ZeroDownTime/kubezero
3
0
Fork 0
Code Issues 1 Pull Requests 60 Releases Wiki Activity

chore(deps): update kubezero-network-dependencies #193

Merged
stefan merged 1 commits from renovate/kubezero-network-kubezero-network-dependencies into master 2024-05-23 17:42:30 +00:00
Conversation 0 Commits 1 Files Changed 1 +3 -3
renovate commented 2024-04-12 03:07:26 +00:00
Member
Copy Link

This PR contains the following updates:

Package Update Change
cilium (source) patch 1.15.3 -> 1.15.5
metallb (source) patch 0.14.4 -> 0.14.5

Release Notes

cilium/cilium (cilium)

v1.15.5: 1.15.5

Compare Source

We are pleased to announce the release of Cilium v1.15.5.

This release fixes a lot of bugs, including fixes for conflicting ports with DNS proxy, clustermesh startup issues, and StatefulSet handling.

Security Advisories

This release addresses following security vulnerabilities:

Summary of Changes

Minor Changes:

Bugfixes:

CI Changes:

Misc Changes:

Other Changes:

  • 1.15] images: update cilium-{runtime,builder} ([#​32444](https://github.com/cilium/cilium/issues/32444), [@​nebril](https://github.com/nebril))

  • v1.15-backport] Introduce fromEgressProxyRule ([#​31922](https://github.com/cilium/cilium/issues/31922), [@​jschwinger233](https://github.com/jschwinger233))

  • v1.15] cilium-dbg: remove section with unknown health status. ([#​31905](https://github.com/cilium/cilium/issues/31905), [@​tommyp1ckles](https://github.com/tommyp1ckles))

  • v1.15] proxy: skip rule removal if address family is not supported ([#​32007](https://github.com/cilium/cilium/issues/32007), [@​rgo3](https://github.com/rgo3))
  • envoy: Bump envoy version to v1.27.5 (#​32077, @​sayboras)
  • envoy: Update envoy 1.27.x to 1.28.3 (#​32149, @​sayboras)
  • fix k8s versions tested in CI (#​31965, @​nbusseneau)
  • install: Update image digests for v1.15.4 (#​31915, @​asauber)

v1.15.5

Docker Manifests

cilium

quay.io/cilium/cilium:v1.15.5@​sha256:4ce1666a73815101ec9a4d360af6c5b7f1193ab00d89b7124f8505dee147ca40
quay.io/cilium/cilium:stable@sha256:4ce1666a73815101ec9a4d360af6c5b7f1193ab00d89b7124f8505dee147ca40

clustermesh-apiserver

quay.io/cilium/clustermesh-apiserver:v1.15.5@​sha256:914549caf4376a844b5e7696019182dd2a655b89d6a3cad10f9d0f9821759fd7
quay.io/cilium/clustermesh-apiserver:stable@sha256:914549caf4376a844b5e7696019182dd2a655b89d6a3cad10f9d0f9821759fd7

docker-plugin

quay.io/cilium/docker-plugin:v1.15.5@​sha256:c301dc000eff2940a82fc51f4a937793fa3a7212d77000a5aa06ae6116032437
quay.io/cilium/docker-plugin:stable@sha256:c301dc000eff2940a82fc51f4a937793fa3a7212d77000a5aa06ae6116032437

hubble-relay

quay.io/cilium/hubble-relay:v1.15.5@​sha256:1d24b24e3477ccf9b5ad081827db635419c136a2bd84a3e60f37b26a38dd0781
quay.io/cilium/hubble-relay:stable@sha256:1d24b24e3477ccf9b5ad081827db635419c136a2bd84a3e60f37b26a38dd0781

operator-alibabacloud

quay.io/cilium/operator-alibabacloud:v1.15.5@​sha256:d76d45e308f23398b786f1f05504863759849046c20c741ebb64ad80613f8fd3
quay.io/cilium/operator-alibabacloud:stable@sha256:d76d45e308f23398b786f1f05504863759849046c20c741ebb64ad80613f8fd3

operator-aws

quay.io/cilium/operator-aws:v1.15.5@​sha256:f9c0eaea023ce5a75b3ed1fc4b783f390c5a3c7dc1507a2dc4dbc667b80d1bd9
quay.io/cilium/operator-aws:stable@sha256:f9c0eaea023ce5a75b3ed1fc4b783f390c5a3c7dc1507a2dc4dbc667b80d1bd9

operator-azure

quay.io/cilium/operator-azure:v1.15.5@​sha256:0a56f2cfdcdf13da21b7fdcc870e29fef82e71e599cd8dd74eb65c377e035522
quay.io/cilium/operator-azure:stable@sha256:0a56f2cfdcdf13da21b7fdcc870e29fef82e71e599cd8dd74eb65c377e035522

operator-generic

quay.io/cilium/operator-generic:v1.15.5@​sha256:f5d3d19754074ca052be6aac5d1ffb1de1eb5f2d947222b5f10f6d97ad4383e8
quay.io/cilium/operator-generic:stable@sha256:f5d3d19754074ca052be6aac5d1ffb1de1eb5f2d947222b5f10f6d97ad4383e8

operator

quay.io/cilium/operator:v1.15.5@​sha256:6f480128aa3d3b2c50a8dfa0bd5bc5121e48b1ee0bbc8eec9cae72e904bf10c3
quay.io/cilium/operator:stable@sha256:6f480128aa3d3b2c50a8dfa0bd5bc5121e48b1ee0bbc8eec9cae72e904bf10c3

v1.15.4: 1.15.4

Compare Source

We are pleased to announce the release of Cilium v1.15.4.

This release includes the option to configure Node map size, additional detail when using cilium-dbg bpf metrics list, a fix to an issue with overlapping keys that may have affected the ability to recover from a full Service map, and performance improvements to the Connection Tracking implementation. Bugfixes include improved behavior for overlapping and restored DNS policies, a fix to a race condition in Service updates for L7 LB, and a fix to the retry logic in the cilium health controllers.

Security Advisories

This release addresses a security vulnerability. For more information, see GHSA-j654-3ccm-vfmm

Summary of Changes

Minor Changes:

  • Add "node-map-max" to allow configuring nodemap size. (Backport PR #​31727, Upstream PR #​31407, @​tommyp1ckles)
  • Add line numbers and file names to all metrics in 'cilium-dbg bpf metrics list' (Backport PR #​31558, Upstream PR #​30972, @​ti-mo)
  • bugtool: Collect hubble metrics (Backport PR #​31890, Upstream PR #​31533, @​chancez)
  • feat: Add the http return code to metric api_processed_total (Backport PR #​31890, Upstream PR #​31227, @​vipul-21)
  • Fix overlapping keys in agent-side service BPF map cache used for retries. In rare cases this bug may have caused retrying of a failed BPF map update for a services entry to be skipped leading to a missing entry. This may have, for example, adversely affected recovering from a full BPF service map after excess services were removed. (Backport PR #​31890, Upstream PR #​29581, @​xyz-li)
  • Skip overlay traffic in the BPF SNAT processing, and thus reduce pressure on the BPF Connection tracking and NAT maps. (Backport PR #​31785, Upstream PR #​31082, @​julianwiedmann)

Bugfixes:

CI Changes:

Misc Changes:

Other Changes:

  • v1.15] envoy: Bump envoy image for golang 1.21.9 ([#​31770](https://github.com/cilium/cilium/issues/31770), [@​sayboras](https://github.com/sayboras))

  • v1.15] Multicast Datapath Backport ([#​31668](https://github.com/cilium/cilium/issues/31668), [@​ldelossa](https://github.com/ldelossa))

  • v1.15] route: Specify "proto kernel" for ip routes and rules ([#​31777](https://github.com/cilium/cilium/issues/31777), [@​jschwinger233](https://github.com/jschwinger233))
  • envoy: Bump envoy version to v1.27.4 (#​31807, @​sayboras)
  • install: Update image digests for v1.15.3 (#​31623, @​jrajahalme)

Docker Manifests

cilium

quay.io/cilium/cilium:v1.15.4@​sha256:b760a4831f5aab71c711f7537a107b751d0d0ce90dd32d8b358df3c5da385426
quay.io/cilium/cilium:stable@sha256:b760a4831f5aab71c711f7537a107b751d0d0ce90dd32d8b358df3c5da385426

clustermesh-apiserver

quay.io/cilium/clustermesh-apiserver:v1.15.4@​sha256:3fadf85d2aa0ecec09152e7e2d57648bda7e35bdc161b25ab54066dd4c3b299c
quay.io/cilium/clustermesh-apiserver:stable@sha256:3fadf85d2aa0ecec09152e7e2d57648bda7e35bdc161b25ab54066dd4c3b299c

docker-plugin

quay.io/cilium/docker-plugin:v1.15.4@​sha256:af22e26e927ec01633526b3d2fd5e15f2c7f3aab9d8c399081eeb746a4e0db47
quay.io/cilium/docker-plugin:stable@sha256:af22e26e927ec01633526b3d2fd5e15f2c7f3aab9d8c399081eeb746a4e0db47

hubble-relay

quay.io/cilium/hubble-relay:v1.15.4@​sha256:03ad857feaf52f1b4774c29614f42a50b370680eb7d0bfbc1ae065df84b1070a
quay.io/cilium/hubble-relay:stable@sha256:03ad857feaf52f1b4774c29614f42a50b370680eb7d0bfbc1ae065df84b1070a

operator-alibabacloud

quay.io/cilium/operator-alibabacloud:v1.15.4@​sha256:7c0e5346483a517e18a8951f4d4399337fb47020f2d9225e2ceaa8c5d9a45a5f
quay.io/cilium/operator-alibabacloud:stable@sha256:7c0e5346483a517e18a8951f4d4399337fb47020f2d9225e2ceaa8c5d9a45a5f

operator-aws

quay.io/cilium/operator-aws:v1.15.4@​sha256:8675486ce8938333390c37302af162ebd12aaebc08eeeaf383bfb73128143fa9
quay.io/cilium/operator-aws:stable@sha256:8675486ce8938333390c37302af162ebd12aaebc08eeeaf383bfb73128143fa9

operator-azure

quay.io/cilium/operator-azure:v1.15.4@​sha256:4c1a31502931681fa18a41ead2a3904b97d47172a92b7a7b205026bd1e715207
quay.io/cilium/operator-azure:stable@sha256:4c1a31502931681fa18a41ead2a3904b97d47172a92b7a7b205026bd1e715207

operator-generic

quay.io/cilium/operator-generic:v1.15.4@​sha256:404890a83cca3f28829eb7e54c1564bb6904708cdb7be04ebe69c2b60f164e9a
quay.io/cilium/operator-generic:stable@sha256:404890a83cca3f28829eb7e54c1564bb6904708cdb7be04ebe69c2b60f164e9a

operator

quay.io/cilium/operator:v1.15.4@​sha256:4e42b867d816808f10b38f555d6ae50065ebdc6ddc4549635f2fe50ed6dc8d7f
quay.io/cilium/operator:stable@sha256:4e42b867d816808f10b38f555d6ae50065ebdc6ddc4549635f2fe50ed6dc8d7f

metallb/metallb (metallb)

v0.14.5

Compare Source

See the release notes for details:

https://metallb.universe.tf/release-notes/#version-0-14-5

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.

  • If you want to rebase/retry this PR, check this box

This PR has been generated by Renovate Bot.

This PR contains the following updates: | Package | Update | Change | |---|---|---| | [cilium](https://cilium.io/) ([source](https://github.com/cilium/cilium)) | patch | `1.15.3` -> `1.15.5` | | [metallb](https://metallb.universe.tf) ([source](https://github.com/metallb/metallb)) | patch | `0.14.4` -> `0.14.5` | --- ### Release Notes <details> <summary>cilium/cilium (cilium)</summary> ### [`v1.15.5`](https://github.com/cilium/cilium/releases/tag/v1.15.5): 1.15.5 [Compare Source](https://github.com/cilium/cilium/compare/1.15.4...1.15.5) We are pleased to announce the release of Cilium v1.15.5. This release fixes a lot of bugs, including fixes for conflicting ports with DNS proxy, clustermesh startup issues, and StatefulSet handling. ## Security Advisories This release addresses following security vulnerabilities: - https://github.com/envoyproxy/envoy/security/advisories/GHSA-3mh5-6q8v-25wj - https://github.com/advisories/GHSA-5fq7-4mxc-535h ## Summary of Changes **Minor Changes:** - envoy: Bump go version to 1.22.3 ([#&#8203;32413](https://github.com/cilium/cilium/issues/32413), [@&#8203;sayboras](https://github.com/sayboras)) - labels: Add controller-uid into default ignore list (Backport PR [#&#8203;32103](https://github.com/cilium/cilium/issues/32103), Upstream PR [#&#8203;31964](https://github.com/cilium/cilium/issues/31964), [@&#8203;sayboras](https://github.com/sayboras)) **Bugfixes:** - Agent: add kubeconfigPath to initContainers (Backport PR [#&#8203;32230](https://github.com/cilium/cilium/issues/32230), Upstream PR [#&#8203;32008](https://github.com/cilium/cilium/issues/32008), [@&#8203;darox](https://github.com/darox)) - Avoids drops with "No mapping for NAT masquerade" for ICMP messages by local service backends. (Backport PR [#&#8203;32384](https://github.com/cilium/cilium/issues/32384), Upstream PR [#&#8203;32155](https://github.com/cilium/cilium/issues/32155), [@&#8203;julianwiedmann](https://github.com/julianwiedmann)) - cilium-cni: Reserve ports that can conflict with transparent DNS proxy (Backport PR [#&#8203;32418](https://github.com/cilium/cilium/issues/32418), Upstream PR [#&#8203;32128](https://github.com/cilium/cilium/issues/32128), [@&#8203;gandro](https://github.com/gandro)) - cni: Use correct route MTU when ENI, Azure or Alibaba Cloud IPAM is enabled (Backport PR [#&#8203;32384](https://github.com/cilium/cilium/issues/32384), Upstream PR [#&#8203;32244](https://github.com/cilium/cilium/issues/32244), [@&#8203;learnitall](https://github.com/learnitall)) - dnsproxy: Fix bug where DNS request timed out too soon (Backport PR [#&#8203;32230](https://github.com/cilium/cilium/issues/32230), Upstream PR [#&#8203;31999](https://github.com/cilium/cilium/issues/31999), [@&#8203;gandro](https://github.com/gandro)) - Envoy upstream connections are now unique for each downstream connection when using the original source address of a source pod. (Backport PR [#&#8203;32312](https://github.com/cilium/cilium/issues/32312), Upstream PR [#&#8203;32270](https://github.com/cilium/cilium/issues/32270), [@&#8203;jrajahalme](https://github.com/jrajahalme)) - envoy: pass idle timeout configuration option to cilium configmap (Backport PR [#&#8203;32230](https://github.com/cilium/cilium/issues/32230), Upstream PR [#&#8203;32203](https://github.com/cilium/cilium/issues/32203), [@&#8203;mhofstetter](https://github.com/mhofstetter)) - Fix failing service connections, when the service requests are transported via cilium's overlay network. (Backport PR [#&#8203;32230](https://github.com/cilium/cilium/issues/32230), Upstream PR [#&#8203;32116](https://github.com/cilium/cilium/issues/32116), [@&#8203;julianwiedmann](https://github.com/julianwiedmann)) - Fix issue causing clustermesh-apiserver/kvstoremesh to not start when run with a non-root user (Backport PR [#&#8203;31879](https://github.com/cilium/cilium/issues/31879), Upstream PR [#&#8203;31539](https://github.com/cilium/cilium/issues/31539), [@&#8203;giorio94](https://github.com/giorio94)) - Fix service connection to terminating backend, when the service has no more backends available. (Backport PR [#&#8203;32092](https://github.com/cilium/cilium/issues/32092), Upstream PR [#&#8203;31840](https://github.com/cilium/cilium/issues/31840), [@&#8203;julianwiedmann](https://github.com/julianwiedmann)) - Fix various bugs related to restart of StatefulSet pods that may result in connectivity issues (Backport PR [#&#8203;32432](https://github.com/cilium/cilium/issues/32432), Upstream PR [#&#8203;31605](https://github.com/cilium/cilium/issues/31605), [@&#8203;christarazi](https://github.com/christarazi)) - Fixes a bug where Cilium in chained mode removed the `agent-not-ready` taint too early if the primary network is slow in deploying. (Backport PR [#&#8203;32230](https://github.com/cilium/cilium/issues/32230), Upstream PR [#&#8203;32168](https://github.com/cilium/cilium/issues/32168), [@&#8203;squeed](https://github.com/squeed)) - Fixes an (unlikely) bug where HostFirewall policies may miss updates to a node's labels. (Backport PR [#&#8203;32384](https://github.com/cilium/cilium/issues/32384), Upstream PR [#&#8203;30548](https://github.com/cilium/cilium/issues/30548), [@&#8203;squeed](https://github.com/squeed)) - fqdn: fix memory leak in transparent mode when there was a moderately high number of parallel DNS requests (>100). (Backport PR [#&#8203;32103](https://github.com/cilium/cilium/issues/32103), Upstream PR [#&#8203;31959](https://github.com/cilium/cilium/issues/31959), [@&#8203;marseel](https://github.com/marseel)) - Ingress/Gateway API: merge Envoy listeners for HTTP(S) and TLS passthrough (Backport PR [#&#8203;32178](https://github.com/cilium/cilium/issues/32178), Upstream PR [#&#8203;31646](https://github.com/cilium/cilium/issues/31646), [@&#8203;mhofstetter](https://github.com/mhofstetter)) - ipam: retry netlink.LinkList call when setting up ENI devices (Backport PR [#&#8203;32230](https://github.com/cilium/cilium/issues/32230), Upstream PR [#&#8203;32099](https://github.com/cilium/cilium/issues/32099), [@&#8203;jasonaliyetti](https://github.com/jasonaliyetti)) - loader: sanitize bpffs directory strings for netdevs (Backport PR [#&#8203;32103](https://github.com/cilium/cilium/issues/32103), Upstream PR [#&#8203;32090](https://github.com/cilium/cilium/issues/32090), [@&#8203;rgo3](https://github.com/rgo3)) - Prevent Cilium agents from incorrectly restarting an etcd watch against a different etcd instance. ([#&#8203;32005](https://github.com/cilium/cilium/issues/32005), [@&#8203;giorio94](https://github.com/giorio94)) - tables: Sort node addresses also by public vs private IP (Backport PR [#&#8203;32103](https://github.com/cilium/cilium/issues/32103), Upstream PR [#&#8203;30579](https://github.com/cilium/cilium/issues/30579), [@&#8203;joamaki](https://github.com/joamaki)) **CI Changes:** - alibabacloud/eni: avoid racing node mgr in test (Backport PR [#&#8203;31967](https://github.com/cilium/cilium/issues/31967), Upstream PR [#&#8203;31877](https://github.com/cilium/cilium/issues/31877), [@&#8203;bimmlerd](https://github.com/bimmlerd)) - ci: Filter supported versions of AKS (Backport PR [#&#8203;32384](https://github.com/cilium/cilium/issues/32384), Upstream PR [#&#8203;32303](https://github.com/cilium/cilium/issues/32303), [@&#8203;marseel](https://github.com/marseel)) - ci: Increase timeout for images for l4lb test (Backport PR [#&#8203;32230](https://github.com/cilium/cilium/issues/32230), Upstream PR [#&#8203;32201](https://github.com/cilium/cilium/issues/32201), [@&#8203;marseel](https://github.com/marseel)) - ci: Set hubble.relay.retryTimeout=5s (Backport PR [#&#8203;32230](https://github.com/cilium/cilium/issues/32230), Upstream PR [#&#8203;32066](https://github.com/cilium/cilium/issues/32066), [@&#8203;chancez](https://github.com/chancez)) - enable kube cache mutation detector (Backport PR [#&#8203;32230](https://github.com/cilium/cilium/issues/32230), Upstream PR [#&#8203;32069](https://github.com/cilium/cilium/issues/32069), [@&#8203;aanm](https://github.com/aanm)) - gha: bump post-upgrade timeout in clustermesh upgrade/downgrade tests (Backport PR [#&#8203;32384](https://github.com/cilium/cilium/issues/32384), Upstream PR [#&#8203;32347](https://github.com/cilium/cilium/issues/32347), [@&#8203;giorio94](https://github.com/giorio94)) - gha: configure fully-qualified DNS names as external targets (Backport PR [#&#8203;32103](https://github.com/cilium/cilium/issues/32103), Upstream PR [#&#8203;31510](https://github.com/cilium/cilium/issues/31510), [@&#8203;giorio94](https://github.com/giorio94)) - gha: drop double installation of Cilium CLI in conformance-eks (Backport PR [#&#8203;32103](https://github.com/cilium/cilium/issues/32103), Upstream PR [#&#8203;32042](https://github.com/cilium/cilium/issues/32042), [@&#8203;giorio94](https://github.com/giorio94)) - Miscellaneous improvements to the clustermesh upgrade/downgrade test (Backport PR [#&#8203;32103](https://github.com/cilium/cilium/issues/32103), Upstream PR [#&#8203;31958](https://github.com/cilium/cilium/issues/31958), [@&#8203;giorio94](https://github.com/giorio94)) - route: dedicated net ns for each subtest of runListRules (Backport PR [#&#8203;32230](https://github.com/cilium/cilium/issues/32230), Upstream PR [#&#8203;29916](https://github.com/cilium/cilium/issues/29916), [@&#8203;mhofstetter](https://github.com/mhofstetter)) - test: De-flake xds server_e2e_test (Backport PR [#&#8203;32103](https://github.com/cilium/cilium/issues/32103), Upstream PR [#&#8203;32004](https://github.com/cilium/cilium/issues/32004), [@&#8203;jrajahalme](https://github.com/jrajahalme)) - workflows: Fix CI jobs for push events on private forks (Backport PR [#&#8203;32230](https://github.com/cilium/cilium/issues/32230), Upstream PR [#&#8203;32085](https://github.com/cilium/cilium/issues/32085), [@&#8203;pchaigno](https://github.com/pchaigno)) **Misc Changes:** - bpf: host: simplify MARK_MAGIC_PROXY_EGRESS_EPID handling (Backport PR [#&#8203;32384](https://github.com/cilium/cilium/issues/32384), Upstream PR [#&#8203;29803](https://github.com/cilium/cilium/issues/29803), [@&#8203;julianwiedmann](https://github.com/julianwiedmann)) - build(deps): bump pydantic from 2.3.0 to 2.4.0 in /Documentation (Backport PR [#&#8203;32230](https://github.com/cilium/cilium/issues/32230), Upstream PR [#&#8203;32176](https://github.com/cilium/cilium/issues/32176), [@&#8203;dependabot](https://github.com/dependabot)\[bot]) - chore(deps): update all github action dependencies (v1.15) ([#&#8203;31954](https://github.com/cilium/cilium/issues/31954), [@&#8203;renovate](https://github.com/renovate)\[bot]) - chore(deps): update all github action dependencies (v1.15) ([#&#8203;32107](https://github.com/cilium/cilium/issues/32107), [@&#8203;renovate](https://github.com/renovate)\[bot]) - chore(deps): update all github action dependencies (v1.15) ([#&#8203;32366](https://github.com/cilium/cilium/issues/32366), [@&#8203;renovate](https://github.com/renovate)\[bot]) - chore(deps): update all-dependencies (v1.15) ([#&#8203;31993](https://github.com/cilium/cilium/issues/31993), [@&#8203;renovate](https://github.com/renovate)\[bot]) - chore(deps): update all-dependencies (v1.15) ([#&#8203;32238](https://github.com/cilium/cilium/issues/32238), [@&#8203;renovate](https://github.com/renovate)\[bot]) - chore(deps): update azure/login action to v2.1.0 (v1.15) ([#&#8203;31994](https://github.com/cilium/cilium/issues/31994), [@&#8203;renovate](https://github.com/renovate)\[bot]) - chore(deps): update dependency cilium/cilium-cli to v0.16.6 (v1.15) ([#&#8203;32365](https://github.com/cilium/cilium/issues/32365), [@&#8203;renovate](https://github.com/renovate)\[bot]) - chore(deps): update docker.io/library/golang:1.21.9 docker digest to [`81811f8`](https://github.com/cilium/cilium/commit/81811f8) (v1.15) ([#&#8203;31953](https://github.com/cilium/cilium/issues/31953), [@&#8203;renovate](https://github.com/renovate)\[bot]) - chore(deps): update docker.io/library/golang:1.21.9 docker digest to [`d83472f`](https://github.com/cilium/cilium/commit/d83472f) (v1.15) ([#&#8203;32257](https://github.com/cilium/cilium/issues/32257), [@&#8203;renovate](https://github.com/renovate)\[bot]) - chore(deps): update docker.io/library/ubuntu:22.04 docker digest to [`a6d2b38`](https://github.com/cilium/cilium/commit/a6d2b38) (v1.15) ([#&#8203;32364](https://github.com/cilium/cilium/issues/32364), [@&#8203;renovate](https://github.com/renovate)\[bot]) - chore(deps): update go to v1.21.10 (v1.15) ([#&#8203;32417](https://github.com/cilium/cilium/issues/32417), [@&#8203;renovate](https://github.com/renovate)\[bot]) - chore(deps): update golangci/golangci-lint-action action to v6 (v1.15) ([#&#8203;32396](https://github.com/cilium/cilium/issues/32396), [@&#8203;renovate](https://github.com/renovate)\[bot]) - chore(deps): update hubble cli to v0.13.3 (v1.15) ([#&#8203;32108](https://github.com/cilium/cilium/issues/32108), [@&#8203;renovate](https://github.com/renovate)\[bot]) - chore(deps): update stable lvh-images (v1.15) (patch) ([#&#8203;31821](https://github.com/cilium/cilium/issues/31821), [@&#8203;renovate](https://github.com/renovate)\[bot]) - CI: bump default FQDN datapath timeout from 100 to 250ms (Backport PR [#&#8203;32230](https://github.com/cilium/cilium/issues/32230), Upstream PR [#&#8203;31866](https://github.com/cilium/cilium/issues/31866), [@&#8203;squeed](https://github.com/squeed)) - clustermesh: fix panic if the etcd client cannot be created (Backport PR [#&#8203;32384](https://github.com/cilium/cilium/issues/32384), Upstream PR [#&#8203;32225](https://github.com/cilium/cilium/issues/32225), [@&#8203;giorio94](https://github.com/giorio94)) - docs: Add annotation for Ingress endpoint (Backport PR [#&#8203;32384](https://github.com/cilium/cilium/issues/32384), Upstream PR [#&#8203;32284](https://github.com/cilium/cilium/issues/32284), [@&#8203;sayboras](https://github.com/sayboras)) - docs: add link to sig-policy meeting (Backport PR [#&#8203;32384](https://github.com/cilium/cilium/issues/32384), Upstream PR [#&#8203;32340](https://github.com/cilium/cilium/issues/32340), [@&#8203;squeed](https://github.com/squeed)) - docs: Clean-up Host Firewall documentation, list known issues (Backport PR [#&#8203;32384](https://github.com/cilium/cilium/issues/32384), Upstream PR [#&#8203;32267](https://github.com/cilium/cilium/issues/32267), [@&#8203;qmonnet](https://github.com/qmonnet)) - docs: Fix prometheus port regex (Backport PR [#&#8203;32230](https://github.com/cilium/cilium/issues/32230), Upstream PR [#&#8203;32030](https://github.com/cilium/cilium/issues/32030), [@&#8203;JBodkin-Amphora](https://github.com/JBodkin-Amphora)) - Docs: mark Tetragon as Stable (Backport PR [#&#8203;31967](https://github.com/cilium/cilium/issues/31967), Upstream PR [#&#8203;31886](https://github.com/cilium/cilium/issues/31886), [@&#8203;sharlns](https://github.com/sharlns)) - Document Cluster Mesh global services limitations when KPR=false (Backport PR [#&#8203;31967](https://github.com/cilium/cilium/issues/31967), Upstream PR [#&#8203;31798](https://github.com/cilium/cilium/issues/31798), [@&#8203;giorio94](https://github.com/giorio94)) - endpoint: Skip build queue warning log is context is canceled (Backport PR [#&#8203;32230](https://github.com/cilium/cilium/issues/32230), Upstream PR [#&#8203;32132](https://github.com/cilium/cilium/issues/32132), [@&#8203;jrajahalme](https://github.com/jrajahalme)) - Fix helm chart incompatible types for comparison (Backport PR [#&#8203;32230](https://github.com/cilium/cilium/issues/32230), Upstream PR [#&#8203;32025](https://github.com/cilium/cilium/issues/32025), [@&#8203;lou-lan](https://github.com/lou-lan)) - fqdn: Change error log to warning (Backport PR [#&#8203;32384](https://github.com/cilium/cilium/issues/32384), Upstream PR [#&#8203;32333](https://github.com/cilium/cilium/issues/32333), [@&#8203;jrajahalme](https://github.com/jrajahalme)) - fqdn: Fix Upgrade Issue Between PortProto Versions (Backport PR [#&#8203;32384](https://github.com/cilium/cilium/issues/32384), Upstream PR [#&#8203;32325](https://github.com/cilium/cilium/issues/32325), [@&#8203;nathanjsweet](https://github.com/nathanjsweet)) - golangci: Enable errorlint (Backport PR [#&#8203;31783](https://github.com/cilium/cilium/issues/31783), Upstream PR [#&#8203;31458](https://github.com/cilium/cilium/issues/31458), [@&#8203;jrajahalme](https://github.com/jrajahalme)) - images: Update bpftool, checkpatch images (Backport PR [#&#8203;31896](https://github.com/cilium/cilium/issues/31896), Upstream PR [#&#8203;31753](https://github.com/cilium/cilium/issues/31753), [@&#8203;qmonnet](https://github.com/qmonnet)) - Improve release organization page (Backport PR [#&#8203;32103](https://github.com/cilium/cilium/issues/32103), Upstream PR [#&#8203;31970](https://github.com/cilium/cilium/issues/31970), [@&#8203;joestringer](https://github.com/joestringer)) - install/kubernetes: add AppArmor profile to Cilium Daemonset (Backport PR [#&#8203;32384](https://github.com/cilium/cilium/issues/32384), Upstream PR [#&#8203;32199](https://github.com/cilium/cilium/issues/32199), [@&#8203;aanm](https://github.com/aanm)) - install/kubernetes: update nodeinit image to latest version (Backport PR [#&#8203;32230](https://github.com/cilium/cilium/issues/32230), Upstream PR [#&#8203;32181](https://github.com/cilium/cilium/issues/32181), [@&#8203;tklauser](https://github.com/tklauser)) - ipsec: Debug info for transient IPsec upgrade drops (Backport PR [#&#8203;32384](https://github.com/cilium/cilium/issues/32384), Upstream PR [#&#8203;32240](https://github.com/cilium/cilium/issues/32240), [@&#8203;pchaigno](https://github.com/pchaigno)) - l7 policy: add possibility to configure Envoy proxy xff-num-trusted-hops (Backport PR [#&#8203;32260](https://github.com/cilium/cilium/issues/32260), Upstream PR [#&#8203;32200](https://github.com/cilium/cilium/issues/32200), [@&#8203;mhofstetter](https://github.com/mhofstetter)) - Remove aks-preview from AKS workflows (Backport PR [#&#8203;32230](https://github.com/cilium/cilium/issues/32230), Upstream PR [#&#8203;32118](https://github.com/cilium/cilium/issues/32118), [@&#8203;marseel](https://github.com/marseel)) - Seamlessly downgrade bpf attachments from tcx to tc (Backport PR [#&#8203;32337](https://github.com/cilium/cilium/issues/32337), Upstream PR [#&#8203;32228](https://github.com/cilium/cilium/issues/32228), [@&#8203;ti-mo](https://github.com/ti-mo)) **Other Changes:** - \[1.15] images: update cilium-{runtime,builder} ([#&#8203;32444](https://github.com/cilium/cilium/issues/32444), [@&#8203;nebril](https://github.com/nebril)) - \[v1.15-backport] Introduce fromEgressProxyRule ([#&#8203;31922](https://github.com/cilium/cilium/issues/31922), [@&#8203;jschwinger233](https://github.com/jschwinger233)) - \[v1.15] cilium-dbg: remove section with unknown health status. ([#&#8203;31905](https://github.com/cilium/cilium/issues/31905), [@&#8203;tommyp1ckles](https://github.com/tommyp1ckles)) - \[v1.15] proxy: skip rule removal if address family is not supported ([#&#8203;32007](https://github.com/cilium/cilium/issues/32007), [@&#8203;rgo3](https://github.com/rgo3)) - envoy: Bump envoy version to v1.27.5 ([#&#8203;32077](https://github.com/cilium/cilium/issues/32077), [@&#8203;sayboras](https://github.com/sayboras)) - envoy: Update envoy 1.27.x to 1.28.3 ([#&#8203;32149](https://github.com/cilium/cilium/issues/32149), [@&#8203;sayboras](https://github.com/sayboras)) - fix k8s versions tested in CI ([#&#8203;31965](https://github.com/cilium/cilium/issues/31965), [@&#8203;nbusseneau](https://github.com/nbusseneau)) - install: Update image digests for v1.15.4 ([#&#8203;31915](https://github.com/cilium/cilium/issues/31915), [@&#8203;asauber](https://github.com/asauber)) #### v1.15.5 #### Docker Manifests ##### cilium `quay.io/cilium/cilium:v1.15.5@&#8203;sha256:4ce1666a73815101ec9a4d360af6c5b7f1193ab00d89b7124f8505dee147ca40` `quay.io/cilium/cilium:stable@sha256:4ce1666a73815101ec9a4d360af6c5b7f1193ab00d89b7124f8505dee147ca40` ##### clustermesh-apiserver `quay.io/cilium/clustermesh-apiserver:v1.15.5@&#8203;sha256:914549caf4376a844b5e7696019182dd2a655b89d6a3cad10f9d0f9821759fd7` `quay.io/cilium/clustermesh-apiserver:stable@sha256:914549caf4376a844b5e7696019182dd2a655b89d6a3cad10f9d0f9821759fd7` ##### docker-plugin `quay.io/cilium/docker-plugin:v1.15.5@&#8203;sha256:c301dc000eff2940a82fc51f4a937793fa3a7212d77000a5aa06ae6116032437` `quay.io/cilium/docker-plugin:stable@sha256:c301dc000eff2940a82fc51f4a937793fa3a7212d77000a5aa06ae6116032437` ##### hubble-relay `quay.io/cilium/hubble-relay:v1.15.5@&#8203;sha256:1d24b24e3477ccf9b5ad081827db635419c136a2bd84a3e60f37b26a38dd0781` `quay.io/cilium/hubble-relay:stable@sha256:1d24b24e3477ccf9b5ad081827db635419c136a2bd84a3e60f37b26a38dd0781` ##### operator-alibabacloud `quay.io/cilium/operator-alibabacloud:v1.15.5@&#8203;sha256:d76d45e308f23398b786f1f05504863759849046c20c741ebb64ad80613f8fd3` `quay.io/cilium/operator-alibabacloud:stable@sha256:d76d45e308f23398b786f1f05504863759849046c20c741ebb64ad80613f8fd3` ##### operator-aws `quay.io/cilium/operator-aws:v1.15.5@&#8203;sha256:f9c0eaea023ce5a75b3ed1fc4b783f390c5a3c7dc1507a2dc4dbc667b80d1bd9` `quay.io/cilium/operator-aws:stable@sha256:f9c0eaea023ce5a75b3ed1fc4b783f390c5a3c7dc1507a2dc4dbc667b80d1bd9` ##### operator-azure `quay.io/cilium/operator-azure:v1.15.5@&#8203;sha256:0a56f2cfdcdf13da21b7fdcc870e29fef82e71e599cd8dd74eb65c377e035522` `quay.io/cilium/operator-azure:stable@sha256:0a56f2cfdcdf13da21b7fdcc870e29fef82e71e599cd8dd74eb65c377e035522` ##### operator-generic `quay.io/cilium/operator-generic:v1.15.5@&#8203;sha256:f5d3d19754074ca052be6aac5d1ffb1de1eb5f2d947222b5f10f6d97ad4383e8` `quay.io/cilium/operator-generic:stable@sha256:f5d3d19754074ca052be6aac5d1ffb1de1eb5f2d947222b5f10f6d97ad4383e8` ##### operator `quay.io/cilium/operator:v1.15.5@&#8203;sha256:6f480128aa3d3b2c50a8dfa0bd5bc5121e48b1ee0bbc8eec9cae72e904bf10c3` `quay.io/cilium/operator:stable@sha256:6f480128aa3d3b2c50a8dfa0bd5bc5121e48b1ee0bbc8eec9cae72e904bf10c3` ### [`v1.15.4`](https://github.com/cilium/cilium/releases/tag/v1.15.4): 1.15.4 [Compare Source](https://github.com/cilium/cilium/compare/1.15.3...1.15.4) We are pleased to announce the release of Cilium v1.15.4. This release includes the option to configure Node map size, additional detail when using `cilium-dbg bpf metrics list`, a fix to an issue with overlapping keys that may have affected the ability to recover from a full Service map, and performance improvements to the Connection Tracking implementation. Bugfixes include improved behavior for overlapping and restored DNS policies, a fix to a race condition in Service updates for L7 LB, and a fix to the retry logic in the cilium health controllers. ## Security Advisories This release addresses a security vulnerability. For more information, see [GHSA-j654-3ccm-vfmm](https://github.com/envoyproxy/envoy/security/advisories/GHSA-j654-3ccm-vfmm) ## Summary of Changes **Minor Changes:** - Add "node-map-max" to allow configuring nodemap size. (Backport PR [#&#8203;31727](https://github.com/cilium/cilium/issues/31727), Upstream PR [#&#8203;31407](https://github.com/cilium/cilium/issues/31407), [@&#8203;tommyp1ckles](https://github.com/tommyp1ckles)) - Add line numbers and file names to all metrics in 'cilium-dbg bpf metrics list' (Backport PR [#&#8203;31558](https://github.com/cilium/cilium/issues/31558), Upstream PR [#&#8203;30972](https://github.com/cilium/cilium/issues/30972), [@&#8203;ti-mo](https://github.com/ti-mo)) - bugtool: Collect hubble metrics (Backport PR [#&#8203;31890](https://github.com/cilium/cilium/issues/31890), Upstream PR [#&#8203;31533](https://github.com/cilium/cilium/issues/31533), [@&#8203;chancez](https://github.com/chancez)) - feat: Add the http return code to metric api_processed_total (Backport PR [#&#8203;31890](https://github.com/cilium/cilium/issues/31890), Upstream PR [#&#8203;31227](https://github.com/cilium/cilium/issues/31227), [@&#8203;vipul-21](https://github.com/vipul-21)) - Fix overlapping keys in agent-side service BPF map cache used for retries. In rare cases this bug may have caused retrying of a failed BPF map update for a services entry to be skipped leading to a missing entry. This may have, for example, adversely affected recovering from a full BPF service map after excess services were removed. (Backport PR [#&#8203;31890](https://github.com/cilium/cilium/issues/31890), Upstream PR [#&#8203;29581](https://github.com/cilium/cilium/issues/29581), [@&#8203;xyz-li](https://github.com/xyz-li)) - Skip overlay traffic in the BPF SNAT processing, and thus reduce pressure on the BPF Connection tracking and NAT maps. (Backport PR [#&#8203;31785](https://github.com/cilium/cilium/issues/31785), Upstream PR [#&#8203;31082](https://github.com/cilium/cilium/issues/31082), [@&#8203;julianwiedmann](https://github.com/julianwiedmann)) **Bugfixes:** - Avoid drops with "CT: Unknown L4 protocol" for non-ICMP/TCP/UDP traffic, caused by an error check in the BPF NAT engine. (Backport PR [#&#8203;31890](https://github.com/cilium/cilium/issues/31890), Upstream PR [#&#8203;31820](https://github.com/cilium/cilium/issues/31820), [@&#8203;julianwiedmann](https://github.com/julianwiedmann)) - cilium-health: Fix broken retry loop in `cilium-health-ep` controller (Backport PR [#&#8203;31727](https://github.com/cilium/cilium/issues/31727), Upstream PR [#&#8203;31622](https://github.com/cilium/cilium/issues/31622), [@&#8203;gandro](https://github.com/gandro)) - cni: Allow text-ts log format value (Backport PR [#&#8203;31890](https://github.com/cilium/cilium/issues/31890), Upstream PR [#&#8203;31686](https://github.com/cilium/cilium/issues/31686), [@&#8203;sayboras](https://github.com/sayboras)) - Fix a bug that could cause local packet delivery to be skipped, leading to lower performance, when IPsec was enabled and `--devices` provided. (Backport PR [#&#8203;31601](https://github.com/cilium/cilium/issues/31601), Upstream PR [#&#8203;31345](https://github.com/cilium/cilium/issues/31345), [@&#8203;pchaigno](https://github.com/pchaigno)) - Fix incorrect reporting of the number of etcd lock leases in cilium-dbg status. (Backport PR [#&#8203;31890](https://github.com/cilium/cilium/issues/31890), Upstream PR [#&#8203;31781](https://github.com/cilium/cilium/issues/31781), [@&#8203;giorio94](https://github.com/giorio94)) - fix: Delegated ipam not configure ipv6 if ipv6 disabled in agent (Backport PR [#&#8203;31727](https://github.com/cilium/cilium/issues/31727), Upstream PR [#&#8203;31104](https://github.com/cilium/cilium/issues/31104), [@&#8203;tamilmani1989](https://github.com/tamilmani1989)) - Fixed a race condition in service updates for L7 LB. (Backport PR [#&#8203;31860](https://github.com/cilium/cilium/issues/31860), Upstream PR [#&#8203;31744](https://github.com/cilium/cilium/issues/31744), [@&#8203;jrajahalme](https://github.com/jrajahalme)) - fqdn: Fix minor restore bug that causes false negative checks against a restored DNS IP map. ([#&#8203;31870](https://github.com/cilium/cilium/issues/31870), [@&#8203;nathanjsweet](https://github.com/nathanjsweet)) - fqdn: Fixed bug that caused DNS Proxy to be overly restrictive on allowed DNS selectors. (Backport PR [#&#8203;31727](https://github.com/cilium/cilium/issues/31727), Upstream PR [#&#8203;31328](https://github.com/cilium/cilium/issues/31328), [@&#8203;nathanjsweet](https://github.com/nathanjsweet)) - gateway-api: Ensure hostname check when set on both the HTTPRoute and the Gateway Listener (Backport PR [#&#8203;31769](https://github.com/cilium/cilium/issues/31769), Upstream PR [#&#8203;30686](https://github.com/cilium/cilium/issues/30686), [@&#8203;cjvirtucio87](https://github.com/cjvirtucio87)) - gateway-api: fixed RequestRedirect picks wrong port with multiple listeners (Backport PR [#&#8203;31769](https://github.com/cilium/cilium/issues/31769), Upstream PR [#&#8203;31361](https://github.com/cilium/cilium/issues/31361), [@&#8203;chaunceyjiang](https://github.com/chaunceyjiang)) - gateway-api: shorten the length of the value of the svc's label. (Backport PR [#&#8203;31769](https://github.com/cilium/cilium/issues/31769), Upstream PR [#&#8203;31292](https://github.com/cilium/cilium/issues/31292), [@&#8203;chaunceyjiang](https://github.com/chaunceyjiang)) - ingress/gateway-api: sort virtual hosts in CEC (Backport PR [#&#8203;31739](https://github.com/cilium/cilium/issues/31739), Upstream PR [#&#8203;31493](https://github.com/cilium/cilium/issues/31493), [@&#8203;mhofstetter](https://github.com/mhofstetter)) - ingress/gateway-api: stable envoy listener filterchain sort-order (Backport PR [#&#8203;31601](https://github.com/cilium/cilium/issues/31601), Upstream PR [#&#8203;31572](https://github.com/cilium/cilium/issues/31572), [@&#8203;mhofstetter](https://github.com/mhofstetter)) - metric: Avoid memory leak/increase in cilium-agent (Backport PR [#&#8203;31890](https://github.com/cilium/cilium/issues/31890), Upstream PR [#&#8203;31714](https://github.com/cilium/cilium/issues/31714), [@&#8203;sayboras](https://github.com/sayboras)) **CI Changes:** - ci-e2e: Add e2e test with WireGuard + Host Firewall (Backport PR [#&#8203;31727](https://github.com/cilium/cilium/issues/31727), Upstream PR [#&#8203;31594](https://github.com/cilium/cilium/issues/31594), [@&#8203;qmonnet](https://github.com/qmonnet)) - ci/ipsec: Print more info to debug credentials removal check failures (Backport PR [#&#8203;31727](https://github.com/cilium/cilium/issues/31727), Upstream PR [#&#8203;31652](https://github.com/cilium/cilium/issues/31652), [@&#8203;qmonnet](https://github.com/qmonnet)) - deflake endpointmanager tests (Backport PR [#&#8203;31601](https://github.com/cilium/cilium/issues/31601), Upstream PR [#&#8203;31488](https://github.com/cilium/cilium/issues/31488), [@&#8203;bimmlerd](https://github.com/bimmlerd)) - gh/workflows: Add IPsec key rotation action and use it in ci-eks / ci-ipsec-e2e (Backport PR [#&#8203;31428](https://github.com/cilium/cilium/issues/31428), Upstream PR [#&#8203;29704](https://github.com/cilium/cilium/issues/29704), [@&#8203;brb](https://github.com/brb)) - Make BPF unit tests reproducible (Backport PR [#&#8203;31663](https://github.com/cilium/cilium/issues/31663), Upstream PR [#&#8203;31526](https://github.com/cilium/cilium/issues/31526), [@&#8203;ti-mo](https://github.com/ti-mo)) - Make testdata build output more stable by reducing header includes (Backport PR [#&#8203;31663](https://github.com/cilium/cilium/issues/31663), Upstream PR [#&#8203;31644](https://github.com/cilium/cilium/issues/31644), [@&#8203;ti-mo](https://github.com/ti-mo)) - update azure k8s versions (Backport PR [#&#8203;31890](https://github.com/cilium/cilium/issues/31890), Upstream PR [#&#8203;31220](https://github.com/cilium/cilium/issues/31220), [@&#8203;brlbil](https://github.com/brlbil)) - workflows: Debug info for key rotations (Backport PR [#&#8203;31727](https://github.com/cilium/cilium/issues/31727), Upstream PR [#&#8203;31627](https://github.com/cilium/cilium/issues/31627), [@&#8203;pchaigno](https://github.com/pchaigno)) - workflows: ipsec-e2e: add missing key types for some configs (Backport PR [#&#8203;31727](https://github.com/cilium/cilium/issues/31727), Upstream PR [#&#8203;31636](https://github.com/cilium/cilium/issues/31636), [@&#8203;julianwiedmann](https://github.com/julianwiedmann)) **Misc Changes:** - bitlpm: Document and Fix Descendants Bug (Backport PR [#&#8203;31890](https://github.com/cilium/cilium/issues/31890), Upstream PR [#&#8203;31851](https://github.com/cilium/cilium/issues/31851), [@&#8203;nathanjsweet](https://github.com/nathanjsweet)) - bpf: host: restore HostFW for overlay traffic in to-netdev (Backport PR [#&#8203;31785](https://github.com/cilium/cilium/issues/31785), Upstream PR [#&#8203;31818](https://github.com/cilium/cilium/issues/31818), [@&#8203;julianwiedmann](https://github.com/julianwiedmann)) - bpf: tests: don't define HAVE_ENCAP in IPsec tests (Backport PR [#&#8203;31785](https://github.com/cilium/cilium/issues/31785), Upstream PR [#&#8203;31737](https://github.com/cilium/cilium/issues/31737), [@&#8203;julianwiedmann](https://github.com/julianwiedmann)) - chore(deps): update all github action dependencies (v1.15) ([#&#8203;31822](https://github.com/cilium/cilium/issues/31822), [@&#8203;renovate](https://github.com/renovate)\[bot]) - chore(deps): update all-dependencies (v1.15) ([#&#8203;31698](https://github.com/cilium/cilium/issues/31698), [@&#8203;renovate](https://github.com/renovate)\[bot]) - chore(deps): update cilium/little-vm-helper action to v0.0.17 (v1.15) ([#&#8203;31703](https://github.com/cilium/cilium/issues/31703), [@&#8203;renovate](https://github.com/renovate)\[bot]) - chore(deps): update dependency cilium/cilium-cli to v0.16.4 (v1.15) ([#&#8203;31674](https://github.com/cilium/cilium/issues/31674), [@&#8203;renovate](https://github.com/renovate)\[bot]) - chore(deps): update docker/setup-buildx-action action to v3.3.0 (v1.15) ([#&#8203;31828](https://github.com/cilium/cilium/issues/31828), [@&#8203;renovate](https://github.com/renovate)\[bot]) - chore(deps): update gcr.io/distroless/static-debian11:nonroot docker digest to [`f41b84c`](https://github.com/cilium/cilium/commit/f41b84c) (v1.15) ([#&#8203;31747](https://github.com/cilium/cilium/issues/31747), [@&#8203;renovate](https://github.com/renovate)\[bot]) - chore(deps): update go to v1.21.9 (v1.15) ([#&#8203;31764](https://github.com/cilium/cilium/issues/31764), [@&#8203;renovate](https://github.com/renovate)\[bot]) - chore(deps): update stable lvh-images (v1.15) (patch) ([#&#8203;31704](https://github.com/cilium/cilium/issues/31704), [@&#8203;renovate](https://github.com/renovate)\[bot]) - cilium-dbg: avoid leaking file resources (Backport PR [#&#8203;31890](https://github.com/cilium/cilium/issues/31890), Upstream PR [#&#8203;31750](https://github.com/cilium/cilium/issues/31750), [@&#8203;tklauser](https://github.com/tklauser)) - docs: Document `No node ID found` drops in case of remote node deletion (Backport PR [#&#8203;31727](https://github.com/cilium/cilium/issues/31727), Upstream PR [#&#8203;31635](https://github.com/cilium/cilium/issues/31635), [@&#8203;pchaigno](https://github.com/pchaigno)) - docs: ipsec: document native-routing + Egress proxy case (Backport PR [#&#8203;31727](https://github.com/cilium/cilium/issues/31727), Upstream PR [#&#8203;31478](https://github.com/cilium/cilium/issues/31478), [@&#8203;julianwiedmann](https://github.com/julianwiedmann)) - Fix spelling in DNS-based proxy info (Backport PR [#&#8203;31890](https://github.com/cilium/cilium/issues/31890), Upstream PR [#&#8203;31728](https://github.com/cilium/cilium/issues/31728), [@&#8203;saintdle](https://github.com/saintdle)) - helm: update nodeinit image using renovate (Backport PR [#&#8203;31727](https://github.com/cilium/cilium/issues/31727), Upstream PR [#&#8203;31641](https://github.com/cilium/cilium/issues/31641), [@&#8203;tklauser](https://github.com/tklauser)) - ingress: sort all shared ingresses during model generation (Backport PR [#&#8203;31727](https://github.com/cilium/cilium/issues/31727), Upstream PR [#&#8203;31494](https://github.com/cilium/cilium/issues/31494), [@&#8203;mhofstetter](https://github.com/mhofstetter)) - loader: refactor/cleanup replaceNetworkDatapath (Backport PR [#&#8203;31663](https://github.com/cilium/cilium/issues/31663), Upstream PR [#&#8203;29825](https://github.com/cilium/cilium/issues/29825), [@&#8203;rgo3](https://github.com/rgo3)) - Move governance docs to the Cilium community repo (Backport PR [#&#8203;31890](https://github.com/cilium/cilium/issues/31890), Upstream PR [#&#8203;31692](https://github.com/cilium/cilium/issues/31692), [@&#8203;katiestruthers](https://github.com/katiestruthers)) - Remove Hubble-OTel from the roadmap (Backport PR [#&#8203;31890](https://github.com/cilium/cilium/issues/31890), Upstream PR [#&#8203;31847](https://github.com/cilium/cilium/issues/31847), [@&#8203;xmulligan](https://github.com/xmulligan)) - Remove tcx links created by Cilium 1.16 onwards (Backport PR [#&#8203;31663](https://github.com/cilium/cilium/issues/31663), Upstream PR [#&#8203;31553](https://github.com/cilium/cilium/issues/31553), [@&#8203;ti-mo](https://github.com/ti-mo)) - Restructure OpenShift installation instructions to point to Red Hat Ecosystem Catalog (Backport PR [#&#8203;31727](https://github.com/cilium/cilium/issues/31727), Upstream PR [#&#8203;29300](https://github.com/cilium/cilium/issues/29300), [@&#8203;learnitall](https://github.com/learnitall)) - v1.15: update cilium/certgen to v0.1.11 ([#&#8203;31882](https://github.com/cilium/cilium/issues/31882), [@&#8203;rolinh](https://github.com/rolinh)) **Other Changes:** - \[v1.15] envoy: Bump envoy image for golang 1.21.9 ([#&#8203;31770](https://github.com/cilium/cilium/issues/31770), [@&#8203;sayboras](https://github.com/sayboras)) - \[v1.15] Multicast Datapath Backport ([#&#8203;31668](https://github.com/cilium/cilium/issues/31668), [@&#8203;ldelossa](https://github.com/ldelossa)) - \[v1.15] route: Specify "proto kernel" for ip routes and rules ([#&#8203;31777](https://github.com/cilium/cilium/issues/31777), [@&#8203;jschwinger233](https://github.com/jschwinger233)) - envoy: Bump envoy version to v1.27.4 ([#&#8203;31807](https://github.com/cilium/cilium/issues/31807), [@&#8203;sayboras](https://github.com/sayboras)) - install: Update image digests for v1.15.3 ([#&#8203;31623](https://github.com/cilium/cilium/issues/31623), [@&#8203;jrajahalme](https://github.com/jrajahalme)) #### Docker Manifests ##### cilium `quay.io/cilium/cilium:v1.15.4@&#8203;sha256:b760a4831f5aab71c711f7537a107b751d0d0ce90dd32d8b358df3c5da385426` `quay.io/cilium/cilium:stable@sha256:b760a4831f5aab71c711f7537a107b751d0d0ce90dd32d8b358df3c5da385426` ##### clustermesh-apiserver `quay.io/cilium/clustermesh-apiserver:v1.15.4@&#8203;sha256:3fadf85d2aa0ecec09152e7e2d57648bda7e35bdc161b25ab54066dd4c3b299c` `quay.io/cilium/clustermesh-apiserver:stable@sha256:3fadf85d2aa0ecec09152e7e2d57648bda7e35bdc161b25ab54066dd4c3b299c` ##### docker-plugin `quay.io/cilium/docker-plugin:v1.15.4@&#8203;sha256:af22e26e927ec01633526b3d2fd5e15f2c7f3aab9d8c399081eeb746a4e0db47` `quay.io/cilium/docker-plugin:stable@sha256:af22e26e927ec01633526b3d2fd5e15f2c7f3aab9d8c399081eeb746a4e0db47` ##### hubble-relay `quay.io/cilium/hubble-relay:v1.15.4@&#8203;sha256:03ad857feaf52f1b4774c29614f42a50b370680eb7d0bfbc1ae065df84b1070a` `quay.io/cilium/hubble-relay:stable@sha256:03ad857feaf52f1b4774c29614f42a50b370680eb7d0bfbc1ae065df84b1070a` ##### operator-alibabacloud `quay.io/cilium/operator-alibabacloud:v1.15.4@&#8203;sha256:7c0e5346483a517e18a8951f4d4399337fb47020f2d9225e2ceaa8c5d9a45a5f` `quay.io/cilium/operator-alibabacloud:stable@sha256:7c0e5346483a517e18a8951f4d4399337fb47020f2d9225e2ceaa8c5d9a45a5f` ##### operator-aws `quay.io/cilium/operator-aws:v1.15.4@&#8203;sha256:8675486ce8938333390c37302af162ebd12aaebc08eeeaf383bfb73128143fa9` `quay.io/cilium/operator-aws:stable@sha256:8675486ce8938333390c37302af162ebd12aaebc08eeeaf383bfb73128143fa9` ##### operator-azure `quay.io/cilium/operator-azure:v1.15.4@&#8203;sha256:4c1a31502931681fa18a41ead2a3904b97d47172a92b7a7b205026bd1e715207` `quay.io/cilium/operator-azure:stable@sha256:4c1a31502931681fa18a41ead2a3904b97d47172a92b7a7b205026bd1e715207` ##### operator-generic `quay.io/cilium/operator-generic:v1.15.4@&#8203;sha256:404890a83cca3f28829eb7e54c1564bb6904708cdb7be04ebe69c2b60f164e9a` `quay.io/cilium/operator-generic:stable@sha256:404890a83cca3f28829eb7e54c1564bb6904708cdb7be04ebe69c2b60f164e9a` ##### operator `quay.io/cilium/operator:v1.15.4@&#8203;sha256:4e42b867d816808f10b38f555d6ae50065ebdc6ddc4549635f2fe50ed6dc8d7f` `quay.io/cilium/operator:stable@sha256:4e42b867d816808f10b38f555d6ae50065ebdc6ddc4549635f2fe50ed6dc8d7f` </details> <details> <summary>metallb/metallb (metallb)</summary> ### [`v0.14.5`](https://github.com/metallb/metallb/releases/tag/v0.14.5) [Compare Source](https://github.com/metallb/metallb/compare/v0.14.4...v0.14.5) See the release notes for details: https://metallb.universe.tf/release-notes/#version-0-14-5 </details> --- ### Configuration 📅 **Schedule**: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 👻 **Immortal**: This PR will be recreated if closed unmerged. Get [config help](https://github.com/renovatebot/renovate/discussions) if that's undesired. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Renovate Bot](https://github.com/renovatebot/renovate). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzNy4yNjcuMSIsInVwZGF0ZWRJblZlciI6IjM3LjMyMS4xIiwidGFyZ2V0QnJhbmNoIjoibWFzdGVyIn0=-->
renovate added the
renovate
 label 2024-04-12 03:07:26 +00:00
renovate force-pushed renovate/kubezero-network-kubezero-network-dependencies from 96828d0d8e to 64d098cf09 2024-04-20 03:08:06 +00:00 Compare
renovate changed title from chore(deps): update helm release cilium to v1.15.4 to chore(deps): update kubezero-network-dependencies 2024-04-20 03:08:10 +00:00
renovate force-pushed renovate/kubezero-network-kubezero-network-dependencies from 64d098cf09 to 4ce1167282 2024-05-17 11:10:38 +00:00 Compare
stefan merged commit c28148c615 into master 2024-05-23 17:42:30 +00:00
stefan deleted branch renovate/kubezero-network-kubezero-network-dependencies 2024-05-23 17:42:32 +00:00
Sign in to join this conversation.
Reviewers
No reviewers
Labels
Clear labels
  
renovate

Dependency via Renovate

No Label
renovate
Milestone
Clear milestone
No items
No Milestone
Assignees
Clear assignees
No Assignees
1 Participants
Notifications
Due Date
The due date is invalid or out of range. Please use the format 'yyyy-mm-dd'.

No due date set.

Dependencies

No dependencies set.

Reference: ZeroDownTime/kubezero#193
No description provided.
Delete Branch "renovate/kubezero-network-kubezero-network-dependencies"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?