commit kubernetes1.23 for openSUSE:Factory
Script 'mail_helper' called by obssrc
Hello community,
here is the log from the commit of package kubernetes1.23 for openSUSE:Factory
checked in at 2024-02-26 19:45:56
Comparing /work/SRC/openSUSE:Factory/kubernetes1.23 (Old)
and /work/SRC/openSUSE:Factory/.kubernetes1.23.new.1770 (New)
Package is "kubernetes1.23"
Mon Feb 26 19:45:56 2024 rev:12 rq:1151204 version:1.23.17
Changes:
--- /work/SRC/openSUSE:Factory/kubernetes1.23/kubernetes1.23.changes
2024-01-23 22:57:30.399403994 +0100
+++ /work/SRC/openSUSE:Factory/.kubernetes1.23.new.1770/kubernetes1.23.changes
2024-02-26 19:46:49.809030683 +0100
@@ -1,0 +2,11 @@
+Mon Feb 26 11:07:39 UTC 2024 - Priyanka Saggu
+
+- add new patch to advance autoscaling v2 as the preferred API version, to fix
bsc#1219964, CVE-2024-0793
+ * autoscaling-advance-v2-as-the-preferred-API-version.patch
+
+---
+Thu Feb 22 12:45:41 UTC 2024 - Dominique Leuenberger
+
+- Use %patch -P N instead of deprecated %patchN.
+
+---
New:
autoscaling-advance-v2-as-the-preferred-API-version.patch
BETA DEBUG BEGIN:
New:- add new patch to advance autoscaling v2 as the preferred API version,
to fix bsc#1219964, CVE-2024-0793
* autoscaling-advance-v2-as-the-preferred-API-version.patch
BETA DEBUG END:
Other differences:
--
++ kubernetes1.23.spec ++
--- /var/tmp/diff_new_pack.bh5S0d/_old 2024-02-26 19:46:51.077076525 +0100
+++ /var/tmp/diff_new_pack.bh5S0d/_new 2024-02-26 19:46:51.081076669 +0100
@@ -1,7 +1,7 @@
#
# spec file
#
-# Copyright (c) 2023 SUSE LLC
+# Copyright (c) 2024 SUSE LLC
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
@@ -54,6 +54,8 @@
# Patch to fix CVE-2023-2431, to return error when a Pod or Container's
SecurityContext has a localhost seccomp type but an empty localhostProfile
field.
Patch7: fix-seccomp-localhost-error-handling.patch
Patch8: kubernetes-sort-custom-column-print-flags.patch
+# Patch to advance autoscaling v2 as the preferred API version, to fix
bsc#1219964, CVE-2024-0793
+Patch9: autoscaling-advance-v2-as-the-preferred-API-version.patch
BuildRequires: fdupes
BuildRequires: git
BuildRequires: go-go-md2man
@@ -78,7 +80,9 @@
+
# packages to build containerized control plane
+
%package apiserver
Summary:Kubernetes apiserver for container image
Group: System/Management
@@ -218,13 +222,14 @@
%prep
%setup -q -n kubernetes-%{version}
-%patch2 -p1
-%patch3 -p1
-%patch4 -p0
-%patch5 -p1
-%patch6 -p1
-%patch7 -p1
-%patch8 -p1
+%patch -P 2 -p1
+%patch -P 3 -p1
+%patch -P 4 -p0
+%patch -P 5 -p1
+%patch -P 6 -p1
+%patch -P 7 -p1
+%patch -P 8 -p1
+%patch -P 9 -p1
%build
# This is fixing bug bsc#1065972
++ autoscaling-advance-v2-as-the-preferred-API-version.patch ++
>From 40a6d6306a2c6c202ab33c3d90178ce19fabf7cf Mon Sep 17 00:00:00 2001
From: SataQiu
Date: Sun, 11 Dec 2022 13:09:39 +0800
Subject: [PATCH] autoscaling: advance v2 as the preferred API version over v1
---
pkg/apis/autoscaling/install/install.go | 3 +--
pkg/controlplane/storageversionhashdata/data.go | 4 ++--
test/integration/etcd/data.go | 6 +++---
3 files changed, 6 insertions(+), 7 deletions(-)
Index: kubernetes-1.23.17/pkg/apis/autoscaling/install/install.go
===
--- kubernetes-1.23.17.orig/pkg/apis/autoscaling/install/install.go
+++ kubernetes-1.23.17/pkg/apis/autoscaling/install/install.go
@@ -40,6 +40,5 @@ func Install(scheme *runtime.Scheme) {
utilruntime.Must(v2.AddToScheme(scheme))
utilruntime.Must(v2beta1.AddToScheme(scheme))
utilruntime.Must(v1.AddToScheme(scheme))
- // TODO: move v2 to the front of the list in 1.24
- utilruntime.Must(scheme.SetVersionPriority(v1.SchemeGroupVersion,
v2.SchemeGroupVersion, v2beta1.SchemeGroupVersion, v2beta2.SchemeGroupVersion))
+ utilruntime.Must(scheme.SetVersionPriority(v2.SchemeGroupVersion,
v1.SchemeGroupVersion, v2beta1.SchemeGroupVersion, v2beta2.SchemeGroupVersion))
}
Index: kubernetes-1.23.17/pkg/controlplane/storageversionhashdata/data.go
===
--- kubernetes-1.23.17.orig/pkg/controlplane/storageversionhashdata/data.go
+++ kubernetes-1.23.17/pkg/controlplane/storageversionhashdata/data.go
@@ -51,10 +51,10 @@ var GVRToStorageVersionHash = map[string
"v1/secrets":"S6u1pOWzb84=",
"v1/serviceaccounts":"pbx9ZvyFpBE=",
commit kubernetes1.23 for openSUSE:Factory
Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package kubernetes1.23 for openSUSE:Factory checked in at 2023-06-21 22:38:44 Comparing /work/SRC/openSUSE:Factory/kubernetes1.23 (Old) and /work/SRC/openSUSE:Factory/.kubernetes1.23.new.15902 (New) Package is "kubernetes1.23" Wed Jun 21 22:38:44 2023 rev:10 rq:1093983 version:1.23.17 Changes: --- /work/SRC/openSUSE:Factory/kubernetes1.23/kubernetes1.23.changes 2023-06-16 16:55:34.113963835 +0200 +++ /work/SRC/openSUSE:Factory/.kubernetes1.23.new.15902/kubernetes1.23.changes 2023-06-21 22:39:33.710263801 +0200 @@ -1,0 +2,7 @@ +Tue Jun 20 12:56:47 UTC 2023 - Priyanka Saggu + +- Security Patch Fix for CVE-2023-2431 (bsc#1212493) + * added patch: fix-seccomp-localhost-error-handling.patch + * this new kubelet component patch returns an error when a Pod or Container's SecurityContext has a localhost seccomp type but an empty localhostProfile field. + +--- New: fix-seccomp-localhost-error-handling.patch Other differences: -- ++ kubernetes1.23.spec ++ --- /var/tmp/diff_new_pack.EXXRyQ/_old 2023-06-21 22:39:34.410268014 +0200 +++ /var/tmp/diff_new_pack.EXXRyQ/_new 2023-06-21 22:39:34.418268062 +0200 @@ -51,6 +51,8 @@ Patch5: revert-coredns-image-renaming.patch # Patch to fix CVE-2023-2727 and CVE-2023-2728, by preventing ephemeral containers from using an image that is restricted by ImagePolicyWebhook and from bypassing the mountable secrets policy enforced by the ServiceAccount admission plugin Patch6: kube-apiserver-admission-plugin-policy.patch +# Patch to fix CVE-2023-2431, to return error when a Pod or Container's SecurityContext has a localhost seccomp type but an empty localhostProfile field. +Patch7: fix-seccomp-localhost-error-handling.patch BuildRequires: fdupes BuildRequires: git BuildRequires: go-go-md2man @@ -74,6 +76,7 @@ + # packages to build containerized control plane %package apiserver Summary:Kubernetes apiserver for container image @@ -219,6 +222,7 @@ %patch4 -p0 %patch5 -p1 %patch6 -p1 +%patch7 -p1 %build # This is fixing bug bsc#1065972 ++ fix-seccomp-localhost-error-handling.patch ++ 860 lines (skipped)
commit kubernetes1.23 for openSUSE:Factory
Script 'mail_helper' called by obssrc
Hello community,
here is the log from the commit of package kubernetes1.23 for openSUSE:Factory
checked in at 2023-06-16 16:54:23
Comparing /work/SRC/openSUSE:Factory/kubernetes1.23 (Old)
and /work/SRC/openSUSE:Factory/.kubernetes1.23.new.15902 (New)
Package is "kubernetes1.23"
Fri Jun 16 16:54:23 2023 rev:9 rq:1093310 version:1.23.17
Changes:
--- /work/SRC/openSUSE:Factory/kubernetes1.23/kubernetes1.23.changes
2023-04-12 15:34:58.622050699 +0200
+++ /work/SRC/openSUSE:Factory/.kubernetes1.23.new.15902/kubernetes1.23.changes
2023-06-16 16:55:34.113963835 +0200
@@ -1,0 +2,9 @@
+Thu Jun 15 11:36:19 UTC 2023 - Priyanka Saggu
+
+- Security Patch Fix for CVE-2023-2727 (bsc#1211630) and CVE-2023-2728
(bsc#1211631)
+ * added patch: kube-apiserver-admission-plugin-policy.patch
+ * this new kube-apiserver component patch prevents ephemeral containers:
+** from using an image that is restricted by ImagePolicyWebhook
(CVE-2023-2727)
+** from bypassing the mountable secrets policy enforced by the
ServiceAccount admission plugin (CVE-2023-2728)
+
+---
New:
kube-apiserver-admission-plugin-policy.patch
Other differences:
--
++ kubernetes1.23.spec ++
--- /var/tmp/diff_new_pack.1nqTES/_old 2023-06-16 16:55:34.829968058 +0200
+++ /var/tmp/diff_new_pack.1nqTES/_new 2023-06-16 16:55:34.833968082 +0200
@@ -49,6 +49,8 @@
Patch4: kubeadm-opensuse-flexvolume.patch
# Patch to revert renaming of coredns image location to match how it's done on
download.opensuse.org
Patch5: revert-coredns-image-renaming.patch
+# Patch to fix CVE-2023-2727 and CVE-2023-2728, by preventing ephemeral
containers from using an image that is restricted by ImagePolicyWebhook and
from bypassing the mountable secrets policy enforced by the ServiceAccount
admission plugin
+Patch6: kube-apiserver-admission-plugin-policy.patch
BuildRequires: fdupes
BuildRequires: git
BuildRequires: go-go-md2man
@@ -71,8 +73,8 @@
-# packages to build containerized control plane
+# packages to build containerized control plane
%package apiserver
Summary:Kubernetes apiserver for container image
Group: System/Management
@@ -216,6 +218,7 @@
%patch3 -p1
%patch4 -p0
%patch5 -p1
+%patch6 -p1
%build
# This is fixing bug bsc#1065972
++ kube-apiserver-admission-plugin-policy.patch ++
>From 64f3b999c3e488ebc73c2d9a628b73ec092a0caf Mon Sep 17 00:00:00 2001
From: Rita Zhang
Date: Sun, 21 May 2023 16:21:08 -0700
Subject: [PATCH] Add ephemeralcontainer to imagepolicy securityaccount
admission plugin
Signed-off-by: Rita Zhang
---
plugin/pkg/admission/imagepolicy/admission.go | 26 ++--
.../admission/imagepolicy/admission_test.go | 135 +-
.../pkg/admission/serviceaccount/admission.go | 55 ++-
.../serviceaccount/admission_test.go | 93 +++-
4 files changed, 290 insertions(+), 19 deletions(-)
Index: kubernetes-1.23.17/plugin/pkg/admission/imagepolicy/admission.go
===
--- kubernetes-1.23.17.orig/plugin/pkg/admission/imagepolicy/admission.go
+++ kubernetes-1.23.17/plugin/pkg/admission/imagepolicy/admission.go
@@ -132,8 +132,8 @@ func (a *Plugin) webhookError(pod *api.P
// Validate makes an admission decision based on the request attributes
func (a *Plugin) Validate(ctx context.Context, attributes
admission.Attributes, o admission.ObjectInterfaces) (err error) {
- // Ignore all calls to subresources or resources other than pods.
- if attributes.GetSubresource() != "" ||
attributes.GetResource().GroupResource() != api.Resource("pods") {
+ // Ignore all calls to subresources other than ephemeralcontainers or
calls to resources other than pods.
+ if (attributes.GetSubresource() != "" && attributes.GetSubresource() !=
"ephemeralcontainers") || attributes.GetResource().GroupResource() !=
api.Resource("pods") {
return nil
}
@@ -144,13 +144,21 @@ func (a *Plugin) Validate(ctx context.Co
// Build list of ImageReviewContainerSpec
var imageReviewContainerSpecs []v1alpha1.ImageReviewContainerSpec
- containers := make([]api.Container, 0,
len(pod.Spec.Containers)+len(pod.Spec.InitContainers))
- containers = append(containers, pod.Spec.Containers...)
- containers = append(containers, pod.Spec.InitContainers...)
- for _, c := range containers {
- imageReviewContainerSpecs = append(imageReviewContainerSpecs,
v1alpha1.ImageReviewContainerSpec{
- Image: c.Image,
- })
+ if
commit kubernetes1.23 for openSUSE:Factory
Script 'mail_helper' called by obssrc
Hello community,
here is the log from the commit of package kubernetes1.23 for openSUSE:Factory
checked in at 2023-04-12 15:34:58
Comparing /work/SRC/openSUSE:Factory/kubernetes1.23 (Old)
and /work/SRC/openSUSE:Factory/.kubernetes1.23.new.19717 (New)
Package is "kubernetes1.23"
Wed Apr 12 15:34:58 2023 rev:8 rq:1078721 version:1.23.17
Changes:
--- /work/SRC/openSUSE:Factory/kubernetes1.23/kubernetes1.23.changes
2023-03-30 22:51:13.564561643 +0200
+++ /work/SRC/openSUSE:Factory/.kubernetes1.23.new.19717/kubernetes1.23.changes
2023-04-12 15:34:58.622050699 +0200
@@ -1,0 +2,5 @@
+Wed Apr 12 12:34:43 UTC 2023 - Priyanka Saggu
+
+- add kubernetes1.18-client-common as conflicts with
kubernetes-client-bash-completion
+
+---
Other differences:
--
++ kubernetes1.23.spec ++
--- /var/tmp/diff_new_pack.ftDrXd/_old 2023-04-12 15:34:59.546056061 +0200
+++ /var/tmp/diff_new_pack.ftDrXd/_new 2023-04-12 15:34:59.550056084 +0200
@@ -72,6 +72,7 @@
# packages to build containerized control plane
+
%package apiserver
Summary:Kubernetes apiserver for container image
Group: System/Management
@@ -190,6 +191,7 @@
Obsoletes: kubernetes%{baseversionminus1}-client-bash-completion
Provides: kubernetes-client-bash-completion = %{version}
Conflicts: kubernetes-client-bash-completion
+Conflicts: kubernetes1.18-client-common
%description client-bash-completion
Bash command line completion support for %{name}-client
commit kubernetes1.23 for openSUSE:Factory
Script 'mail_helper' called by obssrc
Hello community,
here is the log from the commit of package kubernetes1.23 for openSUSE:Factory
checked in at 2023-03-30 22:51:10
Comparing /work/SRC/openSUSE:Factory/kubernetes1.23 (Old)
and /work/SRC/openSUSE:Factory/.kubernetes1.23.new.31432 (New)
Package is "kubernetes1.23"
Thu Mar 30 22:51:10 2023 rev:7 rq:1075486 version:1.23.17
Changes:
--- /work/SRC/openSUSE:Factory/kubernetes1.23/kubernetes1.23.changes
2023-03-13 12:41:19.139861470 +0100
+++ /work/SRC/openSUSE:Factory/.kubernetes1.23.new.31432/kubernetes1.23.changes
2023-03-30 22:51:13.564561643 +0200
@@ -1,0 +2,10 @@
+Mon Mar 27 09:24:52 UTC 2023 - Robert Munteanu
+
+- Stronger conflicts for completion packages
+
+---
+Mon Mar 27 08:53:20 UTC 2023 - Robert Munteanu
+
+- Split individual completions into separate packages
+
+---
Other differences:
--
++ kubernetes1.23.spec ++
--- /var/tmp/diff_new_pack.jZLE3J/_old 2023-03-30 22:51:14.860568579 +0200
+++ /var/tmp/diff_new_pack.jZLE3J/_new 2023-03-30 22:51:14.864568600 +0200
@@ -49,7 +49,6 @@
Patch4: kubeadm-opensuse-flexvolume.patch
# Patch to revert renaming of coredns image location to match how it's done on
download.opensuse.org
Patch5: revert-coredns-image-renaming.patch
-BuildRequires: bash-completion
BuildRequires: fdupes
BuildRequires: git
BuildRequires: go-go-md2man
@@ -70,6 +69,8 @@
+
+
# packages to build containerized control plane
%package apiserver
Summary:Kubernetes apiserver for container image
@@ -178,6 +179,35 @@
%description client-common
Kubernetes client tools common files
+%package client-bash-completion
+Summary:Bash Completion for %{name}-client
+Group: System/Shells
+BuildRequires: bash-completion
+Requires: bash-completion
+Requires: kubernetes%{baseversion}-client = %{version}
+Supplements:(kubernetes%{baseversion}-client and bash-completion)
+BuildArch: noarch
+Obsoletes: kubernetes%{baseversionminus1}-client-bash-completion
+Provides: kubernetes-client-bash-completion = %{version}
+Conflicts: kubernetes-client-bash-completion
+
+%description client-bash-completion
+Bash command line completion support for %{name}-client
+
+%package client-fish-completion
+Summary:Fish Completion for %{name}-client
+Group: System/Shells
+BuildRequires: fish
+Requires: kubernetes%{baseversion}-client = %{version}
+Supplements:(kubernetes%{baseversion}-client and fish)
+BuildArch: noarch
+Obsoletes: kubernetes%{baseversionminus1}-client-fish-completion
+Provides: kubernetes-client-fish-completion = %{version}
+Conflicts: kubernetes-client-fish-completion
+
+%description client-fish-completion
+Fish command line completion support for %{name}-client.
+
%prep
%setup -q -n kubernetes-%{version}
%patch2 -p1
@@ -250,6 +280,10 @@
install -d -m 0755 %{buildroot}%{_datadir}/bash-completion/completions/
%{buildroot}%{_bindir}/kubectl%{baseversion} completion bash >
%{buildroot}%{_datadir}/bash-completion/completions/kubectl
+# install the fish completion
+mkdir -p %{buildroot}%{_datadir}/fish/vendor_completions.d
+%{buildroot}%{_bindir}/kubectl%{baseversion} completion fish >
%{buildroot}%{_datadir}/fish/vendor_completions.d/kubectl.fish
+
# move CHANGELOG-%{baseversion}.md to old location
mv CHANGELOG/CHANGELOG-%{baseversion}.md .
@@ -403,6 +437,11 @@
%license LICENSE
%{_mandir}/man1/kubectl.1%{?ext_man}
%{_mandir}/man1/kubectl-*
+
+%files client-bash-completion
%{_datadir}/bash-completion/completions/kubectl
+%files client-fish-completion
+%{_datadir}/fish/vendor_completions.d/kubectl.fish
+
%changelog
commit kubernetes1.23 for openSUSE:Factory
Script 'mail_helper' called by obssrc
Hello community,
here is the log from the commit of package kubernetes1.23 for openSUSE:Factory
checked in at 2023-03-13 12:40:37
Comparing /work/SRC/openSUSE:Factory/kubernetes1.23 (Old)
and /work/SRC/openSUSE:Factory/.kubernetes1.23.new.31432 (New)
Package is "kubernetes1.23"
Mon Mar 13 12:40:37 2023 rev:6 rq:1070750 version:1.23.17
Changes:
--- /work/SRC/openSUSE:Factory/kubernetes1.23/kubernetes1.23.changes
2022-07-21 11:34:03.814987390 +0200
+++ /work/SRC/openSUSE:Factory/.kubernetes1.23.new.31432/kubernetes1.23.changes
2023-03-13 12:41:19.139861470 +0100
@@ -1,0 +2,52 @@
+Thu Mar 2 12:48:04 UTC 2023 - Priyanka Saggu
+
+- update patch files to reflect upstream registry changes from k8s.gcr.io to
registry.k8s.io
+ * kubeadm-opensuse-registry.patch
+ * revert-coredns-image-renaming.patch
+
+---
+Thu Mar 02 12:35:00 UTC 2023 - priyanka.sa...@suse.com
+
+- Update to version 1.23.17:
+ * Release commit for Kubernetes v1.23.17
+ * releng: Update images, dependencies and version to Go 1.19.6
+ * Update golang.org/x/net to v0.7.0
+ * Pin golang.org/x/net to v0.4.0
+ * add scale test for probes
+ * use custom dialer for http probes
+ * use custom dialer for tcp probes
+ * add custom dialer optimized for probes
+ * egress_selector: prevent goroutines leak on connect() step.
+ * tls.Dial() validates hostname, no need to do that manually
+ * Fix issue that Audit Server could not correctly encode DeleteOption
+ * Do not include scheduler name in the preemption event message
+ * Do not leak cross namespace pod metadata in preemption events
+ * pkg/controller/job: re-honor exponential backoff
+ * releng: Update images, dependencies and version to Go 1.19.5
+ * Bump Konnectivity to v0.0.35
+ * Improve vendor verification works for each staging repo
+ * Update to go1.19
+ * Adjust for os/exec changes in 1.19
+ * Update golangci-lint to 1.46.2 and fix errors
+ * Match go1.17 defaults for SHA-1 and GC
+ * update golangci-lint to 1.45.0
+ * kubelet: make the image pull time more accurate in event
+ * change k8s.gcr.io/pause to registry.k8s.io/pause
+ * use etcd 3.5.6-0 after promotion
+ * changelog: CVE-2022-3294 and CVE-2022-3162 were fixed in v1.23.14
+ * Add CVE-2021-25749 to CHANGELOG-1.23.md
+ * Add CVE-2022-3294 to CHANGELOG-1.23.md
+ * kubeadm: use registry.k8s.io instead of k8s.gcr.io
+ * etcd: Updated to v3.5.5
+ * Bump konnectivity network proxy to v0.0.33. Includes a couple bug fixes
for better handling of dial failures. [Agent &
Server](https://github.com/kubernetes-sigs/apiserver-network-proxy/commits/v0.0.33)
include numerous other fixes.
+ * kubeadm: allow RSA and ECDSA format keys in preflight check
+ * Fixes kubelet log compression on Windows
+ * Reduce default gzip compression level from 4 to 1 in apiserver
+ * exec auth: support TLS config caching
+ * Marshal MicroTime to json and proto at the same precision
+ * Windows: ensure runAsNonRoot does case-insensitive comparison on user name
+ * update structured-merge-diff to 4.2.3
+ * Add rate limiting when calling STS assume role API
+ * Fixing issue in generatePodSandboxWindowsConfig for hostProcess containers
by where pod sandbox won't have HostProcess bit set if pod does not have a
security context but containers specify HostProcess.
+
+---
Old:
kubernetes-1.23.9.tar.xz
New:
kubernetes-1.23.17.tar.xz
Other differences:
--
++ kubernetes1.23.spec ++
--- /var/tmp/diff_new_pack.ilzuf8/_old 2023-03-13 12:41:21.031871329 +0100
+++ /var/tmp/diff_new_pack.ilzuf8/_new 2023-03-13 12:41:21.083871600 +0100
@@ -1,7 +1,7 @@
#
# spec file
#
-# Copyright (c) 2022 SUSE LLC
+# Copyright (c) 2023 SUSE LLC
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
@@ -22,7 +22,7 @@
%define baseversionminus1 1.22
Name: kubernetes%{baseversion}
-Version:1.23.9
+Version:1.23.17
Release:0
Summary:Container Scheduling and Management
License:Apache-2.0
@@ -68,8 +68,9 @@
for management and discovery.
-# packages to build containerized control plane
+
+# packages to build containerized control plane
%package apiserver
Summary:Kubernetes apiserver for container image
Group: System/Management
++ _service ++
--- /var/tmp/diff_new_pack.ilzuf8/_old 2023-03-13 12:41:21.311872788 +0100
+++ /var/tmp/diff_new_pack.ilzuf8/_new 2023-03-13 12:41:21.315872809 +0100
@@ -5,7 +5,7 @@
.git
@PARENT_TAG@
commit kubernetes1.23 for openSUSE:Factory
Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package kubernetes1.23 for openSUSE:Factory checked in at 2022-07-21 11:33:33 Comparing /work/SRC/openSUSE:Factory/kubernetes1.23 (Old) and /work/SRC/openSUSE:Factory/.kubernetes1.23.new.1523 (New) Package is "kubernetes1.23" Thu Jul 21 11:33:33 2022 rev:5 rq:990348 version:1.23.9 Changes: --- /work/SRC/openSUSE:Factory/kubernetes1.23/kubernetes1.23.changes 2022-03-18 16:41:37.613159449 +0100 +++ /work/SRC/openSUSE:Factory/.kubernetes1.23.new.1523/kubernetes1.23.changes 2022-07-21 11:34:03.814987390 +0200 @@ -1,0 +2,155 @@ +Tue Jul 19 05:05:54 UTC 2022 - jkowalc...@suse.com + +- Update to version 1.23.9: + * Do not skip job requeue in conflict error + * kubeadm: fix the bug that configurable KubernetesVersion not respected during kubeadm join + * Bump cAdvisor to v0.43.1 + * Fix: filter out unsatisfied nodes when calling AddPod in PodTopologySpread + * kubeadm: fix the bug that configurable KubernetesVersion not respected during kubeadm join + * GIT-110239: fix activeDeadlineSeconds enforcement bug + * fix: --chunk-size with selector returns missing result + * Fixed winkernel proxy failing to query v1 endpoints created by dockershim CNIs + * Winkernel proxier cache HNS data to improve syncProxyRules performance + * Update CHANGELOG/CHANGELOG-1.23.md for v1.23.8 + * apiserver: printers should use int64 + * add missing error handling steps + * add missing error handling steps + * fix image pulling failure when IMDS is unavailalbe in kubelet startup + * fix: exclude non-ready nodes and deleted nodes from azure load balancers + * Avoid updating Services with stale specs Fix the bug that service specs in servicesToUpdate may have been updated by clients. +- Require only BuildRequires: golang(API) = 1.17 pinned Go major version. + Remove potentially conflicting BuildRequires: go >= x.y.z. + The plan for future updates is BuildRequires: golang(API) >= 1.17 + minimum Go major version. + +--- +Tue Jul 19 04:39:46 UTC 2022 - jkowalc...@suse.com + +- Update to version 1.23.8: + * Revert "Automated cherry pick of #109124: Winkernel proxier cache HNS data to improve syncProxyRules" + * test: update graceful node shutdown e2e with watch + * move the ignore logic higher up to the reconciler + * Ignore EndpointSlices that are already marked for deletion + * kubelet: Mark ready condition as false explicitly for terminal pods + * agnhost: bump version 2.39 + * Update Go to 1.17.11 + * add service e2e tests + * kubelet: add e2e test to verify probe readiness + * kubelet: only shutdown probes for pods that are terminated + * kubelet: Pod probes should be handled by pod worker + * Enable resize feature + * Reject proxy requests to 0.0.0.0 as well + * ipvs: fix prevent concurrent map read and map write for 1.23 + * cpu manager policy set to none, no one remove container id from container map, lead memory leak + * fix audit union loop variables in closures + * Updating e2e test to check EndpointSlices and Endpoints as well + * e2e: services with evicted pods doesn't have endpoints + * e2e test for evicted pods + * endpoints controller: don't consider terminal endpoints + * endpointslices: terminal pods doesn't receive enpoints + * add pod util to verify pod is terminal + * Update CHANGELOG/CHANGELOG-1.23.md for v1.23.7 + * Add test for checking ephemeral volume expansion + * Fix resizing of ephemeral volumes + * untangle fix with healthCheck feature + * Winkernel proxier cache HNS data to improve syncProxyRules performance + * Skip updating Endpoints and EndpointSlice if no relevant fields change + +--- +Tue Jul 19 03:51:42 UTC 2022 - jkowalc...@suse.com + +- Update to version 1.23.7: + * Fix requests scope classification + * Update Go to 1.17.10 + * authn: fix cache mutation by AuthenticatedGroupAdder + * GCE: skip updating and deleting external loadbalancers if service is managed outside of service controller + * Wait for cache to sync in job's TestWatchOrphanPods + * Fix OpenAPI loading error caused by empty APIService + * Test Foreground deletion in job integration + * Fix removing finalizer from finished jobs + * Don't mark job as failed until expectations are satisfied + * Integration test for backoff limit and finalizers + * component-base: replace url in rest client metrics + * fix broken find command + * Allow KUBE_TEST_REPO_LIST to be a remote url as well + * Disable JobTrackingWithFinalizers due to unresolved bug + * Update CHANGELOG/CHANGELOG-1.23.md for v1.23.6 + * Correct event registration for multiple scheduler plugins. + * kubelet: rename closeAllConns to
commit kubernetes1.23 for openSUSE:Factory
Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package kubernetes1.23 for openSUSE:Factory checked in at 2022-03-18 16:41:31 Comparing /work/SRC/openSUSE:Factory/kubernetes1.23 (Old) and /work/SRC/openSUSE:Factory/.kubernetes1.23.new.25692 (New) Package is "kubernetes1.23" Fri Mar 18 16:41:31 2022 rev:4 rq:962176 version:1.23.4 Changes: --- /work/SRC/openSUSE:Factory/kubernetes1.23/kubernetes1.23.changes 2022-02-10 23:11:34.076131090 +0100 +++ /work/SRC/openSUSE:Factory/.kubernetes1.23.new.25692/kubernetes1.23.changes 2022-03-18 16:41:37.613159449 +0100 @@ -1,0 +2,92 @@ +Wed Mar 16 12:29:58 UTC 2022 - rbr...@suse.com + +- Update to version 1.23.4: + * Update Go to 1.17.7 + * Use serializable struct for x-kubernetes-validations in openapi + * Make JSON schema round tripping test more strict + * ignore CRI PodSandboxNetworkStatus for host network pods + * set secondary address on host-network pods + * Deeply copy JSONSchemaProps.XValidations. + * Ensure the execHostnameTest() compares hostnames + * Revert "Fix comparison between FQDN and hostname" + * service REST: Call Decorator(old) on update path + * add namespace in azurefile volumeid + * fix: azurefile volumeid conflict in csi migration + * Mark device as uncertain if unmount device succeeds + * Update CHANGELOG/CHANGELOG-1.23.md for v1.23.3 + * kubelet: fix podstatus not containing pod full name + * Fix bug with node restriction blocking pvc.status.resizestatus change + * Fix regression pruning array fields with x-kubernetes-preserve-unknown-fields: true + * Set max results if its not set + * Update CHANGELOG/CHANGELOG-1.23.md for v1.23.2 + * Update k/utils to v0.0.0-2026205334-6203023598ed + * [go] update to Go 1.17.6 + * fix: remove outdated ipv4 route when the corresponding node is deleted + * fix: delete non existing disk issue + * Revert "Automated cherry pick of #107554: Correct the feature gate string for RBD migration." + * fix containers order after applying + * generated: ./hack/update-vendor.sh + * upgrade sigs.k8s.io/structured-merge-diff/v4 to v4.2.1 + * Execute sync before taking the snapshot + * Correct the feature gate string for RBD migration. + * fix: azuredisk parameter lowercase translation issue + * removed unnecessary log line + * kubectl: add integration test for result reporting + * cli: let kubectl handle error printing + * cli: avoid logging command line errors in more cases + * Fix header mutation race in timeout filter + * clear pod's .status.nominatedNodeName when necessary + * use node informer to check volumes attachment status before backoff + * When volume is not marked in-use, do not backoff + * kubeadm: remove the restriction that the ca.crt can only contain one certificate + * flake fix: remove the error handler for cronjob integration test + * Fix the leak of vSphere client sessions + * fix nil pointer in create secret commands + * Fix order of commands in the snapshot tests for persistent volumes + * client-go: Clear the ResourceVersionMatch on paged list calls + * Improving performance of EndpointSlice controller metrics cache + * fix the error when cleaning up jobs for cronjob + * Update CHANGELOG to add missing release notes. + * apf: ensure exempt request notes the classification + * Enabling kube-proxy metrics on windows kernel mode + * Update CHANGELOG/CHANGELOG-1.23.md for v1.23.1 + * add gce loadbalancer no-op finalizer and existingFwdRule tests + * disable gce service handling if has rbs forwarding rule + * add ELBRbsFinalizer + * add gce elb rbs opt-in annotation + * cherry pick of knp 0.0.27 + * Remove JSON logging performance regression + * Re-introduce removed kubectl --dry-run values. + * Point flowcontrol users at v1beta2 + * [go1.17] Update to go1.17.5 + * dependencies: Update golang.org/x/net to v0.0.0-20211209124913-491a49abca63 + * mount-utils: Detect potential stale file handle + * Skip creating HNS loadbalancer with empty endpoints + * Add regression test for CPUManager distribute NUMA algorithm + * Add unit test for CPUManager distribute NUMA algorithm verifying fixes + * Fix accounting bug in CPUManager distribute NUMA policy + * Fix error handling in CPUManager distribute NUMA tests + * Add a sum() helper to the CPUManager cpuassignment logic + * Allow the map.Values() function in the CPUManager to take a set of keys + * Fix CPUManager algo to calculate min NUMA nodes needed for distribution + * Fix unit tests following bug fix in CPUManager for map functions (2/2) + * Fix unit tests following bug fix in CPUManager for map functions (1/2) + * Fix bug in CPUManager map.Keys() and map.Values() implementations + * Ensure we balance across *all* NUMA nodes in NUMA distribution algo + * Short-circuit
commit kubernetes1.23 for openSUSE:Factory
Script 'mail_helper' called by obssrc
Hello community,
here is the log from the commit of package kubernetes1.23 for openSUSE:Factory
checked in at 2022-02-10 23:11:30
Comparing /work/SRC/openSUSE:Factory/kubernetes1.23 (Old)
and /work/SRC/openSUSE:Factory/.kubernetes1.23.new.1956 (New)
Package is "kubernetes1.23"
Thu Feb 10 23:11:30 2022 rev:3 rq:952641 version:1.23.0
Changes:
--- /work/SRC/openSUSE:Factory/kubernetes1.23/kubernetes1.23.changes
2022-01-14 23:13:04.042625088 +0100
+++ /work/SRC/openSUSE:Factory/.kubernetes1.23.new.1956/kubernetes1.23.changes
2022-02-10 23:11:34.076131090 +0100
@@ -1,0 +2,5 @@
+Mon Feb 7 16:21:21 UTC 2022 - Dirk M??ller
+
+- avoid bashism in client-common postinstall script (bsc#1195391)
+
+---
Other differences:
--
++ kubernetes1.23.spec ++
--- /var/tmp/diff_new_pack.N9oFbr/_old 2022-02-10 23:11:35.204133948 +0100
+++ /var/tmp/diff_new_pack.N9oFbr/_new 2022-02-10 23:11:35.208133958 +0100
@@ -71,6 +71,7 @@
# packages to build containerized control plane
+
%package apiserver
Summary:Kubernetes apiserver for container image
Group: System/Management
@@ -304,9 +305,8 @@
%fdupes -s %{buildroot}
%post client-common
-export baseversion="%{baseversion}"
%{_sbindir}/update-alternatives \
- --install %{_bindir}/kubectl kubectl %{_bindir}/kubectl%{baseversion}
${baseversion/./}
+ --install %{_bindir}/kubectl kubectl %{_bindir}/kubectl%{baseversion} %(echo
%{baseversion} | tr -d .)
%postun client-common
if [ ! -f %{_bindir}/kubectl%{baseversion} ] ; then
commit kubernetes1.23 for openSUSE:Factory
Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package kubernetes1.23 for openSUSE:Factory checked in at 2022-01-14 23:12:37 Comparing /work/SRC/openSUSE:Factory/kubernetes1.23 (Old) and /work/SRC/openSUSE:Factory/.kubernetes1.23.new.1892 (New) Package is "kubernetes1.23" Fri Jan 14 23:12:37 2022 rev:2 rq:946124 version:1.23.0 Changes: --- /work/SRC/openSUSE:Factory/kubernetes1.23/kubernetes1.23.changes 2021-12-16 21:20:02.938538059 +0100 +++ /work/SRC/openSUSE:Factory/.kubernetes1.23.new.1892/kubernetes1.23.changes 2022-01-14 23:13:04.042625088 +0100 @@ -1,0 +2,5 @@ +Thu Jan 13 12:26:35 UTC 2022 - Richard Brown + +- Increase _constraints to 13GB + +--- Other differences: -- ++ kubernetes1.23.spec ++ --- /var/tmp/diff_new_pack.yqZwNp/_old 2022-01-14 23:13:04.782625566 +0100 +++ /var/tmp/diff_new_pack.yqZwNp/_new 2022-01-14 23:13:04.786625568 +0100 @@ -1,7 +1,7 @@ # # spec file # -# Copyright (c) 2021 SUSE LLC +# Copyright (c) 2022 SUSE LLC # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -69,8 +69,8 @@ for management and discovery. -# packages to build containerized control plane +# packages to build containerized control plane %package apiserver Summary:Kubernetes apiserver for container image Group: System/Management ++ _constraints ++ --- /var/tmp/diff_new_pack.yqZwNp/_old 2022-01-14 23:13:04.830625596 +0100 +++ /var/tmp/diff_new_pack.yqZwNp/_new 2022-01-14 23:13:04.834625599 +0100 @@ -7,7 +7,7 @@ 8 - 9 + 13
