🌱 Update Builder Image group

[cluster-stack-bot]

This PR contains the following updates:

Package	Type	Update	Change
aquasecurity/trivy		minor	v0.52.2 -> v0.55.0
docker.io/hadolint/hadolint	stage	digest	7dba9a9 -> 3c206a4
golangci/golangci-lint		minor	v1.59.1 -> v1.60.3
kubernetes-sigs/cluster-api		minor	v1.7.3 -> v1.8.2
kubernetes-sigs/controller-tools		minor	v0.15.0 -> v0.16.2
kubernetes-sigs/kind		minor	v0.23.0 -> v0.24.0

---

Warning

Some dependencies could not be looked up. Check the Dependency Dashboard for more information.

---

Release Notes

aquasecurity/trivy (aquasecurity/trivy)

v0.55.0

Compare Source

⚡Release highlights and summary⚡

👉https://github.com/aquasecurity/trivy/discussions/7440

Changelog

https://github.com/aquasecurity/trivy/blob/main/CHANGELOG.md#0550-2024-09-03

v0.54.1

Compare Source

Changelog

• 854c61d release: v0.54.1 [release/v0.54] (#​7282)
• 334a1c2 fix(flag): incorrect behavior for deprected flag --clear-cache [backport: release/v0.54] (#​7285)
• f61725c fix(java): Return error when trying to find a remote pom to avoid segfault [backport: release/v0.54] (#​7283)
• a7b7117 fix(plugin): do not call GitHub content API for releases and tags [backport: release/v0.54] (#​7279)

v0.54.0

Compare Source

⚡Release highlights and summary⚡

👉 https://github.com/aquasecurity/trivy/discussions/7268

Changelog

https://github.com/aquasecurity/trivy/blob/main/CHANGELOG.md#0540-2024-07-30

v0.53.0

Compare Source

⚡Release highlights and summary⚡

👉 https://github.com/aquasecurity/trivy/discussions/7061

Changelog

https://github.com/aquasecurity/trivy/blob/main/CHANGELOG.md#0530-2024-07-01

golangci/golangci-lint (golangci/golangci-lint)

v1.60.3

Compare Source

1. Updated linters
   • gosec: from 81cda2f to ab3f6c1 (fix G115 false positives)
2. Misc.
   • Check that the Go version use to build is greater or equals to the Go version of the project

v1.60.2

Compare Source

1. Updated linters

• gofmt: update to HEAD (go1.22)
• gofumpt: from 0.6.0 to 0.7.0
• gosec: fix G602 analyzer
• gosec: from 5f0084e to 81cda2f (adds G115, G405, G406, G506, G507)
• staticcheck: from 0.5.0 to 0.5.1
• staticcheck: propagate Go version
• wrapcheck: from 2.8.3 to 2.9.0
• ⚠️ exportloopref: deprecation

v1.60.1

Compare Source

1. Updated linters
   • errorlint: from 1.5.2 to 1.6.0
   • exhaustruct: from 3.2.0 to 3.3.0 (recognize custom error values in return)
   • fatcontext: from 0.2.2 to 0.4.0 (fix false positives for context stored in structs)
   • gocognit: from 1.1.2 to 1.1.3
   • gomodguard: from 1.3.2 to 1.3.3
   • govet (printf): report non-constant format, no args
   • lll: advertise max line length instead of just reporting failure
   • revive: from 1.3.7 to 1.3.9 (new rule: comments-density)
   • sloglint: from 0.7.1 to 0.7.2
   • spancheck: from 0.6.1 to 0.6.2
   • staticcheck: from 0.4.7 to 0.5.0
   • tenv: from 1.7.1 to 1.10.0 (remove reports on fuzzing)
   • testifylint: from 1.3.1 to 1.4.3 (new options: formatter, suite-broken-parallel, suite-subtest-run)
   • tparallel: from 0.3.1 to 0.3.2
   • usestdlibvars: from 1.26.0 to 1.27.0 (fix false-positive with number used inside a mathematical operations)
   • wsl: from 4.2.1 to 4.4.1
   • ️⚠️ unused: remove exported-is-used option
2. Fixes
   • SARIF: sanitize level property
   • ️⚠️ typecheck issues should never be ignored
3. Documentation
   • Add link on linter without configuration
   • Remove 'trusted by' page
   • wsl update documentation of the configuration
4. misc.
   • 🎉 go1.23 support

v1.60.0

Compare Source

Cancelled due to a CI problem.

kubernetes-sigs/cluster-api (kubernetes-sigs/cluster-api)

v1.8.2

Compare Source

👌 Kubernetes version support

• Management Cluster: v1.27.x -> v1.31.x
• Workload Cluster: v1.25.x -> v1.31.x

More information about version support can be found here

Highlights

This release contains an important fix for KCP
with Kubernetes v1.31. We recommend all users to upgrade to this release.

The fix required the introduction of a pre-terminate hook that is automatically added and managed by the KCP controller
for KCP control plane Machines. If your control plane Machines are using Kubernetes 1.31, KCP will make sure that
its pre-terminate hook is run last. This is done to ensure that the terminating Node has a working kubelet / Node
while other pre-terminate hooks are executed.

More details about the issue can be found in Drain not being performed for KCP machines with K8s v1.31.x .

Changes since v1.8.1

📈 Overview

• 15 new commits merged
• 3 bugs fixed 🐛

🐛 Bug Fixes

• API: Re-add /finalizers subresource RBAC (#​11120)
• Bootstrap: Always declare try-or-die-command function in kubeadm-bootstrap-script.sh (#​11090)
• KCP: remove etcd member in pre-terminate hook (#​11136)

🌱 Others

• clusterctl: Bump cert-manager to 1.15.3 (#​11094)
• e2e: Bump kind to v0.24.0 (#​11084)
• e2e: Test: Bump autoscaler to v1.31.0 (#​11112)
• e2e: Test: improve autoscale tests for to/from zero and running autoscaler in bootstrap cluster (#​11093)
• Testing: Bump envtest in Makefile to v1.31.0 (#​11086)

📖 Additionally, there have been 7 contributions to our documentation and book. (#​11057, #​11058, #​11077, #​11102, #​11110, #​11134, #​11139)

Dependencies

Added

Nothing has changed.

Changed

Nothing has changed.

Removed

Nothing has changed.

Thanks to all our contributors! 😊

v1.8.1

Compare Source

👌 Kubernetes version support

• Management Cluster: v1.27.x -> v1.31.x
• Workload Cluster: v1.25.x -> v1.31.x

More information about version support can be found here

Highlights

• Support for Kubernetes v1.31

Changes since v1.8.0

📈 Overview

• 3 new commits merged
• 1 feature addition ✨
• 1 bug fixed 🐛

✨ New Features

• Testing: Bump Kubernetes in tests to v1.31.0 and claim support for v1.31 (#​11053)

🐛 Bug Fixes

• Dependency: Update controller-runtime dependency to v0.18.5 (#​11046)

🌱 Others

• clusterctl: Improve clusterctl client config logic & error message (#​11052)

Dependencies

Added

Nothing has changed.

Changed

• sigs.k8s.io/controller-runtime: v0.18.4 → v0.18.5

Removed

Nothing has changed.

Thanks to all our contributors! 😊

v1.8.0

Compare Source

👌 Kubernetes version support

• Management Cluster: v1.27.x -> v1.30.x
• Workload Cluster: v1.25.x -> v1.30.x

More information about version support can be found here

Highlights

• Bumped to controller-runtime v0.18, k8s.io/* v0.30, controller-gen v0.15, Go 1.22
• API: Add support for negative polarity conditions (#​10550)
• API: Allow control plane provider to set control plane endpoint (#​10667)
• CABPK: Add kubeadm v1beta4 types (including ExtraEnvs and ImagePullSerial) (#​10709, #​10846)
• CABPK: Allow to generate JoinConfiguration discovery kubeconfig (#​10799)
• ClusterClass: Improvements for variables
  • CEL support for variables (#​9239)
  • Metadata for top-level and nested variables (& deprecate previous metadata field) (#​10778)
  • Support control plane variable overrides (#​10682)
  • New builtin variables: control plane / MD / MP metadata (#​10837), Cluster UID (#​10822)
• KCP: Delete out of date machines with unhealthy control plane component conditions during rollout (#​10196)
• KCP: Default ControlPlaneKubeletLocalMode kubeadm feature gate to true for Kubernetes >= 1.31.0
• Logging: Improvements to rollout logs: Cluster topology controller (#​10690), KCP controller & webhooks (#​10628), MachineDeployment controller (#​10688)
• MachineDeployment: Add remediation strategy (#​10712)
• MachineSet/Machine: Improvements to Machine deletion
  • Machine deletion skips waiting for volumes detached for unreachable Nodes (#​10662)
  • Machine drain ignores terminating Pods earlier for unreachable Nodes (#​10706)
  • MachineSet: Fix deletion priority to avoid deleting too many machines (#​10087)
  • MachineSet: Deprioritize unknown NodeHealthy conditions for deletion (#​10763)
  • MachineSet: Ensure unhealthy machines get deletion priority (#​10755)
• A usual, significantly improved e2e test framework & coverage (#​10083, #​10216, #​10135, #​10498, #​10639, #​10530)
• New providers in clusterctl: IONOS Cloud (#​10767), Linode (#​10471), Tinkerbell (#​10487)

Deprecation Warning

• ClusterClass: Deprecate definitionFrom field (#​10841)
• ClusterClass: Deprecate IP Family builtin variable (#​10554)
• MachineDeployment: Deprecate revision management (#​10855)
• MachineHealthCheck: Deprecate MaxUnhealthy & UnhealthyRange fields (#​10853)

Umbrella issue: API changes: #​10852

Changes since v1.7.0

📈 Overview

• 322 new commits merged
• 1 breaking change ⚠️
• 23 feature additions ✨
• 50 bugs fixed 🐛

⚠️ Breaking Changes

• ClusterClass: Adjust CC & Cluster controller to block on variable conflicts, deprecate definitionFrom (#​10841)

✨ New Features

• API: Add support negative polarity conditions (#​10550)
• API: Optimize rbac across controllers (#​10552)
• Bootstrap: Allow CAPBK to generate JoinConfiguration discovery kubeconfig (#​10799)
• CABPK: Add ExtraEnvs and ImagePullSerial to KubeadmConfig (#​10846)
• CABPK: Add kubeadm v1beta4 types (#​10709)
• ClusterCacheTracker: Add QPS & burst options & flags for ClusterCacheTracker (#​10880)
• ClusterClass: Add map key for MD/MP class & topology in ClusterClass & Cluster.spec.topology (#​10808)
• ClusterClass: Add metadata for top-level and nested variables & deprecate previous metadata field (#​10778)
• ClusterClass: Add variable validation to ClusterClass controller, block Cluster reconcile if variables not reconciled (#​10812)
• ClusterClass: Extend ControlPlane/ MD / MP builtin to include metadata (#​10837)
• ClusterClass: Introduce CEL for ClusterClass Variables (#​9239)
• ClusterClass: Support ControlPlane variable overrides (#​10682)
• e2e: Bump Kubernetes to v1.31.0-rc.1 (#​11022)
• e2e: Bump Kubernetes version used for testing to v1.30.0-rc.1 (#​10384)
• e2e: Bump Kubernetes version used for testing to v1.31.0-beta.0 (#​10922)
• e2e: Bump Kubernetes version used for testing to v1.31.0-rc.0 (#​10968)
• KCP: Default ControlPlaneKubeletLocalMode feature gate to true for >= 1.31.0 (#​10947)
• MachinePool: MachinePools: Use NodeDeletionTimeout and default it to 10s (#​10553)
• MachinePool: Set Kubernetes version in machinepool machine Status.Version (#​10849)
• MachineSet: Add remediation strategy support in MachineDeployment (#​10712)
• Runtime SDK/ClusterClass: Extend cluster builtin to include UID (#​10822)
• Runtime SDK/ClusterClass: Fix GetObjectVariableInto util func (#​10702)
• Testing: Support e2e for WSL (#​10402)

🐛 Bug Fixes

• API: Cluster should be provisoned when cpRef and endpoint is set (#​10873)
• API: Drop caBundle from CRDs to support Kubernetes 1.31 (#​10976)
• API: Re-add patch for events (#​10695)
• API: When infrastructureRef is nil, set InfrastructureReadyCondition to true (#​10909)
• CABPK: Bootstrap: fix useExperimentalRetryJoin for kubernetes v1.31 (#​11000)
• CAPD: Don't add host ports to exposed ports of containers (#​10657)
• CAPD: Ensure DockerMachinePool providerIDList is deterministic (#​11003)
• CAPD: Fix nil pointer in dockermachinepool controller (#​10876)
• CAPD: Verify lb config after writing it (#​10453)
• CI: Add for new linters to fix old syntax (#​10699)
• CI: Add tenv linter (#​10689)
• CI: Fix conversion-gen outside of GOPATH (#​10502)
• ClusterClass: Defaulting webhook should check class is set in ClusterClass-based clusters (#​10671)
• ClusterClass: Fix indexing in ClusterClass webhook MHC validation (#​10672)
• ClusterClass: Fix TestServerSideApplyWithDefaulting flakes (#​10905)
• clusterctl: Ensure cert-manager objects get applied before other provider objects (#​10469)
• clusterctl: Ensure move uses mutated metadata when updating a target object (#​10982)
• clusterctl: Fix log in clusterctl move (#​10540)
• clusterctl: Handle a nil mutator by returning an error, not panicking (#​10981)
• clusterctl: Verify that there is a release for the tag (#​10220)
• ClusterResourceSet: Correctly handle concurrent updates to ClusterResourceSetBinding (#​10656)
• ClusterResourceSet: Use separate cache for partial metadata watches on secrets to include all secrets (#​10633)
• Dependency: Use k8s.io/utils/ptr instead of k8s.io/utils/pointer (#​10700)
• e2e: Ensure all ownerRef assertions for some Kind are evaluated (#​10590)
• e2e: Filter cluster-wide objects asserted in ResourceVersion tests to exclude objects of parallel tests (#​10560)
• e2e: Fix kubetest to allow parallel execution on different clusters (#​10424)
• e2e: Kubetest: also gather junit reports in case of errors observed from ginkgo (#​10493)
• KCP: Delete out of date machines with unhealthy control plane component conditions when rolling out KCP (#​10196)
• KCP: Fix some KCP unit test flakes (#​10711)
• Machine: Machine Controller should try to retrieve node on delete (#​11042)
• Machine: Machine deletion skips waiting for volumes detached for unreachable Nodes (#​10662)
• Machine: Speed up ignoring terminating Pods when draining unreachable Nodes (#​10706)
• MachineHealthCheck: Change MachineHealthCheck.spec.unhealthyConditions to optional (#​9774)
• MachineHealthCheck: Skip publishing the RemediationRestricted event when there are no unhealthy target (#​10591)
• MachinePool: Check that replicas pointer is not nil in machinepool controller (#​10632)
• MachineSet: Fix deletion priority to avoid deleting too many machines (#​10087)
• MachineSet: MachineSet should allow scale down operations to proceed when templates don't exist (#​10913)
• ClusterClass/MachineHealthCheck: Fix default namespace of RemediationTemplate for ClusterClass and Topology (#​10843)
• ClusterClass/MachineSet/MachineDeployment: MD/MS topo reconciler: only add finalizer for owned MD/MS (#​10780)
• KCP/CAPD: KCPTemplate & DockerClusterTemplate webhook: default before immutability check (#​10638)
• Runtime SDK: Topology: use raw input object for patch calculation in WalkTemplates (#​10912)
• Security: Also use tls options for metrics/diagnostics server (#​10883)
• Testing: Fix CRS test flake (#​11011)
• Testing: Fix metadata assert failure in clusterclass rollout test (#​10840)
• Testing: Fix race condition in TestPatchHelper test (#​10886)
• Testing: Test/framework isDockerCluster should check that infra ref is present (#​10973)
• util: Check errors for IsNotFound after patching spec and status (#​10787)
• util: Checking cert's keypair for nil before accessing to avoid panics (#​10321)
• util: Patch helper should be able to patch non-spec objects (#​10824)
• util: SSA: recover gvk after scheme.Convert (#​10408)

🌱 Others

• API: Allow control plane provider to set endpoint (#​10667)
• API: Allow users to specify webhook server cert and key names (#​10551)
• API: Partially revert changes for ":bug: Cluster should be provisoned when cpRef and endpoint is set" (#​10903)
• CAPD: Bump github.com/docker/docker to v26.0.2 (#​10478)
• CI: Add more templating func to prowjob-gen (#​10391)
• CI: Drop pr approver workflow top-level permissions (#​10659)
• CI: Optimize dependabot config (#​10571)
• CI: Publish nightly manifests to staging bucket (#​10489)
• CI: Replace exec kubectl with client CreateOrUpdate (#​10442)
• CI: Update base branch for link checker (#​10964)
• CI: Update version matrix for github workflows for release-1.7 (#​10357)
• CI: Use setup-envtest from CR main (05/2024) to use envtest binaries from CT releases (#​10569)
• ClusterCacheTracker: Improve CCT error logging (#​10826)
• ClusterCacheTracker: Use indexes field instead of passing it around (#​10606)
• ClusterClass: Add Cluster.GetClassKey() to retrieve a NamespacedName for classes (#​10703)
• ClusterClass: Add MachinePools to autoscaler e2e test (#​10083)
• ClusterClass: Add MachinePools to handler and topology test (#​10216)
• ClusterClass: Deprecate IP Family builtin variable (#​10554)
• ClusterClass: Improve reconcile state logs (don't log empty diff) (#​11015)
• ClusterClass: Log diffs for Cluster topology rollouts/patches (#​10690)
• ClusterClass: Separate schema and CEL errors in CC variable validation (#​10809)
• ClusterClass: Webhooks: make MDT.replicas and autoscaler mut. exclusive (#​10370)
• clusterctl: Add ionoscloud provider (#​10767)
• clusterctl: Add support for the linode-linode infrastructure provider to clusterctl (#​10471)
• clusterctl: Add Tinkerbell to the providers list (#​10487)
• clusterctl: Always run crd migration if possible to reduce conversion webhook usage (#​10513)
• clusterctl: Bump cert-manager to 1.14.5 (#​10514)
• clusterctl: Bump cert-manager to v1.15.0 (#​10727)
• clusterctl: Bump cert-manager to v1.15.1 (#​10807)
• clusterctl: Bump cert-manager to v1.15.2 (#​10992)
• clusterctl: Improve cert-manager shouldUpgrade (#​10407)
• clusterctl: Update Config generation to use inClusterConfig (#​11006)
• ClusterResourceSet: Ensure CRS controller always add ownerReference to resources (#​10756)
• ClusterResourceSet: Make ClusterResourceSet controller more predictable (#​10869)
• Community meeting: Retire the Alternative communication pattern feature group (#​10658)
• Control-plane: Improve KCP remediation re-entrancy (#​10559)
• Core: Cleanup separate unstructuredCachingClient (#​10692)
• Dependency: Bump controller-gen to v0.15 (#​10380)
• Dependency: Bump controller-runtime to v0.18.0 (#​10383)
• Dependency: Bump conversion-gen to v0.30.0 (#​10474)
• Dependency: Bump docker/docker to 26.0.0+incompatible (#​10335)
• Dependency: Bump envtest to v1.30.0 (#​10477)
• Dependency: Bump github.com/distribution/reference from 0.5.0 to 0.6.0 (#​10501)
• Dependency: Bump github.com/docker/docker from 26.1.4+incompatible to 27.0.0+incompatible in /test (#​10775)
• Dependency: Bump github.com/docker/docker to v27.0.1 (#​10794)
• Dependency: Bump Go to v1.22.2 (#​10452)
• Dependency: Bump go version to 1.22.3 (#​10586)
• Dependency: Bump golang to v1.21.9 and golang.org/x/net to mitigate CVE-2023-45288 (#​10375)
• Dependency: Bump golangci-lint to v1.57.2 (#​10398)
• Dependency: Bump the all-go-mod-patch-and-minor group across 3 directories with 3 updates (#​11039)
• Dependency: Bump to Go 1.22.4 (#​10739)
• Dependency: Bump to Go 1.22.5 (#​10828)
• Dependency: Fix loopvar linter issue and usage of deprecated grpc function (#​10731)
• Dependency: Fixup patch order in CABPK (#​10399)
• Dependency: Stop bumping cel-go via dependabot (#​10834)
• Dependency: Update Kustomize deprecated syntax (#​10294)
• Devtools: Add triage-party for the Cluster API backlog (#​10437)
• Devtools: Bump Cluster API Visualizer to v1.3.0 (#​10386)
• Devtools: Bump Cluster API Visualizer to v1.3.1 (#​10816)
• Devtools: Improve triage query (#​10644)
• Devtools: Tilt: ensure in-tree providers always use start.sh to allow restarts (#​10811)
• e2e: Add function to create the ClusterProxy when using a secondary kind-based management cluster (#​10804)
• e2e: Add IPAM API to test framework convenience scheme (#​10745)
• e2e: Allow setting worker machine count to nil in ApplyClusterTemplateAndWait & ConfigCluster (#​10388)
• e2e: Bump autoscaler to v1.30.0 (#​10510)
• e2e: Bump kind to v0.23.0 (#​10610)
• e2e: Drop support for INIT env variables in clusterctl upgrade test (#​10609)
• e2e: Dump cluster resources if deletion times out (#​10967)
• e2e: Enable ability to test pre-releases of kubernetes (#​10412)
• e2e: Enable kubeadm ControlPlaneKubeletLocalMode feature gate in e2e tests (#​10940)
• e2e: Enhance E2E Tests to Filter Out Extra Provider-Specific Metadata (#​10715)
• e2e: Ensure resourceVersions are stable (#​10530)
• e2e: Export more func in test/e2e/common.go (#​10420)
• e2e: Fix finalizers assertions (#​10735)
• e2e: Improve E2E tests for finalizers and ownerRefs (#​10730)
• e2e: Improve E2E ValidateFinalizers and ValidateOwnerRef (#​10693)
• e2e: Improve error output of ValidateResourceVersionStable (#​11020)
• e2e: Improve metadata assertions in ClusterClass rollout test (#​10851)
• e2e: Test/framework: scale up should use allocatable memory (#​11007)
• e2e: Test: add coverage to find issues running on the next kubernetes release as management cluster (#​11014)
• e2e: Test: add restConfigModifier Option to clusterProxy (#​10832)
• e2e: Test: check for metadata.yaml when resolving releases to not try to use unreleased versions + avoid retry on 404 (also in clusterctl) (#​10618)
• e2e: Test: Dump resources before deleting extensionconfig (#​10874)
• e2e: Test: fix machinepool test to wait for topology controller to set correct number of replicas first (#​10952)
• e2e: Test: improve output for ValidateResourceVersionStable by using BeComparable instead of Equal (#​10652)
• e2e: Test: skip cleanup of additional kind cluster if flag is set (#​10910)
• e2e: Test: stop using Consistently for rollout checks (#​10999)
• e2e: Test: use pause image for autoscaler tests (#​10879)
• e2e: Test: use pause instead of nginx (#​10887)
• IPAM: Add Ready condition failure reasons (#​10660)
• IPAM: Add spec.clusterName to IPAddressClaim (#​10182)
• KCP: Add compare util using go-cmp, modify webhooks & KCP controller (#​10628)
• KCP: Bump corefile-migration to support CoreDNS v1.11.3 (#​10985)
• Logging: Fix log keys, use upper case for logs (#​10613)
• Logging: Log error when calling a Runtime Extension gets an error that is ignored because of failure policy (#​11031)
• Logging: Set terminationMessagePolicy to FallbackToLogsOnError for all managers (#​10580)
• Machine: Improve logs & conditions when machine is waiting for node (#​10757)
• Machine: Propagate timeout fields from MachineSet to Machine during Machine deletion (#​10589)
• MachineDeployment: Deprecate MachineDeployment revision management (#​10855)
• MachineDeployment: Log reason for MachineDeployment rollouts / MachineSet creations (#​10688)
• MachineHealthCheck: Deprecate MHC MaxUnhealthy & UnhealthyRange fields (#​10853)
• MachineHealthCheck: MachineHealthCheck should take Machine's InfraReady condition (#​10718)
• MachineHealthCheck: Reenable 2 MHC unit tests (#​10906)
• MachinePool: Improve MP unit test coverage (#​10939)
• MachinePool: MinReadySeconds for machinepools (#​9837)
• MachineSet: Deprioritize unknown NodeHealthy conditions for deletion (#​10763)
• MachineSet: Ensure unhealthy machines get deletion priority (#​10755)
• ClusterClass/e2e: Add MP back to dualstack E2E test (#​10135)
• KCP/ClusterResourceSet: Do not update observed generation if there are reconcile errors (#​10736)
• KCP/MachineSet: Flag for old infra machine naming (#​10576)
• Machine/MachineSet: Remove redundant watch event handlers via Owns() (#​10048)
• MachineSet/MachineDeployment: Preserve finalizers during MS/Machine reconciliation (#​10694)
• Release: Prepare main branch for v1.8 development (#​10524)
• Release: Push manifests for main & release-.* (#​10521)
• Release: Release notes: also detect alpha releases as pre releases (#​10369)
• Release: Swap in new 1.8 RT members in OWNERS (#​10473)
• Release: Update order of release note generation tasks (#​10397)
• Security: Cleanup owner files (#​10642)
• Testing: Allow control plane count to be configurable in clusterctl upgrade test. (#​10584)
• Testing: Bump Kubernetes in tests to v1.30.0 and claim support for v1.30 (#​10454)
• Testing: Envtest: Setup Machine webhook only once (#​10506)
• Testing: Export method and types for ClusterUpgradeWithRuntimeSDK (#​10788)
• Testing: Improve SSA patch test (#​10525)
• Testing: Improve tilt setup for local e2e (#​10467)
• Testing: Replace reflect.DeepEqual in tests (#​10619)
• Testing: Support MachinePools without MachinePoolMachines in clusterctl upgrade test (#​10498)
• Testing: Test/framework: Allow ScaleUp Deployment image to be customized (#​10995)
• Testing: Use kind as a secondary management cluster for clusterctl E2E tests (#​10639)
• Testing: Use testing.Setenv instead of os.Setenv (#​10919)
• Testing: Use testing.TempDir instead of os.MkdirTemp (#​10918)
• util: Add test for patchHelper logic around deletionTimestamps/finalizers (#​10866)
• util: Allow ClusterCacheTracker to set CacheByObject (#​10950)

📖 Additionally, there have been 49 contributions to our documentation and book. (#​10265, #​10293, #​10310, #​10317, #​10328, #​10346, #​10355, #​10358, #​10366, #​10367, #​10371, #​10385, #​10392, #​10414, #​10418, #​10443, #​10444, #​10449, #​10455, #​10475, #​10480, #​10490, #​10528, #​10529, #​10531, #​10534, #​10549, #​10555, #​10558, #​10561, #​10583, #​10594, #​10630, #​10640, #​10685, #​10719, #​10748, #​10752, #​10777, #​10795, #​10817, #​10825, #​10856, #​10857, #​10861, #​10865, #​10891, #​10930, #​10966)

Dependencies

Added

• github.com/chromedp/cdproto: 3cf4e6d
• github.com/chromedp/chromedp: v0.9.2
• github.com/chromedp/sysutil: v1.0.0
• github.com/fxamacker/cbor/v2: v2.6.0
• github.com/go-task/slim-sprig/v3: v3.0.0
• github.com/gobwas/httphead: v0.1.0
• github.com/gobwas/pool: v0.2.1
• github.com/gobwas/ws: v1.2.1
• github.com/x448/float16: v0.8.4
• golang.org/x/telemetry: f48c80b
• k8s.io/gengo/v2: 51d4e06

Changed

• cloud.google.com/go/bigquery: v1.57.1 → v1.3.0
• cloud.google.com/go/compute/metadata: v0.2.3 → v0.3.0
• cloud.google.com/go/compute: v1.23.3 → v1.24.0
• cloud.google.com/go/datastore: v1.15.0 → v1.0.0
• cloud.google.com/go/firestore: v1.14.0 → v1.15.0
• cloud.google.com/go/longrunning: v0.5.4 → v0.5.5
• cloud.google.com/go/pubsub: v1.33.0 → v1.1.0
• cloud.google.com/go: v0.110.10 → v0.112.1
• github.com/adrg/xdg: v0.4.0 → v0.5.0
• github.com/chzyer/readline: 2972be2 → v1.5.1
• github.com/cncf/xds/go: e9ce688 → 0fa0005
• github.com/coredns/caddy: v1.1.0 → v1.1.1
• github.com/coredns/corefile-migration: v1.0.21 → v1.0.23
• github.com/cpuguy83/go-md2man/v2: v2.0.3 → v2.0.4
• github.com/distribution/reference: v0.5.0 → v0.6.0
• github.com/emicklei/go-restful/v3: v3.11.0 → v3.12.1
• github.com/envoyproxy/go-control-plane: v0.11.1 → v0.12.0
• github.com/envoyproxy/protoc-gen-validate: v1.0.2 → v1.0.4
• github.com/fatih/color: v1.16.0 → v1.17.0
• github.com/go-logr/logr: v1.4.1 → v1.4.2
• github.com/golang/glog: v1.1.2 → v1.2.0
• github.com/google/cel-go: v0.17.7 → v0.17.8
• github.com/google/pprof: 4bb14d4 → a892ee0
• github.com/google/uuid: v1.4.0 → v1.6.0
• github.com/googleapis/gax-go/v2: v2.12.0 → v2.12.3
• github.com/hashicorp/consul/api: v1.25.1 → v1.28.2
• github.com/hashicorp/errwrap: v1.0.0 → v1.1.0
• github.com/hashicorp/go-multierror: v1.0.0 → v1.1.1
• github.com/ianlancetaylor/demangle: 28f6c0f → bd984b5
• github.com/klauspost/compress: v1.17.0 → v1.17.2
• github.com/nats-io/nats.go: v1.31.0 → v1.34.0
• github.com/nats-io/nkeys: v0.4.6 → v0.4.7
• github.com/onsi/ginkgo/v2: v2.17.1 → v2.19.1
• github.com/onsi/gomega: v1.32.0 → v1.34.0
• github.com/pelletier/go-toml/v2: v2.1.0 → v2.2.2
• github.com/prometheus/client_model: v0.5.0 → v0.6.0
• github.com/sagikazarmark/crypt: v0.17.0 → v0.19.0
• github.com/spf13/cobra: v1.8.0 → v1.8.1
• github.com/spf13/viper: v1.18.2 → v1.19.0
• github.com/stretchr/objx: v0.5.0 → v0.5.2
• github.com/stretchr/testify: v1.8.4 → v1.9.0
• go.etcd.io/etcd/api/v3: v3.5.13 → v3.5.15
• go.etcd.io/etcd/client/pkg/v3: v3.5.13 → v3.5.15
• go.etcd.io/etcd/client/v2: v2.305.10 → v2.305.12
• go.etcd.io/etcd/client/v3: v3.5.13 → v3.5.15

---

Configuration

📅 Schedule: Branch creation - "on the first day of the month" in timezone Europe/Berlin, Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.

---

• If you want to rebase/retry this PR, check this box

[cluster-stack-bot]

⚠️ Artifact update problem

Renovate failed to update an artifact related to this branch. You probably do not want to merge this PR as-is.

♻ Renovate will retry this branch, including artifacts, only when one of the following happens:

• any of the package files in this branch needs updating, or
• the branch becomes conflicted, or
• you click the rebase/retry checkbox if found above, or
• you rename this PR's title to start with "rebase!" to trigger it manually

The artifact failure details are included below:

File name: undefined

Command failed: BUILD_IMAGE_TOKEN=**redacted** BUILD_IMAGE_USER=batistein CI=true ./hack/upgrade-builder-image.sh
+ git diff --exit-code .builder-image-version.txt images/builder/Dockerfile images/builder/build.sh
+ '[' true = true ']'
+ echo **redacted**
+ docker login ghcr.io -u batistein --password-stdin
WARNING! Your password will be stored unencrypted in /home/ubuntu/.docker/config.json.
Configure a credential helper to remove this warning. See
https://docs.docker.com/engine/reference/commandline/login/#credential-stores

++ git fetch --quiet origin main
++ git show origin/main:.builder-image-version.txt
+ VERSION=0.1.2
+ '[' -z 0.1.2 ']'
+ export VERSION
++ semver_upgrade patch 0.1.2
++ IFS=.
++ read -r version minor patch
++ case "$1" in
++ tag=0.1.3
++ echo 0.1.3
+ NEW_VERSION=0.1.3
+ export NEW_VERSION
+ docker manifest inspect ghcr.io/sovereigncloudstack/cspo-builder:0.1.2
+ echo 0.1.3
+ echo 'Wrote new version 0.1.3 to .builder-image-version.txt'
+ docker manifest inspect ghcr.io/sovereigncloudstack/cspo-builder:0.1.3
+ echo 0
+ sed -i -e '/^BUILDER_IMAGE_VERSION /s/:=.*$/:= 0.1.3/' Makefile
+ grep -r -E 'ghcr.io/sovereigncloudstack/cspo-builder:[0-9].*.*' -l
+ xargs sed -i -e 's/ghcr.io\/sovereigncloudstack\/cspo-builder:0.1.2/ghcr.io\/sovereigncloudstack\/cspo-builder:0.1.3/g'
+ docker build -t ghcr.io/sovereigncloudstack/cspo-builder:0.1.3 ./images/builder
DEPRECATED: The legacy builder is deprecated and will be removed in a future release.
            Install the buildx component to build images with BuildKit:
            https://docs.docker.com/go/buildx/

The command '/bin/sh -c apk add -U --no-cache     curl     clusterctl=~${CLUSTERCTL_VERSION#v}     controller-gen=~${CONTROLLER_GEN_VERSION#v}     kind=~${KIND_VERSION#v}     kubectl=~${KUBECTL_VERSION#v}     kustomize=~${KUSTOMIZE_VERSION#v}     trivy=~${TRIVY_VERSION#v}' returned a non-zero code: 1

[cluster-stack-bot]

Edited/Blocked Notification

Renovate will not automatically rebase this PR, because it does not recognize the last commit author and assumes somebody else may have edited the PR.

You can manually request rebase by checking the rebase/retry box above.

⚠️ Warning: custom changes will be lost.