Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Renovate: Ignore digest updates for k8s dependencies #1557

Merged
merged 1 commit into from
Oct 6, 2023
Merged

Renovate: Ignore digest updates for k8s dependencies #1557

merged 1 commit into from
Oct 6, 2023

Conversation

lambdanis
Copy link
Contributor

@lambdanis lambdanis commented Oct 5, 2023
edited
Loading

Renovate is configured to ignore minor and major updated of k8s dependencies, because they need to be bumped together with Cilium. However, some k8s dependencies (k8s.io/kube-openapi) are not tagged with a version, but pinned by digest. Their updates are incompatible with other k8s deps, what's blocking updates of other Go dependencies, see #1372. This PR updates the Renovate config to ignore digest updates for k8s deps too.

@lambdanis
Renovate: Ignore digest updates for k8s dependencies
7304177 
Renovate is configured to ignore minor and major updated of k8s dependencies,
because they need to be bumped together with Cilium. However, some k8s
dependencies (k8s.io/kube-openapi) are not tagged with a version, but pinned by
digest. This commit updates the Renovate config to ignore them too.

Signed-off-by: Anna Kapuscinska <anna@isovalent.com>
@lambdanis lambdanis added area/ci Related to CI release-note/ci This PR makes changes to the CI. labels Oct 5, 2023
@lambdanis lambdanis requested a review from a team as a code owner October 5, 2023 13:35
@lambdanis lambdanis requested a review from kevsecurity October 5, 2023 13:35
@lambdanis lambdanis mentioned this pull request Oct 5, 2023
Merged
1 task
mtardy
mtardy approved these changes Oct 5, 2023
View reviewed changes
Copy link
Member

@mtardy mtardy left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Oh thanks a lot! Indeed that should remove this update from the grouped thing! :)

@mtardy
Copy link
Member

mtardy commented Oct 5, 2023

We still have patch but those should hopefully work? At least it was the idea, it's annoying that some dependencies are not versioned together.

@lambdanis
Copy link
Contributor Author

We still have patch but those should hopefully work? At least it was the idea, it's annoying that some dependencies are not versioned together.

Should work, although kube-openapi will be excluded from automatic updates and it seems that it's compatibility and versioning is being discussed (kubernetes/kube-openapi#421), so we'll see.

@lambdanis lambdanis merged commit e2eb1d5 into cilium:main Oct 6, 2023
@p-linnane p-linnane mentioned this pull request Nov 1, 2023
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@mtardy mtardy mtardy approved these changes

@kevsecurity kevsecurity Awaiting requested review from kevsecurity kevsecurity is a code owner automatically assigned from cilium/tetragon

Assignees
No one assigned
Labels
area/ci Related to CI release-note/ci This PR makes changes to the CI.
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@lambdanis @mtardy