Update Helm release cilium to v1.14.3 #95

Merged
jahanson merged 1 commit from renovate/patch-cilium into main 2023-10-19 08:01:56 -05:00
Contributor

This PR contains the following updates:

Package Type Update Change
cilium (source) HelmChart patch 1.14.2 -> 1.14.3
cilium (source) patch 1.14.2 -> 1.14.3

⚠ Dependency Lookup Warnings ⚠

Warnings were logged while processing this repo. Please check the Dependency Dashboard for more information.


Release Notes

cilium/cilium (cilium)

v1.14.3: 1.14.3

Compare Source

We are pleased to release Cilium v1.14.3. This is bug fix release addressing the recent HTTP/2 Stream Cancellation Attack (CVE-2023-44487) and other bugs:

Summary of Changes

Minor Changes:

Bugfixes:

  • bpf: lxc: support Pod->Service->Pod hairpinning with endpoint routes (Backport PR #​28123, Upstream PR #​27798, @​ti-mo)
  • bpf: overlay: fix missing DBG_DECAP for Inter-Cluster-SNAT (Backport PR #​28494, Upstream PR #​28466, @​julianwiedmann)
  • Change routing-mode and tunnel-protocol based on .Values.tunnel and .Values.routingMode (Backport PR #​28282, Upstream PR #​27841, @​macmiranda)
  • datapath: fix NodePort to remote hostns backend with tunnel config (Backport PR #​28494, Upstream PR #​27323, @​michaelasp)
  • envoy: Sync supported resources to fix not found issue (Backport PR #​28349, Upstream PR #​28272, @​sayboras)
  • Fix a bug that causes pod-to-pod traffic between nodes to be dropped when IPsec is enabled and kube-proxy installed rules in both iptables-nft and iptables-legacy. (Backport PR #​28442, Upstream PR #​28258, @​pchaigno)
  • fix bug: pull skb data in cil_from_netdev path for HIGH_SCALE_IPCACHE mode (Backport PR #​28095, Upstream PR #​27913, @​sofat1989)
  • Fix Gateway API HttpRoute cannot strip path prefix. (Backport PR #​28282, Upstream PR #​28018, @​chaunceyjiang)
  • Fix hubble metric labeling when only directed Source/Destination Ingress/Egress options are specified. (Backport PR #​28095, Upstream PR #​27792, @​marqc)
  • Fix minor bug where the previous Cilium proxy port was not reused (Backport PR #​28127, Upstream PR #​27634, @​christarazi)
  • Fix the trace notification for hairpinned reply traffic, to indicate the correct security identity for the client. (Backport PR #​28282, Upstream PR #​28133, @​julianwiedmann)
  • Fix wrong host and router IP being used for some IPv6 deployments, which was causing various connectivity problems. (Backport PR #​28435, Upstream PR #​28417, @​ti-mo)
  • Fix: Gateway API double slash while stripping path prefix (Backport PR #​28442, Upstream PR #​28294, @​nxy7)
  • Fixes a bug causing panic when counting IPsec keys number via "cilium encrypt status". (Backport PR #​28282, Upstream PR #​27996, @​jschwinger233)
  • fqdn proxy: fix data race by using separate sessionUDPFactories (Backport PR #​28282, Upstream PR #​28163, @​mhofstetter)
  • ipam/multipool: Fix bug where allocator was unable to update CiliumNode (Backport PR #​28095, Upstream PR #​27963, @​gandro)
  • ipcache: fix flapping labels in SelectorCache when reserved:host identity has multiple IPs (Backport PR #​28418, Upstream PR #​28332, @​squeed)
  • Must have port for Service reference (Backport PR #​28282, Upstream PR #​27959, @​chaunceyjiang)
  • pkg/k8s: use a deep copy of CNP in UpdateStatus to avoid race condition (Backport PR #​28494, Upstream PR #​28364, @​aanm)
  • pkg/node: Updates GetIPv6AllocCIDRs() to Properly Return Secondary CIDRs (Backport PR #​28095, Upstream PR #​27855, @​danehans)
  • resource: Fix race condition in handling of Kubernetes object delete event retrying. In the very rare case when an object was created, deleted and re-created with the same name and the handling of the first deletion failed, the handling of delete event may have been retried even though the object was re-created. Only affected features using the Resource-library (LB IPAM, Mutual Auth and ClusterMesh). (Backport PR #​28494, Upstream PR #​27340, @​joamaki)
  • Restore host-stack bypass for pod-to-pod traffic in a configuration with kube-proxy, tunnel routing and per-endpoint routes. (Backport PR #​28095, Upstream PR #​27908, @​julianwiedmann)

CI Changes:

Misc Changes:

Other Changes:


Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about these updates again.


  • If you want to rebase/retry this PR, check this box

This PR has been generated by Renovate Bot.

This PR contains the following updates: | Package | Type | Update | Change | |---|---|---|---| | [cilium](https://cilium.io/) ([source](https://github.com/cilium/cilium)) | HelmChart | patch | `1.14.2` -> `1.14.3` | | [cilium](https://cilium.io/) ([source](https://github.com/cilium/cilium)) | | patch | `1.14.2` -> `1.14.3` | --- ### ⚠ Dependency Lookup Warnings ⚠ Warnings were logged while processing this repo. Please check the Dependency Dashboard for more information. --- ### Release Notes <details> <summary>cilium/cilium (cilium)</summary> ### [`v1.14.3`](https://github.com/cilium/cilium/releases/tag/v1.14.3): 1.14.3 [Compare Source](https://github.com/cilium/cilium/compare/1.14.2...1.14.3) We are pleased to release Cilium v1.14.3. This is bug fix release addressing the recent HTTP/2 Stream Cancellation Attack ([CVE-2023-44487](https://nvd.nist.gov/vuln/detail/CVE-2023-44487)) and other bugs: - Envoy [GHSA-jhv4-f7mr-xx76](https://github.com/envoyproxy/envoy/security/advisories/GHSA-jhv4-f7mr-xx76) - Go [GHSA-qppj-fm5r-hxr3](https://github.com/advisories/GHSA-qppj-fm5r-hxr3) ## Summary of Changes **Minor Changes:** - bump grpc dependency to 1.56.3 to fix security vulnerability https://github.com/advisories/GHSA-qppj-fm5r-hxr3 ([#&#8203;28527](https://github.com/cilium/cilium/issues/28527), [@&#8203;aanm](https://github.com/aanm)) - Cut Cilium's initialization time for clusters with a large number of Kubernetes and Cilium Network Policies by 90% (Backport PR [#&#8203;28282](https://github.com/cilium/cilium/issues/28282), Upstream PR [#&#8203;28173](https://github.com/cilium/cilium/issues/28173), [@&#8203;aanm](https://github.com/aanm)) - endpoint: Only perform the full policy map synchronization periodically (every 15 minutes) to reduce overhead with large endpoint policy maps (Backport PR [#&#8203;28095](https://github.com/cilium/cilium/issues/28095), Upstream PR [#&#8203;27693](https://github.com/cilium/cilium/issues/27693), [@&#8203;joamaki](https://github.com/joamaki)) - ipam: report IP owner of non-default pool IPs in multi-pool IPAM (Backport PR [#&#8203;28095](https://github.com/cilium/cilium/issues/28095), Upstream PR [#&#8203;27968](https://github.com/cilium/cilium/issues/27968), [@&#8203;tklauser](https://github.com/tklauser)) - metrics: add a metric for max observed endpoint ifindex (Backport PR [#&#8203;28282](https://github.com/cilium/cilium/issues/28282), Upstream PR [#&#8203;27953](https://github.com/cilium/cilium/issues/27953), [@&#8203;asauber](https://github.com/asauber)) - metrics: Add map pressure metric for auth map (Backport PR [#&#8203;28442](https://github.com/cilium/cilium/issues/28442), Upstream PR [#&#8203;28357](https://github.com/cilium/cilium/issues/28357), [@&#8203;sayboras](https://github.com/sayboras)) - vendor, azure: Bump Azure SDK to Aug 2021 (Backport PR [#&#8203;28330](https://github.com/cilium/cilium/issues/28330), Upstream PR [#&#8203;28311](https://github.com/cilium/cilium/issues/28311), [@&#8203;christarazi](https://github.com/christarazi)) **Bugfixes:** - bpf: lxc: support Pod->Service->Pod hairpinning with endpoint routes (Backport PR [#&#8203;28123](https://github.com/cilium/cilium/issues/28123), Upstream PR [#&#8203;27798](https://github.com/cilium/cilium/issues/27798), [@&#8203;ti-mo](https://github.com/ti-mo)) - bpf: overlay: fix missing DBG_DECAP for Inter-Cluster-SNAT (Backport PR [#&#8203;28494](https://github.com/cilium/cilium/issues/28494), Upstream PR [#&#8203;28466](https://github.com/cilium/cilium/issues/28466), [@&#8203;julianwiedmann](https://github.com/julianwiedmann)) - Change routing-mode and tunnel-protocol based on .Values.tunnel and .Values.routingMode (Backport PR [#&#8203;28282](https://github.com/cilium/cilium/issues/28282), Upstream PR [#&#8203;27841](https://github.com/cilium/cilium/issues/27841), [@&#8203;macmiranda](https://github.com/macmiranda)) - datapath: fix NodePort to remote hostns backend with tunnel config (Backport PR [#&#8203;28494](https://github.com/cilium/cilium/issues/28494), Upstream PR [#&#8203;27323](https://github.com/cilium/cilium/issues/27323), [@&#8203;michaelasp](https://github.com/michaelasp)) - envoy: Sync supported resources to fix not found issue (Backport PR [#&#8203;28349](https://github.com/cilium/cilium/issues/28349), Upstream PR [#&#8203;28272](https://github.com/cilium/cilium/issues/28272), [@&#8203;sayboras](https://github.com/sayboras)) - Fix a bug that causes pod-to-pod traffic between nodes to be dropped when IPsec is enabled and kube-proxy installed rules in both iptables-nft and iptables-legacy. (Backport PR [#&#8203;28442](https://github.com/cilium/cilium/issues/28442), Upstream PR [#&#8203;28258](https://github.com/cilium/cilium/issues/28258), [@&#8203;pchaigno](https://github.com/pchaigno)) - fix bug: pull skb data in cil_from_netdev path for HIGH_SCALE_IPCACHE mode (Backport PR [#&#8203;28095](https://github.com/cilium/cilium/issues/28095), Upstream PR [#&#8203;27913](https://github.com/cilium/cilium/issues/27913), [@&#8203;sofat1989](https://github.com/sofat1989)) - Fix Gateway API HttpRoute cannot strip path prefix. (Backport PR [#&#8203;28282](https://github.com/cilium/cilium/issues/28282), Upstream PR [#&#8203;28018](https://github.com/cilium/cilium/issues/28018), [@&#8203;chaunceyjiang](https://github.com/chaunceyjiang)) - Fix hubble metric labeling when only directed Source/Destination Ingress/Egress options are specified. (Backport PR [#&#8203;28095](https://github.com/cilium/cilium/issues/28095), Upstream PR [#&#8203;27792](https://github.com/cilium/cilium/issues/27792), [@&#8203;marqc](https://github.com/marqc)) - Fix minor bug where the previous Cilium proxy port was not reused (Backport PR [#&#8203;28127](https://github.com/cilium/cilium/issues/28127), Upstream PR [#&#8203;27634](https://github.com/cilium/cilium/issues/27634), [@&#8203;christarazi](https://github.com/christarazi)) - Fix the trace notification for hairpinned reply traffic, to indicate the correct security identity for the client. (Backport PR [#&#8203;28282](https://github.com/cilium/cilium/issues/28282), Upstream PR [#&#8203;28133](https://github.com/cilium/cilium/issues/28133), [@&#8203;julianwiedmann](https://github.com/julianwiedmann)) - Fix wrong host and router IP being used for some IPv6 deployments, which was causing various connectivity problems. (Backport PR [#&#8203;28435](https://github.com/cilium/cilium/issues/28435), Upstream PR [#&#8203;28417](https://github.com/cilium/cilium/issues/28417), [@&#8203;ti-mo](https://github.com/ti-mo)) - Fix: Gateway API double slash while stripping path prefix (Backport PR [#&#8203;28442](https://github.com/cilium/cilium/issues/28442), Upstream PR [#&#8203;28294](https://github.com/cilium/cilium/issues/28294), [@&#8203;nxy7](https://github.com/nxy7)) - Fixes a bug causing panic when counting IPsec keys number via "cilium encrypt status". (Backport PR [#&#8203;28282](https://github.com/cilium/cilium/issues/28282), Upstream PR [#&#8203;27996](https://github.com/cilium/cilium/issues/27996), [@&#8203;jschwinger233](https://github.com/jschwinger233)) - fqdn proxy: fix data race by using separate sessionUDPFactories (Backport PR [#&#8203;28282](https://github.com/cilium/cilium/issues/28282), Upstream PR [#&#8203;28163](https://github.com/cilium/cilium/issues/28163), [@&#8203;mhofstetter](https://github.com/mhofstetter)) - ipam/multipool: Fix bug where allocator was unable to update CiliumNode (Backport PR [#&#8203;28095](https://github.com/cilium/cilium/issues/28095), Upstream PR [#&#8203;27963](https://github.com/cilium/cilium/issues/27963), [@&#8203;gandro](https://github.com/gandro)) - ipcache: fix flapping labels in SelectorCache when reserved:host identity has multiple IPs (Backport PR [#&#8203;28418](https://github.com/cilium/cilium/issues/28418), Upstream PR [#&#8203;28332](https://github.com/cilium/cilium/issues/28332), [@&#8203;squeed](https://github.com/squeed)) - Must have port for Service reference (Backport PR [#&#8203;28282](https://github.com/cilium/cilium/issues/28282), Upstream PR [#&#8203;27959](https://github.com/cilium/cilium/issues/27959), [@&#8203;chaunceyjiang](https://github.com/chaunceyjiang)) - pkg/k8s: use a deep copy of CNP in UpdateStatus to avoid race condition (Backport PR [#&#8203;28494](https://github.com/cilium/cilium/issues/28494), Upstream PR [#&#8203;28364](https://github.com/cilium/cilium/issues/28364), [@&#8203;aanm](https://github.com/aanm)) - pkg/node: Updates GetIPv6AllocCIDRs() to Properly Return Secondary CIDRs (Backport PR [#&#8203;28095](https://github.com/cilium/cilium/issues/28095), Upstream PR [#&#8203;27855](https://github.com/cilium/cilium/issues/27855), [@&#8203;danehans](https://github.com/danehans)) - resource: Fix race condition in handling of Kubernetes object delete event retrying. In the very rare case when an object was created, deleted and re-created with the same name and the handling of the first deletion failed, the handling of delete event may have been retried even though the object was re-created. Only affected features using the Resource-library (LB IPAM, Mutual Auth and ClusterMesh). (Backport PR [#&#8203;28494](https://github.com/cilium/cilium/issues/28494), Upstream PR [#&#8203;27340](https://github.com/cilium/cilium/issues/27340), [@&#8203;joamaki](https://github.com/joamaki)) - Restore host-stack bypass for pod-to-pod traffic in a configuration with kube-proxy, tunnel routing and per-endpoint routes. (Backport PR [#&#8203;28095](https://github.com/cilium/cilium/issues/28095), Upstream PR [#&#8203;27908](https://github.com/cilium/cilium/issues/27908), [@&#8203;julianwiedmann](https://github.com/julianwiedmann)) **CI Changes:** - \[v1.14] ci: Add a call to the update label backport action ([#&#8203;27876](https://github.com/cilium/cilium/issues/27876), [@&#8203;pippolo84](https://github.com/pippolo84)) - \[v1.14] GHA: Add clustermesh upgrade and downgrade tests ([#&#8203;28355](https://github.com/cilium/cilium/issues/28355), [@&#8203;giorio94](https://github.com/giorio94)) - ci-ipsec-upgrade: Enable IPv6 (Backport PR [#&#8203;28095](https://github.com/cilium/cilium/issues/28095), Upstream PR [#&#8203;27220](https://github.com/cilium/cilium/issues/27220), [@&#8203;brb](https://github.com/brb)) - CI: Add conn-disrupt-test action for reuse (Backport PR [#&#8203;28282](https://github.com/cilium/cilium/issues/28282), Upstream PR [#&#8203;27567](https://github.com/cilium/cilium/issues/27567), [@&#8203;jschwinger233](https://github.com/jschwinger233)) - CI: Add IPsec key rotation test (Backport PR [#&#8203;28105](https://github.com/cilium/cilium/issues/28105), Upstream PR [#&#8203;27203](https://github.com/cilium/cilium/issues/27203), [@&#8203;jschwinger233](https://github.com/jschwinger233)) - CI: Move IPsec CI jobs into separate pipelines (Backport PR [#&#8203;28105](https://github.com/cilium/cilium/issues/28105), Upstream PR [#&#8203;26730](https://github.com/cilium/cilium/issues/26730), [@&#8203;jschwinger233](https://github.com/jschwinger233)) - ci: Run BPF lints on workflow definition changes (Backport PR [#&#8203;28282](https://github.com/cilium/cilium/issues/28282), Upstream PR [#&#8203;28122](https://github.com/cilium/cilium/issues/28122), [@&#8203;qmonnet](https://github.com/qmonnet)) - ci: update k8s versions support for v1.14 ([#&#8203;28248](https://github.com/cilium/cilium/issues/28248), [@&#8203;nbusseneau](https://github.com/nbusseneau)) - Do not hardcode the AWS VPC CNI plugin version in the conformance-aws-cni GHA workflow (Backport PR [#&#8203;28442](https://github.com/cilium/cilium/issues/28442), Upstream PR [#&#8203;28392](https://github.com/cilium/cilium/issues/28392), [@&#8203;giorio94](https://github.com/giorio94)) - ginkgo: Remove K8sDatapathCustomCalls (Backport PR [#&#8203;28095](https://github.com/cilium/cilium/issues/28095), Upstream PR [#&#8203;27911](https://github.com/cilium/cilium/issues/27911), [@&#8203;brb](https://github.com/brb)) - Refactor CiliumExecContext() Retry Logic (Backport PR [#&#8203;28282](https://github.com/cilium/cilium/issues/28282), Upstream PR [#&#8203;28131](https://github.com/cilium/cilium/issues/28131), [@&#8203;carnerito](https://github.com/carnerito)) - workflows/ipsec: Add missing `--flush-ct` for key rotation (Backport PR [#&#8203;28105](https://github.com/cilium/cilium/issues/28105), Upstream PR [#&#8203;27883](https://github.com/cilium/cilium/issues/27883), [@&#8203;pchaigno](https://github.com/pchaigno)) **Misc Changes:** - \[Docs] Clarify ClusterMesh troubleshooting steps when KVStoreMesh is enabled (Backport PR [#&#8203;28282](https://github.com/cilium/cilium/issues/28282), Upstream PR [#&#8203;27691](https://github.com/cilium/cilium/issues/27691), [@&#8203;weizhoublue](https://github.com/weizhoublue)) - Add option conntrackGCMaxInterval to allow limiting the maximum connection tracking GC interval. By default the automatic interval calculation may increase the interval up to 12 hours, which may incur an unreasonable delay to releasing of CIDR identities created from ToFQDN policies. Setting this option will limit the interval and ensure such identities are marked unused earlier and removed. (Backport PR [#&#8203;28282](https://github.com/cilium/cilium/issues/28282), Upstream PR [#&#8203;27870](https://github.com/cilium/cilium/issues/27870), [@&#8203;joamaki](https://github.com/joamaki)) - bugtool: various updates to BPF map dump (Backport PR [#&#8203;28282](https://github.com/cilium/cilium/issues/28282), Upstream PR [#&#8203;28065](https://github.com/cilium/cilium/issues/28065), [@&#8203;julianwiedmann](https://github.com/julianwiedmann)) - bump k8s dependencies to 1.27.6 ([#&#8203;28560](https://github.com/cilium/cilium/issues/28560), [@&#8203;aanm](https://github.com/aanm)) - chore(deps): update actions/checkout action to v4 (v1.14) ([#&#8203;27944](https://github.com/cilium/cilium/issues/27944), [@&#8203;renovate](https://github.com/renovate)\[bot]) - chore(deps): update all github action dependencies (v1.14) (minor) ([#&#8203;27776](https://github.com/cilium/cilium/issues/27776), [@&#8203;renovate](https://github.com/renovate)\[bot]) - chore(deps): update all github action dependencies (v1.14) (patch) ([#&#8203;28078](https://github.com/cilium/cilium/issues/28078), [@&#8203;renovate](https://github.com/renovate)\[bot]) - chore(deps): update all github action dependencies (v1.14) (patch) ([#&#8203;28209](https://github.com/cilium/cilium/issues/28209), [@&#8203;renovate](https://github.com/renovate)\[bot]) - chore(deps): update all github action dependencies to v3 (v1.14) (major) ([#&#8203;28101](https://github.com/cilium/cilium/issues/28101), [@&#8203;renovate](https://github.com/renovate)\[bot]) - chore(deps): update all lvh-images main (v1.14) (patch) ([#&#8203;27942](https://github.com/cilium/cilium/issues/27942), [@&#8203;renovate](https://github.com/renovate)\[bot]) - chore(deps): update all lvh-images main (v1.14) (patch) ([#&#8203;28210](https://github.com/cilium/cilium/issues/28210), [@&#8203;renovate](https://github.com/renovate)\[bot]) - chore(deps): update aws-actions/configure-aws-credentials action to v4 (v1.14) ([#&#8203;28102](https://github.com/cilium/cilium/issues/28102), [@&#8203;renovate](https://github.com/renovate)\[bot]) - chore(deps): update cilium/cilium digest to [`6c12a0f`](https://github.com/cilium/cilium/commit/6c12a0f) (v1.14) ([#&#8203;28075](https://github.com/cilium/cilium/issues/28075), [@&#8203;renovate](https://github.com/renovate)\[bot]) - chore(deps): update cilium/cilium digest to [`8b7844d`](https://github.com/cilium/cilium/commit/8b7844d) (v1.14) ([#&#8203;28196](https://github.com/cilium/cilium/issues/28196), [@&#8203;renovate](https://github.com/renovate)\[bot]) - chore(deps): update dependency cilium/cilium-cli to v0.15.8 (v1.14) ([#&#8203;28211](https://github.com/cilium/cilium/issues/28211), [@&#8203;renovate](https://github.com/renovate)\[bot]) - chore(deps): update dependency cilium/hubble to v0.12.1 (v1.14) ([#&#8203;28521](https://github.com/cilium/cilium/issues/28521), [@&#8203;renovate](https://github.com/renovate)\[bot]) - chore(deps): update dependency cilium/hubble to v0.12.2 (v1.14) ([#&#8203;28566](https://github.com/cilium/cilium/issues/28566), [@&#8203;renovate](https://github.com/renovate)\[bot]) - chore(deps): update docker.io/library/golang:1.20.10 docker digest to [`098d628`](https://github.com/cilium/cilium/commit/098d628) (v1.14) ([#&#8203;28623](https://github.com/cilium/cilium/issues/28623), [@&#8203;renovate](https://github.com/renovate)\[bot]) - chore(deps): update docker.io/library/golang:1.20.8 docker digest to [`6e1a67e`](https://github.com/cilium/cilium/commit/6e1a67e) (v1.14) ([#&#8203;28197](https://github.com/cilium/cilium/issues/28197), [@&#8203;renovate](https://github.com/renovate)\[bot]) - chore(deps): update docker.io/library/ubuntu:22.04 docker digest to [`2b7412e`](https://github.com/cilium/cilium/commit/2b7412e) (v1.14) ([#&#8203;28630](https://github.com/cilium/cilium/issues/28630), [@&#8203;renovate](https://github.com/renovate)\[bot]) - chore(deps): update docker.io/library/ubuntu:22.04 docker digest to [`990350f`](https://github.com/cilium/cilium/commit/990350f) (v1.14) ([#&#8203;28579](https://github.com/cilium/cilium/issues/28579), [@&#8203;renovate](https://github.com/renovate)\[bot]) - chore(deps): update docker.io/library/ubuntu:22.04 docker digest to [`9b8dec3`](https://github.com/cilium/cilium/commit/9b8dec3) (v1.14) ([#&#8203;28384](https://github.com/cilium/cilium/issues/28384), [@&#8203;renovate](https://github.com/renovate)\[bot]) - chore(deps): update docker.io/library/ubuntu:22.04 docker digest to [`aabed32`](https://github.com/cilium/cilium/commit/aabed32) (v1.14) ([#&#8203;28076](https://github.com/cilium/cilium/issues/28076), [@&#8203;renovate](https://github.com/renovate)\[bot]) - chore(deps): update docker/build-push-action action to v5 (v1.14) ([#&#8203;28093](https://github.com/cilium/cilium/issues/28093), [@&#8203;renovate](https://github.com/renovate)\[bot]) - chore(deps): update gcr.io/distroless/static-debian11:nonroot docker digest to [`92d40ee`](https://github.com/cilium/cilium/commit/92d40ee) (v1.14) ([#&#8203;27941](https://github.com/cilium/cilium/issues/27941), [@&#8203;renovate](https://github.com/renovate)\[bot]) - chore(deps): update go to v1.20.10 (v1.14) (patch) ([#&#8203;28515](https://github.com/cilium/cilium/issues/28515), [@&#8203;renovate](https://github.com/renovate)\[bot]) - chore(deps): update myrotvorets/set-commit-status-action action to v2 (v1.14) ([#&#8203;28082](https://github.com/cilium/cilium/issues/28082), [@&#8203;renovate](https://github.com/renovate)\[bot]) - chore(deps): update quay.io/cilium/hubble docker tag to v0.12.1 (v1.14) ([#&#8203;28538](https://github.com/cilium/cilium/issues/28538), [@&#8203;renovate](https://github.com/renovate)\[bot]) - chore(deps): update quay.io/cilium/hubble docker tag to v0.12.2 (v1.14) ([#&#8203;28569](https://github.com/cilium/cilium/issues/28569), [@&#8203;renovate](https://github.com/renovate)\[bot]) - chore(deps): update sigstore/cosign-installer action to v3.1.2 (v1.14) ([#&#8203;27943](https://github.com/cilium/cilium/issues/27943), [@&#8203;renovate](https://github.com/renovate)\[bot]) - ci: fix AWS EKS K8s versions comment (Backport PR [#&#8203;28282](https://github.com/cilium/cilium/issues/28282), Upstream PR [#&#8203;28249](https://github.com/cilium/cilium/issues/28249), [@&#8203;nbusseneau](https://github.com/nbusseneau)) - docs: Add instructions for running LVH against custom kernel (Backport PR [#&#8203;28349](https://github.com/cilium/cilium/issues/28349), Upstream PR [#&#8203;28305](https://github.com/cilium/cilium/issues/28305), [@&#8203;brb](https://github.com/brb)) - docs: Add Makefile and documentation for "fast" development targets (Backport PR [#&#8203;28095](https://github.com/cilium/cilium/issues/28095), Upstream PR [#&#8203;27931](https://github.com/cilium/cilium/issues/27931), [@&#8203;aanm](https://github.com/aanm)) - docs: Add more details for the Cluster Mesh key rotation (Backport PR [#&#8203;28282](https://github.com/cilium/cilium/issues/28282), Upstream PR [#&#8203;28145](https://github.com/cilium/cilium/issues/28145), [@&#8203;margamanterola](https://github.com/margamanterola)) - docs: egressgw: document incompatibility with Clustermesh (Backport PR [#&#8203;28095](https://github.com/cilium/cilium/issues/28095), Upstream PR [#&#8203;27918](https://github.com/cilium/cilium/issues/27918), [@&#8203;julianwiedmann](https://github.com/julianwiedmann)) - docs: Makefile, check-build.sh clean-ups and perf improvements (Backport PR [#&#8203;28282](https://github.com/cilium/cilium/issues/28282), Upstream PR [#&#8203;28161](https://github.com/cilium/cilium/issues/28161), [@&#8203;qmonnet](https://github.com/qmonnet)) - docs: Mention `RouteTableInterfacesOffset` in system requirements (Backport PR [#&#8203;28442](https://github.com/cilium/cilium/issues/28442), Upstream PR [#&#8203;28358](https://github.com/cilium/cilium/issues/28358), [@&#8203;gandro](https://github.com/gandro)) - docs: rephrasing the hubble intro doc (Backport PR [#&#8203;28095](https://github.com/cilium/cilium/issues/28095), Upstream PR [#&#8203;27712](https://github.com/cilium/cilium/issues/27712), [@&#8203;vipul-21](https://github.com/vipul-21)) - docs: Update Sphinx and its dependencies, Cilium theme (Backport PR [#&#8203;28282](https://github.com/cilium/cilium/issues/28282), Upstream PR [#&#8203;28172](https://github.com/cilium/cilium/issues/28172), [@&#8203;qmonnet](https://github.com/qmonnet)) - endpoint: Fix use of PolicyMapFullReconciliationInterval option (Backport PR [#&#8203;28095](https://github.com/cilium/cilium/issues/28095), Upstream PR [#&#8203;27985](https://github.com/cilium/cilium/issues/27985), [@&#8203;joamaki](https://github.com/joamaki)) - Fix bug when reusing the same cell in multiple hives (Backport PR [#&#8203;28282](https://github.com/cilium/cilium/issues/28282), Upstream PR [#&#8203;27873](https://github.com/cilium/cilium/issues/27873), [@&#8203;giorio94](https://github.com/giorio94)) - Fix potential nil pointer dereference in SelectorManager implementation (Backport PR [#&#8203;28095](https://github.com/cilium/cilium/issues/28095), Upstream PR [#&#8203;27805](https://github.com/cilium/cilium/issues/27805), [@&#8203;learnitall](https://github.com/learnitall)) - fix(deps): update module golang.org/x/net to v0.17.0 \[security] ([#&#8203;28550](https://github.com/cilium/cilium/issues/28550), [@&#8203;aanm](https://github.com/aanm)) - fqdn proxy: fix data race detection on TCP fqdn proxy (Backport PR [#&#8203;28282](https://github.com/cilium/cilium/issues/28282), Upstream PR [#&#8203;28219](https://github.com/cilium/cilium/issues/28219), [@&#8203;mhofstetter](https://github.com/mhofstetter)) - Helm: Improved description for tunnel, tunnelProtocol, routingMode flags (Backport PR [#&#8203;28349](https://github.com/cilium/cilium/issues/28349), Upstream PR [#&#8203;27926](https://github.com/cilium/cilium/issues/27926), [@&#8203;PhilipSchmid](https://github.com/PhilipSchmid)) - hubble: Use protobuf GetType() helper in v1.FlowProtocol() to avoid possible panic (Backport PR [#&#8203;28095](https://github.com/cilium/cilium/issues/28095), Upstream PR [#&#8203;27889](https://github.com/cilium/cilium/issues/27889), [@&#8203;chancez](https://github.com/chancez)) - install/kubernetes: add the `cilium/values.yaml` target to `.PHONY` (Backport PR [#&#8203;28282](https://github.com/cilium/cilium/issues/28282), Upstream PR [#&#8203;28225](https://github.com/cilium/cilium/issues/28225), [@&#8203;nbusseneau](https://github.com/nbusseneau)) - ipsec: Atomically upgrade XFRM states with new output-mark (Backport PR [#&#8203;28563](https://github.com/cilium/cilium/issues/28563), Upstream PR [#&#8203;28485](https://github.com/cilium/cilium/issues/28485), [@&#8203;pchaigno](https://github.com/pchaigno)) - Make tolerations configurable in clustermesh-apiserver certgen job (Backport PR [#&#8203;28282](https://github.com/cilium/cilium/issues/28282), Upstream PR [#&#8203;28221](https://github.com/cilium/cilium/issues/28221), [@&#8203;giorio94](https://github.com/giorio94)) - Makefile: fix 'fast' make targets (Backport PR [#&#8203;28442](https://github.com/cilium/cilium/issues/28442), Upstream PR [#&#8203;28380](https://github.com/cilium/cilium/issues/28380), [@&#8203;aanm](https://github.com/aanm)) - policy: Move getNets to selector cache (Backport PR [#&#8203;28670](https://github.com/cilium/cilium/issues/28670), Upstream PR [#&#8203;27670](https://github.com/cilium/cilium/issues/27670), [@&#8203;jrajahalme](https://github.com/jrajahalme)) - Update docs theme (Backport PR [#&#8203;28442](https://github.com/cilium/cilium/issues/28442), Upstream PR [#&#8203;28403](https://github.com/cilium/cilium/issues/28403), [@&#8203;raphink](https://github.com/raphink)) - Update Hubble UI from v0.12.0 to v0.12.1 ([#&#8203;28535](https://github.com/cilium/cilium/issues/28535), [@&#8203;rolinh](https://github.com/rolinh)) **Other Changes:** - envoy: Bump envoy version to v1.25.10 ([#&#8203;28506](https://github.com/cilium/cilium/issues/28506), [@&#8203;sayboras](https://github.com/sayboras)) - Fix possible cross-cluster connection drops on agents restart when clustermesh is enabled ([#&#8203;27611](https://github.com/cilium/cilium/issues/27611), [@&#8203;giorio94](https://github.com/giorio94)) - v1.14: avoid relying on golang.org/exp/slices.SortFunc ([#&#8203;28473](https://github.com/cilium/cilium/issues/28473), [@&#8203;rolinh](https://github.com/rolinh)) </details> --- ### Configuration 📅 **Schedule**: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about these updates again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Renovate Bot](https://github.com/renovatebot/renovate). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzNi41Mi4zIiwidXBkYXRlZEluVmVyIjoiMzYuNTIuMyIsInRhcmdldEJyYW5jaCI6Im1haW4ifQ==-->
smeagol-help added 1 commit 2023-10-18 15:00:26 -05:00
jahanson merged commit 277853c69c into main 2023-10-19 08:01:56 -05:00
jahanson deleted branch renovate/patch-cilium 2023-10-19 08:01:56 -05:00
This repo is archived. You cannot comment on pull requests.
No reviewers
No labels
No milestone
No project
No assignees
1 participant
Due date
The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference: jahanson/valinor#95
No description provided.