📖 Upgrade docs due release v4.14.0#5668
Merged
Merged
Conversation
Support manager.extraVolumes and manager.extraVolumeMounts: extract from kustomize (excluding webhook-certs/metrics-certs), inject into values when present, and template in manager deployment (including when volumes: []). Document in Helm v2-alpha plugin page. Generated-by: Cursor/Claude
Pins google.golang.org/grpc to v1.79.3 (fixed version) to remediate SNYK-GOLANG-GOOGLEGOLANGORGGRPC-15691172 (Incorrect Authorization, critical severity). The vulnerability is introduced transitively via sigs.k8s.io/controller-runtime/pkg/metrics/filters. Changes: - Add `go get google.golang.org/grpc@v1.79.3` before `go mod tidy` in all testdata and docs generation scripts so the pinned version survives regeneration - Update go.mod files for all 6 affected testdata/docs modules to reflect the pinned version Affected generation scripts: - test/testdata/generate.sh - hack/docs/internal/cronjob-tutorial/generate_cronjob.go - hack/docs/internal/getting-started/generate_getting_started.go Affected modules: - testdata/project-v4 - testdata/project-v4-multigroup - testdata/project-v4-with-plugins - docs/book/src/cronjob-tutorial/testdata/project - docs/book/src/getting-started/testdata/project - docs/book/src/multiversion-tutorial/testdata/project Made-with: Cursor
The GitHub Actions workflows used in Kubebuilder repo and its scaffolds now adheres to Kubernetes' GitHub Actions Security Policy.
…zation 🐛 fix(go/v4): bump google.golang.org/grpc to v1.79.3 to address CVE
🐛 (go/v4): Pin GitHub Actions to commit SHA hashes to improve security and align with the latest GitHub Actions security policy. For more details, see kubernetes/community#8911.
Running pinact on CI ensures all the updates to workflows follow the GitHub Actions Security Policy.
The version comment on the actions/checkout workflow in the scorecard workflow is now fixed to the right hash/version.
🌱 infra(CI): actions/checkout version not compatible to hash
✨ (helm/v2-alpha): add extra volumes support
✨ Upgrade certmanager from '1.20.0' to '1.20.1'
🌱 infra: Add Pinact GitHub Actions workflow
Change API to allow it via a `controllers[]` list in the PROJECT file, with a new `--controller-name` flag for scaffolding additional controllers while maintaining full backward compatibility with existing `controller: true` behavior. Generated-by: Claude
Add deprecation notices to the helm/v1alpha and helm/v1alpha/scaffolds packages to warn users about importing these deprecated plugin packages. Users are directed to use helm/v2-alpha plugin packages instead.
✨ (go/v4): Add support for multiple controllers per GVK
📖 docs(helm/v1alpha): Add deprecation notice
…5559) feat: support YEAR placeholder in boilerplate for copyright Use the literal YEAR token in the scaffolded hack/boilerplate.go.txt file instead of resolving the current year at scaffold time and substitute YEAR when scaffolding/generating files. This aligns with the convention established in gengo [^1] and controller-gen [^2]. Closes #5553 [^1]: https://github.com/kubernetes/gengo/blob/5ee0d033ba5bcb073f0e69c32057520b82d75ccb/v2/execute.go#L59 [^2]: kubernetes-sigs/controller-tools#544
Replace heading tags (h1, h2, h3) inside <aside> elements with <p class="note-title"> and add role="note" attribute. This fixes the document outline for screen readers while maintaining identical visual rendering for sighted users.
All the issues in .github/workflows that were identified by zizmor are now fixed. There's a job for running zizmor-action on all GitHub Actions workflows in Kubebuilder CI (along with pinact).
🌱 infra(CI): Add gha linter (zizmor) and fix workflows security issues
Bumps [actions/setup-go](https://github.com/actions/setup-go) from 6.3.0 to 6.4.0. - [Release notes](https://github.com/actions/setup-go/releases) - [Commits](actions/setup-go@4b73464...4a36011) --- updated-dependencies: - dependency-name: actions/setup-go dependency-version: 6.4.0 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>
Bumps [shogo82148/actions-goveralls](https://github.com/shogo82148/actions-goveralls) from 1.10.0 to 1.11.0. - [Release notes](https://github.com/shogo82148/actions-goveralls/releases) - [Commits](shogo82148/actions-goveralls@25f5320...9606dbc) --- updated-dependencies: - dependency-name: shogo82148/actions-goveralls dependency-version: 1.11.0 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>
📖 docs: Fix accessibility for assistive tools in documentation notes
…ns/actions/setup-go-6.4.0 🌱 Bump actions/setup-go from 6.3.0 to 6.4.0
…ns/shogo82148/actions-goveralls-1.11.0 🌱 Bump shogo82148/actions-goveralls from 1.10.0 to 1.11.0
The workflows now have a restrictive zero-trust permission on the top-level. Necessary permissions are added in job-level permissions.
The Kubebuilder book is deployed to Netlify, so firebase config is not needed anymore. Also, the file was pretty much empty.
Just a sweet little addition to add some sauce to README. It's a common practice.
🌱 infra(CI): Add zero-trust top-level permissions in workflows
…-and-root-help 🌱 (cli): correct SKILL canonical entries and normalize root help
…escriptions 🌱 (cli/alpha): normalize update/generate flag descriptions per SKILL
The kind and version are now required.This makes completion suggest those flags when completing the create api and create webhooks commands. Just a nice little improvement in UX.
…uired ✨ feat(cli): mark resource flags as required to improve completion
Bumps [goreleaser/goreleaser-action](https://github.com/goreleaser/goreleaser-action) from 7.0.0 to 7.1.0. - [Release notes](https://github.com/goreleaser/goreleaser-action/releases) - [Commits](goreleaser/goreleaser-action@ec59f47...e24998b) --- updated-dependencies: - dependency-name: goreleaser/goreleaser-action dependency-version: 7.1.0 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>
…ns/goreleaser/goreleaser-action-7.1.0 🌱 Bump goreleaser/goreleaser-action from 7.0.0 to 7.1.0
Refs kubernetes-sigs/kubebuilder design doc - one-character typo inside a prose sentence; no functional change. Signed-off-by: SAY-5 <SAY-5@users.noreply.github.com>
📖 docs(designs): typo `commited` -> `committed` in update_action design
Bumps [github.com/onsi/ginkgo/v2](https://github.com/onsi/ginkgo) from 2.28.1 to 2.28.2. - [Release notes](https://github.com/onsi/ginkgo/releases) - [Changelog](https://github.com/onsi/ginkgo/blob/master/CHANGELOG.md) - [Commits](onsi/ginkgo@v2.28.1...v2.28.2) --- updated-dependencies: - dependency-name: github.com/onsi/ginkgo/v2 dependency-version: 2.28.2 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>
Bumps [goreleaser/goreleaser-action](https://github.com/goreleaser/goreleaser-action) from 7.1.0 to 7.2.1. - [Release notes](https://github.com/goreleaser/goreleaser-action/releases) - [Commits](goreleaser/goreleaser-action@e24998b...1a80836) --- updated-dependencies: - dependency-name: goreleaser/goreleaser-action dependency-version: 7.2.1 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>
Bumps [github.com/onsi/ginkgo/v2](https://github.com/onsi/ginkgo) from 2.28.1 to 2.28.2. - [Release notes](https://github.com/onsi/ginkgo/releases) - [Changelog](https://github.com/onsi/ginkgo/blob/master/CHANGELOG.md) - [Commits](onsi/ginkgo@v2.28.1...v2.28.2) --- updated-dependencies: - dependency-name: github.com/onsi/ginkgo/v2 dependency-version: 2.28.2 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>
…ithub.com/onsi/ginkgo/v2-2.28.2 🌱 Bump github.com/onsi/ginkgo/v2 from 2.28.1 to 2.28.2
…ns/goreleaser/goreleaser-action-7.2.1 🌱 Bump goreleaser/goreleaser-action from 7.1.0 to 7.2.1
…ocs/book/src/simple-external-plugin-tutorial/testdata/sampleexternalplugin/v1/github.com/onsi/ginkgo/v2-2.28.2 📖 Bump github.com/onsi/ginkgo/v2 from 2.28.1 to 2.28.2 in /docs/book/src/simple-external-plugin-tutorial/testdata/sampleexternalplugin/v1
Bumps [github.com/onsi/ginkgo/v2](https://github.com/onsi/ginkgo) from 2.28.2 to 2.28.3. - [Release notes](https://github.com/onsi/ginkgo/releases) - [Changelog](https://github.com/onsi/ginkgo/blob/master/CHANGELOG.md) - [Commits](onsi/ginkgo@v2.28.2...v2.28.3) --- updated-dependencies: - dependency-name: github.com/onsi/ginkgo/v2 dependency-version: 2.28.3 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>
Bumps [github.com/onsi/gomega](https://github.com/onsi/gomega) from 1.39.1 to 1.40.0. - [Release notes](https://github.com/onsi/gomega/releases) - [Changelog](https://github.com/onsi/gomega/blob/master/CHANGELOG.md) - [Commits](onsi/gomega@v1.39.1...v1.40.0) --- updated-dependencies: - dependency-name: github.com/onsi/gomega dependency-version: 1.40.0 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>
…ithub.com/onsi/gomega-1.40.0 🌱 Bump github.com/onsi/gomega from 1.39.1 to 1.40.0
Bumps [github.com/onsi/ginkgo/v2](https://github.com/onsi/ginkgo) from 2.28.2 to 2.28.3. - [Release notes](https://github.com/onsi/ginkgo/releases) - [Changelog](https://github.com/onsi/ginkgo/blob/master/CHANGELOG.md) - [Commits](onsi/ginkgo@v2.28.2...v2.28.3) --- updated-dependencies: - dependency-name: github.com/onsi/ginkgo/v2 dependency-version: 2.28.3 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>
…ocs/book/src/simple-external-plugin-tutorial/testdata/sampleexternalplugin/v1/github.com/onsi/ginkgo/v2-2.28.3 📖 Bump github.com/onsi/ginkgo/v2 from 2.28.2 to 2.28.3 in /docs/book/src/simple-external-plugin-tutorial/testdata/sampleexternalplugin/v1
…ithub.com/onsi/ginkgo/v2-2.28.3 🌱 Bump github.com/onsi/ginkgo/v2 from 2.28.2 to 2.28.3
|
You are seeing this message because GitHub Code Scanning has recently been set up for this repository, or this pull request contains the workflow file for the Code Scanning tool. What Enabling Code Scanning Means:
For more information about GitHub Code Scanning, check out the documentation. |
Contributor
|
[APPROVALNOTIFIER] This PR is APPROVED This pull-request has been approved by: camilamacedo86 The full list of commands accepted by this bot can be found here. The pull request process is described here DetailsNeeds approval from an approver in each of these files:
Approvers can indicate their approval by writing |
k8s-ci-robot
added
approved
camilamacedo86
added
the
lgtm
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
15 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
No description provided.