Merge main into release-2.2 for v2.2.1#638
Merged
Merged
Conversation
*Issue #, if available:* N/A *Description of changes:* As discussed in #618 (comment), the Python setup steps are not required since the steps depending on Python were removed in this commit: 72dd1bd. By submitting this pull request, I confirm that you can use, modify, copy, and redistribute this contribution, under the terms of your choice. Signed-off-by: Daniel Carl Jones <djonesoa@amazon.com>
Bumps [helm/chart-releaser-action](https://github.com/helm/chart-releaser-action) from 1.6.0 to 1.7.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/helm/chart-releaser-action/releases">helm/chart-releaser-action's releases</a>.</em></p> <blockquote> <h2>v1.7.0</h2> <p>For <code>cr</code> changes see <a href="https://github.com/helm/chart-releaser/releases/tag/v1.7.0">https://github.com/helm/chart-releaser/releases/tag/v1.7.0</a></p> <h2>What's Changed</h2> <ul> <li>Add --skip-upload input with latest helm/chart-releaser-action by <a href="https://github.com/acuD1"><code>@acuD1</code></a> in <a href="https://redirect.github.com/helm/chart-releaser-action/pull/143">helm/chart-releaser-action#143</a></li> <li>Update checkout action to v4 tag in README.md by <a href="https://github.com/maarten-blokker"><code>@maarten-blokker</code></a> in <a href="https://redirect.github.com/helm/chart-releaser-action/pull/187">helm/chart-releaser-action#187</a></li> <li>Fix indention by <a href="https://github.com/3schwartz"><code>@3schwartz</code></a> in <a href="https://redirect.github.com/helm/chart-releaser-action/pull/203">helm/chart-releaser-action#203</a></li> <li>update cr to v1.7.0 by <a href="https://github.com/cpanato"><code>@cpanato</code></a> in <a href="https://redirect.github.com/helm/chart-releaser-action/pull/220">helm/chart-releaser-action#220</a></li> </ul> <h2>New Contributors</h2> <ul> <li><a href="https://github.com/acuD1"><code>@acuD1</code></a> made their first contribution in <a href="https://redirect.github.com/helm/chart-releaser-action/pull/143">helm/chart-releaser-action#143</a></li> <li><a href="https://github.com/maarten-blokker"><code>@maarten-blokker</code></a> made their first contribution in <a href="https://redirect.github.com/helm/chart-releaser-action/pull/187">helm/chart-releaser-action#187</a></li> <li><a href="https://github.com/3schwartz"><code>@3schwartz</code></a> made their first contribution in <a href="https://redirect.github.com/helm/chart-releaser-action/pull/203">helm/chart-releaser-action#203</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/helm/chart-releaser-action/compare/v1...v1.7.0">https://github.com/helm/chart-releaser-action/compare/v1...v1.7.0</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/helm/chart-releaser-action/commit/cae68fefc6b5f367a0275617c9f83181ba54714f"><code>cae68fe</code></a> update cr to v1.7.0 (<a href="https://redirect.github.com/helm/chart-releaser-action/issues/220">#220</a>)</li> <li><a href="https://github.com/helm/chart-releaser-action/commit/d1e09fd16821c091b45aa754f65bae4dd675d425"><code>d1e09fd</code></a> Fix indention (<a href="https://redirect.github.com/helm/chart-releaser-action/issues/203">#203</a>)</li> <li><a href="https://github.com/helm/chart-releaser-action/commit/653ba944d4cb1f4b894994a8928bf519a641620b"><code>653ba94</code></a> Bump actions/checkout in the actions group across 1 directory (<a href="https://redirect.github.com/helm/chart-releaser-action/issues/201">#201</a>)</li> <li><a href="https://github.com/helm/chart-releaser-action/commit/45af99f369889d20f904e42dbad98118e80ff194"><code>45af99f</code></a> Bump actions/checkout from 4.1.4 to 4.1.5 in the actions group (<a href="https://redirect.github.com/helm/chart-releaser-action/issues/192">#192</a>)</li> <li><a href="https://github.com/helm/chart-releaser-action/commit/95930dc2bf5d353ff79972cb5c878a9a1289a79b"><code>95930dc</code></a> Update checkout action to v4 tag in README.md (<a href="https://redirect.github.com/helm/chart-releaser-action/issues/187">#187</a>)</li> <li><a href="https://github.com/helm/chart-releaser-action/commit/0eba7f523fccbf0577905877226d6c576fc2de61"><code>0eba7f5</code></a> Bump actions/checkout from 4.1.3 to 4.1.4 in the actions group (<a href="https://redirect.github.com/helm/chart-releaser-action/issues/190">#190</a>)</li> <li><a href="https://github.com/helm/chart-releaser-action/commit/09492f4b9670bf76e60f140461e72714e3a3a26d"><code>09492f4</code></a> Bump actions/checkout from 4.1.2 to 4.1.3 in the actions group (<a href="https://redirect.github.com/helm/chart-releaser-action/issues/189">#189</a>)</li> <li><a href="https://github.com/helm/chart-releaser-action/commit/13fe82a5149cf0b212e16453d25b3c59f2b4d3ef"><code>13fe82a</code></a> Bump the actions group with 1 update (<a href="https://redirect.github.com/helm/chart-releaser-action/issues/182">#182</a>)</li> <li><a href="https://github.com/helm/chart-releaser-action/commit/6203d709ca237fb26b724837f2c53716f244ee8c"><code>6203d70</code></a> Add --skip-upload input with latest helm/chart-releaser-action (<a href="https://redirect.github.com/helm/chart-releaser-action/issues/143">#143</a>)</li> <li>See full diff in <a href="https://github.com/helm/chart-releaser-action/compare/v1.6.0...v1.7.0">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps [slackapi/slack-github-action](https://github.com/slackapi/slack-github-action) from 2.1.0 to 2.1.1. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/slackapi/slack-github-action/releases">slackapi/slack-github-action's releases</a>.</em></p> <blockquote> <h2>Slack Send v2.1.1</h2> <h2>What's Changed</h2> <p>This release fixes an issue where substituted variables might've broken valid JSON or YAML parsings when using the <code>payload-file-path</code> input option.</p> <h3>🐛 Bug fixes</h3> <ul> <li>fix: parse provided payloads before replacing templated variables in <a href="https://redirect.github.com/slackapi/slack-github-action/pull/449">slackapi/slack-github-action#449</a> - Thanks <a href="https://github.com/zimeg"><code>@zimeg</code></a>!</li> </ul> <h3>📚 Documentation</h3> <ul> <li>docs: fix channel mention formatting in <a href="https://redirect.github.com/slackapi/slack-github-action/pull/447">slackapi/slack-github-action#447</a> - Thanks <a href="https://github.com/mwbrooks"><code>@mwbrooks</code></a>!</li> <li>docs: remove links to pages that are no longer referenced in markdown in <a href="https://redirect.github.com/slackapi/slack-github-action/pull/459">slackapi/slack-github-action#459</a> - Thanks <a href="https://github.com/zimeg"><code>@zimeg</code></a>!</li> </ul> <h3>🤖 Dependencies</h3> <ul> <li>build(deps): bump undici from 5.28.5 to 5.29.0 in <a href="https://redirect.github.com/slackapi/slack-github-action/pull/442">slackapi/slack-github-action#442</a> - Thanks <a href="https://github.com/dependabot"><code>@dependabot</code></a>!</li> <li>build(deps): bump codecov/codecov-action from 5.4.2 to 5.4.3 in <a href="https://redirect.github.com/slackapi/slack-github-action/pull/443">slackapi/slack-github-action#443</a> - Thanks <a href="https://github.com/dependabot"><code>@dependabot</code></a>!</li> <li>build(deps-dev): bump mocha from 11.1.0 to 11.5.0 in <a href="https://redirect.github.com/slackapi/slack-github-action/pull/450">slackapi/slack-github-action#450</a> - Thanks <a href="https://github.com/dependabot"><code>@dependabot</code></a>!</li> <li>build(deps): bump <code>@actions/github</code> from 6.0.0 to 6.0.1 in <a href="https://redirect.github.com/slackapi/slack-github-action/pull/451">slackapi/slack-github-action#451</a> - Thanks <a href="https://github.com/dependabot"><code>@dependabot</code></a>!</li> <li>build(deps-dev): bump <code>@types/node</code> from 22.15.3 to 22.15.29 in <a href="https://redirect.github.com/slackapi/slack-github-action/pull/452">slackapi/slack-github-action#452</a> - Thanks <a href="https://github.com/dependabot"><code>@dependabot</code></a>!</li> <li>build(deps): bump <code>@slack/web-api</code> from 7.9.1 to 7.9.2 in <a href="https://redirect.github.com/slackapi/slack-github-action/pull/453">slackapi/slack-github-action#453</a> - Thanks <a href="https://github.com/dependabot"><code>@dependabot</code></a>!</li> <li>build(deps): bump <code>@slack/web-api</code> from 7.9.2 to 7.9.3 in <a href="https://redirect.github.com/slackapi/slack-github-action/pull/462">slackapi/slack-github-action#462</a> - Thanks <a href="https://github.com/dependabot"><code>@dependabot</code></a>!</li> <li>build(deps): bump axios from 1.9.0 to 1.10.0 in <a href="https://redirect.github.com/slackapi/slack-github-action/pull/465">slackapi/slack-github-action#465</a> - Thanks <a href="https://github.com/dependabot"><code>@dependabot</code></a>!</li> <li>build(deps-dev): bump <code>@types/node</code> from 22.15.29 to 24.0.3 in <a href="https://redirect.github.com/slackapi/slack-github-action/pull/466">slackapi/slack-github-action#466</a> - Thanks <a href="https://github.com/dependabot"><code>@dependabot</code></a>!</li> <li>build(deps-dev): bump mocha from 11.5.0 to 11.7.1 in <a href="https://redirect.github.com/slackapi/slack-github-action/pull/468">slackapi/slack-github-action#468</a> - Thanks <a href="https://github.com/dependabot"><code>@dependabot</code></a>!</li> <li>build(deps-dev): bump mocha-suppress-logs from 0.5.1 to 0.6.0 in <a href="https://redirect.github.com/slackapi/slack-github-action/pull/469">slackapi/slack-github-action#469</a> - Thanks <a href="https://github.com/dependabot"><code>@dependabot</code></a>!</li> <li>build(deps-dev): bump sinon from 20.0.0 to 21.0.0 in <a href="https://redirect.github.com/slackapi/slack-github-action/pull/471">slackapi/slack-github-action#471</a> - Thanks <a href="https://github.com/dependabot"><code>@dependabot</code></a>!</li> <li>build(deps-dev): bump <code>@types/node</code> from 24.0.3 to 24.0.8 in <a href="https://redirect.github.com/slackapi/slack-github-action/pull/472">slackapi/slack-github-action#472</a> - Thanks <a href="https://github.com/dependabot"><code>@dependabot</code></a>!</li> <li>build(deps-dev): bump <code>@biomejs/biome</code> from 1.9.4 to 2.0.6 in <a href="https://redirect.github.com/slackapi/slack-github-action/pull/470">slackapi/slack-github-action#470</a> - Thanks <a href="https://github.com/dependabot"><code>@dependabot</code></a>!</li> </ul> <h3>🧰 Maintenance</h3> <ul> <li>ci: pin action hashes and escape variables with minimum permission in <a href="https://redirect.github.com/slackapi/slack-github-action/pull/441">slackapi/slack-github-action#441</a> - Thanks <a href="https://github.com/zimeg"><code>@zimeg</code></a>!</li> <li>build: create separate release branches for tagged releases on publish in <a href="https://redirect.github.com/slackapi/slack-github-action/pull/457">slackapi/slack-github-action#457</a> - Thanks <a href="https://github.com/zimeg"><code>@zimeg</code></a>!</li> <li>build: clone repository "docs" and configuration when syncing project docs in <a href="https://redirect.github.com/slackapi/slack-github-action/pull/467">slackapi/slack-github-action#467</a> - Thanks <a href="https://github.com/lukegalbraithrussell"><code>@lukegalbraithrussell</code></a>!</li> <li>chore(release): tag version 2.1.1 in <a href="https://redirect.github.com/slackapi/slack-github-action/pull/474">slackapi/slack-github-action#474</a> - Thanks <a href="https://github.com/zimeg"><code>@zimeg</code></a>!</li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/slackapi/slack-github-action/compare/v2.1.0...v2.1.1">https://github.com/slackapi/slack-github-action/compare/v2.1.0...v2.1.1</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/slackapi/slack-github-action/commit/91efab103c0de0a537f72a35f6b8cda0ee76bf0a"><code>91efab1</code></a> Release</li> <li><a href="https://github.com/slackapi/slack-github-action/commit/b6f4640825302dc9b85bd5ffbe34dfc7a762e404"><code>b6f4640</code></a> chore(release): tag version 2.1.1 (<a href="https://redirect.github.com/slackapi/slack-github-action/issues/474">#474</a>)</li> <li><a href="https://github.com/slackapi/slack-github-action/commit/d3dc61e5d1355f17c060df3210cda7044341866e"><code>d3dc61e</code></a> build(deps-dev): bump <code>@biomejs/biome</code> from 1.9.4 to 2.0.6 (<a href="https://redirect.github.com/slackapi/slack-github-action/issues/470">#470</a>)</li> <li><a href="https://github.com/slackapi/slack-github-action/commit/f647c89261423b9045f1ecc4f887c2e62ff6f33d"><code>f647c89</code></a> build(deps-dev): bump <code>@types/node</code> from 24.0.3 to 24.0.8 (<a href="https://redirect.github.com/slackapi/slack-github-action/issues/472">#472</a>)</li> <li><a href="https://github.com/slackapi/slack-github-action/commit/e6fa63302e670473dcb1695b744c15895d615227"><code>e6fa633</code></a> build(deps-dev): bump sinon from 20.0.0 to 21.0.0 (<a href="https://redirect.github.com/slackapi/slack-github-action/issues/471">#471</a>)</li> <li><a href="https://github.com/slackapi/slack-github-action/commit/75b7822f871b0c9c128cae6c27efc029b1f6c1de"><code>75b7822</code></a> build(deps-dev): bump mocha-suppress-logs from 0.5.1 to 0.6.0 (<a href="https://redirect.github.com/slackapi/slack-github-action/issues/469">#469</a>)</li> <li><a href="https://github.com/slackapi/slack-github-action/commit/d7b6150e2a1b713e9aaf24e1559a11dfdf0f2a2d"><code>d7b6150</code></a> build(deps-dev): bump mocha from 11.5.0 to 11.7.1 (<a href="https://redirect.github.com/slackapi/slack-github-action/issues/468">#468</a>)</li> <li><a href="https://github.com/slackapi/slack-github-action/commit/a7f5b68f29d9c4eb439f490ee90bda80a34ed6f5"><code>a7f5b68</code></a> build: clone repository "docs" and configuration when syncing project docs (#...</li> <li><a href="https://github.com/slackapi/slack-github-action/commit/c69deab25713549329730019e9c20a81d09bb4cd"><code>c69deab</code></a> build(deps-dev): bump <code>@types/node</code> from 22.15.29 to 24.0.3 (<a href="https://redirect.github.com/slackapi/slack-github-action/issues/466">#466</a>)</li> <li><a href="https://github.com/slackapi/slack-github-action/commit/1d0943cb8c8bca873d09b7b9638f3a94f89d829a"><code>1d0943c</code></a> build(deps): bump axios from 1.9.0 to 1.10.0 (<a href="https://redirect.github.com/slackapi/slack-github-action/issues/465">#465</a>)</li> <li>Additional commits viewable in <a href="https://github.com/slackapi/slack-github-action/compare/v2.1.0...v2.1.1">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
…ncipal (#622) *Issue #, if available:* N/A *Description of changes:* The project previously conflated JWT token audiences and AWS service principals, hence an earlier change was not quite the right one: 2660105 This change partially reverts that, and introduces configuration for the AWS service principal only. By submitting this pull request, I confirm that you can use, modify, copy, and redistribute this contribution, under the terms of your choice. Signed-off-by: Daniel Carl Jones <djonesoa@amazon.com>
…/e2e-kubernetes (#627) Bumps [github.com/containerd/containerd](https://github.com/containerd/containerd) from 1.7.27 to 1.7.29. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/containerd/containerd/releases">github.com/containerd/containerd's releases</a>.</em></p> <blockquote> <h2>containerd 1.7.29</h2> <p>Welcome to the v1.7.29 release of containerd!</p> <p>The twenty-ninth patch release for containerd 1.7 contains various fixes and updates including security patches.</p> <h3>Security Updates</h3> <ul> <li> <p><strong>containerd</strong></p> <ul> <li><a href="https://github.com/containerd/containerd/security/advisories/GHSA-pwhc-rpq9-4c8w"><strong>GHSA-pwhc-rpq9-4c8w</strong></a></li> <li><a href="https://github.com/containerd/containerd/security/advisories/GHSA-m6hq-p25p-ffr2"><strong>GHSA-m6hq-p25p-ffr2</strong></a></li> </ul> </li> <li> <p><strong>runc</strong></p> <ul> <li><a href="https://github.com/opencontainers/runc/security/advisories/GHSA-qw9x-cqr3-wc7r"><strong>GHSA-qw9x-cqr3-wc7r</strong></a></li> <li><a href="https://github.com/opencontainers/runc/security/advisories/GHSA-cgrx-mc8f-2prm"><strong>GHSA-cgrx-mc8f-2prm</strong></a></li> <li><a href="https://github.com/opencontainers/runc/security/advisories/GHSA-9493-h29p-rfm2"><strong>GHSA-9493-h29p-rfm2</strong></a></li> </ul> </li> </ul> <h3>Highlights</h3> <h4>Image Distribution</h4> <ul> <li><strong>Update differ to handle zstd media types</strong> (<a href="https://redirect.github.com/containerd/containerd/pull/12018">#12018</a>)</li> </ul> <h4>Runtime</h4> <ul> <li><strong>Update runc binary to v1.3.3</strong> (<a href="https://redirect.github.com/containerd/containerd/pull/12480">#12480</a>)</li> <li><strong>Fix lost container logs from quickly closing io</strong> (<a href="https://redirect.github.com/containerd/containerd/pull/12375">#12375</a>)</li> </ul> <p>Please try out the release binaries and report any issues at <a href="https://github.com/containerd/containerd/issues">https://github.com/containerd/containerd/issues</a>.</p> <h3>Contributors</h3> <ul> <li>Derek McGowan</li> <li>Akihiro Suda</li> <li>Phil Estes</li> <li>Austin Vazquez</li> <li>Sebastiaan van Stijn</li> <li>ningmingxiao</li> <li>Maksym Pavlenko</li> <li>StepSecurity Bot</li> <li>wheat2018</li> </ul> <h3>Changes</h3> <!-- raw HTML omitted --> <ul> <li><a href="https://github.com/containerd/containerd/commit/442cb34bda9a6a0fed82a2ca7cade05c5c749582"><code>442cb34bd</code></a> Merge commit from fork</li> <li><a href="https://github.com/containerd/containerd/commit/0450f046e6942e513d0ebf1ef5c2aff13daa187f"><code>0450f046e</code></a> Fix directory permissions</li> <li><a href="https://github.com/containerd/containerd/commit/e5cb6ddb7a7730c24253a94d7fdb6bbe13dba6f7"><code>e5cb6ddb7</code></a> Merge commit from fork</li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/containerd/containerd/commit/442cb34bda9a6a0fed82a2ca7cade05c5c749582"><code>442cb34</code></a> Merge commit from fork</li> <li><a href="https://github.com/containerd/containerd/commit/e5cb6ddb7a7730c24253a94d7fdb6bbe13dba6f7"><code>e5cb6dd</code></a> Merge commit from fork</li> <li><a href="https://github.com/containerd/containerd/commit/9772966401ad3c33a6cd824632f0c61e5049f3a5"><code>9772966</code></a> Merge pull request <a href="https://redirect.github.com/containerd/containerd/issues/12486">#12486</a> from dmcgowan/prepare-v1.7.29</li> <li><a href="https://github.com/containerd/containerd/commit/1fc2daaf3ed53f4c9e76fbc5786a6f1ae3bb885f"><code>1fc2daa</code></a> Prepare release notes for v1.7.29</li> <li><a href="https://github.com/containerd/containerd/commit/93f710a528958474f95a95e54516624ef832d80f"><code>93f710a</code></a> Merge pull request <a href="https://redirect.github.com/containerd/containerd/issues/12480">#12480</a> from k8s-infra-cherrypick-robot/cherry-pick-12475-t...</li> <li><a href="https://github.com/containerd/containerd/commit/68d04befab3284f1dfe2a9f5691ea5da76daace7"><code>68d04be</code></a> Merge pull request <a href="https://redirect.github.com/containerd/containerd/issues/12471">#12471</a> from austinvazquez/1_7_update_ci_go_and_images</li> <li><a href="https://github.com/containerd/containerd/commit/3f5f9f872707a743563d316e85e530193a2e30ac"><code>3f5f9f8</code></a> runc: Update runc binary to v1.3.3</li> <li><a href="https://github.com/containerd/containerd/commit/667409fb63098cb80280940ab06038114e7712da"><code>667409f</code></a> ci: bump Go 1.24.9, 1.25.3</li> <li><a href="https://github.com/containerd/containerd/commit/294f8c027b607c4450b3e52f44280581a737a73f"><code>294f8c0</code></a> Update GHA runners to use latest images for basic binaries build</li> <li><a href="https://github.com/containerd/containerd/commit/cf66b4141defb757dee0fc5653bfd0a7ba1e8fed"><code>cf66b41</code></a> Update GHA runners to use latest image for most jobs</li> <li>Additional commits viewable in <a href="https://github.com/containerd/containerd/compare/v1.7.27...v1.7.29">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/awslabs/mountpoint-s3-csi-driver/network/alerts). </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
*Issue #, if available:* N/A *Description of changes:* This log was useful when debugging test failures. By submitting this pull request, I confirm that you can use, modify, copy, and redistribute this contribution, under the terms of your choice. Signed-off-by: Daniel Carl Jones <djonesoa@amazon.com>
…on (#623) *Issue #, if available:* N/A *Description of changes:* Update the eksctl delete cluster script to support deleting stacks with termination protection enabled. By submitting this pull request, I confirm that you can use, modify, copy, and redistribute this contribution, under the terms of your choice.
*Issue #, if available:* N/A *Description of changes:* Adding explicit permissions to adopt least-privilege principle in workflows. Some permissions were no longer used: for example, we no longer publish the test coverage although we still tried to write it to the job summary. This removes that for now. By submitting this pull request, I confirm that you can use, modify, copy, and redistribute this contribution, under the terms of your choice. Signed-off-by: Daniel Carl Jones <djonesoa@amazon.com>
…s/e2e-kubernetes (#631) Bumps [github.com/opencontainers/selinux](https://github.com/opencontainers/selinux) from 1.11.1 to 1.13.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/opencontainers/selinux/releases">github.com/opencontainers/selinux's releases</a>.</em></p> <blockquote> <h2>v1.13.0</h2> <h2>What's Changed</h2> <ul> <li>Switch to golangci-lint v2 by <a href="https://github.com/kolyshkin"><code>@kolyshkin</code></a> in <a href="https://redirect.github.com/opencontainers/selinux/pull/230">opencontainers/selinux#230</a></li> <li>build(deps): bump actions/checkout from 4 to 5 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/opencontainers/selinux/pull/233">opencontainers/selinux#233</a></li> <li>build(deps): bump actions/setup-go from 5 to 6 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/opencontainers/selinux/pull/234">opencontainers/selinux#234</a></li> <li>keyring: fix typo in EACCES check by <a href="https://github.com/cyphar"><code>@cyphar</code></a> in <a href="https://redirect.github.com/opencontainers/selinux/pull/235">opencontainers/selinux#235</a></li> <li>Add Go 1.25, drop go 1.23, bump golangci-lint by <a href="https://github.com/kolyshkin"><code>@kolyshkin</code></a> in <a href="https://redirect.github.com/opencontainers/selinux/pull/236">opencontainers/selinux#236</a></li> <li>selinux: migrate to pathrs-lite procfs API by <a href="https://github.com/cyphar"><code>@cyphar</code></a> in <a href="https://redirect.github.com/opencontainers/selinux/pull/237">opencontainers/selinux#237</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/opencontainers/selinux/compare/v1.12.0...v1.13.0">https://github.com/opencontainers/selinux/compare/v1.12.0...v1.13.0</a></p> <h2>v1.12.0</h2> <p>This release removes deprecated functions from the <code>label</code> package, and improves documentation and error reporting of <code>SetCreateKey</code>.</p> <h2>What's Changed</h2> <ul> <li>VERSION: remove by <a href="https://github.com/kolyshkin"><code>@kolyshkin</code></a> in <a href="https://redirect.github.com/opencontainers/selinux/pull/217">opencontainers/selinux#217</a></li> <li>CI: add AlmaLinux 8, CentOS Stream 9, and Fedora by <a href="https://github.com/AkihiroSuda"><code>@AkihiroSuda</code></a> in <a href="https://redirect.github.com/opencontainers/selinux/pull/221">opencontainers/selinux#221</a></li> <li>ci: install git-core by <a href="https://github.com/kolyshkin"><code>@kolyshkin</code></a> in <a href="https://redirect.github.com/opencontainers/selinux/pull/224">opencontainers/selinux#224</a></li> <li>CI: add openSUSE Tumbleweed by <a href="https://github.com/AkihiroSuda"><code>@AkihiroSuda</code></a> in <a href="https://redirect.github.com/opencontainers/selinux/pull/223">opencontainers/selinux#223</a></li> <li>Bump Go version, deps, fix some linter issues... by <a href="https://github.com/kolyshkin"><code>@kolyshkin</code></a> in <a href="https://redirect.github.com/opencontainers/selinux/pull/218">opencontainers/selinux#218</a></li> <li>label: remove deprecated stuff by <a href="https://github.com/kolyshkin"><code>@kolyshkin</code></a> in <a href="https://redirect.github.com/opencontainers/selinux/pull/228">opencontainers/selinux#228</a></li> <li>Improve SetKeyCreate error reporting, fix test flakes by <a href="https://github.com/kolyshkin"><code>@kolyshkin</code></a> in <a href="https://redirect.github.com/opencontainers/selinux/pull/227">opencontainers/selinux#227</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/opencontainers/selinux/compare/v1.11.1...v1.12.0">https://github.com/opencontainers/selinux/compare/v1.11.1...v1.12.0</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/opencontainers/selinux/commit/4be9937fb76c0c49a30469135a4077fcc33712b8"><code>4be9937</code></a> Merge pull request <a href="https://redirect.github.com/opencontainers/selinux/issues/237">#237</a> from cyphar/selinux-safe-procfs</li> <li><a href="https://github.com/opencontainers/selinux/commit/c8cfa6fd2d285a96022203163c2075eda85bff54"><code>c8cfa6f</code></a> selinux: migrate to pathrs-lite procfs API</li> <li><a href="https://github.com/opencontainers/selinux/commit/f2424d8145e2ac45a0ec457e39758cd58e573285"><code>f2424d8</code></a> Merge pull request <a href="https://redirect.github.com/opencontainers/selinux/issues/236">#236</a> from kolyshkin/modernize-ci</li> <li><a href="https://github.com/opencontainers/selinux/commit/648ce7f0f85f4a310d1cd7317986fc1d6c8ff41c"><code>648ce7f</code></a> ci: add go 1.25</li> <li><a href="https://github.com/opencontainers/selinux/commit/916cab932c940e0fc55f0c8404d503665160dd9c"><code>916cab9</code></a> ci: bump golangci-lint to v2.5</li> <li><a href="https://github.com/opencontainers/selinux/commit/b42e5c8eff8eab7ee590cc61d78fd3e2d38e3309"><code>b42e5c8</code></a> all: format sources with latest gofumpt</li> <li><a href="https://github.com/opencontainers/selinux/commit/74393ea060f4db5bae4002d42d28b0907c8b26b6"><code>74393ea</code></a> Merge pull request <a href="https://redirect.github.com/opencontainers/selinux/issues/235">#235</a> from cyphar/fix-keyring-err-check</li> <li><a href="https://github.com/opencontainers/selinux/commit/6ec194b9a845fa4a14cd6bd1c0458ddc44d21407"><code>6ec194b</code></a> keyring: fix typo in EACCES check</li> <li><a href="https://github.com/opencontainers/selinux/commit/879a755db558501df06f4ea59461ebc2d0c4a991"><code>879a755</code></a> Merge pull request <a href="https://redirect.github.com/opencontainers/selinux/issues/234">#234</a> from opencontainers/dependabot/github_actions/actions...</li> <li><a href="https://github.com/opencontainers/selinux/commit/3c1bd9a95bfcc23ae12ed024d1bc9db9537b2d4f"><code>3c1bd9a</code></a> build(deps): bump actions/setup-go from 5 to 6</li> <li>Additional commits viewable in <a href="https://github.com/opencontainers/selinux/compare/v1.11.1...v1.13.0">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/awslabs/mountpoint-s3-csi-driver/network/alerts). </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
*Issue #, if available:* N/A *Description of changes:* Updated the schedule for Dependabot to weekly and removed the limit on open pull requests. By submitting this pull request, I confirm that you can use, modify, copy, and redistribute this contribution, under the terms of your choice.
*Issue #, if available:* #626 *Description of changes:* With Mountpoint CSI Driver V2, the opening of the FUSE device moved from the invocation of Mountpoint as a host process to the node daemon which now hands it over to an unprivileged Mountpoint. Unfortunately, this changed the PID namespace from the host namespace to a namespace specific to the node daemon impacting how the kernel sends PIDs to Mountpoint. All PIDs result in zero, as the FUSE daemon should not have visibility into other namespaces according to the kernel. This change moves the node daemon to the host PID namespace. The FUSE device will now be opened in the host PID namespace, and the FUSE driver in the kernel will hand over host PIDs to Mountpoint allowing it to correctly implement Mountpoint semantics. The change has been tested manually by rerunning an application that was impacted by this bug, and it has additionally been tested by installing in an ROSA cluster and verifying pods can be started (but no verification of Mountpoint behavior itself). By submitting this pull request, I confirm that you can use, modify, copy, and redistribute this contribution, under the terms of your choice. Signed-off-by: Daniel Carl Jones <djonesoa@amazon.com>
…es (#635) Bumps [golang.org/x/crypto](https://github.com/golang/crypto) from 0.40.0 to 0.45.0. <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/golang/crypto/commit/4e0068c0098be10d7025c99ab7c50ce454c1f0f9"><code>4e0068c</code></a> go.mod: update golang.org/x dependencies</li> <li><a href="https://github.com/golang/crypto/commit/e79546e28b85ea53dd37afe1c4102746ef553b9c"><code>e79546e</code></a> ssh: curb GSSAPI DoS risk by limiting number of specified OIDs</li> <li><a href="https://github.com/golang/crypto/commit/f91f7a7c31bf90b39c1de895ad116a2bacc88748"><code>f91f7a7</code></a> ssh/agent: prevent panic on malformed constraint</li> <li><a href="https://github.com/golang/crypto/commit/2df4153a0311bdfea44376e0eb6ef2faefb0275b"><code>2df4153</code></a> acme/autocert: let automatic renewal work with short lifetime certs</li> <li><a href="https://github.com/golang/crypto/commit/bcf6a849efcf4702fa5172cb0998b46c3da1e989"><code>bcf6a84</code></a> acme: pass context to request</li> <li><a href="https://github.com/golang/crypto/commit/b4f2b62076abeee4e43fb59544dac565715fbf1e"><code>b4f2b62</code></a> ssh: fix error message on unsupported cipher</li> <li><a href="https://github.com/golang/crypto/commit/79ec3a51fcc7fbd2691d56155d578225ccc542e2"><code>79ec3a5</code></a> ssh: allow to bind to a hostname in remote forwarding</li> <li><a href="https://github.com/golang/crypto/commit/122a78f140d9d3303ed3261bc374bbbca149140f"><code>122a78f</code></a> go.mod: update golang.org/x dependencies</li> <li><a href="https://github.com/golang/crypto/commit/c0531f9c34514ad5c5551e2d6ce569ca673a8afd"><code>c0531f9</code></a> all: eliminate vet diagnostics</li> <li><a href="https://github.com/golang/crypto/commit/0997000b45e3a40598272081bcad03ffd21b8adb"><code>0997000</code></a> all: fix some comments</li> <li>Additional commits viewable in <a href="https://github.com/golang/crypto/compare/v0.40.0...v0.45.0">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/awslabs/mountpoint-s3-csi-driver/network/alerts). </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
*Issue #, if available:* N/A *Description of changes:* Prepare v2.2.1 release. By submitting this pull request, I confirm that you can use, modify, copy, and redistribute this contribution, under the terms of your choice. Signed-off-by: Daniel Carl Jones <djonesoa@amazon.com>
muddyfish
approved these changes
Nov 20, 2025
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Updating release branch.
By submitting this pull request, I confirm that you can use, modify, copy, and redistribute this contribution, under the terms of your choice.