tobru
/
gitops-zurrli
1
1
Fork 0
Code Issues 1 Pull Requests 10 Activity

Update Helm release cilium to v1.15.3 #572

Merged
tobru merged 1 commits from renovate/cilium-1.x into main 2024-04-02 18:58:43 +00:00
Conversation 0 Commits 1 Files Changed 2 +2 -2
renovate-bot commented 2024-03-13 18:43:53 +00:00
Collaborator
Copy Link

This PR contains the following updates:

Package Update Change
cilium (source) patch 1.15.1 -> 1.15.3

Release Notes

cilium/cilium (cilium)

v1.15.3: 1.15.3

Compare Source

We are pleased to release Cilium v1.15.3.

Security Advisories

This release addresses a security vulnerability. For more information, see https://github.com/cilium/cilium/security/advisories/GHSA-pwqm-x5x6-5586.

Summary of Changes

Minor Changes:

Bugfixes:

  • v1.15 - Author backport] envoy: enable k8s secret watch even if only CEC is enabled ([#​31451](https://github.com/cilium/cilium/issues/31451), [@​mhofstetter](https://github.com/mhofstetter))
  • cni: Use batch endpoint deletion API in chaining plugin (Backport PR #​31515, Upstream PR #​31456, @​sayboras)
  • Fix a bug in the StateDB library that may have caused stale read after write. This may have potentially affected the L2 announcements feature and the node address selection. (Backport PR #​31342, Upstream PR #​31164, @​joamaki)
  • Fix a bug where pod label updates are not reflected in endpoint labels in presence of filtered labels. (Backport PR #​31473, Upstream PR #​31395, @​tklauser)
  • Fixed issue with assigning 0 nodeID when corresponding bpf map run out of space.
    Potentially it could have impacted connectivity in large clusters (>4k nodes) with IPSec or Mutual Auth enabled.
    Otherwise, it was merely generating unnecessary error log messages. (Backport PR #​31490, Upstream PR #​31380, @​marseel)
  • gateway-api: Retrieve LB service from same namespace (Backport PR #​31490, Upstream PR #​31271, @​sayboras)
  • Handle InvalidParameterValue as well for PD fallback (Backport PR #​31490, Upstream PR #​31016, @​hemanthmalla)
  • helm: Update pod affinity for cilium-envoy (Backport PR #​31490, Upstream PR #​31150, @​sayboras)
  • hubble/relay: Fix certificate reloading in PeerManager (Backport PR #​31568, Upstream PR #​31376, @​glrf)
  • Hubble: fix traffic direction and is reply when IPSec is enabled (Backport PR #​31568, Upstream PR #​31211, @​kaworu)
  • k8s/utils: correctly filter out labels in StripPodSpecialLabels (Backport PR #​31473, Upstream PR #​31421, @​tklauser)
  • metrics: Disable prometheus metrics by default (Backport PR #​31342, Upstream PR #​31144, @​joestringer)
  • operator: fix errors/warnings metric. (Backport PR #​31490, Upstream PR #​31214, @​tommyp1ckles)

CI Changes:

Misc Changes:

Other Changes:

v1.15.2: 1.15.2

Compare Source

We are pleased to release Cilium v1.15.2. This release contains various bug fixes and improvements.

Security Advisories

This patch release addresses security vulnerabilities. See the following security advisories
for details.

IPsec

This patch release includes significant changes for the IPsec stack, to resolve issues for connections that are selected by a L7 Network Policy or a DNS Policy.

Such connections may experience disruption during the upgrade, in particular in configurations with overlay routing mode.

Summary of Changes

Minor Changes:

Bugfixes:

CI Changes:

Misc Changes:

Other Changes:

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

  • If you want to rebase/retry this PR, check this box

This PR has been generated by Renovate Bot.

This PR contains the following updates: | Package | Update | Change | |---|---|---| | [cilium](https://cilium.io/) ([source](https://github.com/cilium/cilium)) | patch | `1.15.1` -> `1.15.3` | --- ### Release Notes <details> <summary>cilium/cilium (cilium)</summary> ### [`v1.15.3`](https://github.com/cilium/cilium/releases/tag/v1.15.3): 1.15.3 [Compare Source](https://github.com/cilium/cilium/compare/1.15.2...1.15.3) We are pleased to release Cilium v1.15.3. ## Security Advisories This release addresses a security vulnerability. For more information, see https://github.com/cilium/cilium/security/advisories/GHSA-pwqm-x5x6-5586. ## Summary of Changes **Minor Changes:** - bgpv1: BGP Control Plane metrics (Backport PR [#&#8203;31568](https://github.com/cilium/cilium/issues/31568), Upstream PR [#&#8203;31469](https://github.com/cilium/cilium/issues/31469), [@&#8203;YutaroHayakawa](https://github.com/YutaroHayakawa)) - cni: use default logger with timestamps. (Backport PR [#&#8203;31342](https://github.com/cilium/cilium/issues/31342), Upstream PR [#&#8203;31014](https://github.com/cilium/cilium/issues/31014), [@&#8203;tommyp1ckles](https://github.com/tommyp1ckles)) - Introduce `cilium-dbg encrypt flush --stale` flag to remove XFRM states and policies with stale node IDs. (Backport PR [#&#8203;31342](https://github.com/cilium/cilium/issues/31342), Upstream PR [#&#8203;31159](https://github.com/cilium/cilium/issues/31159), [@&#8203;pchaigno](https://github.com/pchaigno)) **Bugfixes:** - \[v1.15 - Author backport] envoy: enable k8s secret watch even if only CEC is enabled ([#&#8203;31451](https://github.com/cilium/cilium/issues/31451), [@&#8203;mhofstetter](https://github.com/mhofstetter)) - cni: Use batch endpoint deletion API in chaining plugin (Backport PR [#&#8203;31515](https://github.com/cilium/cilium/issues/31515), Upstream PR [#&#8203;31456](https://github.com/cilium/cilium/issues/31456), [@&#8203;sayboras](https://github.com/sayboras)) - Fix a bug in the StateDB library that may have caused stale read after write. This may have potentially affected the L2 announcements feature and the node address selection. (Backport PR [#&#8203;31342](https://github.com/cilium/cilium/issues/31342), Upstream PR [#&#8203;31164](https://github.com/cilium/cilium/issues/31164), [@&#8203;joamaki](https://github.com/joamaki)) - Fix a bug where pod label updates are not reflected in endpoint labels in presence of filtered labels. (Backport PR [#&#8203;31473](https://github.com/cilium/cilium/issues/31473), Upstream PR [#&#8203;31395](https://github.com/cilium/cilium/issues/31395), [@&#8203;tklauser](https://github.com/tklauser)) - Fixed issue with assigning 0 nodeID when corresponding bpf map run out of space. Potentially it could have impacted connectivity in large clusters (>4k nodes) with IPSec or Mutual Auth enabled. Otherwise, it was merely generating unnecessary error log messages. (Backport PR [#&#8203;31490](https://github.com/cilium/cilium/issues/31490), Upstream PR [#&#8203;31380](https://github.com/cilium/cilium/issues/31380), [@&#8203;marseel](https://github.com/marseel)) - gateway-api: Retrieve LB service from same namespace (Backport PR [#&#8203;31490](https://github.com/cilium/cilium/issues/31490), Upstream PR [#&#8203;31271](https://github.com/cilium/cilium/issues/31271), [@&#8203;sayboras](https://github.com/sayboras)) - Handle InvalidParameterValue as well for PD fallback (Backport PR [#&#8203;31490](https://github.com/cilium/cilium/issues/31490), Upstream PR [#&#8203;31016](https://github.com/cilium/cilium/issues/31016), [@&#8203;hemanthmalla](https://github.com/hemanthmalla)) - helm: Update pod affinity for cilium-envoy (Backport PR [#&#8203;31490](https://github.com/cilium/cilium/issues/31490), Upstream PR [#&#8203;31150](https://github.com/cilium/cilium/issues/31150), [@&#8203;sayboras](https://github.com/sayboras)) - hubble/relay: Fix certificate reloading in PeerManager (Backport PR [#&#8203;31568](https://github.com/cilium/cilium/issues/31568), Upstream PR [#&#8203;31376](https://github.com/cilium/cilium/issues/31376), [@&#8203;glrf](https://github.com/glrf)) - Hubble: fix traffic direction and is reply when IPSec is enabled (Backport PR [#&#8203;31568](https://github.com/cilium/cilium/issues/31568), Upstream PR [#&#8203;31211](https://github.com/cilium/cilium/issues/31211), [@&#8203;kaworu](https://github.com/kaworu)) - k8s/utils: correctly filter out labels in StripPodSpecialLabels (Backport PR [#&#8203;31473](https://github.com/cilium/cilium/issues/31473), Upstream PR [#&#8203;31421](https://github.com/cilium/cilium/issues/31421), [@&#8203;tklauser](https://github.com/tklauser)) - metrics: Disable prometheus metrics by default (Backport PR [#&#8203;31342](https://github.com/cilium/cilium/issues/31342), Upstream PR [#&#8203;31144](https://github.com/cilium/cilium/issues/31144), [@&#8203;joestringer](https://github.com/joestringer)) - operator: fix errors/warnings metric. (Backport PR [#&#8203;31490](https://github.com/cilium/cilium/issues/31490), Upstream PR [#&#8203;31214](https://github.com/cilium/cilium/issues/31214), [@&#8203;tommyp1ckles](https://github.com/tommyp1ckles)) **CI Changes:** - \[v1.15] test: Remove duplicate Cilium deployments in some datapath config tests ([#&#8203;31520](https://github.com/cilium/cilium/issues/31520), [@&#8203;qmonnet](https://github.com/qmonnet)) - Additionally test host firewall + KPR disabled in E2E tests (Backport PR [#&#8203;31342](https://github.com/cilium/cilium/issues/31342), Upstream PR [#&#8203;30914](https://github.com/cilium/cilium/issues/30914), [@&#8203;giorio94](https://github.com/giorio94)) - AKS: avoid overlapping pod and service CIDRs (Backport PR [#&#8203;31568](https://github.com/cilium/cilium/issues/31568), Upstream PR [#&#8203;31504](https://github.com/cilium/cilium/issues/31504), [@&#8203;bimmlerd](https://github.com/bimmlerd)) - bgpv1: avoid object tracker vs informer race (Backport PR [#&#8203;31490](https://github.com/cilium/cilium/issues/31490), Upstream PR [#&#8203;31010](https://github.com/cilium/cilium/issues/31010), [@&#8203;bimmlerd](https://github.com/bimmlerd)) - bgpv1: fix Test_PodIPPoolAdvert flakiness (Backport PR [#&#8203;31490](https://github.com/cilium/cilium/issues/31490), Upstream PR [#&#8203;31365](https://github.com/cilium/cilium/issues/31365), [@&#8203;rastislavs](https://github.com/rastislavs)) - bpf: fix go testdata check in ci (Backport PR [#&#8203;31554](https://github.com/cilium/cilium/issues/31554), Upstream PR [#&#8203;31419](https://github.com/cilium/cilium/issues/31419), [@&#8203;mhofstetter](https://github.com/mhofstetter)) - Centralize configuration of kind version/image in GitHub Action workflows (Backport PR [#&#8203;31191](https://github.com/cilium/cilium/issues/31191), Upstream PR [#&#8203;30916](https://github.com/cilium/cilium/issues/30916), [@&#8203;giorio94](https://github.com/giorio94)) - Checkout the target branch, instead of the default one, on pull_request based GHA test workflows (Backport PR [#&#8203;31191](https://github.com/cilium/cilium/issues/31191), Upstream PR [#&#8203;31198](https://github.com/cilium/cilium/issues/31198), [@&#8203;giorio94](https://github.com/giorio94)) - ci-e2e: Add matrix for bpf.tproxy and ingress-controller (Backport PR [#&#8203;31490](https://github.com/cilium/cilium/issues/31490), Upstream PR [#&#8203;31272](https://github.com/cilium/cilium/issues/31272), [@&#8203;sayboras](https://github.com/sayboras)) - ci: Bump lvh-kind ssh-startup-wait-retries (Backport PR [#&#8203;31490](https://github.com/cilium/cilium/issues/31490), Upstream PR [#&#8203;31387](https://github.com/cilium/cilium/issues/31387), [@&#8203;YutaroHayakawa](https://github.com/YutaroHayakawa)) - controlplane: fix mechanism for ensuring watchers (Backport PR [#&#8203;31490](https://github.com/cilium/cilium/issues/31490), Upstream PR [#&#8203;31030](https://github.com/cilium/cilium/issues/31030), [@&#8203;bimmlerd](https://github.com/bimmlerd)) - Fix bug preventing consistent symbols between ELF and BTF for eBPF unit tests. (Backport PR [#&#8203;31342](https://github.com/cilium/cilium/issues/31342), Upstream PR [#&#8203;30610](https://github.com/cilium/cilium/issues/30610), [@&#8203;learnitall](https://github.com/learnitall)) - gateway-api: Enable GRPCRoute conformance tests (Backport PR [#&#8203;31342](https://github.com/cilium/cilium/issues/31342), Upstream PR [#&#8203;31055](https://github.com/cilium/cilium/issues/31055), [@&#8203;sayboras](https://github.com/sayboras)) - gha: disable fail-fast on integration tests (Backport PR [#&#8203;31490](https://github.com/cilium/cilium/issues/31490), Upstream PR [#&#8203;31420](https://github.com/cilium/cilium/issues/31420), [@&#8203;giorio94](https://github.com/giorio94)) - gha: drop unused check_url environment variable (Backport PR [#&#8203;31191](https://github.com/cilium/cilium/issues/31191), Upstream PR [#&#8203;30928](https://github.com/cilium/cilium/issues/30928), [@&#8203;giorio94](https://github.com/giorio94)) - introduce ARM github workflows (Backport PR [#&#8203;31342](https://github.com/cilium/cilium/issues/31342), Upstream PR [#&#8203;31196](https://github.com/cilium/cilium/issues/31196), [@&#8203;aanm](https://github.com/aanm)) - ipam: deepcopy interface resource correctly. (Backport PR [#&#8203;31490](https://github.com/cilium/cilium/issues/31490), Upstream PR [#&#8203;26998](https://github.com/cilium/cilium/issues/26998), [@&#8203;tommyp1ckles](https://github.com/tommyp1ckles)) - k8s_install.sh: specify the CNI version (Backport PR [#&#8203;31342](https://github.com/cilium/cilium/issues/31342), Upstream PR [#&#8203;31182](https://github.com/cilium/cilium/issues/31182), [@&#8203;aanm](https://github.com/aanm)) - loader: fix issue where errors cancelled compile cause error logs. (Backport PR [#&#8203;31342](https://github.com/cilium/cilium/issues/31342), Upstream PR [#&#8203;30988](https://github.com/cilium/cilium/issues/30988), [@&#8203;tommyp1ckles](https://github.com/tommyp1ckles)) - Reduce flakiness of controlplane tests (Backport PR [#&#8203;31490](https://github.com/cilium/cilium/issues/31490), Upstream PR [#&#8203;30906](https://github.com/cilium/cilium/issues/30906), [@&#8203;bimmlerd](https://github.com/bimmlerd)) - slices: don't modify missed input slice in test (Backport PR [#&#8203;31490](https://github.com/cilium/cilium/issues/31490), Upstream PR [#&#8203;31119](https://github.com/cilium/cilium/issues/31119), [@&#8203;bimmlerd](https://github.com/bimmlerd)) **Misc Changes:** - Add monitor aggregation for all events related to packets ingressing to the network-facing device. (Backport PR [#&#8203;31342](https://github.com/cilium/cilium/issues/31342), Upstream PR [#&#8203;31015](https://github.com/cilium/cilium/issues/31015), [@&#8203;learnitall](https://github.com/learnitall)) - Address race condition in TestGetIdentity (Backport PR [#&#8203;31541](https://github.com/cilium/cilium/issues/31541), Upstream PR [#&#8203;30885](https://github.com/cilium/cilium/issues/30885), [@&#8203;bimmlerd](https://github.com/bimmlerd)) - bgpv1: Adjust ConnectionRetryTimeSeconds to 1 in component tests (Backport PR [#&#8203;31342](https://github.com/cilium/cilium/issues/31342), Upstream PR [#&#8203;31218](https://github.com/cilium/cilium/issues/31218), [@&#8203;YutaroHayakawa](https://github.com/YutaroHayakawa)) - chore(deps): update all github action dependencies (v1.15) ([#&#8203;31480](https://github.com/cilium/cilium/issues/31480), [@&#8203;renovate](https://github.com/renovate)\[bot]) - chore(deps): update all github action dependencies (v1.15) ([#&#8203;31582](https://github.com/cilium/cilium/issues/31582), [@&#8203;renovate](https://github.com/renovate)\[bot]) - chore(deps): update dependency cilium/cilium-cli to v0.16.3 (v1.15) ([#&#8203;31464](https://github.com/cilium/cilium/issues/31464), [@&#8203;renovate](https://github.com/renovate)\[bot]) - chore(deps): update docker.io/library/golang:1.21.8 docker digest to [`8560736`](https://github.com/cilium/cilium/commit/8560736) (v1.15) ([#&#8203;31450](https://github.com/cilium/cilium/issues/31450), [@&#8203;renovate](https://github.com/renovate)\[bot]) - chore(deps): update gcr.io/distroless/static-debian11:nonroot docker digest to [`55c6361`](https://github.com/cilium/cilium/commit/55c6361) (v1.15) ([#&#8203;31453](https://github.com/cilium/cilium/issues/31453), [@&#8203;renovate](https://github.com/renovate)\[bot]) - chore: update json-mock image source in examples (Backport PR [#&#8203;31568](https://github.com/cilium/cilium/issues/31568), Upstream PR [#&#8203;31373](https://github.com/cilium/cilium/issues/31373), [@&#8203;loomkoom](https://github.com/loomkoom)) - cilium-dbg: listing load-balancing configurations displays L7LB proxy port (Backport PR [#&#8203;31568](https://github.com/cilium/cilium/issues/31568), Upstream PR [#&#8203;31503](https://github.com/cilium/cilium/issues/31503), [@&#8203;mhofstetter](https://github.com/mhofstetter)) - datapath, bpf: Remove unnecessary IPsec code (Backport PR [#&#8203;31490](https://github.com/cilium/cilium/issues/31490), Upstream PR [#&#8203;31344](https://github.com/cilium/cilium/issues/31344), [@&#8203;pchaigno](https://github.com/pchaigno)) - doc: Clarified GwAPI KPR prerequisites (Backport PR [#&#8203;31490](https://github.com/cilium/cilium/issues/31490), Upstream PR [#&#8203;31366](https://github.com/cilium/cilium/issues/31366), [@&#8203;PhilipSchmid](https://github.com/PhilipSchmid)) - docs: Warn on key rotations during upgrades (Backport PR [#&#8203;31490](https://github.com/cilium/cilium/issues/31490), Upstream PR [#&#8203;31437](https://github.com/cilium/cilium/issues/31437), [@&#8203;pchaigno](https://github.com/pchaigno)) - Don't emit an error message on namespace termination due to Ingress reconciliation (Backport PR [#&#8203;31342](https://github.com/cilium/cilium/issues/31342), Upstream PR [#&#8203;30808](https://github.com/cilium/cilium/issues/30808), [@&#8203;giorio94](https://github.com/giorio94)) - Downgrade L2 Neighbor Discovery failure log to Debug (Backport PR [#&#8203;31342](https://github.com/cilium/cilium/issues/31342), Upstream PR [#&#8203;31179](https://github.com/cilium/cilium/issues/31179), [@&#8203;YutaroHayakawa](https://github.com/YutaroHayakawa)) - endpointmanager: Improve health reporter messages when stopped (Backport PR [#&#8203;31342](https://github.com/cilium/cilium/issues/31342), Upstream PR [#&#8203;31231](https://github.com/cilium/cilium/issues/31231), [@&#8203;christarazi](https://github.com/christarazi)) - hive/cell/health: don't warn when reporting on stopped reporter. (Backport PR [#&#8203;31490](https://github.com/cilium/cilium/issues/31490), Upstream PR [#&#8203;31262](https://github.com/cilium/cilium/issues/31262), [@&#8203;tommyp1ckles](https://github.com/tommyp1ckles)) - ingress: Update docs with network policy example (Backport PR [#&#8203;31342](https://github.com/cilium/cilium/issues/31342), Upstream PR [#&#8203;31060](https://github.com/cilium/cilium/issues/31060), [@&#8203;sayboras](https://github.com/sayboras)) - job: avoid a race condition in TestTimer_ExitOnCloseFnCtx (Backport PR [#&#8203;31490](https://github.com/cilium/cilium/issues/31490), Upstream PR [#&#8203;30929](https://github.com/cilium/cilium/issues/30929), [@&#8203;bimmlerd](https://github.com/bimmlerd)) - loader: add message if error is ENOTSUP (Backport PR [#&#8203;31490](https://github.com/cilium/cilium/issues/31490), Upstream PR [#&#8203;31413](https://github.com/cilium/cilium/issues/31413), [@&#8203;kkourt](https://github.com/kkourt)) - policy: Fix missing labels from SelectorCache selectors (Backport PR [#&#8203;31490](https://github.com/cilium/cilium/issues/31490), Upstream PR [#&#8203;31358](https://github.com/cilium/cilium/issues/31358), [@&#8203;christarazi](https://github.com/christarazi)) - Replaced `declare_tailcall_if` with logic in the loader (Backport PR [#&#8203;31554](https://github.com/cilium/cilium/issues/31554), Upstream PR [#&#8203;30467](https://github.com/cilium/cilium/issues/30467), [@&#8203;dylandreimerink](https://github.com/dylandreimerink)) **Other Changes:** - install: Update image digests for v1.15.2 ([#&#8203;31378](https://github.com/cilium/cilium/issues/31378), [@&#8203;jrajahalme](https://github.com/jrajahalme)) - v1.15: IPsec Fixes ([#&#8203;31610](https://github.com/cilium/cilium/issues/31610), [@&#8203;pchaigno](https://github.com/pchaigno)) ### [`v1.15.2`](https://github.com/cilium/cilium/releases/tag/v1.15.2): 1.15.2 [Compare Source](https://github.com/cilium/cilium/compare/1.15.1...1.15.2) We are pleased to release Cilium v1.15.2. This release contains various bug fixes and improvements. ## Security Advisories This patch release addresses security vulnerabilities. See the following security advisories for details. - https://github.com/cilium/cilium/security/advisories/GHSA-68mj-9pjq-mc85 - https://github.com/cilium/cilium/security/advisories/GHSA-j89h-qrvr-xc36 - https://github.com/cilium/cilium/security/advisories/GHSA-v6q2-4qr3-5cw6 ## IPsec This patch release includes significant changes for the IPsec stack, to resolve issues for connections that are selected by a L7 Network Policy or a DNS Policy. Such connections may experience disruption during the upgrade, in particular in configurations with overlay routing mode. ## Summary of Changes **Minor Changes:** - Add default divisor for GOMEMLIMIT to satisfy Argo CD diff (Backport PR [#&#8203;30997](https://github.com/cilium/cilium/issues/30997), Upstream PR [#&#8203;30635](https://github.com/cilium/cilium/issues/30635), [@&#8203;jdmcmahan](https://github.com/jdmcmahan)) - Fixes a bug where ToFQDN IPs may be garbage collected too early, disrupting existing connections. (Backport PR [#&#8203;31318](https://github.com/cilium/cilium/issues/31318), Upstream PR [#&#8203;31205](https://github.com/cilium/cilium/issues/31205), [@&#8203;squeed](https://github.com/squeed)) - Gateway API BackendRef filters support (Backport PR [#&#8203;30997](https://github.com/cilium/cilium/issues/30997), Upstream PR [#&#8203;30090](https://github.com/cilium/cilium/issues/30090), [@&#8203;chaunceyjiang](https://github.com/chaunceyjiang)) **Bugfixes:** - Cilium allows selecting 'lo' as a device again. (Backport PR [#&#8203;31206](https://github.com/cilium/cilium/issues/31206), Upstream PR [#&#8203;31200](https://github.com/cilium/cilium/issues/31200), [@&#8203;bimmlerd](https://github.com/bimmlerd)) - endpoint: fix inability to create endpoint with labels in a single API call (Backport PR [#&#8203;30997](https://github.com/cilium/cilium/issues/30997), Upstream PR [#&#8203;30170](https://github.com/cilium/cilium/issues/30170), [@&#8203;oblazek](https://github.com/oblazek)) - Fix bug in the VTEP feature which caused all traffic from the VTEP to be dropped with "Incorrect VNI from VTEP" (Backport PR [#&#8203;31154](https://github.com/cilium/cilium/issues/31154), Upstream PR [#&#8203;31039](https://github.com/cilium/cilium/issues/31039), [@&#8203;joestringer](https://github.com/joestringer)) - Fix bug prevented endpoints from sending or receiving network traffic due to the 'reserved:init' label persisting after initialization. (Backport PR [#&#8203;31047](https://github.com/cilium/cilium/issues/31047), Upstream PR [#&#8203;30909](https://github.com/cilium/cilium/issues/30909), [@&#8203;aanm](https://github.com/aanm)) - Fix GC interval calculation by taking into account the actual time passed between GC runs. (Backport PR [#&#8203;31154](https://github.com/cilium/cilium/issues/31154), Upstream PR [#&#8203;28657](https://github.com/cilium/cilium/issues/28657), [@&#8203;gentoo-root](https://github.com/gentoo-root)) - Fix host firewall policy enforcement for pod to node traffic when tunneling is enabled and KPR is disabled (Backport PR [#&#8203;30997](https://github.com/cilium/cilium/issues/30997), Upstream PR [#&#8203;30818](https://github.com/cilium/cilium/issues/30818), [@&#8203;giorio94](https://github.com/giorio94)) - Fix the referenced interface in iptables rules (`eni+` instead of `lxc+`) when `--enable-endpoint-routes=true` and `--cni-chaining-mode="aws-cni"` (Backport PR [#&#8203;31154](https://github.com/cilium/cilium/issues/31154), Upstream PR [#&#8203;30766](https://github.com/cilium/cilium/issues/30766), [@&#8203;pippolo84](https://github.com/pippolo84)) - Fixes an IPv6 issue that cilium doesn't respond to Neighbor Solicitation targeting the pods on same node. (Backport PR [#&#8203;31155](https://github.com/cilium/cilium/issues/31155), Upstream PR [#&#8203;30837](https://github.com/cilium/cilium/issues/30837), [@&#8203;jschwinger233](https://github.com/jschwinger233)) - Fixes proxy issues by opting out from SNAT for L7 + Tunnel. (Backport PR [#&#8203;31158](https://github.com/cilium/cilium/issues/31158), Upstream PR [#&#8203;29594](https://github.com/cilium/cilium/issues/29594), [@&#8203;jschwinger233](https://github.com/jschwinger233)) - Fixes proxy issues in egress direction (Backport PR [#&#8203;31158](https://github.com/cilium/cilium/issues/31158), Upstream PR [#&#8203;30095](https://github.com/cilium/cilium/issues/30095), [@&#8203;jschwinger233](https://github.com/jschwinger233)) - Fixes some valid GC entries being removed at agent restart (Backport PR [#&#8203;30863](https://github.com/cilium/cilium/issues/30863), Upstream PR [#&#8203;29696](https://github.com/cilium/cilium/issues/29696), [@&#8203;rsafonseca](https://github.com/rsafonseca)) - gateway-api: Correct the null check for GRPRRoute Match (Backport PR [#&#8203;31154](https://github.com/cilium/cilium/issues/31154), Upstream PR [#&#8203;31052](https://github.com/cilium/cilium/issues/31052), [@&#8203;sayboras](https://github.com/sayboras)) - helm: Probe Envoy DaemonSet localhost IP directly (Backport PR [#&#8203;30997](https://github.com/cilium/cilium/issues/30997), Upstream PR [#&#8203;30970](https://github.com/cilium/cilium/issues/30970), [@&#8203;iandrewt](https://github.com/iandrewt)) - hubble: fix parsing of invalid HTTP URLs (Backport PR [#&#8203;31154](https://github.com/cilium/cilium/issues/31154), Upstream PR [#&#8203;31100](https://github.com/cilium/cilium/issues/31100), [@&#8203;kaworu](https://github.com/kaworu)) - srv6: Fix packet drop with GSO type mismatch (Backport PR [#&#8203;30799](https://github.com/cilium/cilium/issues/30799), Upstream PR [#&#8203;30732](https://github.com/cilium/cilium/issues/30732), [@&#8203;YutaroHayakawa](https://github.com/YutaroHayakawa)) - statedb: Fix race between Observable and DB stopping (Backport PR [#&#8203;30863](https://github.com/cilium/cilium/issues/30863), Upstream PR [#&#8203;30816](https://github.com/cilium/cilium/issues/30816), [@&#8203;joamaki](https://github.com/joamaki)) - xds: Avoid xds timeout due to agent restart in envoy DS mode (Backport PR [#&#8203;31154](https://github.com/cilium/cilium/issues/31154), Upstream PR [#&#8203;31061](https://github.com/cilium/cilium/issues/31061), [@&#8203;sayboras](https://github.com/sayboras)) **CI Changes:** - ci/ipsec: Fix downgrade version retrieval (Backport PR [#&#8203;31047](https://github.com/cilium/cilium/issues/31047), Upstream PR [#&#8203;30742](https://github.com/cilium/cilium/issues/30742), [@&#8203;qmonnet](https://github.com/qmonnet)) - ci: Enhance test execution security by restricting permissions to the 'organization-members' team (Backport PR [#&#8203;30863](https://github.com/cilium/cilium/issues/30863), Upstream PR [#&#8203;30790](https://github.com/cilium/cilium/issues/30790), [@&#8203;brlbil](https://github.com/brlbil)) - CI: Update tested K8S versions across all cloud providers (Backport PR [#&#8203;30863](https://github.com/cilium/cilium/issues/30863), Upstream PR [#&#8203;30795](https://github.com/cilium/cilium/issues/30795), [@&#8203;brlbil](https://github.com/brlbil)) - Fix datapath mode in Network Performance CI test (Backport PR [#&#8203;30863](https://github.com/cilium/cilium/issues/30863), Upstream PR [#&#8203;30756](https://github.com/cilium/cilium/issues/30756), [@&#8203;marseel](https://github.com/marseel)) - Prevent E2E tests from failing on a known-ok warning log of temporary CRD failure (Backport PR [#&#8203;31154](https://github.com/cilium/cilium/issues/31154), Upstream PR [#&#8203;30778](https://github.com/cilium/cilium/issues/30778), [@&#8203;learnitall](https://github.com/learnitall)) **Misc Changes:** - bgpv1: Remove disruptive error handling from BGPRouterManager ([#&#8203;30735](https://github.com/cilium/cilium/issues/30735), [@&#8203;YutaroHayakawa](https://github.com/YutaroHayakawa)) - bgpv1: Remove or downgrade noisy logs (Backport PR [#&#8203;30997](https://github.com/cilium/cilium/issues/30997), Upstream PR [#&#8203;30868](https://github.com/cilium/cilium/issues/30868), [@&#8203;YutaroHayakawa](https://github.com/YutaroHayakawa)) - bitlpm: Factor out common code (Backport PR [#&#8203;31154](https://github.com/cilium/cilium/issues/31154), Upstream PR [#&#8203;31026](https://github.com/cilium/cilium/issues/31026), [@&#8203;jrajahalme](https://github.com/jrajahalme)) - bpf: host: optimize from-host's ICMPv6 path (Backport PR [#&#8203;31155](https://github.com/cilium/cilium/issues/31155), Upstream PR [#&#8203;31127](https://github.com/cilium/cilium/issues/31127), [@&#8203;julianwiedmann](https://github.com/julianwiedmann)) - bpf: host: skip from-proxy handling in from-netdev (Backport PR [#&#8203;31158](https://github.com/cilium/cilium/issues/31158), Upstream PR [#&#8203;29962](https://github.com/cilium/cilium/issues/29962), [@&#8203;julianwiedmann](https://github.com/julianwiedmann)) - bugtool: Capture memory fragmentation info from /proc (Backport PR [#&#8203;31154](https://github.com/cilium/cilium/issues/31154), Upstream PR [#&#8203;30966](https://github.com/cilium/cilium/issues/30966), [@&#8203;pchaigno](https://github.com/pchaigno)) - Bump google.golang.org/protobuf (v1.15) ([#&#8203;31319](https://github.com/cilium/cilium/issues/31319), [@&#8203;ferozsalam](https://github.com/ferozsalam)) - Change ariane config CODEOWNERS (Backport PR [#&#8203;30863](https://github.com/cilium/cilium/issues/30863), Upstream PR [#&#8203;30803](https://github.com/cilium/cilium/issues/30803), [@&#8203;brlbil](https://github.com/brlbil)) - chore(deps): update actions/download-artifact action to v4.1.3 (v1.15) ([#&#8203;30986](https://github.com/cilium/cilium/issues/30986), [@&#8203;renovate](https://github.com/renovate)\[bot]) - chore(deps): update all github action dependencies (v1.15) ([#&#8203;30951](https://github.com/cilium/cilium/issues/30951), [@&#8203;renovate](https://github.com/renovate)\[bot]) - chore(deps): update all github action dependencies (v1.15) ([#&#8203;31113](https://github.com/cilium/cilium/issues/31113), [@&#8203;renovate](https://github.com/renovate)\[bot]) - chore(deps): update all github action dependencies (v1.15) ([#&#8203;31290](https://github.com/cilium/cilium/issues/31290), [@&#8203;renovate](https://github.com/renovate)\[bot]) - chore(deps): update all github action dependencies (v1.15) (patch) ([#&#8203;30780](https://github.com/cilium/cilium/issues/30780), [@&#8203;renovate](https://github.com/renovate)\[bot]) - chore(deps): update all github action dependencies (v1.15) (patch) ([#&#8203;31133](https://github.com/cilium/cilium/issues/31133), [@&#8203;renovate](https://github.com/renovate)\[bot]) - chore(deps): update all github action dependencies to v4 (v1.15) (major) ([#&#8203;30781](https://github.com/cilium/cilium/issues/30781), [@&#8203;renovate](https://github.com/renovate)\[bot]) - chore(deps): update all kind-images main (v1.15) ([#&#8203;30851](https://github.com/cilium/cilium/issues/30851), [@&#8203;renovate](https://github.com/renovate)\[bot]) - chore(deps): update all-dependencies (v1.15) ([#&#8203;30949](https://github.com/cilium/cilium/issues/30949), [@&#8203;renovate](https://github.com/renovate)\[bot]) - chore(deps): update all-dependencies (v1.15) ([#&#8203;31287](https://github.com/cilium/cilium/issues/31287), [@&#8203;renovate](https://github.com/renovate)\[bot]) - chore(deps): update dependency cilium/cilium-cli to v0.15.23 (v1.15) ([#&#8203;30860](https://github.com/cilium/cilium/issues/30860), [@&#8203;renovate](https://github.com/renovate)\[bot]) - chore(deps): update dependency cilium/cilium-cli to v0.16.0 (v1.15) ([#&#8203;31172](https://github.com/cilium/cilium/issues/31172), [@&#8203;renovate](https://github.com/renovate)\[bot]) - chore(deps): update docker.io/library/golang:1.21.7 docker digest to [`549dd88`](https://github.com/cilium/cilium/commit/549dd88) (v1.15) ([#&#8203;30855](https://github.com/cilium/cilium/issues/30855), [@&#8203;renovate](https://github.com/renovate)\[bot]) - chore(deps): update docker.io/library/ubuntu:22.04 docker digest to [`f9d633f`](https://github.com/cilium/cilium/commit/f9d633f) (v1.15) ([#&#8203;30738](https://github.com/cilium/cilium/issues/30738), [@&#8203;renovate](https://github.com/renovate)\[bot]) - chore(deps): update go to v1.21.7 (v1.15) (patch) ([#&#8203;30672](https://github.com/cilium/cilium/issues/30672), [@&#8203;renovate](https://github.com/renovate)\[bot]) - chore(deps): update go to v1.21.8 (v1.15) ([#&#8203;31183](https://github.com/cilium/cilium/issues/31183), [@&#8203;renovate](https://github.com/renovate)\[bot]) - chore(deps): update hubble cli to v0.13.2 (v1.15) ([#&#8203;31338](https://github.com/cilium/cilium/issues/31338), [@&#8203;renovate](https://github.com/renovate)\[bot]) - chore(deps): update stable lvh-images (v1.15) (patch) ([#&#8203;30652](https://github.com/cilium/cilium/issues/30652), [@&#8203;renovate](https://github.com/renovate)\[bot]) - chore(deps): update stable lvh-images (v1.15) (patch) ([#&#8203;31134](https://github.com/cilium/cilium/issues/31134), [@&#8203;renovate](https://github.com/renovate)\[bot]) - chore(deps): update stable lvh-images (v1.15) (patch) ([#&#8203;31288](https://github.com/cilium/cilium/issues/31288), [@&#8203;renovate](https://github.com/renovate)\[bot]) - chore(deps): update stable lvh-images to v6.6-20240221.111541 (v1.15) ([#&#8203;30977](https://github.com/cilium/cilium/issues/30977), [@&#8203;renovate](https://github.com/renovate)\[bot]) - CODEOWNERS: Ensure gha review for actions ([#&#8203;31139](https://github.com/cilium/cilium/issues/31139), [@&#8203;joestringer](https://github.com/joestringer)) - container/bitlpm: Add Lookup Boolean Return Value (Backport PR [#&#8203;31154](https://github.com/cilium/cilium/issues/31154), Upstream PR [#&#8203;31037](https://github.com/cilium/cilium/issues/31037), [@&#8203;nathanjsweet](https://github.com/nathanjsweet)) - docs: Fix 'kubectl exec' invocations (quotes, double dash separator) in example script kafka-sw-gen-traffic.sh (Backport PR [#&#8203;31154](https://github.com/cilium/cilium/issues/31154), Upstream PR [#&#8203;30462](https://github.com/cilium/cilium/issues/30462), [@&#8203;saintdle](https://github.com/saintdle)) - docs: kpr: DSR-Geneve with native-routing requires tunnelProtocol (Backport PR [#&#8203;30997](https://github.com/cilium/cilium/issues/30997), Upstream PR [#&#8203;30854](https://github.com/cilium/cilium/issues/30854), [@&#8203;julianwiedmann](https://github.com/julianwiedmann)) - docs: update note on WireGuard with tunnel routing (Backport PR [#&#8203;31154](https://github.com/cilium/cilium/issues/31154), Upstream PR [#&#8203;31083](https://github.com/cilium/cilium/issues/31083), [@&#8203;julianwiedmann](https://github.com/julianwiedmann)) - images: bump cni plugins to v1.4.1 ([#&#8203;31348](https://github.com/cilium/cilium/issues/31348), [@&#8203;aanm](https://github.com/aanm)) - lbipam: copy slice before modification in (\*LBIPAM).handlePoolModified (Backport PR [#&#8203;30997](https://github.com/cilium/cilium/issues/30997), Upstream PR [#&#8203;30859](https://github.com/cilium/cilium/issues/30859), [@&#8203;tklauser](https://github.com/tklauser)) - loader: also populate NATIVE_DEV_IFINDEX for cilium_overlay (Backport PR [#&#8203;31154](https://github.com/cilium/cilium/issues/31154), Upstream PR [#&#8203;31025](https://github.com/cilium/cilium/issues/31025), [@&#8203;julianwiedmann](https://github.com/julianwiedmann)) - pkg: Add Bitwise LPM Trie Library (Backport PR [#&#8203;30863](https://github.com/cilium/cilium/issues/30863), Upstream PR [#&#8203;29717](https://github.com/cilium/cilium/issues/29717), [@&#8203;nathanjsweet](https://github.com/nathanjsweet)) - slices: don't modify input slices in test (Backport PR [#&#8203;30997](https://github.com/cilium/cilium/issues/30997), Upstream PR [#&#8203;30677](https://github.com/cilium/cilium/issues/30677), [@&#8203;tklauser](https://github.com/tklauser)) - v1.15: Remove cilium/build from codeowners ([#&#8203;31210](https://github.com/cilium/cilium/issues/31210), [@&#8203;joestringer](https://github.com/joestringer)) **Other Changes:** - \[v1.15] envoy: Bump golang version to 1.21.8 ([#&#8203;31221](https://github.com/cilium/cilium/issues/31221), [@&#8203;sayboras](https://github.com/sayboras)) - bgpv1: Disable PodCIDR Reconciler for unsupported IPAM modes ([#&#8203;31354](https://github.com/cilium/cilium/issues/31354), [@&#8203;YutaroHayakawa](https://github.com/YutaroHayakawa)) - cli: Replace --cluster-name with --helm-set cluster.name ([#&#8203;31176](https://github.com/cilium/cilium/issues/31176), [@&#8203;michi-covalent](https://github.com/michi-covalent)) - install: Update image digests for v1.15.1 ([#&#8203;30777](https://github.com/cilium/cilium/issues/30777), [@&#8203;michi-covalent](https://github.com/michi-covalent)) - Upgrade GoBGP to v3.23.0 ([#&#8203;30792](https://github.com/cilium/cilium/issues/30792), [@&#8203;YutaroHayakawa](https://github.com/YutaroHayakawa)) - v1.15 envoy: Avoid duplicated upstream callback ([#&#8203;30942](https://github.com/cilium/cilium/issues/30942), [@&#8203;sayboras](https://github.com/sayboras)) - v1.15: WG L7 ([#&#8203;31266](https://github.com/cilium/cilium/issues/31266), [@&#8203;brb](https://github.com/brb)) </details> --- ### Configuration 📅 **Schedule**: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Renovate Bot](https://github.com/renovatebot/renovate). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzNy4yNDAuMSIsInVwZGF0ZWRJblZlciI6IjM3LjI2Ny4xIiwidGFyZ2V0QnJhbmNoIjoibWFpbiJ9-->
renovate-bot added 1 commit 2024-03-13 18:43:53 +00:00
renovate-bot changed title from Update Helm release cilium to v1.15.2 to Update Helm release cilium to v1.15.3 2024-03-26 18:43:47 +00:00
renovate-bot force-pushed renovate/cilium-1.x from 573dbcdf7c to ff9e83da31 2024-03-26 18:43:49 +00:00 Compare
tobru merged commit 6eadc6da84 into main 2024-04-02 18:58:43 +00:00
tobru deleted branch renovate/cilium-1.x 2024-04-02 18:58:43 +00:00
Sign in to join this conversation.
Reviewers
No reviewers
Labels
Clear labels
No items
No Label
Milestone
Clear milestone
No items
No Milestone
Assignees
Clear assignees
No Assignees
1 Participants
Notifications
Due Date
The due date is invalid or out of range. Please use the format 'yyyy-mm-dd'.

No due date set.

Dependencies

No dependencies set.

Reference: tobru/gitops-zurrli#572
No description provided.
Delete Branch "renovate/cilium-1.x"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?