Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Meta Issue for k8s 1.29 bump #6651

Closed
13 tasks done
Neo2308 opened this issue Dec 30, 2023 · 6 comments · Fixed by #6736
Closed
13 tasks done

Meta Issue for k8s 1.29 bump #6651

Neo2308 opened this issue Dec 30, 2023 · 6 comments · Fixed by #6736
Labels
priority/important-longterm Important over the long term, but may not be staffed and/or may need multiple releases to complete.
Milestone

Comments

@Neo2308
Copy link
Contributor

Neo2308 commented Dec 30, 2023

Meta Issue for k8s 1.29 bump

In order to bump Operator SDK to support Kubernetes 1.29 there are a few dependencies we rely on making the bump first.
This issue is meant to help track all dependencies and the status of their bumps.

Order of dependency bumps

Step 1: upgrade controller-runtime, controller-tools, helm, and operator-framework/operator-manifest-tools(can be done in parallel)

Step 2: upgrade operator-framework/api and sigs.k8s.io/kubebuilder-declarative-pattern (can be done immediately after controller-runtime)

Step 3.1: upgrade operator-framework/operator-registry and operator-framework/operator-lib (can be done immediately after operator-framework/api)

Step 3.2: upgrade kubebuilder (blocked until kubebuilder-declarative-pattern is bumped)

Step 4: upgrade operator-framework plugins

Step 5: upgrade operator-framework/operator-sdk dependencies

@varshaprasad96
Copy link
Member

Keeping this open for the community. Please feel free to pick up any other issues. Any contribution would be appreciated :)

@acornett21
Copy link
Contributor

We need to add the ansible plugin to the list as well.

@jberkhahn jberkhahn added this to the Backlog milestone Jan 22, 2024
@jberkhahn jberkhahn added the priority/important-longterm Important over the long term, but may not be staffed and/or may need multiple releases to complete. label Jan 22, 2024
@Neo2308
Copy link
Contributor Author

Neo2308 commented Feb 25, 2024

@varshaprasad96 can you confirm that we no longer need to track the update in sigs.k8s.io/kubebuilder-declarative-pattern for these meta issues since kubernetes-sigs/kubebuilder#3395 is done?

(Removed the Bump envtest to 1.29 based on comments in #6554)

@liram-vardi
Copy link

Can also helm be upgraded as part of this issue?
In order to solve the following security violability:
GHSA-r53h-jv2g-vpx6

Thanks!

@danepowell
Copy link

The CVE for the above vulnerability is CVE-2024-26147 (I was having trouble searching for this issue based on the CVE)

@acornett21
Copy link
Contributor

@Neo2308 I'll try to cut a release of the ansilbe-plugin on monday, since the rest of this week is a holiday.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
priority/important-longterm Important over the long term, but may not be staffed and/or may need multiple releases to complete.
Projects
None yet
Development

Successfully merging a pull request may close this issue.

6 participants