github/sample-controller
4
0
Fork 0
mirror of https://github.com/kubernetes/sample-controller.git synced 2026-02-04 00:06:14 +08:00
Code Issues Packages Projects Releases Wiki Activity
1,852 Commits 28 Branches 1,455 Tags
master
Commit Graph

940 Commits

Author SHA1 Message Date
Kubernetes Publisher
50434c6a06 Merge pull request #136362 from dims/update-opentelemetry-v1.39.0 
Update OpenTelemetry dependencies to latest versions

Kubernetes-commit: 69eb15ee58c9cb20b90007e9b064dfb78b66a867
 2026-01-21 22:14:22 +00:00
Davanum Srinivas
a2aea51475 Update OpenTelemetry dependencies to latest versions 
Core packages (opentelemetry-go):
- go.opentelemetry.io/otel: v1.38.0 → v1.39.0
- go.opentelemetry.io/otel/metric: v1.38.0 → v1.39.0
- go.opentelemetry.io/otel/trace: v1.38.0 → v1.39.0
- go.opentelemetry.io/otel/sdk: v1.38.0 → v1.39.0

Exporters:
- go.opentelemetry.io/otel/exporters/otlp/otlptrace: v1.34.0 → v1.39.0
- go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracegrpc: v1.34.0 → v1.39.0

Contrib instrumentation (opentelemetry-go-contrib):
- go.opentelemetry.io/contrib/.../otelhttp: v0.61.0 → v0.64.0
- go.opentelemetry.io/contrib/.../otelrestful: v0.44.0 → v0.64.0

Protocol definitions (opentelemetry-proto-go):
- go.opentelemetry.io/proto/otlp: v1.5.0 → v1.9.0

Notable changes:
- Go 1.24 is now the minimum required version (Go 1.23 support dropped) for OTEL components
- Performance: ~4x improvement in histogram concurrent operations; xxhash
  replaces fnv for attribute hashing
- Fixed goroutine leak in span processors when context is canceled
- otelrestful migrated semantic conventions from v1.20.0 to v1.34.0
  (e.g., http.method → http.request.method)
- Partial OTLP export errors now surfaced instead of being silently dropped
- otelrestful no longer depends on json-iterator/go, modern-go/concurrent,
  or modern-go/reflect2; unwanted-dependencies.json updated accordingly

Signed-off-by: Davanum Srinivas <davanum@gmail.com>

Kubernetes-commit: c40ea60b9f193fbead586f9fd6cc26f7b77312ff
 2026-01-20 17:20:21 -05:00
Kubernetes Publisher
2a236a856d Merge pull request #136212 from dims/update-security-deps-jan2026-v2 
Update security and stability dependencies

Kubernetes-commit: a94970c0c5de0fa56b0ed82823850db7e0257685
 2026-01-16 14:04:42 +00:00
Davanum Srinivas
5594bf5680 Update security and stability dependencies 
This PR updates several dependencies addressing security vulnerabilities,
stability fixes, and authentication improvements.

- golang.org/x/crypto: v0.46.0 -> v0.47.0
  - Includes latest X509 root certificate bundle updates
  - Security hardening for cryptographic operations
  - Foundation dependency for TLS and authentication

- github.com/golang-jwt/jwt/v5: v5.2.2 -> v5.3.0
  - IMPORTANT: v5.2.2 patched vulnerability GHSA-mh63-6h87-95cp (token
    validation security issue) - this update ensures we have the fix
  - Adds multiple audience validation support for JWT tokens
  - Go 1.21 minimum requirement (code modernization)
  - Replaced legacy interface{} with modern any keyword

- golang.org/x/net: v0.48.0 -> v0.49.0
  - HTTP/2 priority scheduler improvements (RFC 9218)
  - WebSocket security enhancements
  - Network layer stability fixes

- go.uber.org/zap: v1.27.0 -> v1.27.1
  - Fix: Prevent Object from panicking on nils (PR #1501)
  - Fix: Race condition in WithLazy (PR #1511)
  - Both fixes improve logging stability in concurrent scenarios

- github.com/godbus/dbus/v5: v5.2.0 -> v5.2.2
  - Security: Disabled SHA1 authentication by default on non-Windows
    platforms (v5.2.0 change now inherited)
  - Performance: Multiple optimizations reducing memory allocations
  - Fix: Alignment issues in decoder operations
  - Fix: Allow more than 32 containers/struct fields in a signature

Signed-off-by: Davanum Srinivas <davanum@gmail.com>

Kubernetes-commit: 5b478645cdb3be5ed92a21d2f7b417b6328cfa6e
 2026-01-13 23:08:03 -05:00
Kubernetes Publisher
16cd5dbcd7 Merge pull request #136162 from dims/update-security-deps-jan2026 
Update security-critical authentication and protobuf dependencies

Kubernetes-commit: c29a5d73a6fd04896033fe615c259f2949c5e94f
 2026-01-14 02:05:02 +00:00
Davanum Srinivas
1aa4a38e16 Update security-critical authentication and protobuf dependencies 
This PR updates security-critical dependencies addressing authentication
and data parsing vulnerabilities.

**Authentication Security:**
- github.com/coreos/go-oidc: v2.3.0 -> v2.5.0
  - Security fix: Now verifies token signature BEFORE validating payload
  - Prevents potential processing of tampered tokens before cryptographic
    verification

- github.com/cyphar/filepath-securejoin: v0.6.0 -> v0.6.1
  - Security fix: Fixed seccomp fallback logic - library now properly falls
    back to safer O_PATH resolver when openat2(2) is denied by seccomp-bpf
  - Fixed file descriptor leak in openat2 wrapper during RESOLVE_IN_ROOT

- cyphar.com/go-pathrs: v0.2.1 -> v0.2.2
  - Companion update to filepath-securejoin

**Protobuf Security:**
- google.golang.org/protobuf: v1.36.8 -> v1.36.11
  - Security fix: Added recursion limit check in lazy decoding validation
  - Prevents potential stack exhaustion attacks via maliciously crafted
    protobuf messages
  - Also adds support for URL chars in type URLs in text-format

These updates are critical for:
- OIDC authentication in kube-apiserver
- Container filesystem path resolution (used by container runtimes)
- Protobuf message parsing throughout the codebase

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Signed-off-by: Davanum Srinivas <davanum@gmail.com>

Kubernetes-commit: c825d80bbf2c82666192c329478a686fa3a1d5dc
 2026-01-11 16:50:37 -05:00
Kubernetes Publisher
81ae50c183 Merge pull request #136161 from dims/update-golang-x-deps-jan2026 
Update golang.org/x dependencies to latest versions

Kubernetes-commit: 1c894014ebe25e0b042efa91698284f527493d90
 2026-01-13 02:28:31 +00:00
Davanum Srinivas
17baec1178 Update golang.org/x dependencies to latest versions 
updates the golang.org/x package family to newer releases:

- golang.org/x/crypto: v0.45.0 -> v0.46.0
- golang.org/x/net: v0.47.0 -> v0.48.0
- golang.org/x/sys: v0.38.0 -> v0.40.0
- golang.org/x/time: v0.9.0 -> v0.14.0
- golang.org/x/oauth2: v0.30.0 -> v0.34.0
- golang.org/x/text: v0.31.0 -> v0.33.0
- golang.org/x/term: v0.37.0 -> v0.39.0
- golang.org/x/sync: v0.18.0 -> v0.19.0
- golang.org/x/mod: v0.29.0 -> v0.32.0
- golang.org/x/tools: v0.38.0 -> v0.40.0
- golang.org/x/exp: 8a7402abbf56 -> 944ab1f22d93

Security & Stability:
- x/crypto: Updated X509 root certificate bundle
- x/net: HTTP/2 PING optimization to reduce DoS detection triggers,
  data race fix in trace RenderEvents
- x/sys: Fixed out-of-bounds memory access in sockaddrIUCVToAny
- x/time: Fixed rate limiter overflow when using very low rates that
  could cause the limiter to jam open

Performance:
- x/time: ~19% improvement in Sometimes.Do when no interval configured

Maintenance:
- Various vet diagnostic fixes for Go 1.26 compatibility
- Dependency updates across the golang.org/x ecosystem

Signed-off-by: Davanum Srinivas <davanum@gmail.com>

Kubernetes-commit: 0e67c56a8f26ace2889fd24e098b78e13f9bbffe
 2026-01-11 16:25:45 -05:00
Kubernetes Publisher
c5a510e1f3 Merge pull request #136108 from pohly/ginkgo-gomega-update 
dependencies: ginkgo v2.27.4, gomega v1.39.0

Kubernetes-commit: 758ef0ffbce5cbca7a893d839dde892d79c2738f
 2026-01-08 23:41:35 +00:00
Patrick Ohly
268a6a7700 dependencies: ginkgo v2.27.4, gomega v1.39.0 
Latest release of both. The CurrentTreeConstructionNodeReport fix
is needed before being able to use it in the E2E framework.

Kubernetes-commit: f8a0c80ed81711f6add7a765d22b56d2d41ac522
 2026-01-08 16:53:03 +01:00
Kubernetes Publisher
6cb24270b0 Merge pull request #135391 from jpbetz/smd-6_3_1 
Bump structured-merge-diff to pick up flake fix and bug fixes

Kubernetes-commit: 6f92c01979b7666f6631a556a8626e21b88d1f2a
 2025-12-23 15:00:23 +00:00
Kubernetes Publisher
1d34da02ca Merge pull request #135867 from dims/pin-versions-of-dbus-and-otelgrpc-to-avoid-breakage 
Pin versions of dbus and otelgrpc to avoid breakage

Kubernetes-commit: dce2e8cef737ebce3a4d13d74654c50bcb244846
 2025-12-21 02:58:32 +00:00
Davanum Srinivas
5eb3267611 updated to last known good dependencies for otelgrpc and dbus 
Signed-off-by: Davanum Srinivas <davanum@gmail.com>

Kubernetes-commit: 60cce0abd05d31f74ece404e584f53c915a7f3d5
 2025-12-20 15:27:53 -05:00
Kubernetes Publisher
af6ed48cf6 Merge pull request #135836 from pohly/ginkgo-gomega-update 
dependencies: ginkgo v2.27.3 + gomega v1.38.3

Kubernetes-commit: 268bdbe214ac64b5a31a59cfae6b96f3a1585bd3
 2025-12-19 18:59:06 +00:00
Kubernetes Publisher
7eea9581c5 Merge pull request #135845 from skitt/drop-armon-circbuf 
Replace armon/circbuf with k8s.io/utils/buffer

Kubernetes-commit: 0ea38248603ce745956d779787874cfd91ca29ae
 2025-12-19 18:59:04 +00:00
Stephen Kitt
061bfb601d Replace armon/circbuf with k8s.io/utils/buffer 
This uses the new generic fixed ring implementation in k8s.io/utils.

Signed-off-by: Stephen Kitt <skitt@redhat.com>

Kubernetes-commit: 3653ae2b9a7768da89e47ef84d503ae9cf0b910b
 2025-12-19 09:59:41 +01:00
Kubernetes Publisher
15740c5a3c Merge pull request #135531 from pohly/golangci-lint-bump 
golangci-lint: bump to v2.7.1

Kubernetes-commit: 430fef557f34c6145d4607f9d65d46ac5f7a7b66
 2025-12-18 18:57:39 +00:00
Kubernetes Publisher
937ea5acb4 Merge pull request #135539 from dims/move-httpcache-to-third_party/forked 
move httpcache to third_party/forked

Kubernetes-commit: 04d866b37de3aefac063b2b6e12f11b30701c9ff
 2025-12-18 18:57:38 +00:00
Patrick Ohly
afeb98a2bf dependencies: ginkgo v2.27.3 + gomega v1.38.3 
This fixes some issues found in Kubernetes (data race in ginkgo CLI, gomega
formatting) and helps with diagnosing OOM killing in CI jobs (exit status of
processes).

The modified gomega formatting shows up in some of the output tests for the E2E
framework. They get updated accordingly.

Kubernetes-commit: db841afdbb193ea7d612472c7cc4c7b3f58eb676
 2025-12-16 14:32:00 +01:00
Davanum Srinivas
3b66c2e73c move httpcache to third_party/forked 
Signed-off-by: Davanum Srinivas <davanum@gmail.com>

Kubernetes-commit: ab1ffaf12e243798df20a5c98192b8d108ba9a9b
 2025-12-01 21:58:55 -05:00
Kubernetes Publisher
adad5a9caa Merge pull request #133828 from dims/drop-unnecessary-usegocmp-build-tag 
Drop unnecessary `usegocmp` build tag

Kubernetes-commit: 09e71afb4bc834cf08106517a528d9320c2cc94f
 2025-12-18 02:55:39 +00:00
Kubernetes Publisher
625de3544c Merge pull request #135536 from dims/bump-x/crypto-to-v0.45.0 
Bump golang.org/x/crypto to v0.45.0

Kubernetes-commit: de61f598953ccd3e3950cdeda02740af2881048f
 2025-12-04 23:32:36 +00:00
Davanum Srinivas
aa36c89596 Bump golang.org/x/crypto to v0.45.0 
Signed-off-by: Davanum Srinivas <davanum@gmail.com>

Kubernetes-commit: 5302b929ae55e86ad40b57d74c326529792d0439
 2025-12-01 14:11:01 -05:00
Kubernetes Publisher
23982ca363 Merge pull request #135131 from Dev1622/sig-storage/mock-expand-flake-fix 
e2e/storage: deflake CSI Mock volume expansion quota validation

Kubernetes-commit: 4c04786f746e349a34042a0d59ec432a8a46ddcc
 2025-11-26 21:17:49 +00:00
Joe Betz
c443aac8ce hack/pin-dependency.sh sigs.k8s.io/structured-merge-diff/v6 v6.3.1 
Kubernetes-commit: 5129fa152b3628ee65c060d3e2f59f69d271f7a6
 2025-11-21 08:53:57 -05:00
Dev1622
65dd5388bc vendor: update vendor and license metadata after replacing BeTrue usage in csi tests 
Kubernetes-commit: 216aaf76cba4b0cba05f0901d759dc017f833cd3
 2025-11-13 05:11:59 +00:00
Surya
b1d566f6ff Update vendored dependencies 
Kubernetes-commit: c68b35c4c75cb5d4c016799a966808dff3d9a9a5
 2025-11-12 16:17:46 +00:00
Kubernetes Publisher
2464cd88ce Merge pull request #134881 from pohly/e2e-slow-priority 
E2E: run slow tests first, using new Ginkgo

Kubernetes-commit: cd0ddec139502081c2edf73c0329bcc07b5048f4
 2025-11-01 15:56:41 +00:00
Patrick Ohly
85b7780cbf dependencies: ginkgo v2.27.2, gomega v1.38.2 
Specifically the new AddTreeConstructionNodeArgsTransformer and SpecPriority in
Ginkgo will be useful.

Gomega gets updated to keep up-to-date.

Kubernetes-commit: 6034321603be95409028f0173e0c372515008dbb
 2025-10-24 20:53:04 +02:00
Kubernetes Publisher
42bbeb6d6e Merge pull request #135004 from pohly/dependencies-x-repos 
dependencies: various minor updates

Kubernetes-commit: 02398258b15ff894a7c73acdeb9270b32f6d02a9
 2025-10-31 15:59:49 +00:00
Patrick Ohly
6913650eb2 dependencies: various minor updates 
This is a collection of updating several unversioned modules. Those updates are
eventually going to reach Kubernetes, doing them together now makes PRs for
future major updates smaller.

Kubernetes-commit: 5993782d6537bab9edf95590c123f96ea39ca185
 2025-10-31 11:30:26 +01:00
Kubernetes Publisher
176c776474 Merge pull request #134780 from joshjms/bump-etcd-sdk-v3.6.5 
etcd: Bump etcd sdk to v3.6.5

Kubernetes-commit: 4415f00294cff245a9594055aed29abcd4e4a0c1
 2025-10-22 23:58:14 +00:00
joshjms
db0c6eaf0d etcd: bump etcd sdk to v3.6.5 
Signed-off-by: joshjms <joshjms1607@gmail.com>

Kubernetes-commit: 7f99d6672f75d9f757953745bdabf598139b4c30
 2025-10-22 21:36:06 +08:00
Kubernetes Publisher
3e1e304730 Merge pull request #134714 from p0lyn0mial/upstream-watchlist-unsupported-wl-semantics-typed-inf 
client-go/typed/informers: wrap the LW with WatchList semantics

Kubernetes-commit: 350481c4747da5c2ad4f24e71e7edaabbd4cfe2e
 2025-10-21 15:56:52 +00:00
Kubernetes Publisher
f5fbdf257a Merge pull request #134663 from p0lyn0mial/upstream-watchlist-unsupported-wl-semantics-typed 
client-go/typed/fake: expose IsWatchListSemanticsUnSupported

Kubernetes-commit: f794aa12d78f5b1f9579ce8a991a116a99a2c43c
 2025-10-17 09:37:09 +00:00
Kubernetes Publisher
f3f7a3c99d Merge pull request #134256 from liggitt/protoc-gogo-poc 
KEP-5589 - drop gogo runtime dependencies

Kubernetes-commit: 6bc4914b841f5bf032490cf105f57dc5bfe475ba
 2025-10-08 21:55:06 +00:00
Jordan Liggitt
e4ddf454da Regenerate vendor 
Kubernetes-commit: 7f58bb9abdf23c37e5e201054db5adab6eee60cd
 2025-09-24 23:37:55 -04:00
Kubernetes Publisher
5c91de7283 Merge pull request #134209 from Jefftree/gengo-bmp 
Bump gengo

Kubernetes-commit: 1b5fb46b720484a19951198165494c98691a513d
 2025-09-22 23:50:48 +00:00
Jefftree
440bb4f1ae bump gengo 
Kubernetes-commit: 37592a026be32e3eb8ff19e1f934110bbff42975
 2025-09-22 18:54:58 +00:00
Kubernetes Publisher
e02734125f Merge pull request #134145 from dims/update-to-latest-sigs.k8s.io/json 
update to latest sigs.k8s.io/json

Kubernetes-commit: 6070f5a92918020b8c792ca1219a5fbbfa53a556
 2025-09-19 04:01:13 +00:00
Davanum Srinivas
1ef8f222ca update to latest sigs.k8s.io/json 
Kubernetes-commit: 736f7b9a1b514237c78e28885198f6c2e6a0a0b0
 2025-09-18 20:55:31 -04:00
Kubernetes Publisher
b2f0de72cf Merge pull request #134120 from BenTheElder/golang-language-125 
Upgrade go language version to 1.25

Kubernetes-commit: 0ca861d5ed67d944285ee5ea80cf520d11e8b755
 2025-09-18 00:59:49 +00:00
Benjamin Elder
6b8a1e7cb9 bump go language version to 1.25 
Kubernetes-commit: 563d4d651ca2905e3ed4d643021295fb19f871fb
 2025-09-17 13:32:42 -07:00
Kubernetes Publisher
2468fb7ad7 Merge pull request #131755 from jpbetz/openapi-type-name-gen 
Allow OpenAPI model package names to be declared by APIs

Kubernetes-commit: 69e637f24c23764973e30491afab202c0d083399
 2025-09-11 20:23:54 +00:00
Kubernetes Publisher
878e68684d Merge pull request #133191 from Jefftree/rev 
Add jefftree to OWNERS

Kubernetes-commit: 26b246ae667f5f9b0f90e1a2abd9fc2a50f4d0d3
 2025-09-11 16:13:35 +00:00
Joe Betz
37e6640aaa Bump kube-openapi 
Signed-off-by: Joe Betz <jpbetz@google.com>

Kubernetes-commit: 8b63ace66c5b21a886aa7d3803c0f70bd2a51c8e
 2025-09-10 15:52:57 -04:00
Kubernetes Publisher
16fa12aec0 Merge pull request #133921 from dims/update-prometheus-client-golang-and-common-packages 
update prometheus' client_golang and common packages

Kubernetes-commit: bbd859808d0cef566fbfc89639926b7cc50d9bd5
 2025-09-10 16:28:33 +00:00
Davanum Srinivas
7600c7f5af update prometheus' client_golang and common packages 
Kubernetes-commit: bdfca587f48e816a667b1b1e5766200746b90e3a
 2025-09-07 17:20:43 -04:00
Kubernetes Publisher
fff7accdf4 Merge pull request #133769 from thockin/kk_bump_gengo 
Bump gengo

Kubernetes-commit: 86d0607011e11ce579e9e2e5754068b4ecfdd57c
 2025-09-03 21:19:09 +00:00
Tim Hockin
c4a1185e35 Bump gengo 
Kubernetes-commit: 5f4b4a682499ecb996a45a1e2c48dd545003f22a
 2025-09-03 08:24:17 -07:00