commit kubernetes1.23 for openSUSE:Factory
Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package kubernetes1.23 for openSUSE:Factory checked in at 2024-02-26 19:45:56 Comparing /work/SRC/openSUSE:Factory/kubernetes1.23 (Old) and /work/SRC/openSUSE:Factory/.kubernetes1.23.new.1770 (New) Package is "kubernetes1.23" Mon Feb 26 19:45:56 2024 rev:12 rq:1151204 version:1.23.17 Changes: --- /work/SRC/openSUSE:Factory/kubernetes1.23/kubernetes1.23.changes 2024-01-23 22:57:30.399403994 +0100 +++ /work/SRC/openSUSE:Factory/.kubernetes1.23.new.1770/kubernetes1.23.changes 2024-02-26 19:46:49.809030683 +0100 @@ -1,0 +2,11 @@ +Mon Feb 26 11:07:39 UTC 2024 - Priyanka Saggu + +- add new patch to advance autoscaling v2 as the preferred API version, to fix bsc#1219964, CVE-2024-0793 + * autoscaling-advance-v2-as-the-preferred-API-version.patch + +--- +Thu Feb 22 12:45:41 UTC 2024 - Dominique Leuenberger + +- Use %patch -P N instead of deprecated %patchN. + +--- New: autoscaling-advance-v2-as-the-preferred-API-version.patch BETA DEBUG BEGIN: New:- add new patch to advance autoscaling v2 as the preferred API version, to fix bsc#1219964, CVE-2024-0793 * autoscaling-advance-v2-as-the-preferred-API-version.patch BETA DEBUG END: Other differences: -- ++ kubernetes1.23.spec ++ --- /var/tmp/diff_new_pack.bh5S0d/_old 2024-02-26 19:46:51.077076525 +0100 +++ /var/tmp/diff_new_pack.bh5S0d/_new 2024-02-26 19:46:51.081076669 +0100 @@ -1,7 +1,7 @@ # # spec file # -# Copyright (c) 2023 SUSE LLC +# Copyright (c) 2024 SUSE LLC # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -54,6 +54,8 @@ # Patch to fix CVE-2023-2431, to return error when a Pod or Container's SecurityContext has a localhost seccomp type but an empty localhostProfile field. Patch7: fix-seccomp-localhost-error-handling.patch Patch8: kubernetes-sort-custom-column-print-flags.patch +# Patch to advance autoscaling v2 as the preferred API version, to fix bsc#1219964, CVE-2024-0793 +Patch9: autoscaling-advance-v2-as-the-preferred-API-version.patch BuildRequires: fdupes BuildRequires: git BuildRequires: go-go-md2man @@ -78,7 +80,9 @@ + # packages to build containerized control plane + %package apiserver Summary:Kubernetes apiserver for container image Group: System/Management @@ -218,13 +222,14 @@ %prep %setup -q -n kubernetes-%{version} -%patch2 -p1 -%patch3 -p1 -%patch4 -p0 -%patch5 -p1 -%patch6 -p1 -%patch7 -p1 -%patch8 -p1 +%patch -P 2 -p1 +%patch -P 3 -p1 +%patch -P 4 -p0 +%patch -P 5 -p1 +%patch -P 6 -p1 +%patch -P 7 -p1 +%patch -P 8 -p1 +%patch -P 9 -p1 %build # This is fixing bug bsc#1065972 ++ autoscaling-advance-v2-as-the-preferred-API-version.patch ++ >From 40a6d6306a2c6c202ab33c3d90178ce19fabf7cf Mon Sep 17 00:00:00 2001 From: SataQiu Date: Sun, 11 Dec 2022 13:09:39 +0800 Subject: [PATCH] autoscaling: advance v2 as the preferred API version over v1 --- pkg/apis/autoscaling/install/install.go | 3 +-- pkg/controlplane/storageversionhashdata/data.go | 4 ++-- test/integration/etcd/data.go | 6 +++--- 3 files changed, 6 insertions(+), 7 deletions(-) Index: kubernetes-1.23.17/pkg/apis/autoscaling/install/install.go === --- kubernetes-1.23.17.orig/pkg/apis/autoscaling/install/install.go +++ kubernetes-1.23.17/pkg/apis/autoscaling/install/install.go @@ -40,6 +40,5 @@ func Install(scheme *runtime.Scheme) { utilruntime.Must(v2.AddToScheme(scheme)) utilruntime.Must(v2beta1.AddToScheme(scheme)) utilruntime.Must(v1.AddToScheme(scheme)) - // TODO: move v2 to the front of the list in 1.24 - utilruntime.Must(scheme.SetVersionPriority(v1.SchemeGroupVersion, v2.SchemeGroupVersion, v2beta1.SchemeGroupVersion, v2beta2.SchemeGroupVersion)) + utilruntime.Must(scheme.SetVersionPriority(v2.SchemeGroupVersion, v1.SchemeGroupVersion, v2beta1.SchemeGroupVersion, v2beta2.SchemeGroupVersion)) } Index: kubernetes-1.23.17/pkg/controlplane/storageversionhashdata/data.go === --- kubernetes-1.23.17.orig/pkg/controlplane/storageversionhashdata/data.go +++ kubernetes-1.23.17/pkg/controlplane/storageversionhashdata/data.go @@ -51,10 +51,10 @@ var GVRToStorageVersionHash = map[string "v1/secrets":"S6u1pOWzb84=", "v1/serviceaccounts":"pbx9ZvyFpBE=",
commit kubernetes1.23 for openSUSE:Factory
Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package kubernetes1.23 for openSUSE:Factory checked in at 2023-06-21 22:38:44 Comparing /work/SRC/openSUSE:Factory/kubernetes1.23 (Old) and /work/SRC/openSUSE:Factory/.kubernetes1.23.new.15902 (New) Package is "kubernetes1.23" Wed Jun 21 22:38:44 2023 rev:10 rq:1093983 version:1.23.17 Changes: --- /work/SRC/openSUSE:Factory/kubernetes1.23/kubernetes1.23.changes 2023-06-16 16:55:34.113963835 +0200 +++ /work/SRC/openSUSE:Factory/.kubernetes1.23.new.15902/kubernetes1.23.changes 2023-06-21 22:39:33.710263801 +0200 @@ -1,0 +2,7 @@ +Tue Jun 20 12:56:47 UTC 2023 - Priyanka Saggu + +- Security Patch Fix for CVE-2023-2431 (bsc#1212493) + * added patch: fix-seccomp-localhost-error-handling.patch + * this new kubelet component patch returns an error when a Pod or Container's SecurityContext has a localhost seccomp type but an empty localhostProfile field. + +--- New: fix-seccomp-localhost-error-handling.patch Other differences: -- ++ kubernetes1.23.spec ++ --- /var/tmp/diff_new_pack.EXXRyQ/_old 2023-06-21 22:39:34.410268014 +0200 +++ /var/tmp/diff_new_pack.EXXRyQ/_new 2023-06-21 22:39:34.418268062 +0200 @@ -51,6 +51,8 @@ Patch5: revert-coredns-image-renaming.patch # Patch to fix CVE-2023-2727 and CVE-2023-2728, by preventing ephemeral containers from using an image that is restricted by ImagePolicyWebhook and from bypassing the mountable secrets policy enforced by the ServiceAccount admission plugin Patch6: kube-apiserver-admission-plugin-policy.patch +# Patch to fix CVE-2023-2431, to return error when a Pod or Container's SecurityContext has a localhost seccomp type but an empty localhostProfile field. +Patch7: fix-seccomp-localhost-error-handling.patch BuildRequires: fdupes BuildRequires: git BuildRequires: go-go-md2man @@ -74,6 +76,7 @@ + # packages to build containerized control plane %package apiserver Summary:Kubernetes apiserver for container image @@ -219,6 +222,7 @@ %patch4 -p0 %patch5 -p1 %patch6 -p1 +%patch7 -p1 %build # This is fixing bug bsc#1065972 ++ fix-seccomp-localhost-error-handling.patch ++ 860 lines (skipped)
commit kubernetes1.23 for openSUSE:Factory
Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package kubernetes1.23 for openSUSE:Factory checked in at 2023-06-16 16:54:23 Comparing /work/SRC/openSUSE:Factory/kubernetes1.23 (Old) and /work/SRC/openSUSE:Factory/.kubernetes1.23.new.15902 (New) Package is "kubernetes1.23" Fri Jun 16 16:54:23 2023 rev:9 rq:1093310 version:1.23.17 Changes: --- /work/SRC/openSUSE:Factory/kubernetes1.23/kubernetes1.23.changes 2023-04-12 15:34:58.622050699 +0200 +++ /work/SRC/openSUSE:Factory/.kubernetes1.23.new.15902/kubernetes1.23.changes 2023-06-16 16:55:34.113963835 +0200 @@ -1,0 +2,9 @@ +Thu Jun 15 11:36:19 UTC 2023 - Priyanka Saggu + +- Security Patch Fix for CVE-2023-2727 (bsc#1211630) and CVE-2023-2728 (bsc#1211631) + * added patch: kube-apiserver-admission-plugin-policy.patch + * this new kube-apiserver component patch prevents ephemeral containers: +** from using an image that is restricted by ImagePolicyWebhook (CVE-2023-2727) +** from bypassing the mountable secrets policy enforced by the ServiceAccount admission plugin (CVE-2023-2728) + +--- New: kube-apiserver-admission-plugin-policy.patch Other differences: -- ++ kubernetes1.23.spec ++ --- /var/tmp/diff_new_pack.1nqTES/_old 2023-06-16 16:55:34.829968058 +0200 +++ /var/tmp/diff_new_pack.1nqTES/_new 2023-06-16 16:55:34.833968082 +0200 @@ -49,6 +49,8 @@ Patch4: kubeadm-opensuse-flexvolume.patch # Patch to revert renaming of coredns image location to match how it's done on download.opensuse.org Patch5: revert-coredns-image-renaming.patch +# Patch to fix CVE-2023-2727 and CVE-2023-2728, by preventing ephemeral containers from using an image that is restricted by ImagePolicyWebhook and from bypassing the mountable secrets policy enforced by the ServiceAccount admission plugin +Patch6: kube-apiserver-admission-plugin-policy.patch BuildRequires: fdupes BuildRequires: git BuildRequires: go-go-md2man @@ -71,8 +73,8 @@ -# packages to build containerized control plane +# packages to build containerized control plane %package apiserver Summary:Kubernetes apiserver for container image Group: System/Management @@ -216,6 +218,7 @@ %patch3 -p1 %patch4 -p0 %patch5 -p1 +%patch6 -p1 %build # This is fixing bug bsc#1065972 ++ kube-apiserver-admission-plugin-policy.patch ++ >From 64f3b999c3e488ebc73c2d9a628b73ec092a0caf Mon Sep 17 00:00:00 2001 From: Rita Zhang Date: Sun, 21 May 2023 16:21:08 -0700 Subject: [PATCH] Add ephemeralcontainer to imagepolicy securityaccount admission plugin Signed-off-by: Rita Zhang --- plugin/pkg/admission/imagepolicy/admission.go | 26 ++-- .../admission/imagepolicy/admission_test.go | 135 +- .../pkg/admission/serviceaccount/admission.go | 55 ++- .../serviceaccount/admission_test.go | 93 +++- 4 files changed, 290 insertions(+), 19 deletions(-) Index: kubernetes-1.23.17/plugin/pkg/admission/imagepolicy/admission.go === --- kubernetes-1.23.17.orig/plugin/pkg/admission/imagepolicy/admission.go +++ kubernetes-1.23.17/plugin/pkg/admission/imagepolicy/admission.go @@ -132,8 +132,8 @@ func (a *Plugin) webhookError(pod *api.P // Validate makes an admission decision based on the request attributes func (a *Plugin) Validate(ctx context.Context, attributes admission.Attributes, o admission.ObjectInterfaces) (err error) { - // Ignore all calls to subresources or resources other than pods. - if attributes.GetSubresource() != "" || attributes.GetResource().GroupResource() != api.Resource("pods") { + // Ignore all calls to subresources other than ephemeralcontainers or calls to resources other than pods. + if (attributes.GetSubresource() != "" && attributes.GetSubresource() != "ephemeralcontainers") || attributes.GetResource().GroupResource() != api.Resource("pods") { return nil } @@ -144,13 +144,21 @@ func (a *Plugin) Validate(ctx context.Co // Build list of ImageReviewContainerSpec var imageReviewContainerSpecs []v1alpha1.ImageReviewContainerSpec - containers := make([]api.Container, 0, len(pod.Spec.Containers)+len(pod.Spec.InitContainers)) - containers = append(containers, pod.Spec.Containers...) - containers = append(containers, pod.Spec.InitContainers...) - for _, c := range containers { - imageReviewContainerSpecs = append(imageReviewContainerSpecs, v1alpha1.ImageReviewContainerSpec{ - Image: c.Image, - }) + if
commit kubernetes1.23 for openSUSE:Factory
Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package kubernetes1.23 for openSUSE:Factory checked in at 2023-04-12 15:34:58 Comparing /work/SRC/openSUSE:Factory/kubernetes1.23 (Old) and /work/SRC/openSUSE:Factory/.kubernetes1.23.new.19717 (New) Package is "kubernetes1.23" Wed Apr 12 15:34:58 2023 rev:8 rq:1078721 version:1.23.17 Changes: --- /work/SRC/openSUSE:Factory/kubernetes1.23/kubernetes1.23.changes 2023-03-30 22:51:13.564561643 +0200 +++ /work/SRC/openSUSE:Factory/.kubernetes1.23.new.19717/kubernetes1.23.changes 2023-04-12 15:34:58.622050699 +0200 @@ -1,0 +2,5 @@ +Wed Apr 12 12:34:43 UTC 2023 - Priyanka Saggu + +- add kubernetes1.18-client-common as conflicts with kubernetes-client-bash-completion + +--- Other differences: -- ++ kubernetes1.23.spec ++ --- /var/tmp/diff_new_pack.ftDrXd/_old 2023-04-12 15:34:59.546056061 +0200 +++ /var/tmp/diff_new_pack.ftDrXd/_new 2023-04-12 15:34:59.550056084 +0200 @@ -72,6 +72,7 @@ # packages to build containerized control plane + %package apiserver Summary:Kubernetes apiserver for container image Group: System/Management @@ -190,6 +191,7 @@ Obsoletes: kubernetes%{baseversionminus1}-client-bash-completion Provides: kubernetes-client-bash-completion = %{version} Conflicts: kubernetes-client-bash-completion +Conflicts: kubernetes1.18-client-common %description client-bash-completion Bash command line completion support for %{name}-client
commit kubernetes1.23 for openSUSE:Factory
Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package kubernetes1.23 for openSUSE:Factory checked in at 2023-03-30 22:51:10 Comparing /work/SRC/openSUSE:Factory/kubernetes1.23 (Old) and /work/SRC/openSUSE:Factory/.kubernetes1.23.new.31432 (New) Package is "kubernetes1.23" Thu Mar 30 22:51:10 2023 rev:7 rq:1075486 version:1.23.17 Changes: --- /work/SRC/openSUSE:Factory/kubernetes1.23/kubernetes1.23.changes 2023-03-13 12:41:19.139861470 +0100 +++ /work/SRC/openSUSE:Factory/.kubernetes1.23.new.31432/kubernetes1.23.changes 2023-03-30 22:51:13.564561643 +0200 @@ -1,0 +2,10 @@ +Mon Mar 27 09:24:52 UTC 2023 - Robert Munteanu + +- Stronger conflicts for completion packages + +--- +Mon Mar 27 08:53:20 UTC 2023 - Robert Munteanu + +- Split individual completions into separate packages + +--- Other differences: -- ++ kubernetes1.23.spec ++ --- /var/tmp/diff_new_pack.jZLE3J/_old 2023-03-30 22:51:14.860568579 +0200 +++ /var/tmp/diff_new_pack.jZLE3J/_new 2023-03-30 22:51:14.864568600 +0200 @@ -49,7 +49,6 @@ Patch4: kubeadm-opensuse-flexvolume.patch # Patch to revert renaming of coredns image location to match how it's done on download.opensuse.org Patch5: revert-coredns-image-renaming.patch -BuildRequires: bash-completion BuildRequires: fdupes BuildRequires: git BuildRequires: go-go-md2man @@ -70,6 +69,8 @@ + + # packages to build containerized control plane %package apiserver Summary:Kubernetes apiserver for container image @@ -178,6 +179,35 @@ %description client-common Kubernetes client tools common files +%package client-bash-completion +Summary:Bash Completion for %{name}-client +Group: System/Shells +BuildRequires: bash-completion +Requires: bash-completion +Requires: kubernetes%{baseversion}-client = %{version} +Supplements:(kubernetes%{baseversion}-client and bash-completion) +BuildArch: noarch +Obsoletes: kubernetes%{baseversionminus1}-client-bash-completion +Provides: kubernetes-client-bash-completion = %{version} +Conflicts: kubernetes-client-bash-completion + +%description client-bash-completion +Bash command line completion support for %{name}-client + +%package client-fish-completion +Summary:Fish Completion for %{name}-client +Group: System/Shells +BuildRequires: fish +Requires: kubernetes%{baseversion}-client = %{version} +Supplements:(kubernetes%{baseversion}-client and fish) +BuildArch: noarch +Obsoletes: kubernetes%{baseversionminus1}-client-fish-completion +Provides: kubernetes-client-fish-completion = %{version} +Conflicts: kubernetes-client-fish-completion + +%description client-fish-completion +Fish command line completion support for %{name}-client. + %prep %setup -q -n kubernetes-%{version} %patch2 -p1 @@ -250,6 +280,10 @@ install -d -m 0755 %{buildroot}%{_datadir}/bash-completion/completions/ %{buildroot}%{_bindir}/kubectl%{baseversion} completion bash > %{buildroot}%{_datadir}/bash-completion/completions/kubectl +# install the fish completion +mkdir -p %{buildroot}%{_datadir}/fish/vendor_completions.d +%{buildroot}%{_bindir}/kubectl%{baseversion} completion fish > %{buildroot}%{_datadir}/fish/vendor_completions.d/kubectl.fish + # move CHANGELOG-%{baseversion}.md to old location mv CHANGELOG/CHANGELOG-%{baseversion}.md . @@ -403,6 +437,11 @@ %license LICENSE %{_mandir}/man1/kubectl.1%{?ext_man} %{_mandir}/man1/kubectl-* + +%files client-bash-completion %{_datadir}/bash-completion/completions/kubectl +%files client-fish-completion +%{_datadir}/fish/vendor_completions.d/kubectl.fish + %changelog
commit kubernetes1.23 for openSUSE:Factory
Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package kubernetes1.23 for openSUSE:Factory checked in at 2023-03-13 12:40:37 Comparing /work/SRC/openSUSE:Factory/kubernetes1.23 (Old) and /work/SRC/openSUSE:Factory/.kubernetes1.23.new.31432 (New) Package is "kubernetes1.23" Mon Mar 13 12:40:37 2023 rev:6 rq:1070750 version:1.23.17 Changes: --- /work/SRC/openSUSE:Factory/kubernetes1.23/kubernetes1.23.changes 2022-07-21 11:34:03.814987390 +0200 +++ /work/SRC/openSUSE:Factory/.kubernetes1.23.new.31432/kubernetes1.23.changes 2023-03-13 12:41:19.139861470 +0100 @@ -1,0 +2,52 @@ +Thu Mar 2 12:48:04 UTC 2023 - Priyanka Saggu + +- update patch files to reflect upstream registry changes from k8s.gcr.io to registry.k8s.io + * kubeadm-opensuse-registry.patch + * revert-coredns-image-renaming.patch + +--- +Thu Mar 02 12:35:00 UTC 2023 - priyanka.sa...@suse.com + +- Update to version 1.23.17: + * Release commit for Kubernetes v1.23.17 + * releng: Update images, dependencies and version to Go 1.19.6 + * Update golang.org/x/net to v0.7.0 + * Pin golang.org/x/net to v0.4.0 + * add scale test for probes + * use custom dialer for http probes + * use custom dialer for tcp probes + * add custom dialer optimized for probes + * egress_selector: prevent goroutines leak on connect() step. + * tls.Dial() validates hostname, no need to do that manually + * Fix issue that Audit Server could not correctly encode DeleteOption + * Do not include scheduler name in the preemption event message + * Do not leak cross namespace pod metadata in preemption events + * pkg/controller/job: re-honor exponential backoff + * releng: Update images, dependencies and version to Go 1.19.5 + * Bump Konnectivity to v0.0.35 + * Improve vendor verification works for each staging repo + * Update to go1.19 + * Adjust for os/exec changes in 1.19 + * Update golangci-lint to 1.46.2 and fix errors + * Match go1.17 defaults for SHA-1 and GC + * update golangci-lint to 1.45.0 + * kubelet: make the image pull time more accurate in event + * change k8s.gcr.io/pause to registry.k8s.io/pause + * use etcd 3.5.6-0 after promotion + * changelog: CVE-2022-3294 and CVE-2022-3162 were fixed in v1.23.14 + * Add CVE-2021-25749 to CHANGELOG-1.23.md + * Add CVE-2022-3294 to CHANGELOG-1.23.md + * kubeadm: use registry.k8s.io instead of k8s.gcr.io + * etcd: Updated to v3.5.5 + * Bump konnectivity network proxy to v0.0.33. Includes a couple bug fixes for better handling of dial failures. [Agent & Server](https://github.com/kubernetes-sigs/apiserver-network-proxy/commits/v0.0.33) include numerous other fixes. + * kubeadm: allow RSA and ECDSA format keys in preflight check + * Fixes kubelet log compression on Windows + * Reduce default gzip compression level from 4 to 1 in apiserver + * exec auth: support TLS config caching + * Marshal MicroTime to json and proto at the same precision + * Windows: ensure runAsNonRoot does case-insensitive comparison on user name + * update structured-merge-diff to 4.2.3 + * Add rate limiting when calling STS assume role API + * Fixing issue in generatePodSandboxWindowsConfig for hostProcess containers by where pod sandbox won't have HostProcess bit set if pod does not have a security context but containers specify HostProcess. + +--- Old: kubernetes-1.23.9.tar.xz New: kubernetes-1.23.17.tar.xz Other differences: -- ++ kubernetes1.23.spec ++ --- /var/tmp/diff_new_pack.ilzuf8/_old 2023-03-13 12:41:21.031871329 +0100 +++ /var/tmp/diff_new_pack.ilzuf8/_new 2023-03-13 12:41:21.083871600 +0100 @@ -1,7 +1,7 @@ # # spec file # -# Copyright (c) 2022 SUSE LLC +# Copyright (c) 2023 SUSE LLC # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -22,7 +22,7 @@ %define baseversionminus1 1.22 Name: kubernetes%{baseversion} -Version:1.23.9 +Version:1.23.17 Release:0 Summary:Container Scheduling and Management License:Apache-2.0 @@ -68,8 +68,9 @@ for management and discovery. -# packages to build containerized control plane + +# packages to build containerized control plane %package apiserver Summary:Kubernetes apiserver for container image Group: System/Management ++ _service ++ --- /var/tmp/diff_new_pack.ilzuf8/_old 2023-03-13 12:41:21.311872788 +0100 +++ /var/tmp/diff_new_pack.ilzuf8/_new 2023-03-13 12:41:21.315872809 +0100 @@ -5,7 +5,7 @@ .git @PARENT_TAG@
commit kubernetes1.23 for openSUSE:Factory
Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package kubernetes1.23 for openSUSE:Factory checked in at 2022-07-21 11:33:33 Comparing /work/SRC/openSUSE:Factory/kubernetes1.23 (Old) and /work/SRC/openSUSE:Factory/.kubernetes1.23.new.1523 (New) Package is "kubernetes1.23" Thu Jul 21 11:33:33 2022 rev:5 rq:990348 version:1.23.9 Changes: --- /work/SRC/openSUSE:Factory/kubernetes1.23/kubernetes1.23.changes 2022-03-18 16:41:37.613159449 +0100 +++ /work/SRC/openSUSE:Factory/.kubernetes1.23.new.1523/kubernetes1.23.changes 2022-07-21 11:34:03.814987390 +0200 @@ -1,0 +2,155 @@ +Tue Jul 19 05:05:54 UTC 2022 - jkowalc...@suse.com + +- Update to version 1.23.9: + * Do not skip job requeue in conflict error + * kubeadm: fix the bug that configurable KubernetesVersion not respected during kubeadm join + * Bump cAdvisor to v0.43.1 + * Fix: filter out unsatisfied nodes when calling AddPod in PodTopologySpread + * kubeadm: fix the bug that configurable KubernetesVersion not respected during kubeadm join + * GIT-110239: fix activeDeadlineSeconds enforcement bug + * fix: --chunk-size with selector returns missing result + * Fixed winkernel proxy failing to query v1 endpoints created by dockershim CNIs + * Winkernel proxier cache HNS data to improve syncProxyRules performance + * Update CHANGELOG/CHANGELOG-1.23.md for v1.23.8 + * apiserver: printers should use int64 + * add missing error handling steps + * add missing error handling steps + * fix image pulling failure when IMDS is unavailalbe in kubelet startup + * fix: exclude non-ready nodes and deleted nodes from azure load balancers + * Avoid updating Services with stale specs Fix the bug that service specs in servicesToUpdate may have been updated by clients. +- Require only BuildRequires: golang(API) = 1.17 pinned Go major version. + Remove potentially conflicting BuildRequires: go >= x.y.z. + The plan for future updates is BuildRequires: golang(API) >= 1.17 + minimum Go major version. + +--- +Tue Jul 19 04:39:46 UTC 2022 - jkowalc...@suse.com + +- Update to version 1.23.8: + * Revert "Automated cherry pick of #109124: Winkernel proxier cache HNS data to improve syncProxyRules" + * test: update graceful node shutdown e2e with watch + * move the ignore logic higher up to the reconciler + * Ignore EndpointSlices that are already marked for deletion + * kubelet: Mark ready condition as false explicitly for terminal pods + * agnhost: bump version 2.39 + * Update Go to 1.17.11 + * add service e2e tests + * kubelet: add e2e test to verify probe readiness + * kubelet: only shutdown probes for pods that are terminated + * kubelet: Pod probes should be handled by pod worker + * Enable resize feature + * Reject proxy requests to 0.0.0.0 as well + * ipvs: fix prevent concurrent map read and map write for 1.23 + * cpu manager policy set to none, no one remove container id from container map, lead memory leak + * fix audit union loop variables in closures + * Updating e2e test to check EndpointSlices and Endpoints as well + * e2e: services with evicted pods doesn't have endpoints + * e2e test for evicted pods + * endpoints controller: don't consider terminal endpoints + * endpointslices: terminal pods doesn't receive enpoints + * add pod util to verify pod is terminal + * Update CHANGELOG/CHANGELOG-1.23.md for v1.23.7 + * Add test for checking ephemeral volume expansion + * Fix resizing of ephemeral volumes + * untangle fix with healthCheck feature + * Winkernel proxier cache HNS data to improve syncProxyRules performance + * Skip updating Endpoints and EndpointSlice if no relevant fields change + +--- +Tue Jul 19 03:51:42 UTC 2022 - jkowalc...@suse.com + +- Update to version 1.23.7: + * Fix requests scope classification + * Update Go to 1.17.10 + * authn: fix cache mutation by AuthenticatedGroupAdder + * GCE: skip updating and deleting external loadbalancers if service is managed outside of service controller + * Wait for cache to sync in job's TestWatchOrphanPods + * Fix OpenAPI loading error caused by empty APIService + * Test Foreground deletion in job integration + * Fix removing finalizer from finished jobs + * Don't mark job as failed until expectations are satisfied + * Integration test for backoff limit and finalizers + * component-base: replace url in rest client metrics + * fix broken find command + * Allow KUBE_TEST_REPO_LIST to be a remote url as well + * Disable JobTrackingWithFinalizers due to unresolved bug + * Update CHANGELOG/CHANGELOG-1.23.md for v1.23.6 + * Correct event registration for multiple scheduler plugins. + * kubelet: rename closeAllConns to
commit kubernetes1.23 for openSUSE:Factory
Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package kubernetes1.23 for openSUSE:Factory checked in at 2022-03-18 16:41:31 Comparing /work/SRC/openSUSE:Factory/kubernetes1.23 (Old) and /work/SRC/openSUSE:Factory/.kubernetes1.23.new.25692 (New) Package is "kubernetes1.23" Fri Mar 18 16:41:31 2022 rev:4 rq:962176 version:1.23.4 Changes: --- /work/SRC/openSUSE:Factory/kubernetes1.23/kubernetes1.23.changes 2022-02-10 23:11:34.076131090 +0100 +++ /work/SRC/openSUSE:Factory/.kubernetes1.23.new.25692/kubernetes1.23.changes 2022-03-18 16:41:37.613159449 +0100 @@ -1,0 +2,92 @@ +Wed Mar 16 12:29:58 UTC 2022 - rbr...@suse.com + +- Update to version 1.23.4: + * Update Go to 1.17.7 + * Use serializable struct for x-kubernetes-validations in openapi + * Make JSON schema round tripping test more strict + * ignore CRI PodSandboxNetworkStatus for host network pods + * set secondary address on host-network pods + * Deeply copy JSONSchemaProps.XValidations. + * Ensure the execHostnameTest() compares hostnames + * Revert "Fix comparison between FQDN and hostname" + * service REST: Call Decorator(old) on update path + * add namespace in azurefile volumeid + * fix: azurefile volumeid conflict in csi migration + * Mark device as uncertain if unmount device succeeds + * Update CHANGELOG/CHANGELOG-1.23.md for v1.23.3 + * kubelet: fix podstatus not containing pod full name + * Fix bug with node restriction blocking pvc.status.resizestatus change + * Fix regression pruning array fields with x-kubernetes-preserve-unknown-fields: true + * Set max results if its not set + * Update CHANGELOG/CHANGELOG-1.23.md for v1.23.2 + * Update k/utils to v0.0.0-2026205334-6203023598ed + * [go] update to Go 1.17.6 + * fix: remove outdated ipv4 route when the corresponding node is deleted + * fix: delete non existing disk issue + * Revert "Automated cherry pick of #107554: Correct the feature gate string for RBD migration." + * fix containers order after applying + * generated: ./hack/update-vendor.sh + * upgrade sigs.k8s.io/structured-merge-diff/v4 to v4.2.1 + * Execute sync before taking the snapshot + * Correct the feature gate string for RBD migration. + * fix: azuredisk parameter lowercase translation issue + * removed unnecessary log line + * kubectl: add integration test for result reporting + * cli: let kubectl handle error printing + * cli: avoid logging command line errors in more cases + * Fix header mutation race in timeout filter + * clear pod's .status.nominatedNodeName when necessary + * use node informer to check volumes attachment status before backoff + * When volume is not marked in-use, do not backoff + * kubeadm: remove the restriction that the ca.crt can only contain one certificate + * flake fix: remove the error handler for cronjob integration test + * Fix the leak of vSphere client sessions + * fix nil pointer in create secret commands + * Fix order of commands in the snapshot tests for persistent volumes + * client-go: Clear the ResourceVersionMatch on paged list calls + * Improving performance of EndpointSlice controller metrics cache + * fix the error when cleaning up jobs for cronjob + * Update CHANGELOG to add missing release notes. + * apf: ensure exempt request notes the classification + * Enabling kube-proxy metrics on windows kernel mode + * Update CHANGELOG/CHANGELOG-1.23.md for v1.23.1 + * add gce loadbalancer no-op finalizer and existingFwdRule tests + * disable gce service handling if has rbs forwarding rule + * add ELBRbsFinalizer + * add gce elb rbs opt-in annotation + * cherry pick of knp 0.0.27 + * Remove JSON logging performance regression + * Re-introduce removed kubectl --dry-run values. + * Point flowcontrol users at v1beta2 + * [go1.17] Update to go1.17.5 + * dependencies: Update golang.org/x/net to v0.0.0-20211209124913-491a49abca63 + * mount-utils: Detect potential stale file handle + * Skip creating HNS loadbalancer with empty endpoints + * Add regression test for CPUManager distribute NUMA algorithm + * Add unit test for CPUManager distribute NUMA algorithm verifying fixes + * Fix accounting bug in CPUManager distribute NUMA policy + * Fix error handling in CPUManager distribute NUMA tests + * Add a sum() helper to the CPUManager cpuassignment logic + * Allow the map.Values() function in the CPUManager to take a set of keys + * Fix CPUManager algo to calculate min NUMA nodes needed for distribution + * Fix unit tests following bug fix in CPUManager for map functions (2/2) + * Fix unit tests following bug fix in CPUManager for map functions (1/2) + * Fix bug in CPUManager map.Keys() and map.Values() implementations + * Ensure we balance across *all* NUMA nodes in NUMA distribution algo + * Short-circuit
commit kubernetes1.23 for openSUSE:Factory
Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package kubernetes1.23 for openSUSE:Factory checked in at 2022-02-10 23:11:30 Comparing /work/SRC/openSUSE:Factory/kubernetes1.23 (Old) and /work/SRC/openSUSE:Factory/.kubernetes1.23.new.1956 (New) Package is "kubernetes1.23" Thu Feb 10 23:11:30 2022 rev:3 rq:952641 version:1.23.0 Changes: --- /work/SRC/openSUSE:Factory/kubernetes1.23/kubernetes1.23.changes 2022-01-14 23:13:04.042625088 +0100 +++ /work/SRC/openSUSE:Factory/.kubernetes1.23.new.1956/kubernetes1.23.changes 2022-02-10 23:11:34.076131090 +0100 @@ -1,0 +2,5 @@ +Mon Feb 7 16:21:21 UTC 2022 - Dirk M??ller + +- avoid bashism in client-common postinstall script (bsc#1195391) + +--- Other differences: -- ++ kubernetes1.23.spec ++ --- /var/tmp/diff_new_pack.N9oFbr/_old 2022-02-10 23:11:35.204133948 +0100 +++ /var/tmp/diff_new_pack.N9oFbr/_new 2022-02-10 23:11:35.208133958 +0100 @@ -71,6 +71,7 @@ # packages to build containerized control plane + %package apiserver Summary:Kubernetes apiserver for container image Group: System/Management @@ -304,9 +305,8 @@ %fdupes -s %{buildroot} %post client-common -export baseversion="%{baseversion}" %{_sbindir}/update-alternatives \ - --install %{_bindir}/kubectl kubectl %{_bindir}/kubectl%{baseversion} ${baseversion/./} + --install %{_bindir}/kubectl kubectl %{_bindir}/kubectl%{baseversion} %(echo %{baseversion} | tr -d .) %postun client-common if [ ! -f %{_bindir}/kubectl%{baseversion} ] ; then
commit kubernetes1.23 for openSUSE:Factory
Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package kubernetes1.23 for openSUSE:Factory checked in at 2022-01-14 23:12:37 Comparing /work/SRC/openSUSE:Factory/kubernetes1.23 (Old) and /work/SRC/openSUSE:Factory/.kubernetes1.23.new.1892 (New) Package is "kubernetes1.23" Fri Jan 14 23:12:37 2022 rev:2 rq:946124 version:1.23.0 Changes: --- /work/SRC/openSUSE:Factory/kubernetes1.23/kubernetes1.23.changes 2021-12-16 21:20:02.938538059 +0100 +++ /work/SRC/openSUSE:Factory/.kubernetes1.23.new.1892/kubernetes1.23.changes 2022-01-14 23:13:04.042625088 +0100 @@ -1,0 +2,5 @@ +Thu Jan 13 12:26:35 UTC 2022 - Richard Brown + +- Increase _constraints to 13GB + +--- Other differences: -- ++ kubernetes1.23.spec ++ --- /var/tmp/diff_new_pack.yqZwNp/_old 2022-01-14 23:13:04.782625566 +0100 +++ /var/tmp/diff_new_pack.yqZwNp/_new 2022-01-14 23:13:04.786625568 +0100 @@ -1,7 +1,7 @@ # # spec file # -# Copyright (c) 2021 SUSE LLC +# Copyright (c) 2022 SUSE LLC # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -69,8 +69,8 @@ for management and discovery. -# packages to build containerized control plane +# packages to build containerized control plane %package apiserver Summary:Kubernetes apiserver for container image Group: System/Management ++ _constraints ++ --- /var/tmp/diff_new_pack.yqZwNp/_old 2022-01-14 23:13:04.830625596 +0100 +++ /var/tmp/diff_new_pack.yqZwNp/_new 2022-01-14 23:13:04.834625599 +0100 @@ -7,7 +7,7 @@ 8 - 9 + 13