Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Bump the go group in /integrations/kube-agent-updater with 2 updates #31057

Closed
wants to merge 2 commits into from
Closed

Bump the go group in /integrations/kube-agent-updater with 2 updates #31057

wants to merge 2 commits into from

Conversation

dependabot[bot]
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Aug 27, 2023
edited

Bumps the go group in /integrations/kube-agent-updater with 2 updates: k8s.io/api and sigs.k8s.io/controller-runtime.

Updates k8s.io/api from 0.28.0 to 0.28.1

Commits

Updates sigs.k8s.io/controller-runtime from 0.15.1 to 0.16.0

Release notes

Sourced from sigs.k8s.io/controller-runtime's releases.

v0.16.0

Highlights

  • Granular cache configuration (#2421)
  • New cache option to fail on missing informer on cache reads (#2406)
  • Secure metrics serving (#2407)
  • Upgrade to Kubernetes 1.28 libraries (#2393, #2405, #2449)

Changes since v0.15

⚠️ Breaking Changes

✨ New Features

🐛 Bug Fixes

🌱 Others

... (truncated)

Commits
  • c20ea14 ✨ Allow non-blocking retrieval of informers (#2371)
  • 304027b Merge pull request #2451 from sbueringer/pr-log-warn
  • f4735b6 log warning if error and non-zero Result returned
  • 480fc5b Merge pull request #2450 from sbueringer/pr-bump-ct-v0.13
  • 96854e7 Bump to controller-tools v0.13
  • f30e11d pkg/{cache,client}: add options for cache miss policy (#2406)
  • d781099 Merge pull request #2449 from sbueringer/pr-bump-k8s-1.28
  • 2291e7d Bump to k8s.io v1.28.0
  • 6d99b58 Merge pull request #2433 from lleshchi/issue_2429
  • 8a1ef8b Merge pull request #2446 from kubernetes-sigs/dependabot/go_modules/gomodules...
  • Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

@dependabot dependabot bot added dependencies Pull requests that update a dependency file go Issues related to Go builds/tooling labels Aug 27, 2023
@codingllama
Copy link
Contributor

FYI @hugoShaka, would you mind taking a look and doing the necessary changes for the update? I believe sigs.k8s.io introduced a bunch of breaking changes.

@dependabot dependabot bot force-pushed the dependabot/go_modules/integrations/kube-agent-updater/go-277a0eb939 branch 3 times, most recently from 20c83b2 to 336249f Compare August 28, 2023 16:13
@dependabot
Bump the go group in /integrations/kube-agent-updater with 2 updates
6b9deae 
Bumps the go group in /integrations/kube-agent-updater with 2 updates: [k8s.io/api](https://github.com/kubernetes/api) and [sigs.k8s.io/controller-runtime](https://github.com/kubernetes-sigs/controller-runtime).


Updates `k8s.io/api` from 0.28.0 to 0.28.1
- [Commits](kubernetes/api@v0.28.0...v0.28.1)

Updates `sigs.k8s.io/controller-runtime` from 0.15.1 to 0.16.0
- [Release notes](https://github.com/kubernetes-sigs/controller-runtime/releases)
- [Changelog](https://github.com/kubernetes-sigs/controller-runtime/blob/main/RELEASE.md)
- [Commits](kubernetes-sigs/controller-runtime@v0.15.1...v0.16.0)

---
updated-dependencies:
- dependency-name: k8s.io/api
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: go
- dependency-name: sigs.k8s.io/controller-runtime
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: go
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot force-pushed the dependabot/go_modules/integrations/kube-agent-updater/go-277a0eb939 branch from 336249f to 6b9deae Compare August 28, 2023 17:13
@hugoShaka
Copy link
Contributor

hugoShaka commented Aug 29, 2023
edited

I made the required changes to our code to support the new controller-runtime version. However, we cannot update this dependency today.

Controller-runtime added a new deprecated opentelemetry dependency in kubernetes-sigs/controller-runtime#2407. Their otel import is too old and incompatible with the recent ones. Updating to controller-runtime v0.16 and onward would force us to downgrade many of our dependencies, including critical ones like cosign and rekor.

We must wait until kubernetes-sigs/controller-runtime#2460 is merged and a bugfix release issued.

@codingllama
Copy link
Contributor

Thanks, Hugo. Do you want to keep this around while we wait for the new sigs?

@rosstimothy
Copy link
Contributor

If we close this we will just get a new PR on Sunday without the context that is already here.

@dependabot @github
Copy link
Contributor Author

dependabot bot commented on behalf of github Sep 3, 2023

Looks like these dependencies are updatable in another way, so this is no longer needed.

@dependabot dependabot bot closed this Sep 3, 2023
@dependabot dependabot bot deleted the dependabot/go_modules/integrations/kube-agent-updater/go-277a0eb939 branch September 3, 2023 09:06
@hugoShaka hugoShaka mentioned this pull request Sep 11, 2023
Merged
@hugoShaka
Copy link
Contributor

Follow up: #31712

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@codingllama codingllama Awaiting requested review from codingllama

@hugoShaka hugoShaka Awaiting requested review from hugoShaka

@jentfoo jentfoo Awaiting requested review from jentfoo

@rosstimothy rosstimothy Awaiting requested review from rosstimothy

@zmb3 zmb3 Awaiting requested review from zmb3

Assignees

@hugoShaka hugoShaka

Labels
dependencies Pull requests that update a dependency file go Issues related to Go builds/tooling
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
3 participants
@codingllama @hugoShaka @rosstimothy