DevAndTools/kubespray
1
0
Fork 0
mirror of https://github.com/kubernetes-sigs/kubespray.git synced 2026-06-24 12:28:02 +00:00
Code Issues Packages Projects Releases Wiki Activity
8,846 Commits 56 Branches 90 Tags
60929432f5300a3748d6ccf55cd88be85c191cc1
Commit Graph

8846 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
ICHx 60929432f5 flannel: set EnableNFTables when kube_proxy_mode use nftables (#13291) 
* flannel: set EnableNFTables when kube_proxy_mode use nftables

* Clean up cni-flannel.yml.j2 by removing comments

Removed commented-out environment variable for cache readiness.

* update cni-flannel.yml.j2

---------

Co-authored-by: ric-mb <noreply@github.com>
 2026-06-24 02:50:17 +00:00
Wren Turkal 07960e8bb6 fix: Jinja version test warning (#13322) 
The jinja version test conditional uses jinja in the condition, which is
deprecated. I have removed the assertion since ansible 2.18 has a dependency
on jinja2>=3.0.0.
 2026-06-23 09:38:37 +00:00
Sumit Solanki c76137d89e dependabot: ignore ansible major version updates (#13320) 
Ansible major versions are upgraded manually to support multiple
OS/Python versions. Configure Dependabot to still propose minor and
patch updates while skipping semver-major bumps.

Signed-off-by: Sumit Solanki <sumit.solanki@ibm.com>
 2026-06-23 07:01:33 +00:00
Sumit Solanki edeeb95f22 fix(cilium): sync operator-generic image for offline registries (#13270) 
The Cilium Helm chart appends a -generic suffix to the operator image
repository for non-cloud deployments. Sync the operator-generic image
to offline registries so it matches what the chart requests.

Signed-off-by: Sumit Solanki <sumit.solanki@ibm.com>
 2026-06-22 12:49:55 +00:00
dependabot[bot] 9dde36546c build(deps): update bcrypt requirement from <5 to <6 (#13318) 
Updates the requirements on [bcrypt](https://github.com/pyca/bcrypt) to permit the latest version.
- [Changelog](https://github.com/pyca/bcrypt/blob/main/CHANGELOG.rst)
- [Commits](https://github.com/pyca/bcrypt/compare/v1.0.0...5.0.0)

---
updated-dependencies:
- dependency-name: bcrypt
  dependency-version: 5.0.0
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-06-22 06:21:41 +00:00
dependabot[bot] 99be103567 build(deps): bump actions/checkout from 6.0.3 to 7.0.0 (#13319) 
Bumps [actions/checkout](https://github.com/actions/checkout) from 6.0.3 to 7.0.0.
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](https://github.com/actions/checkout/compare/df4cb1c069e1874edd31b4311f1884172cec0e10...9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0)

---
updated-dependencies:
- dependency-name: actions/checkout
  dependency-version: 7.0.0
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-06-22 06:11:40 +00:00
Ali Afsharzadeh 4d8ecca4e7 Upgrade cilium from 1.19.4 to 1.19.5 (#13315) 
Signed-off-by: Ali Afsharzadeh <afsharzadeh8@gmail.com>
 2026-06-21 14:17:37 +00:00
Alejandro Macedo 8a5cfe8d77 Change failure condition for image container download (#12321) 
When installing with `download_run_once`, nerdctl will log to stderr and
cause a failure even if the image was saved successfully. Instead we
rely on the shell exit code to detect the failure.

Signed-off-by: Alejandro Macedo <alex.macedopereira@gmail.com>
 2026-06-21 10:51:41 +00:00
Nikhil Kumar 9f7ea6632c Replace injected Ansible fact variables in bootstrap_os role (#13264) 
* Replace injected Ansible fact variables in bootstrap_os role

* Restore stale setup task in opensuse role
 2026-06-19 11:44:49 +05:30
DongYoung Kim a553d48c73 Fix missing dependency for ArgoCD master password hashing (#12920) 
* add passlib dependency

* add constrained bcrypt version
 2026-06-16 13:55:30 +05:30
Nikhil Kumar e0add9ee0d Replace injected Ansible fact variables in container-engine role (#13296) 2026-06-16 08:51:24 +05:30
dependabot[bot] a76a475a5b build(deps): bump distlib from 0.4.1 to 0.4.3 (#13307) 
Bumps [distlib](https://github.com/pypa/distlib) from 0.4.1 to 0.4.3.
- [Release notes](https://github.com/pypa/distlib/releases)
- [Changelog](https://github.com/pypa/distlib/blob/master/CHANGES.rst)
- [Commits](https://github.com/pypa/distlib/compare/0.4.1...0.4.3)

---
updated-dependencies:
- dependency-name: distlib
  dependency-version: 0.4.3
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-06-15 09:34:32 +05:30
dependabot[bot] 701f4be3c1 build(deps): bump cryptography from 48.0.0 to 49.0.0 (#13306) 
Bumps [cryptography](https://github.com/pyca/cryptography) from 48.0.0 to 49.0.0.
- [Changelog](https://github.com/pyca/cryptography/blob/main/CHANGELOG.rst)
- [Commits](https://github.com/pyca/cryptography/compare/48.0.0...49.0.0)

---
updated-dependencies:
- dependency-name: cryptography
  dependency-version: 49.0.0
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-06-15 09:30:35 +05:30
Wren Turkal f2a7181f99 fix: make assert test for netaddr actually return a boolean (#13304) 
* fix: make assert test for netaddr actually return a boolean

The netaddr test returns a string when the netaddr is installed. This makes
Ansible 2.20 angry. Here's a fix to make sure the true case also returns a
boolean instead of a string.

* fix: more fixes for non-boolean conditions

The `cloud_provider` assertion change is a little more involved. The only two
allowed values are "" and "external". Let's just always check the assertion
instead of skipping it when it's the default value, which is "".

All the other changes should be fairly obvious.
 2026-06-14 13:56:32 +05:30
ChengHao Yang 3011e19ccd Patch versions updates (#13305) 
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
 2026-06-13 10:28:46 +05:30
Reza Habibi 9f39517507 fix: make offline containerd URL generation respect containerd_static_binary in sample inventory (#13293) 2026-06-09 09:41:45 +05:30
dependabot[bot] 36eba216f6 build(deps): bump actions/checkout from 6.0.2 to 6.0.3 (#13300) 
Bumps [actions/checkout](https://github.com/actions/checkout) from 6.0.2 to 6.0.3.
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](https://github.com/actions/checkout/compare/de0fac2e4500dabe0009e67214ff5f5447ce83dd...df4cb1c069e1874edd31b4311f1884172cec0e10)

---
updated-dependencies:
- dependency-name: actions/checkout
  dependency-version: 6.0.3
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-06-08 21:39:52 +05:30
dependabot[bot] 03378afd18 build(deps): bump distlib from 0.4.0 to 0.4.1 (#13298) 
Bumps [distlib](https://github.com/pypa/distlib) from 0.4.0 to 0.4.1.
- [Release notes](https://github.com/pypa/distlib/releases)
- [Changelog](https://github.com/pypa/distlib/blob/master/CHANGES.rst)
- [Commits](https://github.com/pypa/distlib/compare/0.4.0...0.4.1)

---
updated-dependencies:
- dependency-name: distlib
  dependency-version: 0.4.1
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-06-08 21:14:03 +05:30
Srishti Jaiswal 84eede8630 image-builder: add staging OCI publish path (#13273) 2026-06-05 12:05:59 +05:30
longxiucai a72ea49b2e Fix: use config version 4 for containerd 2.3+ (#13285) (#13286) 
Signed-off-by: longyuxiang <longyuxiang@kylinos.cn>
 2026-06-05 08:19:58 +05:30
Denis bd21d04c4f Update dns-autoscaler.yml.j2 fix duplicate nodeSelector (#13290) 2026-06-04 12:17:48 +05:30
ujstor 7c8f928405 fix-absent-cni-kubeadm-join-control-planes (#13280) 2026-06-02 07:34:59 +05:30
Nikhil Kumar 2ffff07887 Replace injected Ansible fact variables in node and control-plane roles (#13240) 2026-06-02 07:34:51 +05:30
ChengHao Yang 8b234bf138 Patch versions updates (#13283) 
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
 2026-06-01 20:52:54 +05:30
Sumit Solanki e914bd78c2 Bump containerd from 2.2.3 to 2.3.0 (#13265) 2026-05-28 14:56:55 +05:30
Zakhar Dvurechensky 9049703ce0 roles: rely on configured defaults (#13249) 
Signed-off-by: Zakhar Dvurechensky <72825626+Zakharden@users.noreply.github.com>
 2026-05-27 15:09:50 +05:30
Kubernetes Prow Robot 03ae25e410 Merge pull request #13269 from tico88612/fix/pre-commit 
Fixed pre-commit and pin Python Client version in pipeline
 2026-05-26 13:41:26 +05:30
ChengHao Yang d2ca095505 Chore: Pipeline kubernetes-python client version pin 35.0.0 
Signed-off-by: ChengHao Yang <17496418+tico88612@users.noreply.github.com>
 2026-05-25 20:51:18 +08:00
ChengHao Yang 1b111e06b1 Fix kata-containers job name duplicated 
Signed-off-by: ChengHao Yang <17496418+tico88612@users.noreply.github.com>
 2026-05-25 20:50:38 +08:00
ChengHao Yang 4e6e63d49d Chore: pin the pre-commit ansible-core version 
Signed-off-by: ChengHao Yang <17496418+tico88612@users.noreply.github.com>
 2026-05-25 20:49:52 +08:00
Ali Afsharzadeh 6107c6ab7c Align nginx worker_rlimit_nofile with containerd defaults (#13255) 
Signed-off-by: Ali Afsharzadeh <afsharzadeh8@gmail.com>
 2026-05-21 17:10:48 +05:30
Ali Afsharzadeh 7a62933b17 Update load balancer versions to Nginx 1.30.1 and Haproxy 3.2.19 (#13258) 
Signed-off-by: Ali Afsharzadeh <afsharzadeh8@gmail.com>
 2026-05-21 14:16:46 +05:30
Jiří Suchomel 7214e9899b docs: fix incorrect Ansible paths and standardize inventory references (#13246) 
This commit updates documentation across several files to correct broken
file paths and ensure consistency in Ansible command examples

- Standardized inventory naming to `inventory.ini` for sample inventories.
- Fixed `group_vars` paths to reflect the actual directory structure
  (e.g., `group_vars/all/all.yml` instead of `group_vars/all.yml`).
- Corrected the `k8s-cluster.yml` filename in guides.
- Clarified the location for `kubectl_localhost` and `kubeconfig_localhost` settings.
- Replaced non-existent placeholders (like `inventory/single.cfg`) with
  valid repository paths.
- Fixed typos in directory names (e.g., `myclsuter` -> `mycluster`).
 2026-05-21 13:30:47 +05:30
Sumit Solanki 7fd29b5529 kube-vip: optional Prometheus metrics (default port 2112) (#13229) 
Add kube_vip_metrics_enabled and kube_vip_metrics_port; wire
prometheus_server and container port in the static pod manifest.
Default metrics port to 2112 to match kube-vip upstream. Document
and sample inventory updated.
 2026-05-19 11:15:02 +05:30
Ali Afsharzadeh 17f270325d Remove deprecated apiserver-count kubeadm config option (#13262) 
Signed-off-by: Ali Afsharzadeh <afsharzadeh8@gmail.com>
 2026-05-18 16:17:51 +05:30
Justin Lamp 8c3f6270f8 Add toggle to disable node subnet allocation (#13239) 
Signed-off-by: Justin Lamp <justin.lamp@netways.de>
 2026-05-16 11:34:34 +05:30
Ali Afsharzadeh 2ac815147b Upgrade cilium from 1.19.3 to 1.19.4 (#13256) 
Signed-off-by: Ali Afsharzadeh <afsharzadeh8@gmail.com>
 2026-05-14 18:04:28 +05:30
Nikhil Kumar 2ed677ce86 Replace injected Ansible fact variables with ansible_facts in preinstall role (#13232) 2026-05-14 16:08:30 +05:30
ChengHao Yang 22ce2f799f Patch versions updates (#13254) 
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
 2026-05-14 13:26:27 +05:30
dependabot[bot] 469a8296a1 build(deps): bump cryptography from 47.0.0 to 48.0.0 (#13248) 
Bumps [cryptography](https://github.com/pyca/cryptography) from 47.0.0 to 48.0.0.
- [Changelog](https://github.com/pyca/cryptography/blob/main/CHANGELOG.rst)
- [Commits](https://github.com/pyca/cryptography/compare/47.0.0...48.0.0)

---
updated-dependencies:
- dependency-name: cryptography
  dependency-version: 48.0.0
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-05-11 19:16:00 +05:30
Takuya Murakami c1768dd21b cri-o: Bump cri-o to 1.36.0 for kubernetes 1.36 (#13244) 2026-05-11 19:15:51 +05:30
Kay Yan a93615ebde ci: bump EOL Fedora versions to 42/43 (#13206) 
Fedora 39 (EOL 2024-11-26), Fedora 40 (EOL 2025-05-13), and Fedora 41
(EOL 2025-12-15) are all out of support and no longer receive security
updates. This bumps the kubevirt CI test matrix to currently supported
releases, distributing tests across Fedora 42 (supported until
2026-05-13) and Fedora 43 (supported until 2026-12-09) to keep
multi-version coverage.

- Add fedora-43 image entry to the kubevirt image-builder
- Rename fedora39-* tests to fedora43-* (4 tests)
- Rename fedora40-* tests to fedora43-* (2 tests)
- Rename fedora41-* tests to fedora42-* (4 tests)
- Update .gitlab-ci/kubevirt.yml testcase names
- Regenerate docs/developers/ci.md

All 10 existing Fedora test configurations (kube-router, calico-selinux,
calico-swap-selinux, crio with/without SELinux enforcing, docker-calico,
flannel-crio-collection-scale) are preserved.

Signed-off-by: Kay Yan <kay.yan@daocloud.io>
 2026-05-11 13:59:56 +05:30
Srishti Jaiswal da6b8e8b81 image-builder: run validation with Dind (#13212) 
* image-builder: run validation locally with BuildKit

* upadte checksum

* set BuildKit no-process-sandbox flag for CI

* run BuildKit with rootless-safe daemon flags in CI

* update

* updating root logic

* fix ci failure for can't enable NoProcessSandbox

* switch to stable url

* add --oci-worker-no-process-sandbox ci flag in root path

* add more support

* add validate-docker and validate-single docker
 2026-05-11 13:27:50 +05:30
Justin Lamp 6bb1e2f290 Set http proxy environments for helm app installations (#13234) 
* Set http proxy environments for helm app installations

Signed-off-by: Justin Lamp <justin.lamp@netways.de>

* Change http_proxy env variables from legacy static entries to new proxy_env variable

Signed-off-by: Justin Lamp <justin.lamp@netways.de>

---------

Signed-off-by: Justin Lamp <justin.lamp@netways.de>
 2026-05-10 08:49:45 +05:30
ChengHao Yang 4cefd77639 Move failing youki to allow_failed and patch update (#13241) 
* Patch versions updates

* fix: failing blocker youki

https://github.com/youki-dev/youki/issues/3479

---------

Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
 2026-05-08 18:43:20 +05:30
Sumit Solanki e97333dbf8 fix: skip kube-proxy-only tasks when kube_proxy_remove is true (#13228) 
* fix: skip kube-proxy-only tasks when kube_proxy_remove is true

Signed-off-by: Sumit Solanki <sumit.solanki@ibm.com>

* refactor: use  where defaults already define the var

Signed-off-by: Sumit Solanki <sumit.solanki@ibm.com>

---------

Signed-off-by: Sumit Solanki <sumit.solanki@ibm.com>
 2026-05-07 18:31:20 +05:30
Ali Afsharzadeh 09e9c43570 Disable controller-manager allocate-node-cidrs for cilium cluster-pool ipam (#13148) 
Signed-off-by: Ali Afsharzadeh <afsharzadeh8@gmail.com>
 2026-05-06 15:26:22 +05:30
Seokjun Yang 17f92d2cce Update Docker image version in README (#13226) 2026-05-05 08:18:22 +05:30
ChengHao Yang e6bd0cb37d Chore: change the GitHub Actions uses commit hash (#13227) 
Signed-off-by: ChengHao Yang <17496418+tico88612@users.noreply.github.com>
 2026-05-04 10:53:38 +05:30
Takuya Murakami 28bdeb8583 [Kubernetes] Support Kubernetes v1.36.0 (#13219) 
- Support Kubernetes 1.36.0
- Bump coredns to 1.14.2
 2026-05-01 07:49:25 +05:30