Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Update all gomod dependencies #60

Open
wants to merge 1 commit into
base: main
Choose a base branch
from
Open

Update all gomod dependencies #60

wants to merge 1 commit into from

Conversation

renovate[bot]
Copy link
Contributor

@renovate renovate bot commented Sep 16, 2024
edited
Loading

This PR contains the following updates:

Package Change Age Adoption Passing Confidence Type Update
github.com/cert-manager/cert-manager v1.16.1 -> v1.16.2 age adoption passing confidence require patch
github.com/external-secrets/external-secrets v0.10.5 -> v0.11.0 age adoption passing confidence require minor
github.com/go-co-op/gocron/v2 v2.12.1 -> v2.13.0 age adoption passing confidence require minor
github.com/goccy/go-yaml v1.12.0 -> v1.15.10 age adoption passing confidence require minor
github.com/minio/minio-go/v7 v7.0.79 -> v7.0.82 age adoption passing confidence require patch
github.com/prometheus/client_golang v1.20.3 -> v1.20.5 age adoption passing confidence require patch
github.com/traefik/traefik/v3 v3.1.6 -> v3.2.2 age adoption passing confidence require minor
go (source) 1.23.2 -> 1.23.4 age adoption passing confidence toolchain patch
golang.org/x/exp f66d83c -> 1829a12 age adoption passing confidence require digest
k8s.io/api v0.31.2 -> v0.32.0 age adoption passing confidence require minor
k8s.io/apiextensions-apiserver v0.31.2 -> v0.32.0 age adoption passing confidence require minor
k8s.io/apimachinery v0.31.2 -> v0.32.0 age adoption passing confidence require minor
k8s.io/client-go v0.31.2 -> v0.32.0 age adoption passing confidence require minor
k8s.io/utils 49e7df5 -> 24370be age adoption passing confidence require digest

Release Notes

cert-manager/cert-manager (github.com/cert-manager/cert-manager)

v1.16.2

Compare Source

cert-manager is the easiest way to automatically manage certificates in Kubernetes and OpenShift clusters.

This patch release of cert-manager 1.16 makes several changes to how PEM input is validated, adding maximum sizes appropriate to the type of PEM data which is being parsed.

This is to prevent an unacceptable slow-down in parsing specially crafted PEM data. The issue was found by Google's OSS-Fuzz project.

The issue is low severity; to exploit the PEM issue would require privileged access which would likely allow Denial-of-Service through other methods.

Note also that since most PEM data parsed by cert-manager comes from ConfigMap or Secret resources which have a max size limit of approximately 1MB, it's difficult to force cert-manager to parse large amounts of PEM data.

Further information is available in GHSA-r4pg-vg54-wxx4

In addition, the version of Go used to build cert-manager 1.16 was updated along with the base images.

Changes by Kind

Bug or Regression
  • Set a maximum size for PEM inputs which cert-manager will accept to remove possibility of taking a long time to process an input (#​7401, @​SgtCoDFish)
Other (Cleanup or Flake)
external-secrets/external-secrets (github.com/external-secrets/external-secrets)

v0.11.0

Compare Source

Deprecation of OLM Releases

As of 0.11.0 is the last release available for OLM until further notice. Depending on the way this goes, we might still have OLM support (ideally with a properly built operator for that), but for sure in a different support scheme as to not overload maintainers anymore.
Also a valid note - you can still use 0.11.0 OLM release and the newest ESO images, you just need to set image.tag appropriately in your setup.

Kubernetes API load and significant decrease

A new way of reconciling external secrets has been added with pull request #​4086.

This significantly reduces the number of API calls that we make to the kubernetes API server.

  1. Memory usage might increase if you are not already using --enable-secrets-caching
    1. If you are using --enable-secrets-caching and want to decrease memory usage at the expense of slightly higher API usage, you can disable it and only enable --enable-managed-secrets-caching (which is the new default)
  2. In ALL cases (even when CreationPolicy is Merge), if a data key in the target Secret was created by the ExternalSecret, and it no longer exists in the template (or data/dataFrom), it will be removed from the target secret:
    1. This might cause some peoples secrets to be "cleaned of data keys" when updating to 0.11.
    2. Previously, the behaviour was undefined, and confusing because it was sort of broken when the template feature was added.
    3. The one exception is that ALL the data suddenly becomes empty and the DeletionPolicy is retain, in which case we will not even report and error, just change the SecretSynced message to explain that the secret was retained.
  3. When CreationPolicy is Owner, we now will NEVER retain any keys and fully calculate the "desired state" of the target secret each loop:
    1. This means that some peoples secrets might have keys removed when updating to 0.11.

Generators and ClusterGenerator

We added ClusterGenerators and Generator caching as well. This might create some problems in the way generators are defined now.

CRD Admission Restrictions

All of the CRDs now have proper kubebuilder markers for validation. This might surprise someone leaving out some data that was essentially actually required or expected in a certain format. This is now validated in #​4104.

Images

Image: ghcr.io/external-secrets/external-secrets:v0.11.0
Image: ghcr.io/external-secrets/external-secrets:v0.11.0-ubi
Image: ghcr.io/external-secrets/external-secrets:v0.11.0-ubi-boringssl

What's Changed

New Contributors

Full Changelog: external-secrets/external-secrets@v0.10.7...v0.11.0

v0.10.7

Compare Source

Image: ghcr.io/external-secrets/external-secrets:v0.10.7
Image: ghcr.io/external-secrets/external-secrets:v0.10.7-ubi
Image: ghcr.io/external-secrets/external-secrets:v0.10.7-ubi-boringssl

What's Changed

New Contributors

Full Changelog: external-secrets/external-secrets@v0.10.6...v0.10.7

v0.10.6

Compare Source

Image: ghcr.io/external-secrets/external-secrets:v0.10.6
Image: ghcr.io/external-secrets/external-secrets:v0.10.6-ubi
Image: ghcr.io/external-secrets/external-secrets:v0.10.6-ubi-boringssl

What's Changed

New Contributors

Full Changelog: external-secrets/external-secrets@v0.10.5...v0.10.6

go-co-op/gocron (github.com/go-co-op/gocron/v2)

v2.13.0

Compare Source

What's Changed

New Contributors

Full Changelog: go-co-op/gocron@v2.12.4...v2.13.0

v2.12.4

Compare Source

What's Changed

Full Changelog: go-co-op/gocron@v2.12.3...v2.12.4

v2.12.3

Compare Source

What's Changed

Full Changelog: go-co-op/gocron@v2.12.2...v2.12.3

v2.12.2

Compare Source

What's Changed

Full Changelog: go-co-op/gocron@v2.12.1...v2.12.2

goccy/go-yaml (github.com/goccy/go-yaml)

v1.15.10: 1.15.10

Compare Source

What's Changed

New Contributors

Full Changelog: goccy/go-yaml@v1.15.9...v1.15.10

v1.15.9: 1.15.9

Compare Source

What's Changed

New Contributors

Full Changelog: goccy/go-yaml@v1.15.8...v1.15.9

v1.15.8: 1.15.8

Compare Source

What's Changed

Full Changelog: goccy/go-yaml@v1.15.7...v1.15.8

v1.15.7: 1.15.7

Compare Source

What's Changed

New Contributors

Full Changelog: goccy/go-yaml@v1.15.6...v1.15.7

v1.15.6: 1.15.6

Compare Source

What's Changed

New Contributors

Full Changelog: goccy/go-yaml@v1.15.5...v1.15.6

v1.15.5: 1.15.5

Compare Source

What's Changed

Full Changelog: goccy/go-yaml@v1.15.4...v1.15.5

v1.15.4: 1.15.4

Compare Source

What's Changed

Pass 300 tests of YAML Test Suite 🎉

  • Details: total:[402] passed:[300] failure:[102] passedRate:[74.626862%]

We’ve finally surpassed go-yaml/yaml.

  • gopkg.in/yaml.v3: total:[402] passed:[295] failure:[107] passedRate:[73.383087%]

Full Changelog: goccy/go-yaml@v1.15.3...v1.15.4

v1.15.3: 1.15.3

Compare Source

What's Changed

Full Changelog: goccy/go-yaml@v1.15.2...v1.15.3

v1.15.2: 1.15.2

Compare Source

What's Changed

Full Changelog: goccy/go-yaml@v1.15.1...v1.15.2

v1.15.1: 1.15.1

Compare Source

What's Changed

Full Changelog: goccy/go-yaml@v1.15.0...v1.15.1

v1.15.0: 1.15.0

Compare Source

What's Changed

Full Changelog: goccy/go-yaml@v1.14.3...v1.15.0

v1.14.3: 1.14.3

Compare Source

What's Changed

Full Changelog: goccy/go-yaml@v1.14.2...v1.14.3

v1.14.2: 1.14.2

Compare Source

What's Changed

Full Changelog: goccy/go-yaml@v1.14.1...v1.14.2

v1.14.1: 1.14.1

Compare Source

What's Changed

Full Changelog: goccy/go-yaml@v1.14.0...v1.14.1

v1.14.0: 1.14.0

Compare Source

What's Changed

Breaking Changes

Previously, using the same map key did not result in a parsing error, but from now

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.

  • If you want to rebase/retry this PR, check this box

This PR was generated by Mend Renovate. View the repository job log.

@renovate renovate bot force-pushed the renovate/all-gomod branch from f2e65c2 to e73cb5a Compare September 16, 2024 23:00
@renovate renovate bot changed the title Update module github.com/traefik/traefik/v3 to v3.1.3 Update all gomod dependencies Sep 16, 2024
@renovate renovate bot force-pushed the renovate/all-gomod branch 4 times, most recently from f464438 to 4c03d03 Compare September 21, 2024 04:54
@renovate renovate bot force-pushed the renovate/all-gomod branch 2 times, most recently from ac731f6 to 731c8d0 Compare September 25, 2024 14:05
@renovate renovate bot force-pushed the renovate/all-gomod branch 4 times, most recently from 95a80ec to bcde470 Compare October 9, 2024 14:05
@renovate renovate bot force-pushed the renovate/all-gomod branch 4 times, most recently from d174d38 to 845b60f Compare October 15, 2024 13:38
@renovate renovate bot force-pushed the renovate/all-gomod branch 4 times, most recently from 55ba946 to 18cc8fd Compare October 25, 2024 09:52
@renovate renovate bot changed the title Update all gomod dependencies Update module github.com/prometheus/client_golang to v1.20.5 Oct 26, 2024
@renovate renovate bot force-pushed the renovate/all-gomod branch 2 times, most recently from ef3f231 to 7ff330c Compare October 28, 2024 14:23
@renovate renovate bot changed the title Update module github.com/prometheus/client_golang to v1.20.5 Update all gomod dependencies Oct 28, 2024
@renovate Renovate
Copy link
Contributor Author

renovate bot commented Oct 28, 2024
edited
Loading

ℹ Artifact update notice

File name: go-k8s-sidecar/go.mod

In order to perform the update(s) described in the table above, Renovate ran the go get command, which resulted in the following additional change(s):

  • 13 additional dependencies were updated
  • The go directive was updated for compatibility reasons

Details:

Package Change
go 1.22.2 -> 1.23.4
github.com/go-openapi/jsonpointer v0.19.6 -> v0.21.0
github.com/go-openapi/swag v0.22.4 -> v0.23.0
golang.org/x/net v0.26.0 -> v0.30.0
golang.org/x/oauth2 v0.21.0 -> v0.23.0
golang.org/x/sys v0.21.0 -> v0.26.0
golang.org/x/term v0.21.0 -> v0.25.0
golang.org/x/text v0.16.0 -> v0.19.0
golang.org/x/time v0.3.0 -> v0.7.0
google.golang.org/protobuf v1.34.2 -> v1.35.1
k8s.io/kube-openapi v0.0.0-20240228011516-70dd3763d340 -> v0.0.0-20241105132330-32ad38e42d3f
k8s.io/utils v0.0.0-20240711033017-18e509b52bc8 -> v0.0.0-20241104100929-3ea5e8cea738
sigs.k8s.io/json v0.0.0-20221116044647-bc3834ca7abd -> v0.0.0-20241010143419-9aa6b5e7a4b3
sigs.k8s.io/structured-merge-diff/v4 v4.4.1 -> v4.4.2
File name: go.mod

In order to perform the update(s) described in the table above, Renovate ran the go get command, which resulted in the following additional change(s):

  • 23 additional dependencies were updated

Details:

Package Change
github.com/fsnotify/fsnotify v1.7.0 -> v1.8.0
github.com/go-acme/lego/v4 v4.18.0 -> v4.20.4
github.com/klauspost/compress v1.17.11-0.20241004063537-dbd6c381492a -> v1.17.11
github.com/prometheus/client_golang v1.20.4 -> v1.20.5
github.com/prometheus/common v0.60.0 -> v0.60.1
golang.org/x/crypto v0.28.0 -> v0.30.0
golang.org/x/mod v0.21.0 -> v0.22.0
golang.org/x/net v0.30.0 -> v0.32.0
golang.org/x/oauth2 v0.23.0 -> v0.24.0
golang.org/x/sync v0.8.0 -> v0.10.0
golang.org/x/sys v0.26.0 -> v0.28.0
golang.org/x/term v0.25.0 -> v0.27.0
golang.org/x/text v0.19.0 -> v0.21.0
golang.org/x/time v0.7.0 -> v0.8.0
golang.org/x/tools v0.26.0 -> v0.28.0
google.golang.org/protobuf v1.34.2 -> v1.35.2
gopkg.in/inf.v0 v0.9.1 -> v0.9.1
k8s.io/client-go v0.31.2 -> v0.32.0
k8s.io/kube-openapi v0.0.0-20240903163716-9e1beecbcb38 -> v0.0.0-20241105132330-32ad38e42d3f
sigs.k8s.io/controller-runtime v0.19.0 -> v0.19.2
sigs.k8s.io/gateway-api v1.1.0 -> v1.2.1
sigs.k8s.io/json v0.0.0-20221116044647-bc3834ca7abd -> v0.0.0-20241014173422-cfa47c3a1cc8
sigs.k8s.io/structured-merge-diff/v4 v4.4.1 -> v4.4.3

@renovate renovate bot force-pushed the renovate/all-gomod branch 5 times, most recently from 305f5e3 to 08490e2 Compare October 31, 2024 22:41
@renovate renovate bot force-pushed the renovate/all-gomod branch 5 times, most recently from a694718 to bd79ebf Compare November 23, 2024 11:12
@renovate renovate bot force-pushed the renovate/all-gomod branch 9 times, most recently from 27caa46 to c88af26 Compare December 2, 2024 15:38
@renovate renovate bot force-pushed the renovate/all-gomod branch 7 times, most recently from e894222 to d56b40b Compare December 10, 2024 20:31
@renovate renovate bot force-pushed the renovate/all-gomod branch 7 times, most recently from 8193994 to 658ebb5 Compare December 14, 2024 21:48
@renovate renovate bot force-pushed the renovate/all-gomod branch from 658ebb5 to b0f5a02 Compare December 15, 2024 00:21
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
0 participants