Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

fix(deps): update module sigs.k8s.io/kustomize/kustomize/v4 to v5 #51

Open
wants to merge 1 commit into
base: master
Choose a base branch
from

Conversation

renovate[bot]
Copy link
Contributor

@renovate renovate bot commented Mar 24, 2023

This PR contains the following updates:

Package Change Age Adoption Passing Confidence
sigs.k8s.io/kustomize/kustomize/v4 v4.5.7 -> v5.5.0 age adoption passing confidence

Release Notes

kubernetes-sigs/kustomize (sigs.k8s.io/kustomize/kustomize/v4)

v5.5.0

Breaking change

A starlark support for krm functions was removed to cleanup dependencies. https://github.com/kubernetes-sigs/kustomize/pull/5768
This feature was deprecated 3 years ago and removed because there was no desire to continue using it.
https://github.com/kubernetes-sigs/kustomize/pull/5768#issuecomment-2374680641

Feature

#​5751: Add --helm-debug Flag to Kustomize for Enhanced Helm Debugging

Fix Bugs

#​5458: Sort built-in Namespace kind before CRDs with the same name
#​5745: Add Annotation to Control Inline List Conversion in Kustomize Resources"

Dependencies

#​5763: Update go 1.22.7
#​5781: Update kyaml to v0.18.1
#​5782: Update cmd/config to v0.15.0
#​5783: Update api to v0.18.0

v5.4.3

Caution

The kustomize localize subcommand(this subcommand is now in the beta stage) now verifies the success of kustomize build when executed.
If you are using the missing manifests, maybe you failed to download them with the localize subcommand. Please use the --no-verify flag to skip validation steps.
#​5544: Run kustomize build with kustomize localize and add a no-verify flag.

Fix Bugs

#​5682: fix: include label in templates when adding by cli
#​5689: Fix sortOptions removal when running edit command

chore

#​5506: fix some comments
#​5718: fix lint error in kustomizationfile_test.go

Dependencies

#​5734: Update kyaml to v0.17.2
#​5735: Update cmd/config to v0.14.2
#​5736: Update api to v0.17.3

v5.4.2

Feature

#​5294: feat: localize absolute paths
#​5556: feat: support labels key in transformer configuration

chore

#​5671: refactor: string in slice is now part of stdlib
#​5681: chore: remove unused function
#​5688: refactor: function in stdlib now

Dependencies

#​5672: chore(deps): bump dependencies of kustomize + sync go workspace
#​5680: chore: restore version for github.com/asaskevich/govalidator
#​5702: Update kyaml to v0.17.1
#​5703: Update cmd/config to v0.14.1
#​5704: Update api to v0.17.2

v5.4.1

This is a patch of kustomize v5.4.0 and should fix the kustomize version subcommand issues in its assets.

kustomize v5.4.1

https://github.com/kubernetes-sigs/kustomize/pull/5644: fix version subcommand is not working after release build

kustomize v5.4.0

Breaking changes

https://github.com/kubernetes-sigs/kustomize/pull/5519: Fix null YAML values being replaced by "null"

kustomize requires Go 1.21 or higher at build

#​5567: fix 'golang.org/x/exp/slices' dependencies

Features

#​5411: Add --load-restrictor completion
#​5467: feat: edit set secret

More better error handling

Bug fixes/performance improvements

#​5234: fix edit set image to parse both tag and digest
#​5621: Use require for Error and NoError

Dependencies

#​5479: Revert "Switch to json-patch v5"
#​5541: Use canonical json-patch v4 import
#​5615: update dependencies google.golang.org/protobuf@v1.33.0

update internal Dependencies

#​5639: Update kyaml to v0.17.0
#​5640: Update cmd/config to v0.14.0
#​5641: Update api to v0.17.0

cleanup Dependencies

#​5044: Remove non-essential dependency imdario/mergo
#​5567: fix 'golang.org/x/exp/slices' dependencies
#​5627: Remove klog/v1 dependencies

chore

#​5495: chore: move removetest.go to the internal package
#​5518: Update owners file
#​5622: Pin tool versions with hack/go.mod

v5.4.0

Known issue: The kustomize version command was broken in this release. Please use more new releases.

Breaking changes

https://github.com/kubernetes-sigs/kustomize/pull/5519: Fix null YAML values being replaced by "null"

Features

#​5411: Add --load-restrictor completion
#​5467: feat: edit set secret

More better error handling

Bug fixes/performance improvements

#​5234: fix edit set image to parse both tag and digest
#​5621: Use require for Error and NoError

Dependencies

#​5479: Revert "Switch to json-patch v5"
#​5541: Use canonical json-patch v4 import
#​5615: update dependencies google.golang.org/protobuf@v1.33.0

update internal Dependencies

#​5639: Update kyaml to v0.17.0
#​5640: Update cmd/config to v0.14.0
#​5641: Update api to v0.17.0

cleanup Dependencies

#​5044: Remove non-essential dependency imdario/mergo
#​5567: fix 'golang.org/x/exp/slices' dependencies
#​5627: Remove klog/v1 dependencies

chore

#​5495: chore: move removetest.go to the internal package
#​5518: Update owners file
#​5622: Pin tool versions with hack/go.mod

v5.3.0

#​5211: Fix nil pointer dereferencing when converting vars to replacements
#​5270: helm: add support for kube-version and add cli args for both kube-version and api-versions
#​5391: feat: edit set configmap
#​5402: release cleanup, unpin the modules
#​5409: refactor: move reusable bits in preparation for new 'edit set' commands
#​5412: Use upstream go-yaml fork and remove our internal one
#​5421: Replace gopkg.in/yaml.v2 with sigs.k8s.io/yaml/goyaml.v2
#​5424: Run go work sync
#​5430: fix: handle empty namespace as default
#​5454: fix: support namespace flag on edit remove secret/configmap
#​5455: fix: flaky ConfigMap/Secret args tests
#​5456: chore: rename files to match package pattern
#​5475: Update kyaml to v0.16.0
#​5476: Update cmd/config to v0.13.0
#​5477: Update api to v0.16.0

v5.2.1

This is a patch of kustomize v5.2.0 and should fix the directory formatting issues in its assets.

Release notes from v5.2.0 (Delta from v5.1.1)

Currently, Kustomize has already resolved that block on releasing for Windows and Darwin ARM(https://github.com/kubernetes-sigs/kustomize/issues/5220). Now, We can release those architecture binaries.

New Features for kustomize build
  • patches accept a patch file with multiple patches(#​5194)
  • Add support for OCI based helm repos(#​5167)
New Features for kustomize edit subcommands

#​4486: add: "edit add labels" command adds an option for labels without selector
#​5327: feat: add remove configmap command
#​5333: Add --no-verify flag to edit add resource command
#​5344: feat: add remove secret command
#​5367: fix: add namespace option to 'edit add configmap' command

Bug fixes

#​5342: Update imdario/mergo to v0.3.13
#​5196: fix: patch additions honor source key style

chore

#​5345: docs: update remove configmap comment
#​5193: [refactor]: Internalize loader api
#​5315: refactor: change "add configmap/secret" commands to reuse code and improve tests

Dependency updates

#​5254: release cleanup
#​5197: Switch to json-patch v5
#​5393: Update kyaml to v0.15.0
#​5394: Update cmd/config to v0.12.0
#​5395: Update api to v0.15.0

v5.2.0

Known issue: The directory format of the kustomize binary asset has unintentionally changed. We have fixed this in kustomize v5.2.1. Users who depend on the directory structure or use the install_kustomize.sh script should skip this release.

Currently, Kustomize has already resolved that block on releasing for Windows and Darwin ARM(https://github.com/kubernetes-sigs/kustomize/issues/5220). Now, We can release those architecture binaries.

New Feature
  • patches accept a patch file with multiple patches(#​5194)
  • Add support for OCI based helm repos(#​5167)
New Feature for kustomize edit subcommands

#​4486: add: "edit add labels" command adds an option for labels without selector
#​5327: feat: add remove configmap command
#​5333: Add --no-verify flag to edit add resource command
#​5344: feat: add remove secret command
#​5367: fix: add namespace option to 'edit add configmap' command

Bug fixes

#​5342: Update imdario/mergo to v0.3.13
#​5196: fix: patch additions honor source key style

chore

#​5345: docs: update remove configmap comment
#​5193: [refactor]: Internalize loader api
#​5315: refactor: change "add configmap/secret" commands to reuse code and improve tests

Dependency updates

#​5254: release cleanup
#​5197: Switch to json-patch v5
#​5393: Update kyaml to v0.15.0
#​5394: Update cmd/config to v0.12.0
#​5395: Update api to v0.15.0

v5.1.1

Built with go 1.20.6 to address CVEs in previous go versions.

#​5245: Fix typo in help for the create subcommand

v5.1.0

Kustomize is blocked on releasing for windows and darwin ARM until https://github.com/kubernetes-sigs/kustomize/issues/5220 is resolved. If you are interested in fixing it, please leave ideas on that issue for how we can resolve it.

Highlights

Components are now applied after generators: https://github.com/kubernetes-sigs/kustomize/pull/5170

We made this change cautiously as we want to avoid user friction when updating kustomize; however we felt that it is a bug that resources from resources and resources from generators are treated differently. Given that components is currently an alpha feature, we felt that now was the time to adjust if ever.

We are currently working on on https://github.com/kubernetes-sigs/kustomize/issues/4402, which will make the ordering of resources, components, and other generators customizable in the kustomization file. Please use that issue for tracking if you are blocked from upgrading kustomize for this reason, and we hope to have it available soon.

See https://github.com/kubernetes-sigs/kustomize/issues/5141 for more detailed discussion.

Bug fixes:

#​5030: kustomize edit will return an error if there is no matching path
#​5170: components are now applied after generators
#​4949: error if kustomization file is empty

Dependency updates

#​5186: Update gnostic dependency with gnostic-models
#​5187: Bump to go 1.20
#​5212: pin to kyaml v0.14.3
#​5213: pin to cmd/config v0.11.3
#​5214: pin to api 0.14.0

v5.0.3

This release reverts the regression with the helm plugin that was introduced in v5.0.2.

Built with go 1.19.9 to remove CVE vulnerabilities.

Changelog

https://github.com/kubernetes-sigs/kustomize/pull/5164: Revert "Fix using same helm chart with different versions"

v5.0.2

Built with go 1.19.9 to resolve CVE vulnerabilities.

Known issues:

https://github.com/kubernetes-sigs/kustomize/issues/5163: kustomize 5.0.2 breaks helmCharts w/ chartHome. We are in the process of reverting the breaking change and rereleasing kustomize. Users of the helmCharts plugin with local charts are advised to skip this release.

Changelog

#​5159: pin to kyaml v0.14.2
#​5160: pin to cmd/config v0.11.2
#​5161: pin to api 0.13.3

v5.0.1

Bug fixes

#​5048: Fix a regression causing warning messages to be intermingled with Kustomize build output on stdout
#​5073: Revert strict decoding of Kustomization files due to regression in anchor handling

Dependencies

#​5088: Update kyaml to v0.14.1
#​5089: Update cmd/config to v0.11.1
#​5090: Update api to v0.13.2

v5.0.0

🎉The Kustomize team is so excited to release version 5.0! 🎉

This release is packed with exciting features and improvements. The full list is below, but here are some of our favorites:

  • kustomize localize: a brand new alpha command that localizes remote content. You’ll be able to build the localized kustomization without network access and performance delays! Please give it a try and let us know what you think in #​4996. See more details in its entry under Features below.
  • support for four new Helm fields, by popular request: additionalValuesFiles, skipTests, apiVersions and nameTemplate
  • A new sortOptions kustomization field gives you fine-grained control over resource ordering in build output
  • Significant performance improvements!

A HUGE thank you to everyone who contributed to this release! 🙇‍♀️

Breaking changes

  • #​4930: Remove deprecated alpha cfg and fn commands: kustomize fn sink, kustomize fn source, kustomize fn wrap, kustomize fn xargs, kustomize cfg annotate, kustomize cfg create-setter, kustomize cfg delete-setter, kustomize cfg delete-substitution, kustomize cfg create-substitution, kustomize cfg fmt, kustomize cfg init, kustomize cfg list-setters, kustomize cfg merge, kustomize cfg merge3, kustomize cfg set.
  • #​4983, #​4954, #​4922, #​4900, #​4885: Warning: We made major improvements to the maintainability of the URL-parsing code for remote URLs, fixing several bugs in the process. We have test coverage for backwards-compatibility with all documented supported URLs, but if you experience a regression with a remote URL, please file an issue.
    • #​4985: If you previously included .git in an AWS or Azure URL, we will no longer automatically remove that suffix. You may need to add an extra / to replace the .git for the URL to properly resolve.
    • #​4954: Drop support for using gh: as a host (e.g. gh:kubernetes-sigs/kustomize). We were unable to find any usage of or basis for this and believe it may have been targeting a custom gitconfig shorthand syntax.
  • #​4911: Drop support for a very old, legacy style of patches. patches used to be allowed to be used as an alias for patchesStrategicMerge in kustomize v3. You now have to use patchesStrategicMerge explicitly, or update to the new syntax supported by patches. See examples in the PR description of #​4911.
  • #​4731: Remove a potential build-time side-effect in ConfigMapGenerator and SecretGenerator, which loaded values from the local environment under some circumstances, breaking kustomize build's side-effect-free promise. While this behavior was never intended, we deprecated it and are announcing it as a breaking change since it existed for a long time. See also the Eschewed Features documentation.
  • #​4929: Duplicate fields in Kustomization files will now result in an error instead of them silently being ignored in an undefined order. NOTE: This was reverted in release v5.0.1.

Deprecations

  • #​4723, #​4923: We are deprecating the following kustomization fields. These fields will never be removed from the kustomize.config.k8s.io/v1beta1 Kustomization API, but they will not be included in the kustomize.config.k8s.io/v1 Kustomization API. When Kustomization v1 is available, we will announce the deprecation of the v1beta1 version. There will be at least two releases between deprecation and removal of Kustomization v1beta1 support from the kustomize CLI, and removal itself will happen in a future major version bump.
    • patchesStrategicMerge. Please use patches instead
    • patchesJson6902. Please use patches instead
    • vars. Please use replacements instead.
    • imageTags. This is an alias for images, please switch to images.
  • #​5000: The --short flag for kustomize version is deprecated.
  • #​4954: Deprecate RepoSpec git:: prefix, which is invalid. Kustomize currently strips it, but will stop doing so in a future release.

Features

  • #​4652: New kustomize localize command to download any remote content from your kustomization directory and create a new, localized copy with file paths to the local content replacing the URLs. Please leave your feedback here: https://github.com/kubernetes-sigs/kustomize/issues/4996
  • #​4019: New kustomization field sortOptions, that lets you configure the sort order of resources.
  • #​4733: kustomize edit fix converts patchesStrategicMerge to patches
  • #​4947: Allow fieldspecs (used in advanced transformer configuration) to start with a slash.
  • #​5000: Output of kustomize version is improved. YAML and JSON formats are now available via the new --output flag.
  • #​4986: Repospec: support ssh urls with ssh certificates
  • #​4926, #​4808: Support for more helm template args in the helmCharts field: additionalValuesFiles, skipTests, apiVersions and nameTemplate.
    #​4886: Wildcard support for creation in ReplacementTransformer

Bug Fixes/performance improvements

  • #​4863: Fix RepoSpec query extraction
  • #​4985: Remove forced .git suffix in RepoSpec
    • Arbitrary git servers that do not follow the .git directory naming convention can now be used with Kustomize.
    • The .git suffix no longer incorrectly appears in origin annotations in some cases.
  • #​4791, #​4944, #​4809: Significant performance improvements from refactoring metadata handling in the api and kyaml modules
  • #​4789: Replacements now throw errors on invalid targets
  • #​4890: Fix null value handling when applying strategic merge patches. A null in the patch is a deletion directive, but a null in the target should be preserved.
  • #​4654: The working directory of exec KRM-style functions is now the kustomization root that called it. This fixes a bug where KRM exec function executables were looked up incorrectly in base/overlay contexts.
  • #​4751, #​4805: When using labels.includeTemplates, create template/metadata if not present.
  • #​4834: Respect options.disableNameSuffixHash in configmap and secret generator in overlays
  • #​4919: Allow overriding of name suffix transformer default configuration
  • #​4895: Name references to local-only objects are now correctly resolved before the objects are removed from the set to be printed.

Dependencies

  • #​4877: Update minimum Go version to Go 1.19
  • #​4830: Update kyaml's dependency swag to v0.22.3
  • #​4960: Update sigs.k8s.io/yaml to v1.3.0
  • #​4965: Bump k8s.io/kube-openapi to remove archived dependency
  • #​4889: All module net and text dependent package CVE-2022-41717 and CVE-2022-32149 vulnerabilities
  • #​4970: Replace github/pkg/errors with sigs.k8s.io/kustomize/kyaml/errors

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.


  • If you want to rebase/retry this PR, check this box

This PR was generated by Mend Renovate. View the repository job log.

@renovate renovate bot added the dependency label Mar 24, 2023
@renovate renovate bot force-pushed the renovate/sigs.k8s.io-kustomize-kustomize-v4-5.x branch from 860ad42 to a8ebb49 Compare March 24, 2023 21:08
@renovate renovate bot force-pushed the renovate/sigs.k8s.io-kustomize-kustomize-v4-5.x branch 2 times, most recently from 23eb8e6 to a46be91 Compare May 9, 2023 23:19
@renovate renovate bot force-pushed the renovate/sigs.k8s.io-kustomize-kustomize-v4-5.x branch from a46be91 to 1374de3 Compare May 28, 2023 06:06
@renovate renovate bot force-pushed the renovate/sigs.k8s.io-kustomize-kustomize-v4-5.x branch from 1374de3 to 7987650 Compare June 12, 2023 03:04
@renovate renovate bot force-pushed the renovate/sigs.k8s.io-kustomize-kustomize-v4-5.x branch from 7987650 to a41d8a9 Compare June 19, 2023 18:47
@renovate renovate bot force-pushed the renovate/sigs.k8s.io-kustomize-kustomize-v4-5.x branch from a41d8a9 to dac56c8 Compare July 31, 2023 20:20
@renovate renovate bot force-pushed the renovate/sigs.k8s.io-kustomize-kustomize-v4-5.x branch from dac56c8 to 41c24d3 Compare August 22, 2023 17:25
@renovate renovate bot changed the title Update module sigs.k8s.io/kustomize/kustomize/v4 to v5 fix(deps): update module sigs.k8s.io/kustomize/kustomize/v4 to v5 Aug 29, 2023
@renovate renovate bot force-pushed the renovate/sigs.k8s.io-kustomize-kustomize-v4-5.x branch from 41c24d3 to 2a4ea64 Compare September 19, 2023 11:23
@renovate renovate bot force-pushed the renovate/sigs.k8s.io-kustomize-kustomize-v4-5.x branch from 2a4ea64 to 877a59b Compare October 19, 2023 20:58
@renovate renovate bot force-pushed the renovate/sigs.k8s.io-kustomize-kustomize-v4-5.x branch from 877a59b to 8fcb402 Compare December 7, 2023 12:35
@renovate renovate bot force-pushed the renovate/sigs.k8s.io-kustomize-kustomize-v4-5.x branch from 8fcb402 to 9eba2e7 Compare March 28, 2024 12:25
@renovate renovate bot force-pushed the renovate/sigs.k8s.io-kustomize-kustomize-v4-5.x branch 3 times, most recently from 3fec92b to 8670d9d Compare April 9, 2024 07:58
@renovate renovate bot force-pushed the renovate/sigs.k8s.io-kustomize-kustomize-v4-5.x branch from 8670d9d to e30b241 Compare April 14, 2024 12:30
@renovate renovate bot force-pushed the renovate/sigs.k8s.io-kustomize-kustomize-v4-5.x branch from e30b241 to dfb54da Compare May 9, 2024 11:49
@renovate renovate bot force-pushed the renovate/sigs.k8s.io-kustomize-kustomize-v4-5.x branch from dfb54da to 1f41b48 Compare May 22, 2024 16:59
Copy link
Contributor Author

renovate bot commented Jun 4, 2024

ℹ Artifact update notice

File name: go.mod

In order to perform the update(s) described in the table above, Renovate ran the go get command, which resulted in the following additional change(s):

  • 16 additional dependencies were updated
  • The go directive was updated for compatibility reasons

Details:

Package Change
go 1.20 -> 1.23.4
github.com/davecgh/go-spew v1.1.1 -> v1.1.2-0.20180830191138-d8f796af33cc
github.com/go-openapi/swag v0.22.3 -> v0.22.4
github.com/google/go-cmp v0.5.9 -> v0.6.0
github.com/google/uuid v1.4.0 -> v1.6.0
github.com/pmezard/go-difflib v1.0.0 -> v1.0.1-0.20181226105442-5d4384ee4fb2
golang.org/x/mod v0.11.0 -> v0.17.0
golang.org/x/net v0.22.0 -> v0.25.0
golang.org/x/sys v0.18.0 -> v0.21.0
golang.org/x/term v0.18.0 -> v0.20.0
golang.org/x/text v0.14.0 -> v0.16.0
golang.org/x/tools v0.7.0 -> v0.21.1-0.20240508182429-e35e4ccd0d2d
google.golang.org/protobuf v1.31.0 -> v1.33.0
k8s.io/kube-openapi v0.0.0-20230308215209-15aac26d736a -> v0.0.0-20231010175941-2dd684a91f00
sigs.k8s.io/kustomize/api v0.13.2 -> v0.18.0
sigs.k8s.io/kustomize/cmd/config v0.11.1 -> v0.15.0
sigs.k8s.io/kustomize/kyaml v0.14.1 -> v0.18.1

@renovate renovate bot force-pushed the renovate/sigs.k8s.io-kustomize-kustomize-v4-5.x branch from 1f41b48 to 2922c6d Compare June 17, 2024 15:48
@renovate renovate bot force-pushed the renovate/sigs.k8s.io-kustomize-kustomize-v4-5.x branch 2 times, most recently from 59f0d9a to 9078cf5 Compare July 19, 2024 20:39
@renovate renovate bot force-pushed the renovate/sigs.k8s.io-kustomize-kustomize-v4-5.x branch from 9078cf5 to e3856f5 Compare September 11, 2024 17:09
@renovate renovate bot force-pushed the renovate/sigs.k8s.io-kustomize-kustomize-v4-5.x branch from e3856f5 to 0d36722 Compare October 9, 2024 14:29
@renovate renovate bot force-pushed the renovate/sigs.k8s.io-kustomize-kustomize-v4-5.x branch from 0d36722 to 3aee360 Compare November 17, 2024 15:41
Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
@renovate renovate bot force-pushed the renovate/sigs.k8s.io-kustomize-kustomize-v4-5.x branch from 3aee360 to 724c821 Compare December 22, 2024 17:09
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Development

Successfully merging this pull request may close these issues.

0 participants