Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

chore(deps): update all dependencies #76

Open
wants to merge 1 commit into
base: main
Choose a base branch
from
Open

Conversation

renovate[bot]
Copy link
Contributor

@renovate renovate bot commented May 16, 2024

This PR contains the following updates:

Package Type Update Change Age Adoption Passing Confidence
aquasecurity/trivy-action action minor 0.24.0 -> 0.28.0 age adoption passing confidence
aquasecurity/trivy-action action minor 0.20.0 -> 0.28.0 age adoption passing confidence
docker/build-push-action action major v5 -> v6 age adoption passing confidence
docker/login-action action major v2.2.0 -> v3.3.0 age adoption passing confidence
docker/login-action action minor v3.1.0 -> v3.3.0 age adoption passing confidence
github.com/cisco-open/operator-tools require minor v0.34.0 -> v0.37.0 age adoption passing confidence
github.com/onsi/ginkgo/v2 require minor v2.17.3 -> v2.21.0 age adoption passing confidence
github.com/onsi/gomega require minor v1.33.1 -> v1.35.1 age adoption passing confidence
github.com/open-telemetry/opentelemetry-operator require minor v0.103.0 -> v0.113.0 age adoption passing confidence
github.com/siliconbrain/go-mapseqs require minor v0.2.0 -> v0.4.0 age adoption passing confidence
github.com/siliconbrain/go-seqs require minor v0.12.0 -> v0.13.0 age adoption passing confidence
github/codeql-action action major v2.22.8 -> v3.27.3 age adoption passing confidence
github/codeql-action action minor v3.25.5 -> v3.27.3 age adoption passing confidence
go (source) toolchain minor 1.22.3 -> 1.23.3 age adoption passing confidence
golang stage minor 1.22 -> 1.23 age adoption passing confidence
golang.org/x/exp require digest 9bf2ced -> 2d47ceb age adoption passing confidence
k8s.io/api require minor v0.30.2 -> v0.31.2 age adoption passing confidence
k8s.io/apimachinery require minor v0.30.2 -> v0.31.2 age adoption passing confidence
k8s.io/client-go require minor v0.30.2 -> v0.31.2 age adoption passing confidence
opentelemetry-operator (source) minor 0.71.2 -> 0.74.2 age adoption passing confidence
sigs.k8s.io/controller-runtime require minor v0.18.4 -> v0.19.1 age adoption passing confidence

Release Notes

aquasecurity/trivy-action (aquasecurity/trivy-action)

v0.28.0

Compare Source

What's Changed

Full Changelog: aquasecurity/trivy-action@0.27.0...0.28.0

v0.27.0

Compare Source

What's Changed

Full Changelog: aquasecurity/trivy-action@0.26.0...0.27.0

v0.26.0

Compare Source

What's Changed

Full Changelog: aquasecurity/trivy-action@0.25.0...0.26.0

v0.25.0

Compare Source

What's Changed
New Contributors

Full Changelog: aquasecurity/trivy-action@0.24.0...0.25.0

docker/build-push-action (docker/build-push-action)

v6

Compare Source

docker/login-action (docker/login-action)

v3.3.0

Compare Source

Full Changelog: docker/login-action@v3.2.0...v3.3.0

v3.2.0

Compare Source

Full Changelog: docker/login-action@v3.1.0...v3.2.0

v3.1.0

Compare Source

Full Changelog: docker/login-action@v3.0.0...v3.1.0

v3.0.0

Compare Source

Full Changelog: docker/login-action@v2.2.0...v3.0.0

cisco-open/operator-tools (github.com/cisco-open/operator-tools)

v0.37.0

Compare Source

What's Changed

New Contributors

Full Changelog: cisco-open/operator-tools@v0.36.0...v0.37.0

v0.36.0

Compare Source

What's Changed

New Contributors

Full Changelog: cisco-open/operator-tools@v0.35.0...v0.36.0

v0.35.0

Compare Source

What's Changed

New Contributors

Full Changelog: cisco-open/operator-tools@v0.34.0...v0.35.0

onsi/ginkgo (github.com/onsi/ginkgo/v2)

v2.21.0

Compare Source

2.21.0

Features
  • add support for GINKGO_TIME_FORMAT [a69eb39]
  • add GINKGO_NO_COLOR to disable colors via environment variables [bcab9c8]
Fixes
  • increase threshold in timeline matcher [e548367]
  • Fix the document by replacing SpecsThatWillBeRun with SpecsThatWillRun
    [c2c4d3c]
Maintenance
  • bump various dependencies [7e65a00]

v2.20.2

Compare Source

2.20.2

Require Go 1.22+

Maintenance

v2.20.1

Compare Source

2.20.1

Fixes
  • make BeSpecEvent duration matcher more forgiving [d6f9640]

v2.20.0

Compare Source

2.20.0

Features
Maintenance
  • Add update-deps to makefile [d303d14]
  • bump all dependencies [7a50221]

v2.19.1

Compare Source

2.19.1

Fixes
  • update supported platforms for race conditions [63c8c30]
  • [build] Allow custom name for binaries. [ff41e27]
Maintenance

v2.19.0

Compare Source

2.19.0

Features

Label Sets allow for more expressive and flexible label filtering.

v2.18.0

Compare Source

2.18.0

Features
  • Add --slience-skips and --force-newlines [f010b65]
  • fail when no tests were run and --fail-on-empty was set [d80eebe]
Fixes
  • Fix table entry context edge case [42013d6]
Maintenance
onsi/gomega (github.com/onsi/gomega)

v1.35.1

Compare Source

1.35.1

Fixes
  • Export EnforceDefaultTimeoutsWhenUsingContexts and DisableDefaultTimeoutsWhenUsingContext [ca36da1]

v1.35.0

Compare Source

1.35.0

Features
  • You can now call EnforceDefaultTimeoutsWhenUsingContexts() to have Eventually honor the default timeout when passed a context. (prior to this you had to expclility add a timeout) [e4c4265]
  • You can call StopTrying(message).Successfully() to abort a Consistently early without failure [eeca931]
Fixes
  • Stop memoizing the result of HaveField to avoid unexpected errors when used with async assertions. [3bdbc4e]
Maintenance

v1.34.2

Compare Source

1.34.2

Require Go 1.22+

Maintenance
  • bump ginkgo as well [c59c6dc]
  • bump to go 1.22 - remove x/exp dependency [8158b99]

v1.34.1

Compare Source

1.34.1

Maintenance
  • Use slices from exp/slices to keep golang 1.20 compat [5e71dcd]

v1.34.0

Compare Source

1.34.0

Features
  • Add RoundTripper method to ghttp.Server [c549e0d]
Fixes
  • fix incorrect handling of nil slices in HaveExactElements (fixes #​771) [878940c]
  • issue_765 - fixed bug in Hopcroft-Karp algorithm [ebadb67]
Maintenance
open-telemetry/opentelemetry-operator (github.com/open-telemetry/opentelemetry-operator)

v0.113.0

Compare Source

0.113.0

💡 Enhancements 💡
  • operator: Programmatically create the ServiceMonitor for the operator metrics endpoint, ensuring correct namespace handling and dynamic configuration. (#​3370)
    Previously, the ServiceMonitor was created statically from a manifest file, causing failures when the
    operator was deployed in a non-default namespace. This enhancement ensures automatic adjustment of the
    serverName and seamless metrics scraping.
  • collector: Create RBAC rules for the k8s_events receiver automatically. (#​3420)
  • collector: Inject environment K8S_NODE_NAME environment variable for the Kubelet Stats Receiver. (#​2779)
  • auto-instrumentation: add config for installing musl based auto-instrumentation for Python (#​2264)
  • auto-instrumentation: Support http/json and http/protobuf via OTEL_EXPORTER_OTLP_PROTOCOL environment variable in addition to default grpc for exporting traces (#​3412)
  • target allocator: enables support for pulling scrape config and probe CRDs in the target allocator (#​1842)
🧰 Bug fixes 🧰
  • collector: Fix mutation of deployments, statefulsets, and daemonsets allowing to remove fields on update (#​2947)
Components

v0.112.0

Compare Source

0.112.0

💡 Enhancements 💡
  • auto-instrumentation: Support configuring Java auto-instrumentation when runtime configuration is provided from configmap or secret. (#​1814)
    This change allows users to configure JAVA_TOOL_OPTIONS in config map or secret when the name of the variable is defined in the pod spec.
    The operator in this case set another JAVA_TOOL_OPTIONS that references the original value
    e.g. JAVA_TOOL_OPTIONS=$(JAVA_TOOL_OPTIONS) -javaagent:/otel-auto-instrumentation-java/javaagent.jar.

  • auto-instrumentation: Adds VolumeClaimTemplate field to Instrumentation spec to enable user-definable ephemeral volumes for auto-instrumentation. (#​3267)

  • collector: Add support for persistentVolumeClaimRetentionPolicy field (#​3305)

  • auto-instrumentation: build musl based auto-instrumentation in Python docker image (#​2264)

  • auto-instrumentation: An empty line should come before the addition of Include ...opentemetry_agent.conf, as a protection measure against cases of httpd.conf w/o a blank last line (#​3401)

  • collector: Add automatic RBAC creation for the kubeletstats receiver. (#​3155)

  • auto-instrumentation: Add Nodejs auto-instrumentation image builds for linux/s390x,linux/ppc64le. (#​3322)

🧰 Bug fixes 🧰
  • target allocator: Permission check fixed for the serviceaccount of the target allocator (#​3380)
  • target allocator: Change docker image to run as non-root (#​3378)
Components

v0.111.0

Compare Source

0.111.0

💡 Enhancements 💡
  • auto-instrumentation: set OTEL_LOGS_EXPORTER env var to otlp in python instrumentation (#​3330)

  • collector: Expose the Collector telemetry endpoint by default. (#​3361)

    The collector v0.111.0 changes the default binding of the telemetry metrics endpoint from 0.0.0.0 to localhost.
    To avoid any disruption we fallback to 0.0.0.0:{PORT} as default address.
    Details can be found here: opentelemetry-collector#11251

  • auto-instrumentation: Add support for specifying exporter TLS certificates in auto-instrumentation. (#​3338)

    Now Instrumentation CR supports specifying TLS certificates for exporter:

    spec:
      exporter:
        endpoint: https://otel-collector:4317
        tls:
          secretName: otel-tls-certs
          configMapName: otel-ca-bundle

otel-ca-bundle

    ca_file: ca.crt

present in otel-tls-certs

    cert_file: tls.crt

present in otel-tls-certs

    key_file: tls.key

* Propagating secrets across namespaces can be done with https://github.com/EmberStack/kubernetes-reflector or https://github.com/zakkg3/ClusterSecret
* Restarting workloads on certificate renewal can be done with https://github.com/stakater/Reloader or https://github.com/wave-k8s/wave

- `collector`: Add native sidecar injection behind a feature gate which is disabled by default. (#​2376)

Native sidecars are supported since Kubernetes version `1.28` and are availabe by default since `1.29`.
To use native sidecars on Kubernetes v1.28 make sure the "SidecarContainers" feature gate on kubernetes is enabled.
If native sidecars are available, the operator can be advised to use them by adding
the `--feature-gates=operator.sidecarcontainers.native` to the Operator args.
In the future this may will become availabe as deployment mode on the Collector CR. See [#​3356](https://redirect.github.com/open-telemetry/opentelemetry-operator/issues/3356)

- `target allocator, collector`: Enable mTLS between the TA and collector for passing secrets in the scrape_config securely (#​1669)

This change enables mTLS between the collector and the target allocator (requires cert-manager).
This is necessary for passing secrets securely from the TA to the collector for scraping endpoints that have authentication. Use the `operator.targetallocator.mtls` to enable this feature. See the target allocator [documentation](https://redirect.github.com/open-telemetry/opentelemetry-operator/tree/main/cmd/otel-allocator#service--pod-monitor-endpoint-credentials) for more details.

##### 🧰 Bug fixes 🧰

- `collector-webhook`: Fixed validation of `stabilizationWindowSeconds` in autoscaler behaviour (#​3345)

The validation of `stabilizationWindowSeconds` in the `autoscaler.behaviour.scale[Up|Down]` incorrectly rejected 0 as an invalid value.
This has been fixed to ensure that the value is validated correctly (should be >=0 and <=3600) and the error messsage has been updated to reflect this.

##### Components

* [OpenTelemetry Collector - v0.111.0](https://redirect.github.com/open-telemetry/opentelemetry-collector/releases/tag/v0.111.0)
* [OpenTelemetry Contrib - v0.111.0](https://redirect.github.com/open-telemetry/opentelemetry-collector-contrib/releases/tag/v0.111.0)
* [Java auto-instrumentation - v1.33.5](https://redirect.github.com/open-telemetry/opentelemetry-java-instrumentation/releases/tag/v1.33.5)
* [.NET auto-instrumentation - v1.2.0](https://redirect.github.com/open-telemetry/opentelemetry-dotnet-instrumentation/releases/tag/v1.2.0)
* [Node.JS - v0.53.0](https://redirect.github.com/open-telemetry/opentelemetry-js/releases/tag/experimental%2Fv0.53.0)
* [Python - v0.48b0](https://redirect.github.com/open-telemetry/opentelemetry-python-contrib/releases/tag/v0.48b0)
* [Go - v0.15.0-alpha](https://redirect.github.com/open-telemetry/opentelemetry-go-instrumentation/releases/tag/v0.15.0-alpha)
* [ApacheHTTPD - 1.0.4](https://redirect.github.com/open-telemetry/opentelemetry-cpp-contrib/releases/tag/webserver%2Fv1.0.4)
* [Nginx - 1.0.4](https://redirect.github.com/open-telemetry/opentelemetry-cpp-contrib/releases/tag/webserver%2Fv1.0.4)

v0.110.0

Compare Source

0.110.0

🛑 Breaking changes 🛑
  • auto-instrumentation: Enable multi instrumentation by default. (#​3090)

    Starting with this release, the OpenTelemetry Operator now enables multi-instrumentation by default.
    This enhancement allows instrumentation of multiple containers in a pod with language-specific configurations.

    Key Changes:

    • Single Instrumentation (Default Behavior): If no container names are specified using the
      instrumentation.opentelemetry.io/container-names annotation, instrumentation will be applied to the first container in
      the pod spec by default. This only applies when single instrumentation injection is configured.
    • Multi-Container Pods: In scenarios where different containers in a pod use distinct technologies, users must specify the
      container(s) for instrumentation using language-specific annotations. Without this specification, the default behavior may
      not work as expected for multi-container environments.

    Compatibility:

    • Users already utilizing the instrumentation.opentelemetry.io/container-names annotation do not need to take any action.
      Their existing setup will continue to function as before.
    • Important: Users who attempt to configure both instrumentation.opentelemetry.io/container-names and language-specific annotations
      (for multi-instrumentation) simultaneously will encounter an error, as this configuration is not supported.
  • collector: Remove ComponentUseLocalHostAsDefaultHost collector feature gate. (#​3306)

    This change may break setups where receiver endpoints are not explicitly configured to listen on e.g. 0.0.0.0.
    Change #​3333 attempts to address this issue for a known set of components.
    The operator performs the adjustment for the following receivers:

    • otlp
    • skywalking
    • jaeger
    • loki
    • opencensus
    • zipkin
    • tcplog
    • udplog
    • fluentforward
    • statsd
    • awsxray/UDP
    • carbon
    • collectd
    • sapm
    • signalfx
    • splunk_hec
    • wavefront
💡 Enhancements 💡
  • auto-instrumentation, collector: Add a must gather utility to help troubleshoot (#​3149)

    The new utility is available as part of a new container image.

    To use the image in a running OpenShift cluster, you need to run the following command:

    oc adm must-gather --image=ghcr.io/open-telemetry/opentelemetry-operator/must-gather -- /usr/bin/must-gather --operator-namespace opentelemetry-operator-system

    See the README for more details.

  • collector: set default address for all parsed receivers (#​3126)

    This feature is enabled by default. It can be disabled by specifying
    --feature-gates=-operator.collector.default.config.

  • operator: Use 0.0.0.0 as otlp receiver default address (#​3126)

  • collector: Add flag to disable components when operator runs on FIPS enabled cluster. (#​3315)
    Flag --fips-disabled-components=receiver.otlp,exporter.otlp,processor.batch,extension.oidc can be used to disable
    components when operator runs on FIPS enabled cluster. The operator uses /proc/sys/crypto/fips_enabled to check
    if FIPS is enabled.

  • collector: Improves healthcheck parsing capabilities, allowing for future extensions to configure a healthcheck other than the v1 healthcheck extension. (#​3184)

  • auto-instrumentation: Add support for k8s labels such as app.kubernetes.io/name for resource attributes (#​3112)

    You can opt-in as follows:

    apiVersion: opentelemetry.io/v1alpha1
    kind: Instrumentation
    metadata:
      name: my-instrumentation
    spec:
      defaults:
        useLabelsForResourceAttributes: true

    The following labels are supported:

    • app.kubernetes.io/name becomes service.name
    • app.kubernetes.io/version becomes service.version
    • app.kubernetes.io/part-of becomes service.namespace
    • app.kubernetes.io/instance becomes service.instance.id
🧰 Bug fixes 🧰
  • auto-instrumentation: Fix ApacheHttpd, Nginx and SDK injectors to honour their container-names annotations. (#​3313)

    This is a breaking change if anyone is accidentally using the enablement flag with container names for these 3 injectors.

Components

Configuration

📅 Schedule: Branch creation - "before 4am" (UTC), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.


  • If you want to rebase/retry this PR, check this box

This PR was generated by Mend Renovate. View the repository job log.

@renovate renovate bot force-pushed the renovate/all branch 2 times, most recently from 7c2f7eb to 4417064 Compare May 20, 2024 00:15
@renovate renovate bot changed the title fix(deps): update all dependencies to v0.30.1 fix(deps): update all dependencies May 20, 2024
@renovate renovate bot force-pushed the renovate/all branch 5 times, most recently from 61e2514 to a18fb2b Compare May 23, 2024 04:32
@renovate renovate bot changed the title fix(deps): update all dependencies chore(deps): update all dependencies May 23, 2024
@renovate renovate bot force-pushed the renovate/all branch 9 times, most recently from 0a8f29a to 1cd9607 Compare May 31, 2024 13:18
@renovate renovate bot force-pushed the renovate/all branch 3 times, most recently from 115cadc to 33de24d Compare June 4, 2024 12:45
Copy link
Contributor Author

renovate bot commented Jun 4, 2024

ℹ Artifact update notice

File name: go.mod

In order to perform the update(s) described in the table above, Renovate ran the go get command, which resulted in the following additional change(s):

  • 15 additional dependencies were updated

Details:

Package Change
github.com/briandowns/spinner v1.23.0 -> v1.23.1
github.com/cisco-open/k8s-objectmatcher v1.9.0 -> v1.10.0
github.com/emicklei/go-restful/v3 v3.12.0 -> v3.12.1
github.com/fatih/color v1.16.0 -> v1.17.0
github.com/google/pprof v0.0.0-20240424215950-a892ee059fd6 -> v0.0.0-20241029153458-d1b30febd7db
github.com/spf13/cast v1.6.0 -> v1.7.0
golang.org/x/net v0.30.0 -> v0.31.0
golang.org/x/sys v0.26.0 -> v0.27.0
golang.org/x/term v0.25.0 -> v0.26.0
golang.org/x/text v0.19.0 -> v0.20.0
golang.org/x/time v0.5.0 -> v0.6.0
golang.org/x/tools v0.22.0 -> v0.27.0
k8s.io/apiextensions-apiserver v0.30.2 -> v0.31.2
k8s.io/kube-openapi v0.0.0-20240322212309-b815d8309940 -> v0.0.0-20240903163716-9e1beecbcb38
k8s.io/utils v0.0.0-20240502163921-fe8a2dddb1d0 -> v0.0.0-20240921022957-49e7df575cb6

@renovate renovate bot force-pushed the renovate/all branch 8 times, most recently from 2eddaa5 to 7187fe1 Compare June 7, 2024 09:01
@renovate renovate bot force-pushed the renovate/all branch 11 times, most recently from 56a4ee0 to f86f5af Compare October 31, 2024 14:50
@renovate renovate bot force-pushed the renovate/all branch 8 times, most recently from ee8c971 to 03da80d Compare November 7, 2024 16:02
@renovate renovate bot force-pushed the renovate/all branch 9 times, most recently from d4825a9 to 77c8bba Compare November 13, 2024 21:36
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

0 participants