Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
deps: bump github.com/cilium/cilium from 1.15.3 to 1.15.4 (#262)
Bumps [github.com/cilium/cilium](https://github.com/cilium/cilium) from 1.15.3 to 1.15.4. <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/cilium/cilium/blob/1.15.4/CHANGELOG.md">github.com/cilium/cilium's changelog</a>.</em></p> <blockquote> <h2>v1.15.4</h2> <h2>Summary of Changes</h2> <p><strong>Minor Changes:</strong></p> <ul> <li>Add "node-map-max" to allow configuring nodemap size. (Backport PR <a href="https://redirect.github.com/cilium/cilium/issues/31727">#31727</a>, Upstream PR <a href="https://redirect.github.com/cilium/cilium/issues/31407">#31407</a>, <a href="https://github.com/tommyp1ckles"><code>@tommyp1ckles</code></a>)</li> <li>Add line numbers and file names to all metrics in 'cilium-dbg bpf metrics list' (Backport PR <a href="https://redirect.github.com/cilium/cilium/issues/31558">#31558</a>, Upstream PR <a href="https://redirect.github.com/cilium/cilium/issues/30972">#30972</a>, <a href="https://github.com/ti-mo"><code>@ti-mo</code></a>)</li> <li>bugtool: Collect hubble metrics (Backport PR <a href="https://redirect.github.com/cilium/cilium/issues/31890">#31890</a>, Upstream PR <a href="https://redirect.github.com/cilium/cilium/issues/31533">#31533</a>, <a href="https://github.com/chancez"><code>@chancez</code></a>)</li> <li>feat: Add the http return code to metric api_processed_total (Backport PR <a href="https://redirect.github.com/cilium/cilium/issues/31890">#31890</a>, Upstream PR <a href="https://redirect.github.com/cilium/cilium/issues/31227">#31227</a>, <a href="https://github.com/vipul-21"><code>@vipul-21</code></a>)</li> <li>Fix overlapping keys in agent-side service BPF map cache used for retries. In rare cases this bug may have caused retrying of a failed BPF map update for a services entry to be skipped leading to a missing entry. This may have, for example, adversely affected recovering from a full BPF service map after excess services were removed. (Backport PR <a href="https://redirect.github.com/cilium/cilium/issues/31890">#31890</a>, Upstream PR <a href="https://redirect.github.com/cilium/cilium/issues/29581">#29581</a>, <a href="https://github.com/xyz-li"><code>@xyz-li</code></a>)</li> <li>Skip overlay traffic in the BPF SNAT processing, and thus reduce pressure on the BPF Connection tracking and NAT maps. (Backport PR <a href="https://redirect.github.com/cilium/cilium/issues/31785">#31785</a>, Upstream PR <a href="https://redirect.github.com/cilium/cilium/issues/31082">#31082</a>, <a href="https://github.com/julianwiedmann"><code>@julianwiedmann</code></a>)</li> </ul> <p><strong>Bugfixes:</strong></p> <ul> <li>Avoid drops with "CT: Unknown L4 protocol" for non-ICMP/TCP/UDP traffic, caused by an error check in the BPF NAT engine. (Backport PR <a href="https://redirect.github.com/cilium/cilium/issues/31890">#31890</a>, Upstream PR <a href="https://redirect.github.com/cilium/cilium/issues/31820">#31820</a>, <a href="https://github.com/julianwiedmann"><code>@julianwiedmann</code></a>)</li> <li>cilium-health: Fix broken retry loop in <code>cilium-health-ep</code> controller (Backport PR <a href="https://redirect.github.com/cilium/cilium/issues/31727">#31727</a>, Upstream PR <a href="https://redirect.github.com/cilium/cilium/issues/31622">#31622</a>, <a href="https://github.com/gandro"><code>@gandro</code></a>)</li> <li>cni: Allow text-ts log format value (Backport PR <a href="https://redirect.github.com/cilium/cilium/issues/31890">#31890</a>, Upstream PR <a href="https://redirect.github.com/cilium/cilium/issues/31686">#31686</a>, <a href="https://github.com/sayboras"><code>@sayboras</code></a>)</li> <li>Fix a bug that could cause local packet delivery to be skipped, leading to lower performance, when IPsec was enabled and <code>--devices</code> provided. (Backport PR <a href="https://redirect.github.com/cilium/cilium/issues/31601">#31601</a>, Upstream PR <a href="https://redirect.github.com/cilium/cilium/issues/31345">#31345</a>, <a href="https://github.com/pchaigno"><code>@pchaigno</code></a>)</li> <li>Fix incorrect reporting of the number of etcd lock leases in cilium-dbg status. (Backport PR <a href="https://redirect.github.com/cilium/cilium/issues/31890">#31890</a>, Upstream PR <a href="https://redirect.github.com/cilium/cilium/issues/31781">#31781</a>, <a href="https://github.com/giorio94"><code>@giorio94</code></a>)</li> <li>fix: Delegated ipam not configure ipv6 if ipv6 disabled in agent (Backport PR <a href="https://redirect.github.com/cilium/cilium/issues/31727">#31727</a>, Upstream PR <a href="https://redirect.github.com/cilium/cilium/issues/31104">#31104</a>, <a href="https://github.com/tamilmani1989"><code>@tamilmani1989</code></a>)</li> <li>Fixed a race condition in service updates for L7 LB. (Backport PR <a href="https://redirect.github.com/cilium/cilium/issues/31860">#31860</a>, Upstream PR <a href="https://redirect.github.com/cilium/cilium/issues/31744">#31744</a>, <a href="https://github.com/jrajahalme"><code>@jrajahalme</code></a>)</li> <li>fqdn: Fix minor restore bug that causes false negative checks against a restored DNS IP map. (<a href="https://redirect.github.com/cilium/cilium/issues/31870">#31870</a>, <a href="https://github.com/nathanjsweet"><code>@nathanjsweet</code></a>)</li> <li>fqdn: Fixed bug that caused DNS Proxy to be overly restrictive on allowed DNS selectors. (Backport PR <a href="https://redirect.github.com/cilium/cilium/issues/31727">#31727</a>, Upstream PR <a href="https://redirect.github.com/cilium/cilium/issues/31328">#31328</a>, <a href="https://github.com/nathanjsweet"><code>@nathanjsweet</code></a>)</li> <li>gateway-api: Ensure hostname check when set on both the HTTPRoute and the Gateway Listener (Backport PR <a href="https://redirect.github.com/cilium/cilium/issues/31769">#31769</a>, Upstream PR <a href="https://redirect.github.com/cilium/cilium/issues/30686">#30686</a>, <a href="https://github.com/cjvirtucio87"><code>@cjvirtucio87</code></a>)</li> <li>gateway-api: fixed RequestRedirect picks wrong port with multiple listeners (Backport PR <a href="https://redirect.github.com/cilium/cilium/issues/31769">#31769</a>, Upstream PR <a href="https://redirect.github.com/cilium/cilium/issues/31361">#31361</a>, <a href="https://github.com/chaunceyjiang"><code>@chaunceyjiang</code></a>)</li> <li>gateway-api: shorten the length of the value of the svc's label. (Backport PR <a href="https://redirect.github.com/cilium/cilium/issues/31769">#31769</a>, Upstream PR <a href="https://redirect.github.com/cilium/cilium/issues/31292">#31292</a>, <a href="https://github.com/chaunceyjiang"><code>@chaunceyjiang</code></a>)</li> <li>ingress/gateway-api: sort virtual hosts in CEC (Backport PR <a href="https://redirect.github.com/cilium/cilium/issues/31739">#31739</a>, Upstream PR <a href="https://redirect.github.com/cilium/cilium/issues/31493">#31493</a>, <a href="https://github.com/mhofstetter"><code>@mhofstetter</code></a>)</li> <li>ingress/gateway-api: stable envoy listener filterchain sort-order (Backport PR <a href="https://redirect.github.com/cilium/cilium/issues/31601">#31601</a>, Upstream PR <a href="https://redirect.github.com/cilium/cilium/issues/31572">#31572</a>, <a href="https://github.com/mhofstetter"><code>@mhofstetter</code></a>)</li> <li>metric: Avoid memory leak/increase in cilium-agent (Backport PR <a href="https://redirect.github.com/cilium/cilium/issues/31890">#31890</a>, Upstream PR <a href="https://redirect.github.com/cilium/cilium/issues/31714">#31714</a>, <a href="https://github.com/sayboras"><code>@sayboras</code></a>)</li> </ul> <p><strong>CI Changes:</strong></p> <ul> <li>ci-e2e: Add e2e test with WireGuard + Host Firewall (Backport PR <a href="https://redirect.github.com/cilium/cilium/issues/31727">#31727</a>, Upstream PR <a href="https://redirect.github.com/cilium/cilium/issues/31594">#31594</a>, <a href="https://github.com/qmonnet"><code>@qmonnet</code></a>)</li> <li>ci/ipsec: Print more info to debug credentials removal check failures (Backport PR <a href="https://redirect.github.com/cilium/cilium/issues/31727">#31727</a>, Upstream PR <a href="https://redirect.github.com/cilium/cilium/issues/31652">#31652</a>, <a href="https://github.com/qmonnet"><code>@qmonnet</code></a>)</li> <li>deflake endpointmanager tests (Backport PR <a href="https://redirect.github.com/cilium/cilium/issues/31601">#31601</a>, Upstream PR <a href="https://redirect.github.com/cilium/cilium/issues/31488">#31488</a>, <a href="https://github.com/bimmlerd"><code>@bimmlerd</code></a>)</li> <li>gh/workflows: Add IPsec key rotation action and use it in ci-eks / ci-ipsec-e2e (Backport PR <a href="https://redirect.github.com/cilium/cilium/issues/31428">#31428</a>, Upstream PR <a href="https://redirect.github.com/cilium/cilium/issues/29704">#29704</a>, <a href="https://github.com/brb"><code>@brb</code></a>)</li> <li>Make BPF unit tests reproducible (Backport PR <a href="https://redirect.github.com/cilium/cilium/issues/31663">#31663</a>, Upstream PR <a href="https://redirect.github.com/cilium/cilium/issues/31526">#31526</a>, <a href="https://github.com/ti-mo"><code>@ti-mo</code></a>)</li> <li>Make testdata build output more stable by reducing header includes (Backport PR <a href="https://redirect.github.com/cilium/cilium/issues/31663">#31663</a>, Upstream PR <a href="https://redirect.github.com/cilium/cilium/issues/31644">#31644</a>, <a href="https://github.com/ti-mo"><code>@ti-mo</code></a>)</li> <li>update azure k8s versions (Backport PR <a href="https://redirect.github.com/cilium/cilium/issues/31890">#31890</a>, Upstream PR <a href="https://redirect.github.com/cilium/cilium/issues/31220">#31220</a>, <a href="https://github.com/brlbil"><code>@brlbil</code></a>)</li> <li>workflows: Debug info for key rotations (Backport PR <a href="https://redirect.github.com/cilium/cilium/issues/31727">#31727</a>, Upstream PR <a href="https://redirect.github.com/cilium/cilium/issues/31627">#31627</a>, <a href="https://github.com/pchaigno"><code>@pchaigno</code></a>)</li> <li>workflows: ipsec-e2e: add missing key types for some configs (Backport PR <a href="https://redirect.github.com/cilium/cilium/issues/31727">#31727</a>, Upstream PR <a href="https://redirect.github.com/cilium/cilium/issues/31636">#31636</a>, <a href="https://github.com/julianwiedmann"><code>@julianwiedmann</code></a>)</li> </ul> <p><strong>Misc Changes:</strong></p> <ul> <li>bitlpm: Document and Fix Descendants Bug (Backport PR <a href="https://redirect.github.com/cilium/cilium/issues/31890">#31890</a>, Upstream PR <a href="https://redirect.github.com/cilium/cilium/issues/31851">#31851</a>, <a href="https://github.com/nathanjsweet"><code>@nathanjsweet</code></a>)</li> <li>bpf: host: restore HostFW for overlay traffic in to-netdev (Backport PR <a href="https://redirect.github.com/cilium/cilium/issues/31785">#31785</a>, Upstream PR <a href="https://redirect.github.com/cilium/cilium/issues/31818">#31818</a>, <a href="https://github.com/julianwiedmann"><code>@julianwiedmann</code></a>)</li> <li>bpf: tests: don't define HAVE_ENCAP in IPsec tests (Backport PR <a href="https://redirect.github.com/cilium/cilium/issues/31785">#31785</a>, Upstream PR <a href="https://redirect.github.com/cilium/cilium/issues/31737">#31737</a>, <a href="https://github.com/julianwiedmann"><code>@julianwiedmann</code></a>)</li> <li>chore(deps): update all github action dependencies (v1.15) (<a href="https://redirect.github.com/cilium/cilium/issues/31822">#31822</a>, <a href="https://github.com/renovate"><code>@renovate</code></a>[bot])</li> <li>chore(deps): update all-dependencies (v1.15) (<a href="https://redirect.github.com/cilium/cilium/issues/31698">#31698</a>, <a href="https://github.com/renovate"><code>@renovate</code></a>[bot])</li> <li>chore(deps): update cilium/little-vm-helper action to v0.0.17 (v1.15) (<a href="https://redirect.github.com/cilium/cilium/issues/31703">#31703</a>, <a href="https://github.com/renovate"><code>@renovate</code></a>[bot])</li> <li>chore(deps): update dependency cilium/cilium-cli to v0.16.4 (v1.15) (<a href="https://redirect.github.com/cilium/cilium/issues/31674">#31674</a>, <a href="https://github.com/renovate"><code>@renovate</code></a>[bot])</li> <li>chore(deps): update docker/setup-buildx-action action to v3.3.0 (v1.15) (<a href="https://redirect.github.com/cilium/cilium/issues/31828">#31828</a>, <a href="https://github.com/renovate"><code>@renovate</code></a>[bot])</li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/cilium/cilium/commit/9b3f9a8c0d71bf70bc0fd3fbc256bacc67fe6c32"><code>9b3f9a8</code></a> Prepare for release v1.15.4</li> <li><a href="https://github.com/cilium/cilium/commit/29b08af968508d73c0a65b38a15d6404fa47fd2c"><code>29b08af</code></a> bitlpm: Document and Fix Descendants Bug</li> <li><a href="https://github.com/cilium/cilium/commit/4ae82fcb0aebd479c5b6e24512b36d3cf5d00e5e"><code>4ae82fc</code></a> docs: Remove Hubble-OTel from roadmap</li> <li><a href="https://github.com/cilium/cilium/commit/7a09b163fdef00f7d62028076df01ba9dd23cd58"><code>7a09b16</code></a> Move governance docs to the Cilium Community repo</li> <li><a href="https://github.com/cilium/cilium/commit/164cd86c78e73b8a6fef33e2c4282143ff7dc398"><code>164cd86</code></a> bpf: nat: tolerate non-CT L4 protocols when checking for reply traffic</li> <li><a href="https://github.com/cilium/cilium/commit/868bf54574c290756d03a927095020a64cd8611b"><code>868bf54</code></a> etcd: fix lock leases reporting in status</li> <li><a href="https://github.com/cilium/cilium/commit/56ffbb344dd5006489c5939c4a2601de4022e306"><code>56ffbb3</code></a> Fix spelling in DNS-based proxy info</li> <li><a href="https://github.com/cilium/cilium/commit/b62a62e1ed9308f4101a18d0e96e5b8faf065fd4"><code>b62a62e</code></a> cilium-dbg: avoid leaking file resources</li> <li><a href="https://github.com/cilium/cilium/commit/5415a3eefece52a6433863d3a3b22d0dd26decda"><code>5415a3e</code></a> cilium-dbg: don't write to file on error opening</li> <li><a href="https://github.com/cilium/cilium/commit/8ac2eb0695a0f93d76b6bdb908bc6b466f94ed19"><code>8ac2eb0</code></a> daemon: add BackendSlot to Service6Key.String and Service4Key.String</li> <li>Additional commits viewable in <a href="https://github.com/cilium/cilium/compare/1.15.3...1.15.4">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
- Loading branch information
1 parent
d7975ba
commit 3c4022a