Bump kubevirt.io/containerized-data-importer-api from 1.56.0 to 1.63.0

[dependabot]

Bumps kubevirt.io/containerized-data-importer-api from 1.56.0 to 1.63.0.

Release notes

Sourced from kubevirt.io/containerized-data-importer-api's releases.

v1.63.0

This release follows v1.62.0 and consists of 56 changes, contributed by 13 people, leading to 141 files changed, 5071 insertions(+), 3395 deletions(-).

The source code and selected binaries are available for download at: https://github.com/kubevirt/containerized-data-importer/releases/tag/v1.63.0.

Pre-built CDI containers are published on Quay.io and can be viewed at: https://quay.io/repository/kubevirt/cdi-controller/ https://quay.io/repository/kubevirt/cdi-importer/ https://quay.io/repository/kubevirt/cdi-cloner/ https://quay.io/repository/kubevirt/cdi-uploadproxy/ https://quay.io/repository/kubevirt/cdi-apiserver/ https://quay.io/repository/kubevirt/cdi-uploadserver/ https://quay.io/repository/kubevirt/cdi-operator/

Notable changes

Enhancement: Reduce memory usage for multi-stage VDDK imports when the source snapshot has many changes Enhancement: VDDK: add CRD field for extra configuration arguments BugFix: Add clone source watches in clone populator BugFix: decrease timeout trying to derive progress from a completed pod to avoid delaying progress updates BugFix: selected-node annotation prevents non topology constrained temp restores from binding BugFix: Fix Longhorn Filesystem capabilities BugFix: cdi-deployment Deployment selector changed to "cdi.kubevirt.io":"cdi-deployment" Enhancement: Allow increasing PVC size to the minimum supported by its storage class BugFix: CDI pods rejected when mutated with CSI inline volume due to it's SCC not allowing consensus volume plugins BugFix: Fix StorageProfile PVC rendering when there is no AccessMode or VolumeMode match BugFix: Remove RWX for filesystem PVC capability from default profile of IBM Block Storage CSI driver Enhancement: Termination message now gets reported correctly for CDI infra Pods. Enhancement: Labels on DataVolumes are now copied to the importer pod Enhancement: Enable WebhookPvcRendering feature gate by default Enhancement: Conditionally add ReadWriteMany Block to Portworx capabilities Enhancement: Annotate StorageProfiles with provisioner minimum supported PVC size BugFix: Event hotloop over SCC volume order changes BugFix: IBM Block Storage CSI driver storageprofile will use 'csi-clone' as the default cloneStrategy BugFix: Exclude scratch pvcs from velero backup Enhancement: Introduce support for architecture specific image import with registry datasource Enhancement: Allow DataSources to reference the source of another DataSource using new Source.DataSource option BugFix: Wrong clone strategy for upstream cephfs Bugfix: Fix math in overhead size calculations:     When using the storage API, PVC disk size is now correctly inflated to account for filesystem overhead.     When using the PVC API, usable disk space is now calculated more accurately with "allocatedSize / (1 + overhead)".     This may result in changes in usable size compared to the previous behavior. Enhancement: Increase default filesystem overhead to 6% Enhancement: Defined storagecapabilities for the synology-csi driver, fully populating the storageprofile for related synology storage classes Enhancement: Add Google Cloud NetApp Volumes Flex storage capabilities BugFix: Add missing RBAC for ovirt and openstack volume populator CRDs Enhancement: Support DataImportCron update polling for DataVolume node pullMethod

... (truncated)

Commits

• 7182037 v1.63.0 release notes
• 8791cd4 [release-v1.63] Increase default filesystem overhead to 6% (#3857)
• 9dd9875 [release-v1.63] fix: add DataSource reference handling to authorize utils (#3...
• 6d48808 [release-v1.63] Tests: Improve Datavolume test resiliency (#3853)
• 7d9d083 dataimportcron-controller: propagate labels from DIC to datasource (#3844)
• 336de41 metrics-server: use SecureServing option (#3839)
• 8c03050 Run go run ./robots/cmd/uploader -workspace /home/prow/go/src/github.com/kube...
• f7a8deb Support DIC DV node pullMethod for update polling (#3798)
• 6668ed6 Add missing RBAC to forklift volume populator CRDs. (#3807)
• 115d66a Add GCNV storage capabilities (#3821)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[bulwark-spectrocloud]

⚠️ GoSec scan found code issues:

1. G115: integer overflow conversion int -> uint32, Severity: HIGH
   • 1. File: /home/runner/_work/bulwark/bulwark/target-repo/spectrocloud/kubevirt/schema/virtualmachineinstance/domain_spec.go:295:26
   • 2. File: /home/runner/_work/bulwark/bulwark/target-repo/spectrocloud/kubevirt/schema/virtualmachineinstance/domain_spec.go:292:26
   • 3. File: /home/runner/_work/bulwark/bulwark/target-repo/spectrocloud/kubevirt/schema/virtualmachineinstance/domain_spec.go:289:24
   • 4. File: /home/runner/_work/bulwark/bulwark/target-repo/spectrocloud/workspace_rbac.go:42:19
   • 5. File: /home/runner/_work/bulwark/bulwark/target-repo/spectrocloud/workspace_namespace.go:41:20
   • 6. File: /home/runner/_work/bulwark/bulwark/target-repo/spectrocloud/resource_platform_setting.go:395:58
   • 7. File: /home/runner/_work/bulwark/bulwark/target-repo/spectrocloud/resource_platform_setting.go:144:57
   • 8. File: /home/runner/_work/bulwark/bulwark/target-repo/spectrocloud/resource_pcg_ippool.go:207:20
   • 9. File: /home/runner/_work/bulwark/bulwark/target-repo/spectrocloud/resource_developer_setting.go:73:30
   • 10. File: /home/runner/_work/bulwark/bulwark/target-repo/spectrocloud/resource_developer_setting.go:72:30
   • 11. File: /home/runner/_work/bulwark/bulwark/target-repo/spectrocloud/resource_developer_setting.go:71:30
   • 12. File: /home/runner/_work/bulwark/bulwark/target-repo/spectrocloud/resource_developer_setting.go:70:30
   • 13. File: /home/runner/_work/bulwark/bulwark/target-repo/spectrocloud/resource_cluster_vsphere.go:893:43
   • 14. File: /home/runner/_work/bulwark/bulwark/target-repo/spectrocloud/resource_cluster_vsphere.go:878:37
   • 15. File: /home/runner/_work/bulwark/bulwark/target-repo/spectrocloud/resource_cluster_vsphere.go:864:14
   • ... (truncated), run gosec locally to capture all failure for the rule G115
2. G402: TLS InsecureSkipVerify set true., Severity: HIGH
   • 1. File: /home/runner/_work/bulwark/bulwark/target-repo/spectrocloud/provider.go:208:93
3. G109: Potential Integer overflow made by strconv.Atoi result conversion to int16/32, Severity: HIGH
   • 1. File: /home/runner/_work/bulwark/bulwark/target-repo/spectrocloud/workspace_namespace.go:41:15

Please review these findings and fix the issues before merging.

Changes have been made to address the security findings.