Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Bump sigs.k8s.io/kind from 0.20.0 to 0.21.0 #56

Merged
merged 2 commits into from
Feb 12, 2024
Merged

Bump sigs.k8s.io/kind from 0.20.0 to 0.21.0 #56

merged 2 commits into from
Feb 12, 2024

Conversation

dependabot[bot]
Copy link

@dependabot dependabot bot commented on behalf of github Feb 5, 2024

Bumps sigs.k8s.io/kind from 0.20.0 to 0.21.0.

Release notes

Sourced from sigs.k8s.io/kind's releases.

v0.21.0

This release patches the recent runc CVEs, as well as an issue with kind build node-image and docker v25.0.0+

  • The default node image is a Kubernetes v1.29.1 image: kindest/node:v1.29.1@sha256:a0cc28af37cf39b019e2b448c54d1a3f789de32536cb5a5db61a49623e527144

If you haven't already, please see also v0.20.0 release notes which had important announcements that still apply going forward.

  • Upgraded go to 1.20.13
  • Upgraded crictl to 1.28
  • Upgraded containerd fuse overlayfs to 1.0.6
  • Began marking some core images pinned in containerd, which may eventually make enabling imageGC safer
  • kindnetd will ignore nodes with empty podCIDR, enabling some niche use-cases

Images pre-built for this release:

  • v1.29.1: kindest/node:v1.29.1@sha256:a0cc28af37cf39b019e2b448c54d1a3f789de32536cb5a5db61a49623e527144
  • v1.28.6: kindest/node:v1.28.6@sha256:b7e1cf6b2b729f604133c667a6be8aab6f4dde5bb042c1891ae248d9154f665b
  • v1.27.10: kindest/node:v1.27.10@sha256:3700c811144e24a6c6181065265f69b9bf0b437c45741017182d7c82b908918f
  • v1.26.13: kindest/node:v1.26.13@sha256:15ae92d507b7d4aec6e8920d358fc63d3b980493db191d7327541fbaaed1f789
  • v1.25.16: kindest/node:v1.25.16@sha256:9d0a62b55d4fe1e262953be8d406689b947668626a357b5f9d0cfbddbebbc727
  • v1.24.17: kindest/node:v1.24.17@sha256:ea292d57ec5dd0e2f3f5a2d77efa246ac883c051ff80e887109fabefbd3125c7
  • v1.23.17: kindest/node:v1.23.17@sha256:fbb92ac580fce498473762419df27fa8664dbaa1c5a361b5957e123b4035bdcf

NOTE: You must use the @sha256 digest to guarantee an image built for this release, until such a time as we switch to a different tagging scheme. Even then we will highly encourage digest pinning for security and reproducibility reasons.

See also:

NOTE: These node images support amd64 and arm64, both of our supported platforms. You must use the same platform as your host, for more context see kubernetes-sigs/kind#2718

  • Updated runc to v1.1.12, containerd to v1.7.13 including the fix for GHSA-xr7r-f8xq-vfvv
  • Fixed kind build node-image with docker v25.0.0+
    • NOTE: kind load docker-image is still broken with Docker v25.0.0 due to a docker bug, which has a fix merged that should be included in Docker v25.0.1+
  • Assorted docs fixes

Thank you to everyone who contributed to this release! ❤️

Users whose commits are in this release (alphabetically by user name)

... (truncated)

Commits

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

@dependabot
Bump sigs.k8s.io/kind from 0.20.0 to 0.21.0
e7a992d 
Bumps [sigs.k8s.io/kind](https://github.com/kubernetes-sigs/kind) from 0.20.0 to 0.21.0.
- [Release notes](https://github.com/kubernetes-sigs/kind/releases)
- [Commits](kubernetes-sigs/kind@v0.20.0...v0.21.0)

---
updated-dependencies:
- dependency-name: sigs.k8s.io/kind
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot added the dependencies Pull requests that update a dependency file label Feb 5, 2024
@github-actions GitHub Actions
Copy link

github-actions bot commented Feb 5, 2024

👋 Thank you for the PR! A maintainer will have to add the ok-to-test label to run tests before this can get merged.

@tehcyx tehcyx self-assigned this Feb 12, 2024
@tehcyx tehcyx merged commit 95b3fe6 into master Feb 12, 2024
1 check passed
@dependabot dependabot bot deleted the dependabot/go_modules/sigs.k8s.io/kind-0.21.0 branch February 12, 2024 20:03
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees

@tehcyx tehcyx

Labels
dependencies Pull requests that update a dependency file ok-to-test
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@tehcyx