Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Sync the devel branch with upstream #178

Merged
merged 25 commits into from
Aug 8, 2023
Merged

Sync the devel branch with upstream #178

merged 25 commits into from
Aug 8, 2023

Commits on Jul 11, 2023

  1. rebase: Bump golang.org/x/crypto from 0.10.0 to 0.11.0 

    Bumps [golang.org/x/crypto](https://github.com/golang/crypto) from 0.10.0 to 0.11.0.
- [Commits](golang/crypto@v0.10.0...v0.11.0)

---
updated-dependencies:
- dependency-name: golang.org/x/crypto
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <[email protected]>
    @dependabot @mergify
    dependabot[bot] authored and mergify[bot] committed Jul 11, 2023
    Configuration menu
    Copy the full SHA
    a8c5ebb View commit details
    Browse the repository at this point in the history

  2. rebase: Bump google.golang.org/grpc from 1.56.1 to 1.56.2 

    Bumps [google.golang.org/grpc](https://github.com/grpc/grpc-go) from 1.56.1 to 1.56.2.
- [Release notes](https://github.com/grpc/grpc-go/releases)
- [Commits](grpc/grpc-go@v1.56.1...v1.56.2)

---
updated-dependencies:
- dependency-name: google.golang.org/grpc
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <[email protected]>
    @dependabot @mergify
    dependabot[bot] authored and mergify[bot] committed Jul 11, 2023
    Configuration menu
    Copy the full SHA
    f23eb18 View commit details
    Browse the repository at this point in the history

Commits on Jul 12, 2023

  1. rebase: Bump golang.org/x/net from 0.11.0 to 0.12.0 

    Bumps [golang.org/x/net](https://github.com/golang/net) from 0.11.0 to 0.12.0.
- [Commits](golang/net@v0.11.0...v0.12.0)

---
updated-dependencies:
- dependency-name: golang.org/x/net
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <[email protected]>
    @dependabot @mergify
    dependabot[bot] authored and mergify[bot] committed Jul 12, 2023
    Configuration menu
    Copy the full SHA
    4a263fc View commit details
    Browse the repository at this point in the history

Commits on Jul 13, 2023

  1. deploy: Update provisioner image repository 

    Update ceph-csi-rbd helm chart to use the released image
repo for csi-provisioner instead of the staging repo.

Fixes: #3976
Signed-off-by: karthik-us <[email protected]>
    @karthik-us @mergify
    karthik-us authored and mergify[bot] committed Jul 13, 2023
    Configuration menu
    Copy the full SHA
    89ad6e8 View commit details
    Browse the repository at this point in the history

  2. e2e: Fixing the TODO in createCephfsStorageClass 

    Fixing the TODO from createCephfsStorageClass()
since v3.9 is released and upgrade tests will be
run from v3.9 to devel.
#3994

Fixes: #3911
Signed-off-by: karthik-us <[email protected]>
    @karthik-us @mergify
    karthik-us authored and mergify[bot] committed Jul 13, 2023
    Configuration menu
    Copy the full SHA
    47b79c8 View commit details
    Browse the repository at this point in the history

Commits on Jul 14, 2023

  1. cephfs: add CSI-Addons support to the cephfs 

    this commit adds CSI-Addons support to the
cephfs provisioner

Signed-off-by: riya-singhal31 <[email protected]>
    @riya-singhal31 @mergify
    riya-singhal31 authored and mergify[bot] committed Jul 14, 2023
    Configuration menu
    Copy the full SHA
    d432421 View commit details
    Browse the repository at this point in the history

Commits on Jul 18, 2023

  1. rebase: Bump github.com/aws/aws-sdk-go from 1.44.298 to 1.44.301 

    Bumps [github.com/aws/aws-sdk-go](https://github.com/aws/aws-sdk-go) from 1.44.298 to 1.44.301.
- [Release notes](https://github.com/aws/aws-sdk-go/releases)
- [Commits](aws/aws-sdk-go@v1.44.298...v1.44.301)

---
updated-dependencies:
- dependency-name: github.com/aws/aws-sdk-go
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <[email protected]>
    @dependabot @mergify
    dependabot[bot] authored and mergify[bot] committed Jul 18, 2023
    Configuration menu
    Copy the full SHA
    018d113 View commit details
    Browse the repository at this point in the history

  2. rebase: Bump github.com/aws/aws-sdk-go-v2/service/sts 

    Bumps [github.com/aws/aws-sdk-go-v2/service/sts](https://github.com/aws/aws-sdk-go-v2) from 1.19.2 to 1.19.3.
- [Release notes](https://github.com/aws/aws-sdk-go-v2/releases)
- [Changelog](https://github.com/aws/aws-sdk-go-v2/blob/main/CHANGELOG.md)
- [Commits](aws/aws-sdk-go-v2@service/ecs/v1.19.2...service/efs/v1.19.3)

---
updated-dependencies:
- dependency-name: github.com/aws/aws-sdk-go-v2/service/sts
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <[email protected]>
    @dependabot @mergify
    dependabot[bot] authored and mergify[bot] committed Jul 18, 2023
    Configuration menu
    Copy the full SHA
    b1d1d3b View commit details
    Browse the repository at this point in the history

Commits on Jul 19, 2023

  1. rebase: update minikube to v1.31.0 

    update minikube version to the latest
release.

Signed-off-by: Madhu Rajanna <[email protected]>
    @Madhu-1 @mergify
    Madhu-1 authored and mergify[bot] committed Jul 19, 2023
    Configuration menu
    Copy the full SHA
    63871d8 View commit details
    Browse the repository at this point in the history

Commits on Jul 21, 2023

  1. ci: add CSI_UPGRADE_VERSION var to build.env 

    Currently, upgrade version for upgrade tests
need to be set in ci/centos branch.
This commit adds a variable in build.env,
so that we have the flexibility to use
this value instead.

Signed-off-by: Rakshith R <[email protected]>
    @Rakshith-R @mergify
    Rakshith-R authored and mergify[bot] committed Jul 21, 2023
    Configuration menu
    Copy the full SHA
    3477e9c View commit details
    Browse the repository at this point in the history

  2. doc: update documentation for v3.8.1 release 

    This commit updates readme doc for v3.8.1 release.

Signed-off-by: Rakshith R <[email protected]>
    @Rakshith-R @mergify
    Rakshith-R authored and mergify[bot] committed Jul 21, 2023
    Configuration menu
    Copy the full SHA
    35eb347 View commit details
    Browse the repository at this point in the history

Commits on Jul 24, 2023

  1. doc: adding empty storageClassName in static pvc 

    we need to add `storageClassName: ""` in static pvc
yaml other we'll get error
```
Cannot bind to requested volume "fs-static-pv": storageClassName does not match
```

Signed-off-by: subhamkrai <[email protected]>
    @subhamkrai @mergify
    subhamkrai authored and mergify[bot] committed Jul 24, 2023
    Configuration menu
    Copy the full SHA
    1b2e200 View commit details
    Browse the repository at this point in the history

Commits on Jul 25, 2023

  1. rebase: Bump k8s.io/api from 0.27.3 to 0.27.4 in /api 

    Bumps [k8s.io/api](https://github.com/kubernetes/api) from 0.27.3 to 0.27.4.
- [Commits](kubernetes/api@v0.27.3...v0.27.4)

---
updated-dependencies:
- dependency-name: k8s.io/api
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <[email protected]>
    @dependabot @mergify
    dependabot[bot] authored and mergify[bot] committed Jul 25, 2023
    Configuration menu
    Copy the full SHA
    e94d0ba View commit details
    Browse the repository at this point in the history

  2. rebase: run go mod tidy && go mod vendor 

    Signed-off-by: Niels de Vos <[email protected]>
    @nixpanic @mergify
    nixpanic authored and mergify[bot] committed Jul 25, 2023
    Configuration menu
    Copy the full SHA
    0f086be View commit details
    Browse the repository at this point in the history

Commits on Jul 26, 2023

  1. rebase: Bump github.com/aws/aws-sdk-go from 1.44.301 to 1.44.307 

    Bumps [github.com/aws/aws-sdk-go](https://github.com/aws/aws-sdk-go) from 1.44.301 to 1.44.307.
- [Release notes](https://github.com/aws/aws-sdk-go/releases)
- [Commits](aws/aws-sdk-go@v1.44.301...v1.44.307)

---
updated-dependencies:
- dependency-name: github.com/aws/aws-sdk-go
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <[email protected]>
    @dependabot @mergify
    dependabot[bot] authored and mergify[bot] committed Jul 26, 2023
    Configuration menu
    Copy the full SHA
    a2762b8 View commit details
    Browse the repository at this point in the history

  2. rebase: Bump github.com/aws/aws-sdk-go from 1.44.307 to 1.44.308 

    Bumps [github.com/aws/aws-sdk-go](https://github.com/aws/aws-sdk-go) from 1.44.307 to 1.44.308.
- [Release notes](https://github.com/aws/aws-sdk-go/releases)
- [Commits](aws/aws-sdk-go@v1.44.307...v1.44.308)

---
updated-dependencies:
- dependency-name: github.com/aws/aws-sdk-go
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <[email protected]>
    @dependabot @mergify
    dependabot[bot] authored and mergify[bot] committed Jul 26, 2023
    Configuration menu
    Copy the full SHA
    3bc3aa5 View commit details
    Browse the repository at this point in the history

  3. rebase: update Kubernetes modules to v1.27.4 

    Dependabot complains about Ceph-CSI being vulnerable to
GHSA-f4w6-3rh6-6q4q . This is an old and addressed CSI sidecar issue,
not related to the k8s.io/kubernetes module listed in go.mod. Is it
possible that updating the Kubernetes modules helps?

Signed-off-by: Niels de Vos <[email protected]>
    @nixpanic @mergify
    nixpanic authored and mergify[bot] committed Jul 26, 2023
    Configuration menu
    Copy the full SHA
    30da273 View commit details
    Browse the repository at this point in the history

  4. ci: allow CVE-2019-11255 in Kubernetes module dependency 

    It is unclear how a module for utility functions can have the same
problem as a separate side-car that is expected to do the input
validation. The side-cars have been fixed already, no further details
are in the CVE description (from 2019).

See-also: https://github.com/advisories/GHSA-f4w6-3rh6-6q4
Signed-off-by: Niels de Vos <[email protected]>
    @nixpanic @mergify
    nixpanic authored and mergify[bot] committed Jul 26, 2023
    Configuration menu
    Copy the full SHA
    ce26b0e View commit details
    Browse the repository at this point in the history

Commits on Jul 27, 2023

  1. rebase: Bump github.com/aws/aws-sdk-go-v2/service/sts 

    Bumps [github.com/aws/aws-sdk-go-v2/service/sts](https://github.com/aws/aws-sdk-go-v2) from 1.19.3 to 1.20.0.
- [Release notes](https://github.com/aws/aws-sdk-go-v2/releases)
- [Changelog](https://github.com/aws/aws-sdk-go-v2/blob/main/CHANGELOG.md)
- [Commits](aws/aws-sdk-go-v2@service/efs/v1.19.3...service/s3/v1.20.0)

---
updated-dependencies:
- dependency-name: github.com/aws/aws-sdk-go-v2/service/sts
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <[email protected]>
    @dependabot @mergify
    dependabot[bot] authored and mergify[bot] committed Jul 27, 2023
    Configuration menu
    Copy the full SHA
    7311e72 View commit details
    Browse the repository at this point in the history

Commits on Jul 28, 2023

  1. rebase: Bump github.com/onsi/gomega from 1.27.8 to 1.27.10 

    Bumps [github.com/onsi/gomega](https://github.com/onsi/gomega) from 1.27.8 to 1.27.10.
- [Release notes](https://github.com/onsi/gomega/releases)
- [Changelog](https://github.com/onsi/gomega/blob/master/CHANGELOG.md)
- [Commits](onsi/gomega@v1.27.8...v1.27.10)

---
updated-dependencies:
- dependency-name: github.com/onsi/gomega
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <[email protected]>
    @dependabot @mergify
    dependabot[bot] authored and mergify[bot] committed Jul 28, 2023
    Configuration menu
    Copy the full SHA
    007988d View commit details
    Browse the repository at this point in the history

Commits on Aug 1, 2023

  1. rebase: Bump github.com/aws/aws-sdk-go from 1.44.308 to 1.44.313 

    Bumps [github.com/aws/aws-sdk-go](https://github.com/aws/aws-sdk-go) from 1.44.308 to 1.44.313.
- [Release notes](https://github.com/aws/aws-sdk-go/releases)
- [Commits](aws/aws-sdk-go@v1.44.308...v1.44.313)

---
updated-dependencies:
- dependency-name: github.com/aws/aws-sdk-go
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <[email protected]>
    @dependabot @mergify
    dependabot[bot] authored and mergify[bot] committed Aug 1, 2023
    Configuration menu
    Copy the full SHA
    2acf7fc View commit details
    Browse the repository at this point in the history

  2. rebase: Bump github.com/aws/aws-sdk-go-v2/service/sts 

    Bumps [github.com/aws/aws-sdk-go-v2/service/sts](https://github.com/aws/aws-sdk-go-v2) from 1.20.0 to 1.21.0.
- [Release notes](https://github.com/aws/aws-sdk-go-v2/releases)
- [Changelog](https://github.com/aws/aws-sdk-go-v2/blob/main/CHANGELOG.md)
- [Commits](aws/aws-sdk-go-v2@v1.20.0...service/s3/v1.21.0)

---
updated-dependencies:
- dependency-name: github.com/aws/aws-sdk-go-v2/service/sts
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <[email protected]>
    @dependabot @mergify
    dependabot[bot] authored and mergify[bot] committed Aug 1, 2023
    Configuration menu
    Copy the full SHA
    f9310c8 View commit details
    Browse the repository at this point in the history

  3. rebase: Bump google.golang.org/grpc from 1.56.2 to 1.57.0 

    Bumps [google.golang.org/grpc](https://github.com/grpc/grpc-go) from 1.56.2 to 1.57.0.
- [Release notes](https://github.com/grpc/grpc-go/releases)
- [Commits](grpc/grpc-go@v1.56.2...v1.57.0)

---
updated-dependencies:
- dependency-name: google.golang.org/grpc
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <[email protected]>
    @dependabot @mergify
    dependabot[bot] authored and mergify[bot] committed Aug 1, 2023
    Configuration menu
    Copy the full SHA
    e7a8e5d View commit details
    Browse the repository at this point in the history

Commits on Aug 7, 2023

  1. ci: use podman for simple GitHub workflows 

    `podman` is installed by default on the Ubuntu runners. Podman is
recommended for developers and contributors, as there are no elevated
privileges required to run it. Docker requires extra permissions to
build and or run container images, and contributors to Ceph-CSI should
not need to spend time working with that (several developers run the
`docker` command with `sudo`, which is discouraged).

Only the multi-arch Workflows require Docker, for the time being.

Signed-off-by: Niels de Vos <[email protected]>
    @nixpanic @mergify
    nixpanic authored and mergify[bot] committed Aug 7, 2023
    Configuration menu
    Copy the full SHA
    f371aa2 View commit details
    Browse the repository at this point in the history

  2. rebase: update golang.org/x/net to v0.14 

    golang.org/x/net/html v0.12 is vulnerable against CVE-2023-3978.
Exploiting it through Ceph-CSI is non-trivial, but rebasing
golang.org/x/net should take away any concerns.

See-also: https://pkg.go.dev/vuln/GO-2023-1988
Signed-off-by: Niels de Vos <[email protected]>
    @nixpanic @mergify
    nixpanic authored and mergify[bot] committed Aug 7, 2023
    Configuration menu
    Copy the full SHA
    a129b1c View commit details
    Browse the repository at this point in the history