Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package kubeone for openSUSE:Factory checked in at 2025-09-18 21:11:07 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/kubeone (Old) and /work/SRC/openSUSE:Factory/.kubeone.new.27445 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "kubeone" Thu Sep 18 21:11:07 2025 rev:9 rq:1305684 version:1.11.2 Changes: -------- --- /work/SRC/openSUSE:Factory/kubeone/kubeone.changes 2025-07-25 17:06:18.135721844 +0200 +++ /work/SRC/openSUSE:Factory/.kubeone.new.27445/kubeone.changes 2025-09-18 21:11:59.382755159 +0200 @@ -1,0 +2,15 @@ +Thu Sep 18 06:58:52 UTC 2025 - Johannes Kastl <[email protected]> + +- Update to version 1.11.2: + * Bug or Regression + - Default canal_iface_regex only for hetzner (#3798, + @kubermatic-bot) + - Fix Nutanix credentials (#3788, @kubermatic-bot) + - Fixes the Hubbele Relay Connection Issues with the Cilium + Agent, SSL Connection is fixed by mounting the Server + Certificates in the Cilium Agent Container (#3803, + @kubermatic-bot) + - Make it possible to configure FLANNELD_IFACE (#3792, + @kubermatic-bot) + +------------------------------------------------------------------- Old: ---- kubeone-1.11.1.obscpio New: ---- kubeone-1.11.2.obscpio ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ kubeone.spec ++++++ --- /var/tmp/diff_new_pack.E4XjRu/_old 2025-09-18 21:12:01.266834357 +0200 +++ /var/tmp/diff_new_pack.E4XjRu/_new 2025-09-18 21:12:01.286835199 +0200 @@ -1,7 +1,7 @@ # # spec file for package kubeone # -# Copyright (c) 2025 SUSE LLC +# Copyright (c) 2025 SUSE LLC and contributors # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -21,7 +21,7 @@ %define KUBERNETES_STABLE_VERSION v1.31.3 Name: kubeone -Version: 1.11.1 +Version: 1.11.2 Release: 0 Summary: CLI for the kubeone cluster automation License: Apache-2.0 ++++++ _service ++++++ --- /var/tmp/diff_new_pack.E4XjRu/_old 2025-09-18 21:12:01.550846296 +0200 +++ /var/tmp/diff_new_pack.E4XjRu/_new 2025-09-18 21:12:01.590847978 +0200 @@ -3,7 +3,7 @@ <param name="url">https://github.com/kubermatic/kubeone</param> <param name="scm">git</param> <param name="exclude">.git</param> - <param name="revision">v1.11.1</param> + <param name="revision">v1.11.2</param> <param name="versionformat">@PARENT_TAG@</param> <param name="versionrewrite-pattern">v(.*)</param> <param name="changesgenerate">enable</param> ++++++ _servicedata ++++++ --- /var/tmp/diff_new_pack.E4XjRu/_old 2025-09-18 21:12:01.762855208 +0200 +++ /var/tmp/diff_new_pack.E4XjRu/_new 2025-09-18 21:12:01.802856889 +0200 @@ -1,6 +1,6 @@ <servicedata> <service name="tar_scm"> <param name="url">https://github.com/kubermatic/kubeone</param> - <param name="changesrevision">60c40fcd13fb4cc5733da270ffc4ded396e5d838</param></service></servicedata> + <param name="changesrevision">336b87140fc49856079d22a1788cf8c796298233</param></service></servicedata> (No newline at EOF) ++++++ kubeone-1.11.1.obscpio -> kubeone-1.11.2.obscpio ++++++ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/kubeone-1.11.1/CHANGELOG/CHANGELOG-1.11.md new/kubeone-1.11.2/CHANGELOG/CHANGELOG-1.11.md --- old/kubeone-1.11.1/CHANGELOG/CHANGELOG-1.11.md 2025-07-24 15:10:34.000000000 +0200 +++ new/kubeone-1.11.2/CHANGELOG/CHANGELOG-1.11.md 2025-09-04 13:05:31.000000000 +0200 @@ -1,3 +1,16 @@ +# [v1.11.2](https://github.com/kubermatic/kubeone/releases/tag/v1.11.2) - 2025-09-04 + +## Changelog since v1.11.1 + +## Changes by Kind + +### Bug or Regression + +- Default canal_iface_regex only for hetzner ([#3798](https://github.com/kubermatic/kubeone/pull/3798), [@kubermatic-bot](https://github.com/kubermatic-bot)) +- Fix Nutanix credentials ([#3788](https://github.com/kubermatic/kubeone/pull/3788), [@kubermatic-bot](https://github.com/kubermatic-bot)) +- Fixes the Hubbele Relay Connection Issues with the Cilium Agent, SSL Connection is fixed by mounting the Server Certificates in the Cilium Agent Container ([#3803](https://github.com/kubermatic/kubeone/pull/3803), [@kubermatic-bot](https://github.com/kubermatic-bot)) +- Make it possible to configure FLANNELD_IFACE ([#3792](https://github.com/kubermatic/kubeone/pull/3792), [@kubermatic-bot](https://github.com/kubermatic-bot)) + # [v1.11.1](https://github.com/kubermatic/kubeone/releases/tag/v1.11.1) - 2025-07-24 ## Changelog since v1.11.0 diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/kubeone-1.11.1/addons/ccm-nutanix/nutanix-config.yaml new/kubeone-1.11.2/addons/ccm-nutanix/nutanix-config.yaml --- old/kubeone-1.11.1/addons/ccm-nutanix/nutanix-config.yaml 2025-07-24 15:10:34.000000000 +0200 +++ new/kubeone-1.11.2/addons/ccm-nutanix/nutanix-config.yaml 2025-09-04 13:05:31.000000000 +0200 @@ -8,9 +8,9 @@ nutanix_config.json: |- { "prismCentral": { - "address": "{{ .Credentials.NUTANIX_PE_ENDPOINT }}", + "address": "{{ .Credentials.NUTANIX_ENDPOINT }}", "port": {{ .Credentials.NUTANIX_PORT }}, - "insecure": false, + "insecure": {{ if .Credentials.NUTANIX_INSECURE }}true{{ else }}false{{ end }}, "credentialRef": { "kind": "secret", "name": "nutanix-creds", @@ -51,8 +51,8 @@ "type": "basic_auth", "data": { "prismCentral": { - "username": "{{ .Credentials.NUTANIX_PE_USERNAME }}", - "password": "{{ .Credentials.NUTANIX_PE_PASSWORD }}" + "username": "{{ .Credentials.NUTANIX_USERNAME }}", + "password": "{{ .Credentials.NUTANIX_PASSWORD }}" }, "prismElements": null } diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/kubeone-1.11.1/addons/cni-canal/Kustomization new/kubeone-1.11.2/addons/cni-canal/Kustomization --- old/kubeone-1.11.1/addons/cni-canal/Kustomization 2025-07-24 15:10:34.000000000 +0200 +++ new/kubeone-1.11.2/addons/cni-canal/Kustomization 2025-09-04 13:05:31.000000000 +0200 @@ -91,7 +91,10 @@ key: canal_iface_regex name: canal-config - name: FLANNELD_IFACE - $patch: delete + valueFrom: + configMapKeyRef: + key: canal_iface + name: canal-config initContainers: - name: install-cni image: '{{ .InternalImages.Get "CalicoCNI" }}' diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/kubeone-1.11.1/addons/cni-canal/canal.yaml new/kubeone-1.11.2/addons/cni-canal/canal.yaml --- old/kubeone-1.11.1/addons/cni-canal/canal.yaml 2025-07-24 15:10:34.000000000 +0200 +++ new/kubeone-1.11.2/addons/cni-canal/canal.yaml 2025-09-04 13:05:31.000000000 +0200 @@ -9238,6 +9238,11 @@ configMapKeyRef: key: canal_iface_regex name: canal-config + - name: FLANNELD_IFACE + valueFrom: + configMapKeyRef: + key: canal_iface + name: canal-config - name: POD_NAME valueFrom: fieldRef: diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/kubeone-1.11.1/addons/cni-cilium/Kustomization new/kubeone-1.11.2/addons/cni-cilium/Kustomization --- old/kubeone-1.11.1/addons/cni-cilium/Kustomization 2025-07-24 15:10:34.000000000 +0200 +++ new/kubeone-1.11.2/addons/cni-cilium/Kustomization 2025-09-04 13:05:31.000000000 +0200 @@ -3,12 +3,12 @@ namespace: kube-system helmCharts: -- name: cilium - repo: https://helm.cilium.io/ - version: 1.17.3 - releaseName: cilium - namespace: kube-system - valuesFile: helm-values + - name: cilium + repo: https://helm.cilium.io/ + version: 1.17.3 + releaseName: cilium + namespace: kube-system + valuesFile: helm-values patches: - patch: |- @@ -55,6 +55,10 @@ name: cilium-config key: KUBERNETES_SERVICE_PORT optional: true + volumeMounts: + - name: hubble-tls + mountPath: /var/lib/cilium/tls/hubble + readOnly: true initContainers: - name: config image: '{{ .InternalImages.Get "Cilium" }}' @@ -94,6 +98,21 @@ optional: true - name: install-cni-binaries image: '{{ .InternalImages.Get "Cilium" }}' + volumes: + - name: hubble-tls + projected: + defaultMode: 256 + sources: + - secret: + name: hubble-server-certs + optional: true + items: + - key: tls.crt + path: server.crt + - key: tls.key + path: server.key + - key: ca.crt + path: client-ca.crt - patch: |- apiVersion: apps/v1 kind: Deployment diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/kubeone-1.11.1/addons/cni-cilium/cilium.yaml new/kubeone-1.11.2/addons/cni-cilium/cilium.yaml --- old/kubeone-1.11.1/addons/cni-cilium/cilium.yaml 2025-07-24 15:10:34.000000000 +0200 +++ new/kubeone-1.11.2/addons/cni-cilium/cilium.yaml 2025-09-04 13:05:31.000000000 +0200 @@ -1198,6 +1198,9 @@ successThreshold: 1 terminationMessagePolicy: FallbackToLogsOnError volumeMounts: + - mountPath: /var/lib/cilium/tls/hubble + name: hubble-tls + readOnly: true - mountPath: /var/run/cilium/envoy/sockets name: envoy-sockets readOnly: false @@ -1429,6 +1432,20 @@ tolerations: - operator: Exists volumes: + - name: hubble-tls + projected: + defaultMode: 256 + sources: + - secret: + items: + - key: tls.crt + path: server.crt + - key: tls.key + path: server.key + - key: ca.crt + path: client-ca.crt + name: hubble-server-certs + optional: true - emptyDir: {} name: tmp - hostPath: diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/kubeone-1.11.1/addons/csi-nutanix/Kustomization new/kubeone-1.11.2/addons/csi-nutanix/Kustomization --- old/kubeone-1.11.1/addons/csi-nutanix/Kustomization 2025-07-24 15:10:34.000000000 +0200 +++ new/kubeone-1.11.2/addons/csi-nutanix/Kustomization 2025-09-04 13:05:31.000000000 +0200 @@ -18,7 +18,7 @@ - op: replace path: /data/key value: | - {{ printf "%s:%s:%s:%s" .Credentials.NUTANIX_PE_ENDPOINT .Credentials.NUTANIX_PORT .Credentials.NUTANIX_PE_USERNAME .Credentials.NUTANIX_PE_PASSWORD | b64enc }} + {{ printf "%s:%s:%s:%s" .Credentials.NUTANIX_ENDPOINT .Credentials.NUTANIX_PORT .Credentials.NUTANIX_USERNAME .Credentials.NUTANIX_PASSWORD | b64enc }} - patch: |- apiVersion: apps/v1 diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/kubeone-1.11.1/addons/csi-nutanix/generate-values-csi-storage new/kubeone-1.11.2/addons/csi-nutanix/generate-values-csi-storage --- old/kubeone-1.11.1/addons/csi-nutanix/generate-values-csi-storage 2025-07-24 15:10:34.000000000 +0200 +++ new/kubeone-1.11.2/addons/csi-nutanix/generate-values-csi-storage 2025-09-04 13:05:31.000000000 +0200 @@ -7,9 +7,9 @@ effect: "NoSchedule" # Prism Element endpoint and credentials -prismEndPoint: ".Credentials.NUTANIX_PE_ENDPOINT" -username: ".Credentials.NUTANIX_PE_USERNAME" -password: ".Credentials.NUTANIX_PE_PASSWORD" +prismEndPoint: ".Credentials.NUTANIX_ENDPOINT" +username: ".Credentials.NUTANIX_USERNAME" +password: ".Credentials.NUTANIX_PASSWORD" controller: nodeSelector: diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/kubeone-1.11.1/addons/csi-nutanix/nutanix-csi-storage.yaml new/kubeone-1.11.2/addons/csi-nutanix/nutanix-csi-storage.yaml --- old/kubeone-1.11.1/addons/csi-nutanix/nutanix-csi-storage.yaml 2025-07-24 15:10:34.000000000 +0200 +++ new/kubeone-1.11.2/addons/csi-nutanix/nutanix-csi-storage.yaml 2025-09-04 13:05:31.000000000 +0200 @@ -214,7 +214,7 @@ --- apiVersion: v1 data: - key: '{{ printf "%s:%s:%s:%s" .Credentials.NUTANIX_PE_ENDPOINT .Credentials.NUTANIX_PORT .Credentials.NUTANIX_PE_USERNAME .Credentials.NUTANIX_PE_PASSWORD | b64enc }}' + key: '{{ printf "%s:%s:%s:%s" .Credentials.NUTANIX_ENDPOINT .Credentials.NUTANIX_PORT .Credentials.NUTANIX_USERNAME .Credentials.NUTANIX_PASSWORD | b64enc }}' kind: Secret metadata: name: ntnx-secret diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/kubeone-1.11.1/examples/terraform/hetzner/README.md new/kubeone-1.11.2/examples/terraform/hetzner/README.md --- old/kubeone-1.11.1/examples/terraform/hetzner/README.md 2025-07-24 15:10:34.000000000 +0200 +++ new/kubeone-1.11.2/examples/terraform/hetzner/README.md 2025-09-04 13:05:31.000000000 +0200 @@ -12,13 +12,13 @@ | Name | Version | |------|---------| | <a name="requirement_terraform"></a> [terraform](#requirement\_terraform) | >= 1.0.0 | -| <a name="requirement_hcloud"></a> [hcloud](#requirement\_hcloud) | ~> 1.31.0 | +| <a name="requirement_hcloud"></a> [hcloud](#requirement\_hcloud) | ~> 1.52 | ## Providers | Name | Version | |------|---------| -| <a name="provider_hcloud"></a> [hcloud](#provider\_hcloud) | ~> 1.31.0 | +| <a name="provider_hcloud"></a> [hcloud](#provider\_hcloud) | ~> 1.52 | | <a name="provider_random"></a> [random](#provider\_random) | n/a | ## Modules diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/kubeone-1.11.1/examples/terraform/hetzner/versions.tf new/kubeone-1.11.2/examples/terraform/hetzner/versions.tf --- old/kubeone-1.11.1/examples/terraform/hetzner/versions.tf 2025-07-24 15:10:34.000000000 +0200 +++ new/kubeone-1.11.2/examples/terraform/hetzner/versions.tf 2025-09-04 13:05:31.000000000 +0200 @@ -3,7 +3,7 @@ required_providers { hcloud = { source = "hetznercloud/hcloud" - version = "~> 1.31.0" + version = "~> 1.52" } } } diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/kubeone-1.11.1/pkg/addons/manifest.go new/kubeone-1.11.2/pkg/addons/manifest.go --- old/kubeone-1.11.1/pkg/addons/manifest.go 2025-07-24 15:10:34.000000000 +0200 +++ new/kubeone-1.11.2/pkg/addons/manifest.go 2025-09-04 13:05:31.000000000 +0200 @@ -23,6 +23,7 @@ "fmt" "io" "io/fs" + "maps" "os" "path/filepath" "strings" @@ -184,9 +185,7 @@ res = strings.ReplaceAll(res, "}}", "}}^") manifestBytes = []byte(res) } - - var manifest *bytes.Buffer - manifest = bytes.NewBuffer(manifestBytes) + manifest := bytes.NewBuffer(manifestBytes) if !disableTemplating { overwriteRegistry := k1cluster.RegistryConfiguration.ImageRegistry("") @@ -205,17 +204,14 @@ // Make a copy and merge Params tplDataParams := map[string]string{} - for k, v := range a.TemplateData.Params { - tplDataParams[k] = v - } - for k, v := range addonParams { - tplDataParams[k] = v - } + maps.Copy(tplDataParams, a.TemplateData.Params) + maps.Copy(tplDataParams, addonParams) + + defaultAddonParams(k1cluster, addonName, tplDataParams) // Resolve environment variables in Params for k, v := range tplDataParams { - if strings.HasPrefix(v, ParamsEnvPrefix) { - envName := strings.TrimPrefix(v, ParamsEnvPrefix) + if envName, ok := strings.CutPrefix(v, ParamsEnvPrefix); ok { if env, ok := os.LookupEnv(envName); ok { tplDataParams[k] = env } else { @@ -274,6 +270,23 @@ return manifests, nil } +func defaultAddonParams(k1cluster *kubeoneapi.KubeOneCluster, addonName string, tplDataParams map[string]string) { + if addonName == resources.AddonCNICanal { + if k1cluster.CloudProvider.Hetzner != nil { + // Customize cni-canal addon on hetzner + defaultIfaceParam(tplDataParams, "^en") + } + } +} + +func defaultIfaceParam(tplDataParams map[string]string, reg string) { + _, iface := tplDataParams["IFACE"] + _, ifaceregex := tplDataParams["IFACE_REGEX"] + if !iface && !ifaceregex { + tplDataParams["IFACE_REGEX"] = reg + } +} + // ensureAddonsLabelsOnResources applies the addons label on all resources in the manifest func ensureAddonsLabelsOnResources(manifests []runtime.RawExtension, addonName string) ([]*bytes.Buffer, error) { var rawManifests []*bytes.Buffer diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/kubeone-1.11.1/pkg/credentials/credentials.go new/kubeone-1.11.2/pkg/credentials/credentials.go --- old/kubeone-1.11.1/pkg/credentials/credentials.go 2025-07-24 15:10:34.000000000 +0200 +++ new/kubeone-1.11.2/pkg/credentials/credentials.go 2025-09-04 13:05:31.000000000 +0200 @@ -59,9 +59,6 @@ NutanixInsecure = "NUTANIX_INSECURE" NutanixProxyURL = "NUTANIX_PROXY_URL" NutanixClusterName = "NUTANIX_CLUSTER_NAME" - NutanixPEEndpoint = "NUTANIX_PE_ENDPOINT" - NutanixPEUsername = "NUTANIX_PE_USERNAME" - NutanixPEPassword = "NUTANIX_PE_PASSWORD" //nolint:gosec OpenStackAuthURL = "OS_AUTH_URL" OpenStackDomainName = "OS_DOMAIN_NAME" OpenStackPassword = "OS_PASSWORD" @@ -118,9 +115,6 @@ NutanixInsecure, NutanixProxyURL, NutanixClusterName, - NutanixPEEndpoint, - NutanixPEUsername, - NutanixPEPassword, OpenStackAuthURL, OpenStackDomainName, OpenStackPassword, @@ -231,9 +225,6 @@ {Name: NutanixInsecure}, {Name: NutanixProxyURL}, {Name: NutanixClusterName}, - {Name: NutanixPEEndpoint}, - {Name: NutanixPEUsername}, - {Name: NutanixPEPassword}, }, nutanixValidationFunc) case cloudProvider.Openstack != nil: return credentialsFinder.parseCredentialVariables([]ProviderEnvironmentVariable{ @@ -496,9 +487,6 @@ NutanixPort, NutanixUsername, NutanixPassword, - NutanixPEEndpoint, - NutanixPEUsername, - NutanixPEPassword, } for _, key := range alwaysRequired { ++++++ kubeone.obsinfo ++++++ --- /var/tmp/diff_new_pack.E4XjRu/_old 2025-09-18 21:12:03.102911538 +0200 +++ /var/tmp/diff_new_pack.E4XjRu/_new 2025-09-18 21:12:03.130912715 +0200 @@ -1,5 +1,5 @@ name: kubeone -version: 1.11.1 -mtime: 1753362634 -commit: 60c40fcd13fb4cc5733da270ffc4ded396e5d838 +version: 1.11.2 +mtime: 1756983931 +commit: 336b87140fc49856079d22a1788cf8c796298233 ++++++ vendor.tar.gz ++++++ /work/SRC/openSUSE:Factory/kubeone/vendor.tar.gz /work/SRC/openSUSE:Factory/.kubeone.new.27445/vendor.tar.gz differ: char 15, line 1
