[pull] master from cloudnativelabs:master #11

pull · 2024-05-31T16:18:01Z

See Commits and Changes for more details.

Can you help keep this open source service alive? 💖 Please sponsor : )

Revert because of issue with iptables v1.8.10 no longer working with -C check.

Bumps [github.com/prometheus/client_golang](https://github.com/prometheus/client_golang) from 1.19.0 to 1.19.1. - [Release notes](https://github.com/prometheus/client_golang/releases) - [Changelog](https://github.com/prometheus/client_golang/blob/main/CHANGELOG.md) - [Commits](prometheus/client_golang@v1.19.0...v1.19.1) --- updated-dependencies: - dependency-name: github.com/prometheus/client_golang dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]>

Bumps [golang.org/x/net](https://github.com/golang/net) from 0.24.0 to 0.25.0. - [Commits](golang/net@v0.24.0...v0.25.0) --- updated-dependencies: - dependency-name: golang.org/x/net dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]>

Bumps [github.com/hashicorp/go-version](https://github.com/hashicorp/go-version) from 1.6.0 to 1.7.0. - [Release notes](https://github.com/hashicorp/go-version/releases) - [Changelog](https://github.com/hashicorp/go-version/blob/main/CHANGELOG.md) - [Commits](hashicorp/go-version@v1.6.0...v1.7.0) --- updated-dependencies: - dependency-name: github.com/hashicorp/go-version dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]>

Signed-off-by: Natanael Copa <[email protected]>

When we reverted from Alpine 3.19 to Alpine 3.18 we somehow lost the ip6tables package which caused issues for users of ipv6.

Bumps [docker/build-push-action](https://github.com/docker/build-push-action) from 5 to 6. - [Release notes](https://github.com/docker/build-push-action/releases) - [Commits](docker/build-push-action@v5...v6) --- updated-dependencies: - dependency-name: docker/build-push-action dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <[email protected]>

Bumps [github.com/onsi/gomega](https://github.com/onsi/gomega) from 1.32.0 to 1.33.1. - [Release notes](https://github.com/onsi/gomega/releases) - [Changelog](https://github.com/onsi/gomega/blob/master/CHANGELOG.md) - [Commits](onsi/gomega@v1.32.0...v1.33.1) --- updated-dependencies: - dependency-name: github.com/onsi/gomega dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]>

Bumps google.golang.org/protobuf from 1.34.0 to 1.34.2. --- updated-dependencies: - dependency-name: google.golang.org/protobuf dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]>

Remove extra routes added by iproute2 when addresses are added to interfaces which block IPv6 service VIPs from routing from the host. See: #1698

Bumps [golang.org/x/net](https://github.com/golang/net) from 0.25.0 to 0.26.0. - [Commits](golang/net@v0.25.0...v0.26.0) --- updated-dependencies: - dependency-name: golang.org/x/net dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]>

Bumps [github.com/docker/docker](https://github.com/docker/docker) from 25.0.5+incompatible to 26.1.4+incompatible. - [Release notes](https://github.com/docker/docker/releases) - [Commits](moby/moby@v25.0.5...v26.1.4) --- updated-dependencies: - dependency-name: github.com/docker/docker dependency-type: direct:production ... Signed-off-by: dependabot[bot] <[email protected]>

Bumps [github.com/aws/aws-sdk-go](https://github.com/aws/aws-sdk-go) from 1.51.32 to 1.55.4. - [Release notes](https://github.com/aws/aws-sdk-go/releases) - [Commits](aws/aws-sdk-go@v1.51.32...v1.55.4) --- updated-dependencies: - dependency-name: github.com/aws/aws-sdk-go dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]>

Currently, kube-router just lists all IPVS services on the host and then adds the load balancing service IPs to kube-router-svip blindly. However, this assumes that the only IPVS entries are entries that kube-router has originated and that the user isn't using IPVS. We want to make sure that we are only creating rules for services that we are authoritative for. So to this end, we now double-check that this is one of our services before adding rules that may effect it.

Bumps [github.com/aws/aws-sdk-go](https://github.com/aws/aws-sdk-go) from 1.55.4 to 1.55.5. - [Release notes](https://github.com/aws/aws-sdk-go/releases) - [Commits](aws/aws-sdk-go@v1.55.4...v1.55.5) --- updated-dependencies: - dependency-name: github.com/aws/aws-sdk-go dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]>

Bumps [golang.org/x/net](https://github.com/golang/net) from 0.26.0 to 0.27.0. - [Commits](golang/net@v0.26.0...v0.27.0) --- updated-dependencies: - dependency-name: golang.org/x/net dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]>

While this isn't the latest version of 1.22 as of the cutting of this release, it is the latest version that is allowed with Alpine 3.18 which we still need until the netfilter bugs are fixed.

This fixes the problem where if network policy is applied before any communication between two pods, all subsequent communication fails because the two pods aren't able to discovery each other.

This fixes kube-router trying to use `icmp` instead of `icmpv6` when creating common ICMP rules with ip6tables. Fixes: #1712

Update tests for code affected in 8dfb572.

Fix strange mistake with ';' instead of 'string'.

Bumps [golang.org/x/net](https://github.com/golang/net) from 0.31.0 to 0.32.0. - [Commits](golang/net@v0.31.0...v0.32.0) --- updated-dependencies: - dependency-name: golang.org/x/net dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]>

Bumps [golang.org/x/net](https://github.com/golang/net) from 0.32.0 to 0.33.0. - [Commits](golang/net@v0.32.0...v0.33.0) --- updated-dependencies: - dependency-name: golang.org/x/net dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]>

Bumps google.golang.org/protobuf from 1.35.2 to 1.36.0. --- updated-dependencies: - dependency-name: google.golang.org/protobuf dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]>

Bumps [google.golang.org/grpc](https://github.com/grpc/grpc-go) from 1.69.0 to 1.69.2. - [Release notes](https://github.com/grpc/grpc-go/releases) - [Commits](grpc/grpc-go@v1.69.0...v1.69.2) --- updated-dependencies: - dependency-name: google.golang.org/grpc dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]>

Bumps [github.com/onsi/gomega](https://github.com/onsi/gomega) from 1.36.1 to 1.36.2. - [Release notes](https://github.com/onsi/gomega/releases) - [Changelog](https://github.com/onsi/gomega/blob/master/CHANGELOG.md) - [Commits](onsi/gomega@v1.36.1...v1.36.2) --- updated-dependencies: - dependency-name: github.com/onsi/gomega dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]>

Bumps [github.com/docker/docker](https://github.com/docker/docker) from 27.3.1+incompatible to 27.4.1+incompatible. - [Release notes](https://github.com/docker/docker/releases) - [Commits](moby/moby@v27.3.1...v27.4.1) --- updated-dependencies: - dependency-name: github.com/docker/docker dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]>

Bumps google.golang.org/protobuf from 1.36.1 to 1.36.2. --- updated-dependencies: - dependency-name: google.golang.org/protobuf dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]>

Bumps [golang.org/x/net](https://github.com/golang/net) from 0.33.0 to 0.34.0. - [Commits](golang/net@v0.33.0...v0.34.0) --- updated-dependencies: - dependency-name: golang.org/x/net dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]>

Setting rp_filter to 2 when it is 0 will override its status to be always enabled (in the loose mode). This behavior could break some networking solutions as it made packet admission rules more strict.

Bumps [google.golang.org/grpc](https://github.com/grpc/grpc-go) from 1.69.2 to 1.69.4. - [Release notes](https://github.com/grpc/grpc-go/releases) - [Commits](grpc/grpc-go@v1.69.2...v1.69.4) --- updated-dependencies: - dependency-name: google.golang.org/grpc dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]>

Bumps [github.com/docker/docker](https://github.com/docker/docker) from 27.4.1+incompatible to 27.5.0+incompatible. - [Release notes](https://github.com/docker/docker/releases) - [Commits](moby/moby@v27.4.1...v27.5.0) --- updated-dependencies: - dependency-name: github.com/docker/docker dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]>

Bumps google.golang.org/protobuf from 1.36.2 to 1.36.3. --- updated-dependencies: - dependency-name: google.golang.org/protobuf dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]>

Bumps [github.com/aws/aws-sdk-go](https://github.com/aws/aws-sdk-go) from 1.55.5 to 1.55.6. - [Release notes](https://github.com/aws/aws-sdk-go/releases) - [Changelog](https://github.com/aws/aws-sdk-go/blob/main/CHANGELOG_PENDING.md) - [Commits](aws/aws-sdk-go@v1.55.5...v1.55.6) --- updated-dependencies: - dependency-name: github.com/aws/aws-sdk-go dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]>

Bumps google.golang.org/protobuf from 1.36.3 to 1.36.4. --- updated-dependencies: - dependency-name: google.golang.org/protobuf dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]>

Bumps [github.com/spf13/pflag](https://github.com/spf13/pflag) from 1.0.5 to 1.0.6. - [Release notes](https://github.com/spf13/pflag/releases) - [Commits](spf13/pflag@v1.0.5...v1.0.6) --- updated-dependencies: - dependency-name: github.com/spf13/pflag dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]>

Bumps [github.com/docker/docker](https://github.com/docker/docker) from 27.5.0+incompatible to 27.5.1+incompatible. - [Release notes](https://github.com/docker/docker/releases) - [Commits](moby/moby@v27.5.0...v27.5.1) --- updated-dependencies: - dependency-name: github.com/docker/docker dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]>

Signed-off-by: Roberto Bonafiglia <[email protected]>

It looks like they fixed goconst upstream and it no longer checks this

Bumps [golang.org/x/net](https://github.com/golang/net) from 0.34.0 to 0.35.0. - [Commits](golang/net@v0.34.0...v0.35.0) --- updated-dependencies: - dependency-name: golang.org/x/net dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]>

Bumps google.golang.org/protobuf from 1.36.4 to 1.36.5. --- updated-dependencies: - dependency-name: google.golang.org/protobuf dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]>

Bumps [github.com/docker/docker](https://github.com/docker/docker) from 27.5.1+incompatible to 28.0.1+incompatible. - [Release notes](https://github.com/docker/docker/releases) - [Commits](moby/moby@v27.5.1...v28.0.1) --- updated-dependencies: - dependency-name: github.com/docker/docker dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <[email protected]>

feat(alpine): revert 3.19 -> 3.18

48a7357

Revert because of issue with iptables v1.8.10 no longer working with -C check.

pull bot added the ⤵️ pull label May 31, 2024

dependabot bot and others added 28 commits June 1, 2024 11:39

fix: ensure that ipv6 is not disabled in kernel

a1125f6

Signed-off-by: Natanael Copa <[email protected]>

fix(Dockerfile): re-add ip6tables binary

a2d2e01

When we reverted from Alpine 3.19 to Alpine 3.18 we somehow lost the ip6tables package which caused issues for users of ipv6.

fact(Dockerfile): fix linter warning for AS

4013d21

fix(utils.go): static /32 subnet mask reference

94b17b8

fix(bug_report.md): update markdown templating

84c3549

fix(feature_request.md): update markdown templating

26b539e

fix(linux_networking.go): remove dangling IPv6 routes

e8962dd

Remove extra routes added by iproute2 when addresses are added to interfaces which block IPv6 service VIPs from routing from the host. See: #1698

doc(NSC): add extra comments to setupHandlers call

71072c1

fix(getAllLocalIPs): get IPv6 & IPv4 addresses

2522b4d

feat(go): update 1.21.7 -> 1.22.3

b1a2fbf

While this isn't the latest version of 1.22 as of the cutting of this release, it is the latest version that is allowed with Alpine 3.18 which we still need until the netfilter bugs are fixed.

feat(go.mod): update all deps to latest

eac472c

fix: allow basic ICMPv6 neighbor discovery

a0442e5

This fixes the problem where if network policy is applied before any communication between two pods, all subsequent communication fails because the two pods aren't able to discovery each other.

feat(goreleaser): update goreleaser-action v5->v6

5affda2

fix: select ICMP version for common ICMP rules

1d53ea5

This fixes kube-router trying to use `icmp` instead of `icmpv6` when creating common ICMP rules with ip6tables. Fixes: #1712

test: update utils/iptables_test to align with recent fix

55b830d

Update tests for code affected in 8dfb572.

fix(util): syntax in iptables.go

ef370d3

Fix strange mistake with ';' instead of 'string'.

dependabot bot and others added 30 commits December 15, 2024 23:39

fix(NSC): only set rp_filter to 2 if it is 1

aa7cffb

Setting rp_filter to 2 when it is 0 will override its status to be always enabled (in the loose mode). This behavior could break some networking solutions as it made packet admission rules more strict.

Added ipset.Save at the start of syncNetworkPolicyChains

d1982eb

Signed-off-by: Roberto Bonafiglia <[email protected]>

feat: update to go 1.22.3->1.23.6 and alpine 3.18->3.21

5cdc417

fix(lint): prevent against integer overflow errors

858fdf6

fix(lint): remove unnecessary variable initializations (copyloopvar)

48b631c

fix(lint): remove non-constant format string (govet)

760fcd5

fix(lint): remove nolint for error messages

d8430e2

It looks like they fixed goconst upstream and it no longer checks this

feat(Makefile): update golangci-lint 1.56.2->1.63.4

16d1f6b

feat(goreleaser): update goreleaser version and syntax

5e9cc72

feat(gomoq): update moq version v0.3.4 -> v0.5.1

baad588

feat(Makefile): update CNI plugins v1.4.0 -> v1.6.2

b97e2bb

doc(RELEASE.md): update release docs

85e429e

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

[pull] master from cloudnativelabs:master #11

[pull] master from cloudnativelabs:master #11

pull bot commented May 31, 2024 •

edited

Loading

[pull] master from cloudnativelabs:master #11

Are you sure you want to change the base?

[pull] master from cloudnativelabs:master #11

Conversation

pull bot commented May 31, 2024 • edited Loading

pull bot commented May 31, 2024 •

edited

Loading