00 Add tests that validate the return value of resize operation + - 40849d37e 2025-05-23T09:17:51-04:00 Bump images, dependencies and versions to go 1.23.9 and distroless iptables + - 9a67ee4a7 2025-05-21T08:40:28+02:00 DRA node: reject static pods which reference ResourceClaims + - 07011c05b 2025-05-15T12:30:21+02:00 pkg/kubelet/userns: Remove skip on windows + - 1d923fbc7 2025-05-15T12:30:21+02:00 pkg/kubelet/userns: Wrap error to get mappings + - 3755f8e2f 2025-05-15T12:30:21+02:00 pkg/kubelet/userns: Provide stub implementation for windows + - b5d6f06fe 2025-05-15T12:30:21+02:00 pkg/kubelet: Fix userns tests on Windows + - 5e7201df6 2025-05-15T12:26:08+02:00 Revert "Enforce the Minimum Kernel Version 6.3 for UserNamespacesSupport feature" + - a35311c35 2025-05-15T12:26:08+02:00 Revert "Switch hard error to a WARNING for kernel version check" + - 54889f053 2025-05-15T12:21:30+02:00 userns: Wrap more errors + - 9326fc309 2025-05-15T12:21:30+02:00 userns: Improve error returned if userns is not supported + - fd5862185 2025-05-15T12:21:30+02:00 userns: Use len to handle empty non-nil slices + - 95c119b50 2025-05-15T09:27:49+00:00 Update CHANGELOG/CHANGELOG-1.32.md for v1.32.5 + - 9a57de0ec 2025-05-07T09:48:49-07:00 Update hnslib version in Windows KubeProxy. + diff --git a/scripts/auto-rebase/commits.txt b/scripts/auto-rebase/commits.txt index ec438bd976..c0e25b2aad 100644 --- a/scripts/auto-rebase/commits.txt +++ b/scripts/auto-rebase/commits.txt @@ -1,8 +1,8 @@ https://github.com/openshift/api embedded-component 97812373b6b447ff6b55d3e2625b4f62aff1a16f https://github.com/openshift/cluster-csi-snapshot-controller-operator embedded-component cf99de974354133f853928cff9e19ad19c5347d9 https://github.com/openshift/cluster-dns-operator embedded-component 659813065170f4e52f80b7a29bbab64bfa9aa172 -https://github.com/openshift/cluster-ingress-operator embedded-component 6d54169d4c6643ae9b6ff81b3a21b929934062fa -https://github.com/openshift/cluster-kube-apiserver-operator embedded-component 34bd8a7860802d310b4b0c124dc7975b6fa52773 +https://github.com/openshift/cluster-ingress-operator embedded-component 137807b212e6c24b59073a43fb10ccf6fed2a250 +https://github.com/openshift/cluster-kube-apiserver-operator embedded-component 4986945df44e4288cdd76f1f437bc3ba81e5700c https://github.com/openshift/cluster-kube-controller-manager-operator embedded-component cec410b7f877a6eef57968889a644b848bdb540a https://github.com/openshift/cluster-kube-scheduler-operator embedded-component 8740a60de76690a17d5081db078eb93dfdb7a066 https://github.com/openshift/cluster-network-operator embedded-component 2a1d6159a44bf8aa26bba9981f144006a1d99990 @@ -10,11 +10,11 @@ https://github.com/openshift/cluster-openshift-controller-manager-operator embed https://github.com/openshift/cluster-policy-controller embedded-component 748524784686a5f397490563882cbfb88f9acd01 https://github.com/openshift/csi-external-snapshotter embedded-component ac82cafc95b301f67f46ee0db93720d55177a19b https://github.com/openshift/etcd embedded-component a5421dfe551a2e9c911a75062a4cdeb7473f5c26 -https://github.com/openshift/kubernetes embedded-component 106d0409dd6b36020d8a12ea5ca00ce97ac986ed +https://github.com/openshift/kubernetes embedded-component 38c60a516ecb061270b0f0f05239b8fe2ce4bf0e https://github.com/openshift/kubernetes-kube-storage-version-migrator embedded-component 4ab93e07bb7c525990ef21a11caae2122ace63f6 -https://github.com/openshift/machine-config-operator embedded-component 7df542080017dcd0e57c007ac25af47fd7c800c2 +https://github.com/openshift/machine-config-operator embedded-component 023231898840e2a9173899da72639556397917df https://github.com/openshift/openshift-controller-manager embedded-component af43fe68a7d862959a797b66307a1277fffbc9df -https://github.com/openshift/operator-framework-olm embedded-component 4a6530a4cf4e8e81d8f04923f36dd36023f45902 +https://github.com/openshift/operator-framework-olm embedded-component 0e4e456e8183103a071b57bf19e989eda5162f8c https://github.com/openshift/route-controller-manager embedded-component bc97534a12a7a6bac096e4ed488b29535c8d4f33 https://github.com/openshift/service-ca-operator embedded-component 4dfa6916f984d0fd7188380edc88b250738f07f7 https://github.com/openshift/oc image-amd64 298429ba9831d1d72b89edd9beb82a6ee665c3b7 @@ -23,7 +23,7 @@ https://github.com/openshift/csi-external-snapshotter image-amd64 ac82cafc95b301 https://github.com/openshift/router image-amd64 b41f9d05467fb7b3f6c2dafa6ac4b5e25164c0b6 https://github.com/openshift/kube-rbac-proxy image-amd64 591277560f328601273f88f2881e09ccccd90a97 https://github.com/openshift/ovn-kubernetes image-amd64 0c8cdc93873c06b07973d147fc704d2224ac2faf -https://github.com/openshift/kubernetes image-amd64 106d0409dd6b36020d8a12ea5ca00ce97ac986ed +https://github.com/openshift/kubernetes image-amd64 38c60a516ecb061270b0f0f05239b8fe2ce4bf0e https://github.com/openshift/service-ca-operator image-amd64 4dfa6916f984d0fd7188380edc88b250738f07f7 https://github.com/openshift/oc image-arm64 298429ba9831d1d72b89edd9beb82a6ee665c3b7 https://github.com/openshift/coredns image-arm64 74776b850522c912db5fbadf7353f1eab669bd2a @@ -31,5 +31,5 @@ https://github.com/openshift/csi-external-snapshotter image-arm64 ac82cafc95b301 https://github.com/openshift/router image-arm64 b41f9d05467fb7b3f6c2dafa6ac4b5e25164c0b6 https://github.com/openshift/kube-rbac-proxy image-arm64 591277560f328601273f88f2881e09ccccd90a97 https://github.com/openshift/ovn-kubernetes image-arm64 0c8cdc93873c06b07973d147fc704d2224ac2faf -https://github.com/openshift/kubernetes image-arm64 106d0409dd6b36020d8a12ea5ca00ce97ac986ed +https://github.com/openshift/kubernetes image-arm64 38c60a516ecb061270b0f0f05239b8fe2ce4bf0e https://github.com/openshift/service-ca-operator image-arm64 4dfa6916f984d0fd7188380edc88b250738f07f7 diff --git a/scripts/auto-rebase/last_rebase.sh b/scripts/auto-rebase/last_rebase.sh index 8c8f5b7a5a..4b726b6f8f 100755 --- a/scripts/auto-rebase/last_rebase.sh +++ b/scripts/auto-rebase/last_rebase.sh @@ -1,2 +1,2 @@ #!/bin/bash -x -./scripts/auto-rebase/rebase.sh to "registry.ci.openshift.org/ocp/release:4.19.0-0.nightly-2025-07-02-143253" "registry.ci.openshift.org/ocp-arm64/release-arm64:4.19.0-0.nightly-arm64-2025-07-02-164926" +./scripts/auto-rebase/rebase.sh to "registry.ci.openshift.org/ocp/release:4.19.0-0.nightly-2025-07-09-145247" "registry.ci.openshift.org/ocp-arm64/release-arm64:4.19.0-0.nightly-arm64-2025-07-09-224827" diff --git a/vendor/k8s.io/kubernetes/pkg/apis/core/validation/validation.go b/vendor/k8s.io/kubernetes/pkg/apis/core/validation/validation.go index 15a5f48905..c108da5d0c 100644 --- a/vendor/k8s.io/kubernetes/pkg/apis/core/validation/validation.go +++ b/vendor/k8s.io/kubernetes/pkg/apis/core/validation/validation.go @@ -3031,6 +3031,13 @@ func gatherPodResourceClaimNames(claims []core.PodResourceClaim) sets.Set[string } func validatePodResourceClaim(podMeta *metav1.ObjectMeta, claim core.PodResourceClaim, podClaimNames *sets.Set[string], fldPath *field.Path) field.ErrorList { + // static pods don't support resource claims + if podMeta != nil { + if _, ok := podMeta.Annotations[core.MirrorPodAnnotationKey]; ok { + return field.ErrorList{field.Forbidden(field.NewPath(""), "static pods do not support resource claims")} + } + } + var allErrs field.ErrorList if claim.Name == "" { allErrs = append(allErrs, field.Required(fldPath.Child("name"), "")) diff --git a/vendor/k8s.io/kubernetes/pkg/kubelet/config/common.go b/vendor/k8s.io/kubernetes/pkg/kubelet/config/common.go index 69d6712623..a73d6372a4 100644 --- a/vendor/k8s.io/kubernetes/pkg/kubelet/config/common.go +++ b/vendor/k8s.io/kubernetes/pkg/kubelet/config/common.go @@ -106,6 +106,9 @@ type defaultFunc func(pod *api.Pod) error // A static pod tried to use a ClusterTrustBundle projected volume source. var ErrStaticPodTriedToUseClusterTrustBundle = errors.New("static pods may not use ClusterTrustBundle projected volume sources") +// A static pod tried to use a resource claim. +var ErrStaticPodTriedToUseResourceClaims = errors.New("static pods may not use ResourceClaims") + // tryDecodeSinglePod takes data and tries to extract valid Pod config information from it. func tryDecodeSinglePod(data []byte, defaultFn defaultFunc) (parsed bool, pod *v1.Pod, err error) { // JSON is valid YAML, so this should work for everything. @@ -152,6 +155,9 @@ func tryDecodeSinglePod(data []byte, defaultFn defaultFunc) (parsed bool, pod *v } } } + if len(v1Pod.Spec.ResourceClaims) > 0 { + return true, nil, ErrStaticPodTriedToUseResourceClaims + } return true, v1Pod, nil } diff --git a/vendor/k8s.io/kubernetes/pkg/kubelet/kubelet_getters.go b/vendor/k8s.io/kubernetes/pkg/kubelet/kubelet_getters.go index ec22cde460..3e3532a391 100644 --- a/vendor/k8s.io/kubernetes/pkg/kubelet/kubelet_getters.go +++ b/vendor/k8s.io/kubernetes/pkg/kubelet/kubelet_getters.go @@ -120,8 +120,9 @@ func (kl *Kubelet) ListPodsFromDisk() ([]types.UID, error) { // user namespaces. func (kl *Kubelet) HandlerSupportsUserNamespaces(rtHandler string) (bool, error) { rtHandlers := kl.runtimeState.runtimeHandlers() - if rtHandlers == nil { - return false, fmt.Errorf("runtime handlers are not set") + if len(rtHandlers) == 0 { + // The slice is empty if the runtime is old and doesn't support this message. + return false, nil } for _, h := range rtHandlers { if h.Name == rtHandler { diff --git a/vendor/k8s.io/kubernetes/pkg/kubelet/kubelet_pods.go b/vendor/k8s.io/kubernetes/pkg/kubelet/kubelet_pods.go index 8bc0b56044..96c743d7ba 100644 --- a/vendor/k8s.io/kubernetes/pkg/kubelet/kubelet_pods.go +++ b/vendor/k8s.io/kubernetes/pkg/kubelet/kubelet_pods.go @@ -40,7 +40,6 @@ import ( "k8s.io/apimachinery/pkg/types" "k8s.io/apimachinery/pkg/util/sets" utilvalidation "k8s.io/apimachinery/pkg/util/validation" - "k8s.io/apimachinery/pkg/util/version" utilfeature "k8s.io/apiserver/pkg/util/feature" runtimeapi "k8s.io/cri-api/pkg/apis/runtime/v1" "k8s.io/klog/v2" @@ -62,7 +61,6 @@ import ( kubetypes "k8s.io/kubernetes/pkg/kubelet/types" "k8s.io/kubernetes/pkg/kubelet/util/format" utilfs "k8s.io/kubernetes/pkg/util/filesystem" - utilkernel "k8s.io/kubernetes/pkg/util/kernel" utilpod "k8s.io/kubernetes/pkg/util/pod" volumeutil "k8s.io/kubernetes/pkg/volume/util" "k8s.io/kubernetes/pkg/volume/util/hostutil" @@ -131,16 +129,11 @@ func (kl *Kubelet) getKubeletMappings() (uint32, uint32, error) { if !utilfeature.DefaultFeatureGate.Enabled(features.UserNamespacesSupport) { return defaultFirstID, defaultLen, nil - } else { - kernelVersion, err := utilkernel.GetVersion() - if err != nil { - return 0, 0, fmt.Errorf("failed to get kernel version, unable to determine if feature %s can be supported : %w", - features.UserNamespacesSupport, err) - } - if kernelVersion != nil && !kernelVersion.AtLeast(version.MustParseGeneric(utilkernel.UserNamespacesSupportKernelVersion)) { - klog.InfoS("WARNING: the kernel version is incompatible with the feature gate, which needs as a minimum kernel version", - "kernelVersion", kernelVersion, "feature", features.UserNamespacesSupport, "minKernelVersion", utilkernel.UserNamespacesSupportKernelVersion) - } + } + + // Windows doesn't support user namespaces, let's return the default mappings. + if runtime.GOOS == "windows" { + return defaultFirstID, defaultLen, nil } _, err := user.Lookup(kubeletUser) diff --git a/vendor/k8s.io/kubernetes/pkg/kubelet/userns/types.go b/vendor/k8s.io/kubernetes/pkg/kubelet/userns/types.go new file mode 100644 index 0000000000..a0422d0042 --- /dev/null +++ b/vendor/k8s.io/kubernetes/pkg/kubelet/userns/types.go @@ -0,0 +1,29 @@ +/* +Copyright 2025 The Kubernetes Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +package userns + +import "k8s.io/apimachinery/pkg/types" + +// Here go types that are common for all supported OS (windows, linux). + +type userNsPodsManager interface { + HandlerSupportsUserNamespaces(runtimeHandler string) (bool, error) + GetPodDir(podUID types.UID) string + ListPodsFromDisk() ([]types.UID, error) + GetKubeletMappings() (uint32, uint32, error) + GetMaxPods() int +} diff --git a/vendor/k8s.io/kubernetes/pkg/kubelet/userns/userns_manager.go b/vendor/k8s.io/kubernetes/pkg/kubelet/userns/userns_manager.go index 7316778329..98849afaf3 100644 --- a/vendor/k8s.io/kubernetes/pkg/kubelet/userns/userns_manager.go +++ b/vendor/k8s.io/kubernetes/pkg/kubelet/userns/userns_manager.go @@ -1,3 +1,6 @@ +//go:build !windows +// +build !windows + /* Copyright 2022 The Kubernetes Authors. @@ -43,14 +46,6 @@ const userNsLength = (1 << 16) // since Go maps never free memory. const mapReInitializeThreshold = 1000 -type userNsPodsManager interface { - HandlerSupportsUserNamespaces(runtimeHandler string) (bool, error) - GetPodDir(podUID types.UID) string - ListPodsFromDisk() ([]types.UID, error) - GetKubeletMappings() (uint32, uint32, error) - GetMaxPods() int -} - type UsernsManager struct { used *allocator.AllocationBitmap usedBy map[types.UID]uint32 // Map pod.UID to range used @@ -132,7 +127,7 @@ func (m *UsernsManager) readMappingsFromFile(pod types.UID) ([]byte, error) { func MakeUserNsManager(kl userNsPodsManager) (*UsernsManager, error) { kubeletMappingID, kubeletMappingLen, err := kl.GetKubeletMappings() if err != nil { - return nil, err + return nil, fmt.Errorf("kubelet mappings: %w", err) } if kubeletMappingID%userNsLength != 0 { @@ -411,10 +406,15 @@ func (m *UsernsManager) GetOrCreateUserNamespaceMappings(pod *v1.Pod, runtimeHan // From here onwards, hostUsers=false and the feature gate is enabled. // if the pod requested a user namespace and the runtime doesn't support user namespaces then return an error. - if handlerSupportsUserns, err := m.kl.HandlerSupportsUserNamespaces(runtimeHandler); err != nil { - return nil, err - } else if !handlerSupportsUserns { - return nil, fmt.Errorf("RuntimeClass handler %q does not support user namespaces", runtimeHandler) + if handlerSupportsUserns, err := m.kl.HandlerSupportsUserNamespaces(runtimeHandler); err != nil || !handlerSupportsUserns { + msg := "can't set `spec.hostUsers: false`, runtime does not support user namespaces" + if runtimeHandler != "" { + msg = fmt.Sprintf("can't set `spec.hostUsers: false`, RuntimeClass handler %q does not support user namespaces", runtimeHandler) + } + if err != nil { + return nil, fmt.Errorf("%v: %w", msg, err) + } + return nil, fmt.Errorf("%v", msg) } m.lock.Lock() @@ -429,12 +429,12 @@ func (m *UsernsManager) GetOrCreateUserNamespaceMappings(pod *v1.Pod, runtimeHan if string(content) != "" { userNs, err = m.parseUserNsFileAndRecord(pod.UID, content) if err != nil { - return nil, err + return nil, fmt.Errorf("user namespace: %w", err) } } else { userNs, err = m.createUserNs(pod) if err != nil { - return nil, err + return nil, fmt.Errorf("create user namespace: %w", err) } } @@ -485,7 +485,7 @@ func (m *UsernsManager) CleanupOrphanedPodUsernsAllocations(pods []*v1.Pod, runn allFound := sets.New[string]() found, err := m.kl.ListPodsFromDisk() if err != nil { - return err + return fmt.Errorf("user namespace: read pods from disk: %w", err) } for _, podUID := range found { diff --git a/vendor/k8s.io/kubernetes/pkg/kubelet/userns/userns_manager_windows.go b/vendor/k8s.io/kubernetes/pkg/kubelet/userns/userns_manager_windows.go new file mode 100644 index 0000000000..bc40b71879 --- /dev/null +++ b/vendor/k8s.io/kubernetes/pkg/kubelet/userns/userns_manager_windows.go @@ -0,0 +1,50 @@ +/* +Copyright 2025 The Kubernetes Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +package userns + +import ( + v1 "k8s.io/api/core/v1" + "k8s.io/apimachinery/pkg/types" + runtimeapi "k8s.io/cri-api/pkg/apis/runtime/v1" + kubecontainer "k8s.io/kubernetes/pkg/kubelet/container" +) + +type UsernsManager struct{} + +func MakeUserNsManager(kl userNsPodsManager) (*UsernsManager, error) { + return nil, nil +} + +// Release releases the user namespace allocated to the specified pod. +func (m *UsernsManager) Release(podUID types.UID) { + return +} + +func (m *UsernsManager) GetOrCreateUserNamespaceMappings(pod *v1.Pod, runtimeHandler string) (*runtimeapi.UserNamespace, error) { + return nil, nil +} + +// CleanupOrphanedPodUsernsAllocations reconciliates the state of user namespace +// allocations with the pods actually running. It frees any user namespace +// allocation for orphaned pods. +func (m *UsernsManager) CleanupOrphanedPodUsernsAllocations(pods []*v1.Pod, runningPods []*kubecontainer.Pod) error { + return nil +} + +func EnabledUserNamespacesSupport() bool { + return false +} diff --git a/vendor/k8s.io/kubernetes/pkg/volume/util/operationexecutor/node_expander.go b/vendor/k8s.io/kubernetes/pkg/volume/util/operationexecutor/node_expander.go index a7c9872554..9c7767955c 100644 --- a/vendor/k8s.io/kubernetes/pkg/volume/util/operationexecutor/node_expander.go +++ b/vendor/k8s.io/kubernetes/pkg/volume/util/operationexecutor/node_expander.go @@ -96,12 +96,13 @@ func (ne *NodeExpander) runPreCheck() bool { ne.markExpansionInfeasibleOnFailure = true } + if ne.pvcStatusCap.Cmp(ne.pluginResizeOpts.NewSize) >= 0 && ne.resizeStatus == "" { + ne.pvcAlreadyUpdated = true + } + // PVC is already expanded but we are still trying to expand the volume because // last recorded size in ASOW is older. This can happen for RWX volume types. - if ne.pvcStatusCap.Cmp(ne.pluginResizeOpts.NewSize) >= 0 && - ne.resizeStatus == "" && - storage.ContainsAccessMode(ne.pvc.Spec.AccessModes, v1.ReadWriteMany) { - ne.pvcAlreadyUpdated = true + if ne.pvcAlreadyUpdated && storage.ContainsAccessMode(ne.pvc.Spec.AccessModes, v1.ReadWriteMany) { return true } @@ -124,6 +125,14 @@ func (ne *NodeExpander) runPreCheck() bool { func (ne *NodeExpander) expandOnPlugin() (bool, resource.Quantity, error) { allowExpansion := ne.runPreCheck() if !allowExpansion { + if ne.pvcAlreadyUpdated { + // if pvc is already updated, then we could be here because size stored in ASOW is smaller and controller did full + // expansion and hence no node expansion is needed. + // This will stop reconciler from retrying expansion on the node. + ne.testStatus = testResponseData{assumeResizeFinished: true, resizeCalledOnPlugin: false} + return true, ne.pluginResizeOpts.NewSize, nil + } + klog.V(3).Infof("NodeExpandVolume is not allowed to proceed for volume %s with resizeStatus %s", ne.vmt.VolumeName, ne.resizeStatus) ne.testStatus = testResponseData{false /* resizeCalledOnPlugin */, true /* assumeResizeFinished */} return false, ne.pluginResizeOpts.OldSize, nil diff --git a/vendor/k8s.io/kubernetes/pkg/volume/util/operationexecutor/operation_generator.go b/vendor/k8s.io/kubernetes/pkg/volume/util/operationexecutor/operation_generator.go index 7b8a765583..61e6150613 100644 --- a/vendor/k8s.io/kubernetes/pkg/volume/util/operationexecutor/operation_generator.go +++ b/vendor/k8s.io/kubernetes/pkg/volume/util/operationexecutor/operation_generator.go @@ -1910,10 +1910,8 @@ func (og *operationGenerator) GenerateExpandInUseVolumeFunc( if resizeDone { return volumetypes.NewOperationContext(nil, nil, migrated) } - // This is a placeholder error - we should NEVER reach here. - err = fmt.Errorf("volume resizing failed for unknown reason") - eventErr, detailedErr = volumeToMount.GenerateError("NodeExpandVolume.NodeExpandVolume failed to resize volume", err) - return volumetypes.NewOperationContext(eventErr, detailedErr, migrated) + klog.InfoS("Waiting for volume to be expandable on the node", "volumeName", volumeToMount.VolumeName) + return volumetypes.NewOperationContext(nil, nil, migrated) } eventRecorderFunc := func(err *error) { diff --git a/vendor/k8s.io/kubernetes/plugin/pkg/admission/noderestriction/admission.go b/vendor/k8s.io/kubernetes/plugin/pkg/admission/noderestriction/admission.go index 86265037f9..419de31a99 100644 --- a/vendor/k8s.io/kubernetes/plugin/pkg/admission/noderestriction/admission.go +++ b/vendor/k8s.io/kubernetes/plugin/pkg/admission/noderestriction/admission.go @@ -317,6 +317,10 @@ func (p *Plugin) admitPodCreate(nodeName string, a admission.Attributes) error { } } + if len(pod.Spec.ResourceClaims) > 0 { + return admission.NewForbidden(a, fmt.Errorf("node %q can not create pods that reference resourceclaims", nodeName)) + } + return nil } diff --git a/vendor/modules.txt b/vendor/modules.txt index 6c236d2ba1..1c6862cc12 100644 --- a/vendor/modules.txt +++ b/vendor/modules.txt @@ -21,7 +21,7 @@ github.com/Microsoft/go-winio/internal/fs github.com/Microsoft/go-winio/internal/socket github.com/Microsoft/go-winio/internal/stringbuffer github.com/Microsoft/go-winio/pkg/guid -# github.com/Microsoft/hnslib v0.0.8 +# github.com/Microsoft/hnslib v0.1.1 ## explicit; go 1.22.0 github.com/Microsoft/hnslib github.com/Microsoft/hnslib/internal/hns @@ -1163,7 +1163,7 @@ gopkg.in/yaml.v2 # gopkg.in/yaml.v3 v3.0.1 ## explicit gopkg.in/yaml.v3 -# k8s.io/api v1.32.5 => ./deps/github.com/openshift/kubernetes/staging/src/k8s.io/api +# k8s.io/api v1.32.6 => ./deps/github.com/openshift/kubernetes/staging/src/k8s.io/api ## explicit; go 1.23.0 k8s.io/api/admission/v1 k8s.io/api/admission/v1beta1 @@ -1224,7 +1224,7 @@ k8s.io/api/storage/v1 k8s.io/api/storage/v1alpha1 k8s.io/api/storage/v1beta1 k8s.io/api/storagemigration/v1alpha1 -# k8s.io/apiextensions-apiserver v1.32.5 => ./deps/github.com/openshift/kubernetes/staging/src/k8s.io/apiextensions-apiserver +# k8s.io/apiextensions-apiserver v1.32.6 => ./deps/github.com/openshift/kubernetes/staging/src/k8s.io/apiextensions-apiserver ## explicit; go 1.23.0 k8s.io/apiextensions-apiserver/pkg/apihelpers k8s.io/apiextensions-apiserver/pkg/apis/apiextensions @@ -1271,7 +1271,7 @@ k8s.io/apiextensions-apiserver/pkg/generated/openapi k8s.io/apiextensions-apiserver/pkg/registry/customresource k8s.io/apiextensions-apiserver/pkg/registry/customresource/tableconvertor k8s.io/apiextensions-apiserver/pkg/registry/customresourcedefinition -# k8s.io/apimachinery v1.32.5 => ./deps/github.com/openshift/kubernetes/staging/src/k8s.io/apimachinery +# k8s.io/apimachinery v1.32.6 => ./deps/github.com/openshift/kubernetes/staging/src/k8s.io/apimachinery ## explicit; go 1.23.0 k8s.io/apimachinery/pkg/api/equality k8s.io/apimachinery/pkg/api/errors @@ -1343,7 +1343,7 @@ k8s.io/apimachinery/pkg/watch k8s.io/apimachinery/third_party/forked/golang/json k8s.io/apimachinery/third_party/forked/golang/netutil k8s.io/apimachinery/third_party/forked/golang/reflect -# k8s.io/apiserver v1.32.5 => ./deps/github.com/openshift/kubernetes/staging/src/k8s.io/apiserver +# k8s.io/apiserver v1.32.6 => ./deps/github.com/openshift/kubernetes/staging/src/k8s.io/apiserver ## explicit; go 1.23.0 k8s.io/apiserver/pkg/admission k8s.io/apiserver/pkg/admission/configuration @@ -1524,13 +1524,13 @@ k8s.io/apiserver/plugin/pkg/authenticator/token/oidc k8s.io/apiserver/plugin/pkg/authenticator/token/webhook k8s.io/apiserver/plugin/pkg/authorizer/webhook k8s.io/apiserver/plugin/pkg/authorizer/webhook/metrics -# k8s.io/cli-runtime v1.32.5 => ./deps/github.com/openshift/kubernetes/staging/src/k8s.io/cli-runtime +# k8s.io/cli-runtime v1.32.6 => ./deps/github.com/openshift/kubernetes/staging/src/k8s.io/cli-runtime ## explicit; go 1.23.0 k8s.io/cli-runtime/pkg/genericclioptions k8s.io/cli-runtime/pkg/genericiooptions k8s.io/cli-runtime/pkg/printers k8s.io/cli-runtime/pkg/resource -# k8s.io/client-go v1.32.5 => ./deps/github.com/openshift/kubernetes/staging/src/k8s.io/client-go +# k8s.io/client-go v1.32.6 => ./deps/github.com/openshift/kubernetes/staging/src/k8s.io/client-go ## explicit; go 1.23.0 k8s.io/client-go/applyconfigurations k8s.io/client-go/applyconfigurations/admissionregistration/v1 @@ -1894,7 +1894,7 @@ k8s.io/client-go/util/keyutil k8s.io/client-go/util/retry k8s.io/client-go/util/watchlist k8s.io/client-go/util/workqueue -# k8s.io/cloud-provider v1.32.5 => ./deps/github.com/openshift/kubernetes/staging/src/k8s.io/cloud-provider +# k8s.io/cloud-provider v1.32.6 => ./deps/github.com/openshift/kubernetes/staging/src/k8s.io/cloud-provider ## explicit; go 1.23.0 k8s.io/cloud-provider k8s.io/cloud-provider/api @@ -1913,14 +1913,14 @@ k8s.io/cloud-provider/service/helpers k8s.io/cloud-provider/volume k8s.io/cloud-provider/volume/errors k8s.io/cloud-provider/volume/helpers -# k8s.io/cluster-bootstrap v1.32.5 => ./deps/github.com/openshift/kubernetes/staging/src/k8s.io/cluster-bootstrap +# k8s.io/cluster-bootstrap v1.32.6 => ./deps/github.com/openshift/kubernetes/staging/src/k8s.io/cluster-bootstrap ## explicit; go 1.23.0 k8s.io/cluster-bootstrap/token/api k8s.io/cluster-bootstrap/token/jws k8s.io/cluster-bootstrap/token/util k8s.io/cluster-bootstrap/util/secrets k8s.io/cluster-bootstrap/util/tokens -# k8s.io/component-base v1.32.5 => ./deps/github.com/openshift/kubernetes/staging/src/k8s.io/component-base +# k8s.io/component-base v1.32.6 => ./deps/github.com/openshift/kubernetes/staging/src/k8s.io/component-base ## explicit; go 1.23.0 k8s.io/component-base/cli k8s.io/component-base/cli/flag @@ -1957,7 +1957,7 @@ k8s.io/component-base/version/verflag k8s.io/component-base/zpages/features k8s.io/component-base/zpages/flagz k8s.io/component-base/zpages/statusz -# k8s.io/component-helpers v1.32.5 => ./deps/github.com/openshift/kubernetes/staging/src/k8s.io/component-helpers +# k8s.io/component-helpers v1.32.6 => ./deps/github.com/openshift/kubernetes/staging/src/k8s.io/component-helpers ## explicit; go 1.23.0 k8s.io/component-helpers/apimachinery/lease k8s.io/component-helpers/apps/poddisruptionbudget @@ -1971,7 +1971,7 @@ k8s.io/component-helpers/scheduling/corev1 k8s.io/component-helpers/scheduling/corev1/nodeaffinity k8s.io/component-helpers/storage/ephemeral k8s.io/component-helpers/storage/volume -# k8s.io/controller-manager v1.32.5 => ./deps/github.com/openshift/kubernetes/staging/src/k8s.io/controller-manager +# k8s.io/controller-manager v1.32.6 => ./deps/github.com/openshift/kubernetes/staging/src/k8s.io/controller-manager ## explicit; go 1.23.0 k8s.io/controller-manager/app k8s.io/controller-manager/config @@ -1988,35 +1988,35 @@ k8s.io/controller-manager/pkg/informerfactory k8s.io/controller-manager/pkg/leadermigration k8s.io/controller-manager/pkg/leadermigration/config k8s.io/controller-manager/pkg/leadermigration/options -# k8s.io/cri-api v1.32.5 => ./deps/github.com/openshift/kubernetes/staging/src/k8s.io/cri-api +# k8s.io/cri-api v1.32.6 => ./deps/github.com/openshift/kubernetes/staging/src/k8s.io/cri-api ## explicit; go 1.23.0 k8s.io/cri-api/pkg/apis k8s.io/cri-api/pkg/apis/runtime/v1 k8s.io/cri-api/pkg/errors -# k8s.io/cri-client v1.32.5 => ./deps/github.com/openshift/kubernetes/staging/src/k8s.io/cri-client +# k8s.io/cri-client v1.32.6 => ./deps/github.com/openshift/kubernetes/staging/src/k8s.io/cri-client ## explicit; go 1.23.0 k8s.io/cri-client/pkg k8s.io/cri-client/pkg/internal k8s.io/cri-client/pkg/logs k8s.io/cri-client/pkg/util -# k8s.io/csi-translation-lib v1.32.5 => ./deps/github.com/openshift/kubernetes/staging/src/k8s.io/csi-translation-lib +# k8s.io/csi-translation-lib v1.32.6 => ./deps/github.com/openshift/kubernetes/staging/src/k8s.io/csi-translation-lib ## explicit; go 1.23.0 k8s.io/csi-translation-lib k8s.io/csi-translation-lib/plugins -# k8s.io/dynamic-resource-allocation v1.32.5 => ./deps/github.com/openshift/kubernetes/staging/src/k8s.io/dynamic-resource-allocation +# k8s.io/dynamic-resource-allocation v1.32.6 => ./deps/github.com/openshift/kubernetes/staging/src/k8s.io/dynamic-resource-allocation ## explicit; go 1.23.0 k8s.io/dynamic-resource-allocation/api k8s.io/dynamic-resource-allocation/cel k8s.io/dynamic-resource-allocation/resourceclaim k8s.io/dynamic-resource-allocation/structured -# k8s.io/endpointslice v1.32.5 => ./deps/github.com/openshift/kubernetes/staging/src/k8s.io/endpointslice +# k8s.io/endpointslice v1.32.6 => ./deps/github.com/openshift/kubernetes/staging/src/k8s.io/endpointslice ## explicit; go 1.23.0 k8s.io/endpointslice k8s.io/endpointslice/metrics k8s.io/endpointslice/topologycache k8s.io/endpointslice/trafficdist k8s.io/endpointslice/util -# k8s.io/externaljwt v1.32.5 => ./deps/github.com/openshift/kubernetes/staging/src/k8s.io/externaljwt +# k8s.io/externaljwt v1.32.6 => ./deps/github.com/openshift/kubernetes/staging/src/k8s.io/externaljwt ## explicit; go 1.23.0 k8s.io/externaljwt/apis/v1alpha1 # k8s.io/gengo/v2 v2.0.0-20240911193312-2b36238f13e9 @@ -2037,13 +2037,13 @@ k8s.io/klog/v2/internal/severity k8s.io/klog/v2/internal/sloghandler k8s.io/klog/v2/internal/verbosity k8s.io/klog/v2/textlogger -# k8s.io/kms v1.32.5 => ./deps/github.com/openshift/kubernetes/staging/src/k8s.io/kms +# k8s.io/kms v1.32.6 => ./deps/github.com/openshift/kubernetes/staging/src/k8s.io/kms ## explicit; go 1.23.0 k8s.io/kms/apis/v1beta1 k8s.io/kms/apis/v2 k8s.io/kms/pkg/service k8s.io/kms/pkg/util -# k8s.io/kube-aggregator v1.32.5 => ./deps/github.com/openshift/kubernetes/staging/src/k8s.io/kube-aggregator +# k8s.io/kube-aggregator v1.32.6 => ./deps/github.com/openshift/kubernetes/staging/src/k8s.io/kube-aggregator ## explicit; go 1.23.0 k8s.io/kube-aggregator/pkg/apis/apiregistration k8s.io/kube-aggregator/pkg/apis/apiregistration/install @@ -2076,7 +2076,7 @@ k8s.io/kube-aggregator/pkg/controllers/status/remote k8s.io/kube-aggregator/pkg/registry/apiservice k8s.io/kube-aggregator/pkg/registry/apiservice/etcd k8s.io/kube-aggregator/pkg/registry/apiservice/rest -# k8s.io/kube-controller-manager v1.32.5 => ./deps/github.com/openshift/kubernetes/staging/src/k8s.io/kube-controller-manager +# k8s.io/kube-controller-manager v1.32.6 => ./deps/github.com/openshift/kubernetes/staging/src/k8s.io/kube-controller-manager ## explicit; go 1.23.0 k8s.io/kube-controller-manager/config/v1alpha1 # k8s.io/kube-openapi v0.0.0-20241105132330-32ad38e42d3f @@ -2109,11 +2109,11 @@ k8s.io/kube-openapi/pkg/validation/spec k8s.io/kube-openapi/pkg/validation/strfmt k8s.io/kube-openapi/pkg/validation/strfmt/bson k8s.io/kube-openapi/pkg/validation/validate -# k8s.io/kube-scheduler v1.32.5 => ./deps/github.com/openshift/kubernetes/staging/src/k8s.io/kube-scheduler +# k8s.io/kube-scheduler v1.32.6 => ./deps/github.com/openshift/kubernetes/staging/src/k8s.io/kube-scheduler ## explicit; go 1.23.0 k8s.io/kube-scheduler/config/v1 k8s.io/kube-scheduler/extender/v1 -# k8s.io/kubectl v1.32.5 => ./deps/github.com/openshift/kubernetes/staging/src/k8s.io/kubectl +# k8s.io/kubectl v1.32.6 => ./deps/github.com/openshift/kubernetes/staging/src/k8s.io/kubectl ## explicit; go 1.23.0 k8s.io/kubectl/pkg/apps k8s.io/kubectl/pkg/cmd/apiresources @@ -2148,7 +2148,7 @@ k8s.io/kubectl/pkg/util/storage k8s.io/kubectl/pkg/util/templates k8s.io/kubectl/pkg/util/term k8s.io/kubectl/pkg/validation -# k8s.io/kubelet v1.32.5 => ./deps/github.com/openshift/kubernetes/staging/src/k8s.io/kubelet +# k8s.io/kubelet v1.32.6 => ./deps/github.com/openshift/kubernetes/staging/src/k8s.io/kubelet ## explicit; go 1.23.0 k8s.io/kubelet/config/v1 k8s.io/kubelet/config/v1alpha1 @@ -2170,7 +2170,7 @@ k8s.io/kubelet/pkg/cri/streaming k8s.io/kubelet/pkg/cri/streaming/portforward k8s.io/kubelet/pkg/cri/streaming/remotecommand k8s.io/kubelet/pkg/types -# k8s.io/kubernetes v1.32.5 => ./deps/github.com/openshift/kubernetes +# k8s.io/kubernetes v1.32.6 => ./deps/github.com/openshift/kubernetes ## explicit; go 1.23.0 k8s.io/kubernetes/cmd/kube-apiserver/app k8s.io/kubernetes/cmd/kube-apiserver/app/options @@ -2990,7 +2990,7 @@ k8s.io/kubernetes/third_party/forked/gonum/graph/simple k8s.io/kubernetes/third_party/forked/gonum/graph/traverse k8s.io/kubernetes/third_party/forked/libcontainer/apparmor k8s.io/kubernetes/third_party/forked/libcontainer/utils -# k8s.io/metrics v1.32.5 => ./deps/github.com/openshift/kubernetes/staging/src/k8s.io/metrics +# k8s.io/metrics v1.32.6 => ./deps/github.com/openshift/kubernetes/staging/src/k8s.io/metrics ## explicit; go 1.23.0 k8s.io/metrics/pkg/apis/custom_metrics k8s.io/metrics/pkg/apis/custom_metrics/v1beta1 @@ -3005,10 +3005,10 @@ k8s.io/metrics/pkg/client/clientset/versioned/typed/metrics/v1beta1 k8s.io/metrics/pkg/client/custom_metrics k8s.io/metrics/pkg/client/custom_metrics/scheme k8s.io/metrics/pkg/client/external_metrics -# k8s.io/mount-utils v1.32.5 => ./deps/github.com/openshift/kubernetes/staging/src/k8s.io/mount-utils +# k8s.io/mount-utils v1.32.6 => ./deps/github.com/openshift/kubernetes/staging/src/k8s.io/mount-utils ## explicit; go 1.23.0 k8s.io/mount-utils -# k8s.io/pod-security-admission v1.32.5 => ./deps/github.com/openshift/kubernetes/staging/src/k8s.io/pod-security-admission +# k8s.io/pod-security-admission v1.32.6 => ./deps/github.com/openshift/kubernetes/staging/src/k8s.io/pod-security-admission ## explicit; go 1.23.0 k8s.io/pod-security-admission/admission k8s.io/pod-security-admission/admission/api