v1.60.0

Notice

This release bumps k8s to 1.34

What's Changed

• Bump the k8s-dependencies group across 1 directory with 6 updates by @dependabot[bot] in #1772
• Add PodMonitor to supported resources by @WanzenBug in #1795
• release/goreleaser.opm.Dockerfile: parameterize grpc-health-probe version by @joelanford in #1801
• update o-f/api as prep for release by @grokspawn in #1806

New Contributors

• @WanzenBug made their first contribution in #1795

Full Changelog: v1.59.0...v1.60.0

v1.59.0

What's Changed

• OPRUN-4118: migrate containers libs to new mono-repo by @anik120 in #1799

Full Changelog: v1.58.0...v1.59.0

v1.58.0

Potential breaking changes

• #1750 introduced ratcheted criteria for opm validate which includes the ability to validate that no included bundle versions are stranded, since without validation it's relatively easy to create edges which OLM ignores when evaluating potential upgrades. Capabilities added to opm alpha render-graph in #1744 attempt to make this more apparent to operator authors.

What's Changed

• Bump github.com/golang-migrate/migrate/v4 from 4.18.3 to 4.19.0 by @dependabot[bot] in #1774
• Bump github.com/spf13/pflag from 1.0.7 to 1.0.8 by @dependabot[bot] in #1775
• 🐛 Add key ordering for mermaid graph output by @perdasilva in #1778
• Bump github.com/spf13/cobra from 1.9.1 to 1.10.1 by @perdasilva in #1776
• Bump github.com/spf13/cobra from 1.9.1 to 1.10.1 by @dependabot[bot] in #1779
• Bump github.com/ulikunitz/xz from 0.5.12 to 0.5.14 by @dependabot[bot] in #1781
• Bump github.com/spf13/pflag from 1.0.9 to 1.0.10 by @dependabot[bot] in #1782
• Bump github.com/containers/image/v5 from 5.36.1 to 5.36.2 by @dependabot[bot] in #1783
• Bump github.com/docker/cli from 28.3.3+incompatible to 28.4.0+incompatible by @dependabot[bot] in #1784
• Bump github.com/containers/common from 0.64.1 to 0.64.2 by @dependabot[bot] in #1785
• Bump github.com/onsi/ginkgo/v2 from 2.25.2 to 2.25.3 by @dependabot[bot] in #1786
• Bump actions/stale from 9 to 10 by @dependabot[bot] in #1787
• Bump actions/setup-go from 5 to 6 by @dependabot[bot] in #1788
• Bump the golang-x-deps group with 2 updates by @dependabot[bot] in #1789
• validate fail for stranded channel entries by @grokspawn in #1750
• Bump google.golang.org/protobuf from 1.36.8 to 1.36.9 by @dependabot[bot] in #1793
• Bump github.com/maxbrunsfeld/counterfeiter/v6 from 6.11.3 to 6.12.0 by @dependabot[bot] in #1791
• Bump google.golang.org/grpc from 1.75.0 to 1.75.1 by @dependabot[bot] in #1796
• Bump the golang-x-deps group across 1 directory with 2 updates by @dependabot[bot] in #1797
• set an exception for migrate file permissions by @grokspawn in #1798

Full Changelog: v1.57.0...v1.58.0

v1.57.0

What's Changed

• Bump github.com/tidwall/btree from 1.7.0 to 1.8.0 by @dependabot[bot] in #1711
• Bump github.com/docker/cli from 28.3.1+incompatible to 28.3.2+incompatible by @dependabot[bot] in #1713
• Bump golang.org/x/sync from 0.15.0 to 0.16.0 by @dependabot[bot] in #1714
• Bump golang.org/x/text from 0.26.0 to 0.27.0 by @dependabot[bot] in #1715
• Bump golang.org/x/mod from 0.25.0 to 0.26.0 by @dependabot[bot] in #1712
• Bump golang.org/x/net from 0.41.0 to 0.42.0 by @dependabot[bot] in #1717
• Bump github.com/maxbrunsfeld/counterfeiter/v6 from 6.11.2 to 6.11.3 by @dependabot[bot] in #1719
• Bump github.com/containers/image/v5 from 5.35.0 to 5.36.0 by @dependabot[bot] in #1720
• Bump k8s.io/apimachinery from 0.33.2 to 0.33.3 by @dependabot[bot] in #1721
• Bump github.com/spf13/pflag from 1.0.6 to 1.0.7 by @dependabot[bot] in #1723
• Bump k8s.io/apiextensions-apiserver from 0.33.2 to 0.33.3 by @dependabot[bot] in #1722
• Bump google.golang.org/grpc from 1.73.0 to 1.74.2 by @dependabot[bot] in #1727
• Bump github.com/operator-framework/api from 0.32.0 to 0.33.0 by @dependabot[bot] in #1725
• Bump github.com/containers/common from 0.63.1 to 0.64.0 by @dependabot[bot] in #1728
• Bump github.com/onsi/gomega from 1.37.0 to 1.38.0 by @dependabot[bot] in #1729
• Bump sigs.k8s.io/yaml from 1.5.0 to 1.6.0 by @dependabot[bot] in #1730
• Bump github.com/mattn/go-sqlite3 from 1.14.28 to 1.14.30 by @dependabot[bot] in #1733
• Bump github.com/docker/cli from 28.3.2+incompatible to 28.3.3+incompatible by @dependabot[bot] in #1734
• Bump github.com/containerd/containerd from 1.7.27 to 1.7.28 by @dependabot[bot] in #1732
• Bump github.com/containers/image/v5 from 5.36.0 to 5.36.1 by @dependabot[bot] in #1735
• Bump actions/download-artifact from 4 to 5 by @dependabot[bot] in #1736
• Bump github.com/tidwall/btree from 1.8.0 to 1.8.1 by @dependabot[bot] in #1738
• Bump golang.org/x/sys from 0.34.0 to 0.35.0 by @dependabot[bot] in #1739
• Bump golang.org/x/mod from 0.26.0 to 0.27.0 by @dependabot[bot] in #1740
• Fix invalid ConfigMap key translation by @zimnx in #1742
• Bump github.com/containers/common from 0.64.0 to 0.64.1 by @dependabot[bot] in #1737
• Bump actions/checkout from 4 to 5 by @dependabot[bot] in #1743
• Bump github.com/mattn/go-sqlite3 from 1.14.30 to 1.14.32 by @dependabot[bot] in #1745
• Bump golang.org/x/net from 0.42.0 to 0.43.0 by @dependabot[bot] in #1746
• Bump github.com/onsi/ginkgo/v2 from 2.23.4 to 2.24.0 by @dependabot[bot] in #1748
• Bump github.com/grpc-ecosystem/grpc-health-probe from 0.4.39 to 0.4.40 by @dependabot[bot] in #1751
• Bump k8s.io/client-go from 0.33.3 to 0.33.4 by @dependabot[bot] in #1752
• Bump go.etcd.io/bbolt from 1.4.2 to 1.4.3 by @dependabot[bot] in #1753
• Bump google.golang.org/grpc from 1.74.2 to 1.75.0 by @dependabot[bot] in #1755
• Bump google.golang.org/protobuf from 1.36.6 to 1.36.7 by @dependabot[bot] in #1758
• 🐛 Fix typo in dependabot config by @perdasilva in #1759
• Bump k8s.io/apiextensions-apiserver from 0.33.3 to 0.33.4 by @dependabot[bot] in #1756
• Bump golang from 1.24-alpine to 1.25-alpine by @dependabot[bot] in #1760
• Bump google.golang.org/protobuf from 1.36.7 to 1.36.8 by @dependabot[bot] in #1761
• eliminate skipping same-Y.maxZ, which should only replace by @grokspawn in #1749
• initial working viz of ignored v0 edges by @grokspawn in #1744
• 🐛 Add sort to linkChannels output before diff check by @perdasilva in #1767
• Bump github.com/onsi/gomega from 1.38.0 to 1.38.1 by @dependabot[bot] in #1764
• Bump github.com/stretchr/testify from 1.10.0 to 1.11.0 by @dependabot[bot] in #1765
• Bump github.com/onsi/gomega from 1.38.1 to 1.38.2 by @dependabot[bot] in #1768
• Bump github.com/stretchr/testify from 1.11.0 to 1.11.1 by @dependabot[bot] in #1770
• Bump github.com/onsi/ginkgo/v2 from 2.25.1 to 2.25.2 by @dependabot[bot] in #1771
• bump api to v0.34.0 by @grokspawn in #1773

New Contributors

• @zimnx made their first contribution in #1742

Full Changelog: v1.56.0...v1.57.0

v1.56.0

What's Changed

• Bump sigs.k8s.io/kind from 0.28.0 to 0.29.0 by @dependabot in #1677
• 🌱 (ci) - Add stale config to close PRs and issues which are inactivity by @camilamacedo86 in #1681
• Bump google.golang.org/grpc from 1.72.1 to 1.72.2 by @dependabot in #1680
• Bump github.com/docker/cli from 28.1.1+incompatible to 28.2.1+incompatible by @dependabot in #1683
• Allow override of go-verdiff result via label by @tmshort in #1686
• Bump github.com/docker/cli from 28.2.1+incompatible to 28.2.2+incompatible by @dependabot in #1685
• Bump github.com/containers/common from 0.63.0 to 0.63.1 by @dependabot in #1687
• Bump golang.org/x/net from 0.40.0 to 0.41.0 by @dependabot in #1691
• Bump go.etcd.io/bbolt from 1.4.0 to 1.4.1 by @dependabot in #1692
• Install linux-headers in upstream-opm-builder by @jaywcarman in #1690
• Bump google.golang.org/grpc from 1.72.2 to 1.73.0 by @dependabot in #1693
• updating dependencies to support k8s 1.33 by @acornett21 in #1699
• Bump github.com/operator-framework/api from 0.31.0 to 0.32.0 by @dependabot in #1700
• Bump github.com/grpc-ecosystem/grpc-health-probe from 0.4.38 to 0.4.39 by @dependabot in #1701
• ✨ Upgrade indirect dependencies by @camilamacedo86 in #1702
• Bump github.com/docker/cli from 28.2.2+incompatible to 28.3.0+incompatible by @dependabot in #1704
• Bump sigs.k8s.io/yaml from 1.4.0 to 1.5.0 by @dependabot in #1706
• 🌱 remove bingo upgrade target by @grokspawn in #1707
• Bump go.etcd.io/bbolt from 1.4.1 to 1.4.2 by @dependabot in #1708
• Bump github.com/docker/cli from 28.3.0+incompatible to 28.3.1+incompatible by @dependabot in #1710
• 🌱 Upgrade bingo tooling deps by @camilamacedo86 in #1703

New Contributors

• @jaywcarman made their first contribution in #1690

Full Changelog: v1.55.0...v1.56.0

v1.55.0

What's Changed

• Bump oras.land/oras-go/v2 from 2.5.0 to 2.6.0 by @dependabot in #1668
• 🌱 (cleanup): Update Owner Alias - remove inactive maintainers by @camilamacedo86 in #1658
• 🌱 OWNER: Add camilamacedo86 and tmshort as approvers by @camilamacedo86 in #1669
• Bump google.golang.org/grpc from 1.72.0 to 1.72.1 by @dependabot in #1670
• Added NetworkPolicy as a supported kind:
  Operators can now include NetworkPolicy resources in their manifests. This enhancement enables more granular control over network security policies within Kubernetes clusters, improving isolation and control over network traffic between pods: PR #1675 by @rashmigottipati.
• Bump sigs.k8s.io/kind from 0.27.0 to 0.28.0 by @dependabot in #1676

Full Changelog: v1.54.0...v1.55.0

v1.54.0

What's Changed

• 🐛 Fixup go-verdiff job by @perdasilva in #1660
• Bump github.com/grpc-ecosystem/go-grpc-middleware/v2 from 2.3.1 to 2.3.2 by @dependabot in #1663
• Bump github.com/golang-migrate/migrate/v4 from 4.18.2 to 4.18.3 by @dependabot in #1662
• containers/image: remove signatures when copying in to OCI layout by @joelanford in #1664
• Bump golang.org/x/net from 0.39.0 to 0.40.0 by @dependabot in #1667
• Bump github.com/grpc-ecosystem/grpc-health-probe from 0.4.37 to 0.4.38 by @dependabot in #1666

Full Changelog: v1.53.0...v1.54.0

v1.53.0

Possible Breaking Changes

• #1626 introduces a new containers/image registry support. This requires a defined policy.json file in $HOME/.config/containers, /etc/containers, or as specified by your OS (reference).

Non-Breaking Changes

• #1656 reverts #1620, which led to an arbitrary golang version bump. We try to be mindful when these happen, and we missed it, so we've reverted it and providing a release without it. To the best of our knowledge this should not impact anyone, but please reach out if it creates a challenge.

What's Changed

• Containers image registry implementation with opt-in caching by @joelanford in #1626
• 🌱 Upgrade google.golang.org/grpc from v1.71.1 to v1.72.0 by @camilamacedo86 in #1652
• Bump github.com/grpc-ecosystem/go-grpc-middleware/v2 from 2.2.0 to 2.3.1 by @grokspawn in #1653
• Bump github.com/operator-framework/api from 0.30.0 to 0.31.0 by @dependabot in #1655
• Revert : Bump github.com/distribution/distribution/v3 from 3.0.0-rc.3 to 3.0.0-rc.4 PR: 1620 by @camilamacedo86 in #1656
• 🌱 Add go-version check to avoid introducing a version that we cannot support yet by @camilamacedo86 in #1657
• pkg/image: fixup containers/image registry test with a test-defined signature policy by @joelanford in #1654

Full Changelog: v1.52.0...v1.53.0

v1.52.0

What's Changed

• Bump github.com/docker/cli from 28.0.0+incompatible to 28.0.1+incompatible by @dependabot in #1592
• Bump github.com/containerd/containerd from 1.7.25 to 1.7.26 by @dependabot in #1593
• Bump github.com/containers/image/v5 from 5.34.0 to 5.34.1 by @dependabot in #1594
• Bump github.com/opencontainers/image-spec from 1.1.0 to 1.1.1 by @dependabot in #1596
• Bump github.com/containers/common from 0.62.0 to 0.62.1 by @dependabot in #1597
• Bump google.golang.org/grpc from 1.70.0 to 1.71.0 by @dependabot in #1600
• Bump golang.org/x/net from 0.35.0 to 0.36.0 by @dependabot in #1599
• Bump github.com/operator-framework/api from 0.29.0 to 0.30.0 by @dependabot in #1598
• 🌱 upgraded golang.org/x/oauth2 v0.23.0 => v0.27.0 by @camilamacedo86 in #1595
• Bump golang.org/x/text from 0.22.0 to 0.23.0 by @dependabot in #1603
• Bump golang.org/x/sync from 0.11.0 to 0.12.0 by @dependabot in #1604
• Bump github.com/onsi/ginkgo/v2 from 2.22.2 to 2.23.0 by @dependabot in #1602
• Bump golang.org/x/net from 0.36.0 to 0.37.0 by @dependabot in #1601
• Bump sigs.k8s.io/controller-runtime from 0.20.2 to 0.20.3 by @dependabot in #1607
• Bump github.com/containers/image/v5 from 5.34.1 to 5.34.2 by @dependabot in #1609
• Bump k8s.io/apimachinery from 0.32.2 to 0.32.3 by @dependabot in #1610
• Bump sigs.k8s.io/kind from 0.26.0 to 0.27.0 by @dependabot in #1587
• Bump golang.org/x/mod from 0.23.0 to 0.24.0 by @dependabot in #1606
• Bump k8s.io/apiextensions-apiserver from 0.32.2 to 0.32.3 by @dependabot in #1614
• Bump github.com/containers/common from 0.62.1 to 0.62.2 by @dependabot in #1612
• Bump github.com/containerd/containerd from 1.7.26 to 1.7.27 by @dependabot in #1615
• 🌱 Group k8s and golang.org/x dependencies by @perdasilva in #1616
• Bump github.com/onsi/ginkgo/v2 from 2.23.0 to 2.23.1 by @dependabot in #1618
• Bump github.com/docker/cli from 28.0.1+incompatible to 28.0.2+incompatible by @dependabot in #1617
• Bump github.com/onsi/ginkgo/v2 from 2.23.1 to 2.23.2 by @dependabot in #1619
• Bump github.com/onsi/ginkgo/v2 from 2.23.2 to 2.23.3 by @dependabot in #1622
• Bump google.golang.org/protobuf from 1.36.5 to 1.36.6 by @dependabot in #1624
• Bump github.com/onsi/gomega from 1.36.2 to 1.36.3 by @dependabot in #1621
• .github/workflows/test.yml: bump to ubuntu-latest by @joelanford in #1627
• (fix) declCfg non-closed file descriptor by @anik120 in #1625
• Bump github.com/distribution/distribution/v3 from 3.0.0-rc.3 to 3.0.0-rc.4 by @dependabot in #1620
• Bump sigs.k8s.io/controller-runtime from 0.20.3 to 0.20.4 by @dependabot in #1623
• Bump github.com/docker/cli from 28.0.2+incompatible to 28.0.4+incompatible by @dependabot in #1628
• Bump github.com/containers/common from 0.62.2 to 0.62.3 by @dependabot in #1631
• Bump golang.org/x/sys from 0.31.0 to 0.32.0 by @dependabot in #1632
• Bump github.com/distribution/distribution/v3 from 3.0.0-rc.4 to 3.0.0 by @dependabot in #1633
• Bump golang.org/x/text from 0.23.0 to 0.24.0 by @dependabot in #1638
• Bump github.com/onsi/gomega from 1.36.3 to 1.37.0 by @dependabot in #1635
• Bump golang.org/x/sync from 0.12.0 to 0.13.0 by @dependabot in #1636
• Bump google.golang.org/grpc from 1.71.0 to 1.71.1 by @dependabot in #1637
• Bump golang.org/x/net from 0.37.0 to 0.39.0 by @dependabot in #1640
• pkg/configmap: sort configmap data by key when loading bundle by @joelanford in #1630
• Bump github.com/mattn/go-sqlite3 from 1.14.24 to 1.14.27 by @dependabot in #1639
• Bump github.com/onsi/ginkgo/v2 from 2.23.3 to 2.23.4 by @dependabot in #1641
• Add support for ConsolePlugin resource by @jpinsonneau in #1634
• Bump github.com/containers/image/v5 from 5.34.3 to 5.35.0 by @dependabot in #1642
• Bump github.com/docker/cli from 28.0.4+incompatible to 28.1.1+incompatible by @dependabot in #1646
• Bump github.com/containers/common from 0.62.3 to 0.63.0 by @dependabot in #1645
• Bump github.com/mattn/go-sqlite3 from 1.14.27 to 1.14.28 by @dependabot in #1643

New Contributors

• @jpinsonneau made their first contribution in #1634

Full Changelog: v1.51.0...v1.52.0

v1.51.0

Possible Breaking Changes

• #1524 ratchets permissions on files written by opm by including only user (o600) permissions to align with security best practices. This impacts opm migrate output (for example).

What's Changed

• Bump github.com/otiai10/copy from 1.14.0 to 1.14.1 by @dependabot in #1545
• Bump google.golang.org/grpc from 1.68.1 to 1.69.4 by @dependabot in #1546
• Bump github.com/grpc-ecosystem/go-grpc-middleware/v2 from 2.1.0 to 2.2.0 by @dependabot in #1544
• fix bingo-upgrade target by @perdasilva in #1547
• Bump github.com/docker/cli from 27.4.1+incompatible to 27.5.0+incompatible by @dependabot in #1543
• Bump github.com/grpc-ecosystem/grpc-health-probe from 0.4.34 to 0.4.36 by @dependabot in #1548
• Bump google.golang.org/protobuf from 1.36.2 to 1.36.3 by @dependabot in #1550
• Bump github.com/grpc-ecosystem/grpc-health-probe from 0.4.36 to 0.4.37 by @dependabot in #1551
• Bump github.com/containers/image/v5 from 5.33.0 to 5.33.1 by @dependabot in #1549
• Bump github.com/distribution/distribution/v3 from 3.0.0-rc.1 to 3.0.0-rc.2 by @dependabot in #1542
• Bump k8s.io/api from 0.32.0 to 0.32.1 by @dependabot in #1552
• Bump github.com/containers/common from 0.61.0 to 0.61.1 by @dependabot in #1553
• Bump k8s.io/apimachinery from 0.32.0 to 0.32.1 by @dependabot in #1555
• Bump k8s.io/apiextensions-apiserver from 0.32.0 to 0.32.1 by @dependabot in #1554
• Bump sigs.k8s.io/controller-runtime from 0.19.4 to 0.20.0 by @dependabot in #1556
• Bump github.com/docker/cli from 27.5.0+incompatible to 27.5.1+incompatible by @dependabot in #1558
• Bump sigs.k8s.io/controller-runtime from 0.20.0 to 0.20.1 by @dependabot in #1559
• Bump google.golang.org/grpc from 1.69.4 to 1.70.0 by @dependabot in #1560
• Bump google.golang.org/protobuf from 1.36.3 to 1.36.4 by @dependabot in #1562
• Bump github.com/golang-migrate/migrate/v4 from 4.18.1 to 4.18.2 by @dependabot in #1563
• Bump github.com/spf13/pflag from 1.0.5 to 1.0.6 by @dependabot in #1565
• Bump github.com/containers/image/v5 from 5.33.1 to 5.34.0 by @dependabot in #1567
• Bump github.com/containers/common from 0.61.1 to 0.62.0 by @dependabot in #1566
• Bump golang.org/x/sys from 0.29.0 to 0.30.0 by @dependabot in #1569
• Bump golang.org/x/mod from 0.22.0 to 0.23.0 by @dependabot in #1570
• Bump go.etcd.io/bbolt from 1.3.11 to 1.4.0 by @dependabot in #1573
• Bump golang.org/x/sync from 0.10.0 to 0.11.0 by @dependabot in #1568
• Bump golang.org/x/text from 0.21.0 to 0.22.0 by @dependabot in #1571
• Bump google.golang.org/protobuf from 1.36.4 to 1.36.5 by @dependabot in #1574
• enable linting and bingo management of the lint tool by @grokspawn in #1524
• Bump github.com/containerd/errdefs from 0.3.0 to 1.0.0 by @dependabot in #1579
• Bump golang.org/x/net from 0.34.0 to 0.35.0 by @dependabot in #1578
• 🌱 exponential retry on name resolution to registries by @grokspawn in #1576
• Bump github.com/distribution/distribution/v3 from 3.0.0-rc.2 to 3.0.0-rc.3 by @dependabot in #1580
• 🌱 synch dockerfiles with grpc-health-probe version in go.mod by @grokspawn in #1577
• Bump k8s.io/apiextensions-apiserver from 0.32.1 to 0.32.2 by @dependabot in #1584
• Bump sigs.k8s.io/controller-runtime from 0.20.1 to 0.20.2 by @dependabot in #1585
• Bump github.com/spf13/cobra from 1.8.1 to 1.9.1 by @dependabot in #1586
• Bump github.com/docker/cli from 27.5.1+incompatible to 28.0.0+incompatible by @dependabot in #1589
• Bump github.com/google/go-cmp from 0.6.0 to 0.7.0 by @dependabot in #1590

Full Changelog: v1.50.0...v1.51.0