Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

chore(deps): update crossplane dependencies #47

Merged
merged 7 commits into from
Jan 30, 2025

Conversation

renovate[bot]
Copy link
Contributor

@renovate renovate bot commented Nov 29, 2024

This PR contains the following updates:

Package Update Change
crossplane-contrib/function-patch-and-transform minor v0.4.0 -> v0.8.1
upbound/configuration-gcp-network minor v0.5.0 -> v0.7.0
upbound/provider-gcp patch v0.41.1 -> v0.41.4

Release Notes

crossplane-contrib/function-patch-and-transform (crossplane-contrib/function-patch-and-transform)

v0.8.1

Compare Source

What's Changed

Full Changelog: crossplane-contrib/function-patch-and-transform@v0.8.0...v0.8.1

v0.8.0

Compare Source

What's Changed

New Contributors

Full Changelog: crossplane-contrib/function-patch-and-transform@v0.7.0...v0.8.0

v0.7.0

Compare Source

What's Changed

New Contributors

Full Changelog: crossplane-contrib/function-patch-and-transform@v0.6.0...v0.7.0

v0.6.0

Compare Source

What's Changed

New Contributors

Full Changelog: crossplane-contrib/function-patch-and-transform@v0.5.0...v0.6.0

v0.5.0

Compare Source

Notable Changes

What's Changed

New Contributors

Full Changelog: crossplane-contrib/function-patch-and-transform@v0.4.0...v0.5.0

upbound/configuration-gcp-network (upbound/configuration-gcp-network)

v0.7.0

Compare Source

What's Changed

Full Changelog: upbound/configuration-gcp-network@v0.6.0...v0.7.0

v0.6.0

Compare Source

What's Changed

New Contributors

Full Changelog: upbound/configuration-gcp-network@v0.5.0...v0.6.0

upbound/provider-gcp (upbound/provider-gcp)

v0.41.4

Compare Source

The release v0.41.4 introduces:

What's Changed

Full Changelog: crossplane-contrib/provider-upjet-gcp@v0.41.3...v0.41.4

v0.41.3

Compare Source

The release v0.41.3 sets a default io.Discard logger for the controller-runtime if debug logging is not enabled. If debug logging is enabled, then the controller-runtime uses a debug mode zap logger as usual.

What's Changed

Full Changelog: crossplane-contrib/provider-upjet-gcp@v0.41.2...v0.41.3

v0.41.2

Compare Source

The release v0.41.2 includes some important bug fixes and dependency bumps detailed below:

  • Bump crossplane-runtime to v1.15.1 along with various bug fixes.
  • Bump upjet to v1.1.1
  • There’s a fix in the implementation of the LateInitialize management policy in the context of the no-fork architecture. Previously, we were relying solely on the managed reconciler for preventing the late-initialization of the managed resources if the specified policies do not contain it. Now, we also explicitly skip the late-initialization in upjet to prevent some accidental updates to the spec.forProvider while, for example, updating the annotations.
  • Adds a more explanatory error message when immutable fields of a managed resource have changed.
What's Changed

Full Changelog: crossplane-contrib/provider-upjet-gcp@v0.41.1...v0.41.2


Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.


  • If you want to rebase/retry this PR, check this box

This PR was generated by Mend Renovate. View the repository job log.

@renovate renovate bot added the automated label Nov 29, 2024
@renovate renovate bot requested a review from a team as a code owner November 29, 2024 07:56
Copy link

upbound/configuration-gcp-database #47
Change Summary:

  • Provider dependency updates for GCP SQL and GCP Service Networking from v0.41.1 to v0.41.4
  • Update of function-patch-and-transform dependency from v0.4.0 to v0.7.0

Potential Vulnerability:

  • File: crossplane.yaml:22-24
  • Code: version: "v0.41.4"
  • Explanation: While not immediately vulnerable, version updates should be carefully reviewed to ensure there are no breaking changes in the provider APIs, especially when updating multiple related providers simultaneously (GCP SQL and Service Networking)

Code Smell:
No code smells identified in this change. The modifications are straightforward version updates in the dependency specification.

Debug Log:
No debug logs present in the changes.

Unintended Consequences:

  • File: crossplane.yaml:31

  • Code: version: "v0.7.0"

  • Explanation: The function-patch-and-transform update from v0.4.0 to v0.7.0 represents a significant version jump (3 minor versions). This could introduce breaking changes in function behavior that might affect existing configurations. The changelog should be carefully reviewed for any breaking changes.

  • File: crossplane.yaml:22-24

  • Code: version: "v0.41.4" version: "v0.41.4"

  • Explanation: Simultaneous updates of interdependent providers (GCP SQL and Service Networking) could lead to temporary inconsistencies during deployment if the providers have different deployment times or if one update fails while the other succeeds.

Risk Score: 6
The relatively high risk score is due to:

  1. The significant version jump in function-patch-and-transform
  2. Simultaneous updates of interdependent providers
  3. Potential for breaking changes across multiple components

@renovate renovate bot force-pushed the renovate/crossplane-dependencies branch from 6872fe3 to a91cf8f Compare December 2, 2024 14:09
@renovate renovate bot force-pushed the renovate/crossplane-dependencies branch from a91cf8f to 47d5bf9 Compare December 17, 2024 13:52
@kaessert
Copy link
Contributor

/test-examples

@renovate renovate bot force-pushed the renovate/crossplane-dependencies branch from 47d5bf9 to 88c8258 Compare January 28, 2025 11:19
Signed-off-by: Yury Tsarev <[email protected]>
@ytsarev
Copy link
Member

ytsarev commented Jan 28, 2025

/test-examples

Copy link
Contributor Author

renovate bot commented Jan 28, 2025

Edited/Blocked Notification

Renovate will not automatically rebase this PR, because it does not recognize the last commit author and assumes somebody else may have edited the PR.

You can manually request rebase by checking the rebase/retry box above.

⚠️ Warning: custom changes will be lost.

@ytsarev
Copy link
Member

ytsarev commented Jan 28, 2025

/test-examples

1 similar comment
@ytsarev
Copy link
Member

ytsarev commented Jan 29, 2025

/test-examples

@ytsarev
Copy link
Member

ytsarev commented Jan 29, 2025

/test-examples

* Mitigate the hard to understand failure that happened on any consequent run for the stable network name even without
  stale Connection
```
PrivateConnection   False    False   ReconcileError: create failed:
  async create failed: failed to create the resource: [***0 Error
waiting for Create Service Networking Connection: Error code 9, message:
Cannot modify allocated ranges in CreateConnection. Please use
UpdateConnection.
```

* Solution found at https://stackoverflow.com/questions/55135559/unable-to-recreate-private-service-access-on-gcp

Signed-off-by: Yury Tsarev <[email protected]>
Signed-off-by: Yury Tsarev <[email protected]>
Switch back to original network name and region as Connection issue is
fixed

Signed-off-by: Yury Tsarev <[email protected]>
@ytsarev
Copy link
Member

ytsarev commented Jan 30, 2025

/test-examples

@ytsarev ytsarev merged commit 6ed8b17 into main Jan 30, 2025
2 checks passed
@renovate renovate bot deleted the renovate/crossplane-dependencies branch January 30, 2025 11:34
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Development

Successfully merging this pull request may close these issues.

2 participants