epostnikof/kubespray
1
0
Fork 0
mirror of https://github.com/kubernetes-sigs/kubespray.git synced 2025-12-13 21:34:40 +03:00
Code Issues Packages Projects Releases Wiki Activity
8,595 Commits 44 Branches 87 Tags
57f7c4471819f353cf5580bc12e0cb2628742844
Commit Graph

8595 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
dependabot[bot]
57f7c44718 build(deps): bump redhat-plumbers-in-action/advanced-issue-labeler (#12756) 
Bumps [redhat-plumbers-in-action/advanced-issue-labeler](https://github.com/redhat-plumbers-in-action/advanced-issue-labeler) from 3.2.3 to 3.2.4.
- [Release notes](https://github.com/redhat-plumbers-in-action/advanced-issue-labeler/releases)
- [Commits](e38e6809c5...b80ae64e3e)

---
updated-dependencies:
- dependency-name: redhat-plumbers-in-action/advanced-issue-labeler
  dependency-version: 3.2.4
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-12-01 06:54:26 -08:00
Seena Fallah
5789dc839c control-plane: fix first_kube_control_plane delegation with kube_override_hostname (#12636) 
* control-plane: fix first_kube_control_plane delegation with kube_override_hostname

When kube_override_hostname is configured, the node names reported by
`kubectl get nodes` differ from the inventory_hostname known to Ansible.
This causes delegation failures in subsequent tasks since Ansible cannot
resolve the hostname from kubectl output to an inventory host.

Signed-off-by: Seena Fallah <seenafallah@gmail.com>

* control-plane: remove fragile first_control_plane selection logic

Current implementation breaks with kube_override_hostname and has
multiple edge cases. Drop until proper kubectl-based node lookup
can be implemented.

Signed-off-by: Seena Fallah <seenafallah@gmail.com>

---------

Signed-off-by: Seena Fallah <seenafallah@gmail.com>
 2025-11-25 08:10:38 -08:00
Max Gautier
3de6fa7220 Patch versions updates (#12743) 
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
 2025-11-25 01:04:37 -08:00
dependabot[bot]
9a9e8814e6 build(deps): bump peter-evans/create-pull-request from 7.0.8 to 7.0.9 (#12741) 
Bumps [peter-evans/create-pull-request](https://github.com/peter-evans/create-pull-request) from 7.0.8 to 7.0.9.
- [Release notes](https://github.com/peter-evans/create-pull-request/releases)
- [Commits](271a8d0340...84ae59a2cd)

---
updated-dependencies:
- dependency-name: peter-evans/create-pull-request
  dependency-version: 7.0.9
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-11-24 02:58:38 -08:00
dependabot[bot]
87a4f61d76 build(deps): bump actions/checkout from 5.0.0 to 6.0.0 (#12740) 
Bumps [actions/checkout](https://github.com/actions/checkout) from 5.0.0 to 6.0.0.
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](08c6903cd8...1af3b93b68)

---
updated-dependencies:
- dependency-name: actions/checkout
  dependency-version: 6.0.0
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-11-24 02:46:36 -08:00
Max Gautier
9975b5d525 Remove download support for old calico versions (#12724) 
we no longer deploy those versions
 2025-11-20 04:56:01 -08:00
Max Gautier
9d06ce1a8d CI: enable unsafe_show_logs == true by default (#12702) 
* CI: enable unsafe_show_logs == true by default

* Deduplicate defaults vars (unsafe_show_logs)
 2025-11-19 23:10:00 -08:00
Ali Afsharzadeh
bce107ce3d Upgrade cilium from 1.18.3 to 1.18.4 (#12717) 
Signed-off-by: Ali Afsharzadeh <afsharzadeh8@gmail.com>
 2025-11-18 19:51:59 -08:00
Kubernetes Prow Robot
7d7a42d931 Merge pull request #12723 from VannTen/molecule_var_in_inventory 
Put molecule variables in molecule inventories
 2025-11-18 19:47:58 -08:00
Max Gautier
5183679a89 crio: molecule: move variables to inventory 
Fix download/file (which needs the variable to determine the correct
binaries)
 2025-11-18 15:44:09 +01:00
Max Gautier
b4fe577203 gvisor: molecule: move variables to inventory 
Fix download/file (which needs the variable to determine the correct
binaries)
 2025-11-18 15:44:08 +01:00
Max Gautier
bde51ebddf youki: molecule: move variables to inventory 
Fix download/file (which needs the variable to determine the correct
binaries)
 2025-11-18 15:44:06 +01:00
Max Gautier
381426d6d5 cri-docker: molecule: move container_manager to inventory var 2025-11-18 15:44:05 +01:00
Ali Afsharzadeh
b3ee6d6b75 Adjust hubble export values for cilium 1.18 schema change (#12665) 
Signed-off-by: Ali Afsharzadeh <afsharzadeh8@gmail.com>
 2025-11-18 00:07:37 -08:00
ChengHao Yang
7436d63faa Patch versions updates (#12678) 
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
 2025-11-17 05:01:39 -08:00
Max Gautier
6138c6a1a2 CI: use a dedicated disk for releases (#12692) 
This should make 'no space left on device' problems easier to handle

Use /tmp/releases as local_release_dir CI created machine, while keeping
the same folder on the runner (needed for gitlab-ci runner pods)
 2025-11-17 02:57:39 -08:00
Max Gautier
6115eba3c3 CI: label VirtualMachineInstance with PR id and pipeline ids (#12716) 
Helps with CI debuggability
 2025-11-17 02:21:39 -08:00
Kubernetes Prow Robot
1c008d79b1 Merge pull request #12714 from tico88612/feat/gateway-api-auto-bump 
Feat: Gateway API auto bump
 2025-11-16 06:27:37 -08:00
ChengHao Yang
b4bbec6772 Feat: Gateway API version always get latest 
Signed-off-by: ChengHao Yang <17496418+tico88612@users.noreply.github.com>
 2025-11-16 22:11:48 +08:00
ChengHao Yang
5c6ee4852a Bump: Gateway API to 1.4.0 and set latest version 
Signed-off-by: ChengHao Yang <17496418+tico88612@users.noreply.github.com>
 2025-11-16 21:53:59 +08:00
ChengHao Yang
8190f952c1 Feat: add Gateway API component hash update 
Signed-off-by: ChengHao Yang <17496418+tico88612@users.noreply.github.com>
 2025-11-16 21:49:43 +08:00
ChengHao Yang
3edc3d7a36 Style: components.py argocd indent fix 
Signed-off-by: ChengHao Yang <17496418+tico88612@users.noreply.github.com>
 2025-11-16 21:48:32 +08:00
peterw
2f3f1d7e65 crio: add option pull_progress_timeout (#12555) 2025-11-15 19:53:37 -08:00
Max Gautier
71c69ec12c CI: Try a full ssh connection on hosts instead of only checking the port (#12416) 
* CI: Try a full ssh connection on hosts instead of only checking the port

If we only try the port, we can try to connect in the playbook which is
executed next even though the managed node has not yet completed it's
boot-up sequence ("System is booting up. Unprivileged users are not
permitted to log in yet. Please come back later. For technical details,
see pam_nologin(8).")

This does not account for python-less hosts, but we don't use those in
CI anyway (for now, at least).

* CI: Remove connection method override when creating VMs

This prevented wait_for_connection to work correctly by hijacking the
connection to localhost, thus bypassing the connection check.
 2025-11-15 08:37:37 -08:00
R. P. Taylor
dab0947150 change kubectl_node_schedulable var (#12661) 2025-11-15 07:01:37 -08:00
Max Gautier
5488e7d805 Update pre-commit hooks (#12707) 2025-11-14 07:51:41 -08:00
Max Gautier
ca9873cfcb crictl: remove useless layer of include_tasks (#12656) 2025-11-14 06:57:39 -08:00
Bas
65f33c3ef0 Install the clone as collection in SemaphoreUI if airgapped. (#12660) 
Signed-off-by: Bas Meijer <bas.meijer@enexis.nl>
 2025-11-14 06:45:40 -08:00
Anurag Ojha
5eccf9ea6c fix(cilium):correct loadBalancer.mode rendering in values.yaml (#12701) 2025-11-14 06:39:38 -08:00
Max Gautier
db599b3475 Patch version updates (#12696) 2025-11-14 04:41:45 -08:00
Chris Ricker
47140083dc Update Calico apiserver RBAC for Kubernetes 1.33+ (#12654) 
Add missing RBAC permissions for Calico apiserver to function correctly
with Kubernetes 1.33+

Changes:

1. Add K8s 1.33 ValidatingAdmissionPolicy resources to calico-webhook-reader
   - validatingadmissionpolicies
   - validatingadmissionpolicybindings

Kubernetes 1.33 introduced ValidatingAdmissionPolicy resources (KEP-3488)
that require explicit RBAC permissions. Without these changes, Calico
apiserver on k8s 1.33+ will not work and needless errors are logged
 2025-11-14 00:23:38 -08:00
ChengHao Yang
2d179879a0 Bump Sonobuoy to 0.57.3 (#12673) 
Signed-off-by: ChengHao Yang <17496418+tico88612@users.noreply.github.com>
 2025-11-11 19:00:56 -08:00
Max Gautier
61b8e4ce84 Test the correct version when testing collection + upgrade (#12675) 
If we don't rebuild the collection and remove the previous archive we'll
test the first built.
 2025-11-11 18:56:56 -08:00
Max Gautier
97a3776d8e Remove etcd member by peerURLs (#12682) 
* Remove etcd member by peerURLs

The way to obtain the IP of a particular member is convoluted and depend
on multiple variables. The match is also textual and it's not clear
against what we're matching

It's also broken for etcd member which are not also Kubernetes nodes,
because the "Lookup node IP in kubernetes" task will fail and abort the
play.

Instead, match against 'peerURLs', which does not need new variable, and
use json output.

* Add testcase for etcd removal on external etcd

* do not merge

* fixup! Remove etcd member by peerURLs

* fixup! Remove etcd member by peerURLs
 2025-11-10 03:52:56 -08:00
Max Gautier
990695de7b Let containerd create storage / state dir (#12681) 
Containerd manages by itself, so there is no need to override it and
change permissions.
 2025-11-10 03:42:56 -08:00
dependabot[bot]
4059c699dc build(deps): bump octokit/graphql-action from 2.3.2 to 3.0.0 (#12680) 
Bumps [octokit/graphql-action](https://github.com/octokit/graphql-action) from 2.3.2 to 3.0.0.
- [Release notes](https://github.com/octokit/graphql-action/releases)
- [Commits](8ad880e4d4...abaeca7ba4)

---
updated-dependencies:
- dependency-name: octokit/graphql-action
  dependency-version: 3.0.0
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-11-10 00:50:56 -08:00
xin053
e22ce15429 Update cinder-csi image tag for offline install (#12627) 2025-11-08 21:38:52 -08:00
Max Gautier
452d4e63e0 Fix the (upgrade/remove_node) + collection test cases (#12672) 
The 'old' playbook and the collection use '-' and '_' as separator,
which breaks the logic in scripts/testcases_run.sh.

Add aliases using the old schemes to make the test work and avoid
breaking anything.

Both '-' and '_' variants will be deleted once we switch to supporting
collection only.
 2025-11-07 07:22:55 -08:00
Kubernetes Prow Robot
d2a46b4ff8 Merge pull request #12671 from VannTen/prep/kubectl_apply_ssa 
Make kubectl_apply_stdin available to other roles (+ SSA support)
 2025-11-07 03:42:52 -08:00
Max Gautier
e090c9ee26 Factor kubectl_apply_stdin into separate "vars only" role 
This is needed to make it available to other roles than kubernetes-apps
 2025-11-07 09:34:57 +01:00
Max Gautier
0d6d3f5828 kubectl_apply_stdin SSA support 2025-11-07 09:34:29 +01:00
Max Gautier
b9662dbd86 cleanup: don't cleanup runc orphan binary on immutable distros (#12669) 2025-11-06 22:16:53 -08:00
Ali Afsharzadeh
f5a480fdc4 Upgrade cilium from 1.18.2 to 1.18.3 (#12649) 2025-11-06 21:42:52 -08:00
Albin Björk
5dce75d29b upcloud: updated terraform provider version (#12642) 2025-10-24 00:53:34 -07:00
Max Gautier
5acde6cfe2 Get conf checksum directly for localhost CP loadbalancer (#12632) 
There is no need to stat the templated file, because the template module
already returns a checksum.
 2025-10-23 22:57:36 -07:00
Meza
c6926eb2f9 fix(calico): Add missed rbac verb for hostendpoints (#12641) 
Signed-off-by: Meza <meza-xyz@proton.me>
 2025-10-23 09:29:34 -07:00
Meza
1930ab7ed6 [docs] Fix typos found in the docs (#12638) 
Signed-off-by: Meza <meza-xyz@proton.me>
 2025-10-22 20:22:38 -07:00
dependabot[bot]
3edc979384 build(deps): bump cryptography from 46.0.2 to 46.0.3 (#12635) 
Bumps [cryptography](https://github.com/pyca/cryptography) from 46.0.2 to 46.0.3.
- [Changelog](https://github.com/pyca/cryptography/blob/main/CHANGELOG.rst)
- [Commits](https://github.com/pyca/cryptography/compare/46.0.2...46.0.3)

---
updated-dependencies:
- dependency-name: cryptography
  dependency-version: 46.0.3
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-10-19 23:52:12 -07:00
Max Gautier
cde7b2b022 Remove leftover docs fragment about mitogen (#12630) 
This was left behind from 1fb14b746 (docs: remove outdated mitogen
documentation. (#12619), 2025-10-14)
 2025-10-17 08:44:43 -07:00
i-yasuda
0d88532f3d [kubernetes] Support kubernetes 1.34 (#12549) 
* [kubernetes] Support kubernetes 1.34.0

Update hashes for kubernetes 1.34.0 except for cri-o

* [kubernetes] Support kubernetes 1.34.1

Update hashes for kubernetes 1.34.1

* [cri-o] Update cri-o to 1.34.1

---------

Co-authored-by: Takuya Murakami <tmurakam@tmurakam.org>
 2025-10-17 01:56:42 -07:00