Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

🌱 Update Builder Image group #208

Merged
merged 3 commits into from
Dec 2, 2024
Merged

Conversation

cluster-stack-bot[bot]
Copy link
Contributor

@cluster-stack-bot cluster-stack-bot bot commented Oct 1, 2024

This PR contains the following updates:

Package Type Update Change
aquasecurity/trivy minor v0.55.0 -> v0.57.1
docker.io/library/golang final patch 1.23.0-bullseye -> 1.23.3-bullseye
golangci/golangci-lint minor v1.60.3 -> v1.62.2
kubernetes-sigs/cluster-api patch v1.8.2 -> v1.8.5
kubernetes-sigs/controller-tools patch v0.16.2 -> v0.16.5
kubernetes-sigs/kind minor v0.24.0 -> v0.25.0

Warning

Some dependencies could not be looked up. Check the Dependency Dashboard for more information.


Release Notes

aquasecurity/trivy (aquasecurity/trivy)

v0.57.1

Compare Source

⚡Release highlights and summary⚡

👉https://github.com/aquasecurity/trivy/discussions/7951

Changelog

https://github.com/aquasecurity/trivy/blob/release/v0.57/CHANGELOG.md#0571-2024-11-18

v0.57.0

Compare Source

⚡Release highlights and summary⚡

👉https://github.com/aquasecurity/trivy/discussions/7857

Changelog

https://github.com/aquasecurity/trivy/blob/main/CHANGELOG.md#0570-2024-10-31

v0.56.2

Compare Source

Changelog

  • f2252c8 release: v0.56.2 [release/v0.56] (#​7694)
  • f6700ec fix(redhat): include arch in PURL qualifiers [backport: release/v0.56] (#​7702)
  • 25d2540 fix(sbom): add options for DBs in private registries [backport: release/v0.56] (#​7691)

v0.56.1

Compare Source

Changelog

v0.56.0

Compare Source

⚡Release highlights and summary⚡

👉https://github.com/aquasecurity/trivy/discussions/7640

Changelog

https://github.com/aquasecurity/trivy/blob/main/CHANGELOG.md#0560-2024-10-03

v0.55.2

Compare Source

Changelog

  • 928c7c0 release: v0.55.2 [release/v0.55] (#​7523)
  • 14a058f fix(java): use dependencyManagement from root/child pom's for dependencies from parents [backport: release/v0.55] (#​7521)
  • 990bc4e chore(deps): bump alpine from 3.20.0 to 3.20.3 [backport: release/v0.55] (#​7516)

v0.55.1

Compare Source

⚡Release highlights and summary⚡

👉https://github.com/aquasecurity/trivy/discussions/7494

Changelog

https://github.com/aquasecurity/trivy/blob/release/v0.55/CHANGELOG.md#0551-2024-09-12

golangci/golangci-lint (golangci/golangci-lint)

v1.62.2

Compare Source

  1. Updated linters
    • fatcontext: from 0.5.2 to 0.5.3
    • ginkgolinter: from 0.18.0 to 0.18.3
    • go-errorlint: from 1.6.0 to 1.7.0
    • iface: from 1.2.0 to 1.2.1
    • revive: from 1.5.0 to 1.5.1
    • testifylint: from 1.5.0 to 1.5.2
  2. Misc.
    • fix: ignore cache error when file not found

v1.62.1

Compare Source

Cancelled due to CI failure.

v1.62.0

Compare Source

  1. New linters
  2. Updated linters
    • ⚠️ execinquery: deprecation step 2
    • ⚠️ gomnd: deprecation step 2 (replaced by mnd)
    • bidichk: from 0.2.7 to 0.3.2 (important performance improvement)
    • canonicalheader: from 1.1.1 to 1.1.2
    • cyclop: from 1.2.1 to 1.2.3
    • dupword: from 0.1.1 to 0.1.3
    • errcheck: from 1.7.0 to 1.8.0
    • errchkjson: from 0.3.6 to 0.4.0
    • errname: from 0.1.13 to 1.0.0
    • ginkgolinter: from 0.17.0 to 0.18.0 (new option: force-succeed)
    • go-check-sumtype: from 0.1.4 to 0.2.0 (new option: default-signifies-exhaustive)
    • go-critic: from 0.11.4 to 0.11.5
    • go-printf-func-name: from 7558a9e to v0.1.0
    • godot: from 1.4.17 to 1.4.18
    • gosec: from 2.21.2 to 2.21.4
    • intrange: from 0.2.0 to 0.2.1
    • loggercheck: from 0.9.4 to 0.10.1 (log/slog support)
    • musttag: from 0.12.2 to 0.13.0
    • nakedret: from 2.0.4 to 2.0.5
    • nilnil: from 0.1.9 to 1.0.0 (new option: detect-opposite)
    • noctx: from 0.0.2 to 0.1.0
    • protogetter: from 0.3.6 to 0.3.8
    • revive: from 1.3.9 to 1.5.0 (new rules: filename-format, and file-length-limit)
    • tenv: from 1.10.0 to 1.12.1 (handle dot import)
    • testifylint: from 1.4.3 to 1.5.0 (new checkers: contains, encoded-compare, regexp)
  3. Misc.
    • Type sizing when cross-compiling (32-bit).
    • code-climate: add check_name field
    • Improve Go version detection
    • Fix Go version propagation
  4. Documentation
    • Adds a section about exclude-dirs-use-default
    • Improve 'install from sources' section
    • Improve FAQ about Go versions
    • Improve linter/rule/check docs
    • Improve new linter section
    • Improve forbidigo pattern examples for built-in functions

v1.61.0

Compare Source

  1. Enhancements
    • Add junit-xml-extended format
    • Exclude Swagger Codegen files by default
  2. Updated linters
    • dupword: from 0.0.14 to 0.1.1
    • fatcontext: from 0.4.0 to 0.5.2
    • gci: from 0.13.4 to 0.13.5 (new option no-lex-order)
    • go-ruleguard: from 0.4.2 to 0fe6f58 (fix panic with custom linters)
    • godot: from 1.4.16 to 1.4.17
    • gomodguard: from 1.3.3 to 1.3.5
    • gosec: disable temporarily G407
    • gosec: from ab3f6c1 to 2.21.2 (partially fix G115)
    • intrange: from 0.1.2 to 0.2.0
    • nolintlint: remove the empty line in the directive replacement
  3. Misc.
    • Improve runtime version parsing
  4. Documentation
    • Add additional info about typecheck
kubernetes-sigs/cluster-api (kubernetes-sigs/cluster-api)

v1.8.5

Compare Source

👌 Kubernetes version support

  • Management Cluster: v1.27.x -> v1.31.x
  • Workload Cluster: v1.25.x -> v1.31.x

More information about version support can be found here

Changes since v1.8.4

📈 Overview

  • 9 new commits merged
  • 2 bugs fixed 🐛

🐛 Bug Fixes

  • KCP: Consider all machines for setting .status.version (#​11306)
  • Testing: Fix: incorrect name used in kustomize path (#​11307)

🌱 Others

  • clusterctl: Bump cert-manager to 1.16.1 (#​11323)
  • Dependency: Bump Go to v1.22.8 version (#​11359)
  • e2e: Remove json logging replacement in e2e test config (#​11321)
  • e2e: Test: add PreWaitForControlplaneToBeUpgraded to ClusterUpgradeConformanceSpec (#​11303)
  • KCP: Skip validation if CoreDNS migration library supports an upgrade if the library is not used (#​11325)
  • Testing: Test/framework: allow to include arbitrary types when dumping resources (#​11310)

📖 Additionally, there has been 1 contribution to our documentation and book. (#​11294)

Dependencies

Added

Nothing has changed.

Changed

Nothing has changed.

Removed

Nothing has changed.

Thanks to all our contributors! 😊

v1.8.4

Compare Source

👌 Kubernetes version support

  • Management Cluster: v1.27.x -> v1.31.x
  • Workload Cluster: v1.25.x -> v1.31.x

More information about version support can be found here

Changes since v1.8.3

📈 Overview

  • 15 new commits merged
  • 2 bugs fixed 🐛

🐛 Bug Fixes

  • CI: Hack: fix the shell used when running pr-verify (#​11170)
  • ClusterClass: Fix nil pointer for empty workers in webhook (#​11198)

🌱 Others

  • CI: Pr-verify: use env var for passing the PR title (#​11230)
  • CI: Replace kubebuilder-release-tools with new workflow (#​11167)
  • CI: Switch to using ECR mirror for trivy DB repo in weekly security scan (#​11261)
  • ClusterCacheTracker: Add cacheSyncPeriod option to ClusterCacheTracker (#​11249)
  • clusterctl: Add vultr infrastructure provider (#​11217)
  • clusterctl: Bump cert manager to v1.16.0 (#​11264)
  • clusterctl: Update RKE2 provider URL (#​11225)
  • e2e: Test/e2e: decrease concurrency (#​11222)
  • Logging: Reduce verbosity of logs when calling Runtime Extensions (#​11200)
  • Machine: Prevent error spamming for NodeOutdatedTaint if objects are not found (#​11199)
  • Testing: Test/framework: allow users to modify cache.Options (#​11203)
  • Testing: Test/framework: GetCAPIResources should warn on rbac issues (#​11206)

📖 Additionally, there has been 1 contribution to our documentation and book. (#​11177)

Dependencies

Added

Nothing has changed.

Changed

Nothing has changed.

Removed

Nothing has changed.

Thanks to all our contributors! 😊

v1.8.3

Compare Source

👌 Kubernetes version support

  • Management Cluster: v1.27.x -> v1.31.x
  • Workload Cluster: v1.25.x -> v1.31.x

More information about version support can be found here

Changes since v1.8.2

📈 Overview

  • 4 new commits merged
  • 1 bug fixed 🐛

🐛 Bug Fixes

  • KCP: Make KCP pre-terminate hook more robust (#​11164)

🌱 Others

  • Dependency: Bump to Go 1.22.7 (#​11157)
  • e2e: Test/e2e: increase concurrency (#​11144)

📖 Additionally, there has been 1 contribution to our documentation and book. (#​11154)

Dependencies

Added

Nothing has changed.

Changed

Nothing has changed.

Removed

Nothing has changed.

Thanks to all our contributors! 😊

kubernetes-sigs/controller-tools (kubernetes-sigs/controller-tools)

v0.16.5

Compare Source

What's Changed

Dependencies

Full Changelog: kubernetes-sigs/controller-tools@v0.16.4...v0.16.5

v0.16.4

Compare Source

What's Changed

Dependencies

New Contributors

Full Changelog: kubernetes-sigs/controller-tools@v0.16.3...v0.16.4

v0.16.3

Compare Source

Published binaries on previous v0.16.x releases were reporting an incorrect version.

What's Changed

Dependencies

New Contributors

Full Changelog: kubernetes-sigs/controller-tools@v0.16.2...v0.16.3

kubernetes-sigs/kind (kubernetes-sigs/kind)

v0.25.0

Compare Source

This release contains a number of small networking fixes and the latest Kubernetes releases. Happy KubeCon!

Breaking Changes

  • The default node image is now Kubernetes v1.31.2: kindest/node:v1.31.2@​sha256:18fbefc20a7113353c7b75b5c869d7145a6abd6269154825872dc59c1329912e

New Features

  • Improved documentation for Ingress installation
  • Updated to latest go 1.22.x (1.22.9)

Images pre-built for this release:

  • v1.31.2: kindest/node:v1.31.2@​sha256:18fbefc20a7113353c7b75b5c869d7145a6abd6269154825872dc59c1329912e
  • v1.30.6: kindest/node:v1.30.6@​sha256:b6d08db72079ba5ae1f4a88a09025c0a904af3b52387643c285442afb05ab994
  • v1.29.10: kindest/node:v1.29.10@​sha256:3b2d8c31753e6c8069d4fc4517264cd20e86fd36220671fb7d0a5855103aa84b
  • v1.28.15: kindest/node:v1.28.15@​sha256:a7c05c7ae043a0b8c818f5a06188bc2c4098f6cb59ca7d1856df00375d839251
  • v1.27.16: kindest/node:v1.27.16@​sha256:2d21a61643eafc439905e18705b8186f3296384750a835ad7a005dceb9546d20
  • v1.26.15: kindest/node:v1.26.15@​sha256:c79602a44b4056d7e48dc20f7504350f1e87530fe953428b792def00bc1076dd

NOTE: You must use the @sha256 digest to guarantee an image built for this release, until such a time as we switch to a different tagging scheme. Even then we will highly encourage digest pinning for security and reproducibility reasons.

See also:

NOTE: These node images support amd64 and arm64, both of our supported platforms. You must use the same platform as your host, for more context see https://github.com/kubernetes-sigs/kind/issues/2718

Fixes

  • Updated kube-network-policies with a DNS fix for network policies
  • Fix conflict with developing kube-network-policies
  • Detect new docker ipv6 failure message and fallback to ipv4 only gracefully
  • Workaround podman no longer returning host IP for portmaps
  • Aggregate ipmasq sync errors in kindnetd

Contributors

Thank you to everyone who contributed to this release!

Users whose commits are in this release (alphabetically by user name)

Thank you to everyone who contributed in any way.

A special thank you to @​neolit123 for all your help over the years, and stepping down when you no longer had the time.
Thank you!


Configuration

📅 Schedule: Branch creation - "on the first day of the month" in timezone Europe/Berlin, Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.


  • If you want to rebase/retry this PR, check this box

@cluster-stack-bot cluster-stack-bot bot added type/minor type/patch update/container size/XS Denotes a PR that changes 0-20 lines, ignoring generated files. area/github Changes made in the github directory labels Oct 1, 2024
@cluster-stack-bot cluster-stack-bot bot force-pushed the renovate/cspo-builder-image branch 3 times, most recently from 595d900 to 07a68b2 Compare October 4, 2024 11:12
@cluster-stack-bot cluster-stack-bot bot force-pushed the renovate/cspo-builder-image branch 3 times, most recently from a2b1029 to 29a77ed Compare October 11, 2024 11:14
@cluster-stack-bot cluster-stack-bot bot force-pushed the renovate/cspo-builder-image branch 2 times, most recently from 879a256 to 01c4d46 Compare November 1, 2024 11:13
@cluster-stack-bot cluster-stack-bot bot force-pushed the renovate/cspo-builder-image branch 4 times, most recently from 63eb017 to d23f809 Compare November 11, 2024 11:14
@cluster-stack-bot cluster-stack-bot bot force-pushed the renovate/cspo-builder-image branch from d23f809 to c0055ec Compare November 19, 2024 11:15
| datasource  | package                          | from    | to      |
| ----------- | -------------------------------- | ------- | ------- |
| github-tags | aquasecurity/trivy               | v0.55.0 | v0.57.1 |
| docker      | docker.io/library/golang         | 1.23.0  | 1.23.3  |
| github-tags | golangci/golangci-lint           | v1.60.3 | v1.62.2 |
| github-tags | kubernetes-sigs/cluster-api      | v1.8.2  | v1.8.5  |
| github-tags | kubernetes-sigs/controller-tools | v0.16.2 | v0.16.5 |
| github-tags | kubernetes-sigs/kind             | v0.24.0 | v0.25.0 |
@cluster-stack-bot cluster-stack-bot bot force-pushed the renovate/cspo-builder-image branch from c0055ec to 8cc119a Compare November 26, 2024 11:14
@jschoone jschoone merged commit ac778ef into main Dec 2, 2024
9 checks passed
@jschoone jschoone deleted the renovate/cspo-builder-image branch December 2, 2024 12:09
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
area/github Changes made in the github directory size/XS Denotes a PR that changes 0-20 lines, ignoring generated files. type/minor type/patch update/container
Projects
None yet
Development

Successfully merging this pull request may close these issues.

1 participant