Fix merge from master to release-1.18 - for VPC CNI 1.18.2 release (a…

…ws#2933) * Mount /run/xtables.lock as FileOrCreate (aws#2841) Otherwise, if the file doesn't already exist on the host at startup, it will be created as a directory. This breaks (among other things) `kube-proxy`, which leads to the AWS CNI not being able to reach the API-server, which leads to the node being stuck in `NotReady` state. Co-authored-by: Senthil Kumaran <senthilx@amazon.com> * Bump github.com/onsi/ginkgo/v2 from 2.14.0 to 2.17.1 (aws#2864) Bumps [github.com/onsi/ginkgo/v2](https://github.com/onsi/ginkgo) from 2.14.0 to 2.17.1. - [Release notes](https://github.com/onsi/ginkgo/releases) - [Changelog](https://github.com/onsi/ginkgo/blob/master/CHANGELOG.md) - [Commits](onsi/ginkgo@v2.14.0...v2.17.1) --- updated-dependencies: - dependency-name: github.com/onsi/ginkgo/v2 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Senthil Kumaran <senthilx@amazon.com> * Bump github.com/stretchr/testify from 1.8.4 to 1.9.0 (aws#2863) Bumps [github.com/stretchr/testify](https://github.com/stretchr/testify) from 1.8.4 to 1.9.0. - [Release notes](https://github.com/stretchr/testify/releases) - [Commits](stretchr/testify@v1.8.4...v1.9.0) --- updated-dependencies: - dependency-name: github.com/stretchr/testify dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump github.com/prometheus/common from 0.48.0 to 0.52.2 (aws#2866) Bumps [github.com/prometheus/common](https://github.com/prometheus/common) from 0.48.0 to 0.52.2. - [Release notes](https://github.com/prometheus/common/releases) - [Commits](prometheus/common@v0.48.0...v0.52.2) --- updated-dependencies: - dependency-name: github.com/prometheus/common dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump helm.sh/helm/v3 from 3.14.2 to 3.14.3 (aws#2862) Bumps [helm.sh/helm/v3](https://github.com/helm/helm) from 3.14.2 to 3.14.3. - [Release notes](https://github.com/helm/helm/releases) - [Commits](helm/helm@v3.14.2...v3.14.3) --- updated-dependencies: - dependency-name: helm.sh/helm/v3 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Senthil Kumaran <senthilx@amazon.com> * Bump golang.org/x/sys from 0.17.0 to 0.18.0 in /test/agent (aws#2859) Bumps [golang.org/x/sys](https://github.com/golang/sys) from 0.17.0 to 0.18.0. - [Commits](golang/sys@v0.17.0...v0.18.0) --- updated-dependencies: - dependency-name: golang.org/x/sys dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Senthil Kumaran <senthilx@amazon.com> * Bump github.com/containernetworking/plugins from 1.4.0 to 1.4.1 (aws#2860) Bumps [github.com/containernetworking/plugins](https://github.com/containernetworking/plugins) from 1.4.0 to 1.4.1. - [Release notes](https://github.com/containernetworking/plugins/releases) - [Commits](containernetworking/plugins@v1.4.0...v1.4.1) --- updated-dependencies: - dependency-name: github.com/containernetworking/plugins dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Senthil Kumaran <senthilx@amazon.com> * remove unused Dockerfile (aws#2869) * remove unused Dockerfile * update golang and dependencies to fix CVE * Update Kops test for 1.30 (aws#2868) Co-authored-by: Joseph Chen <chenjoez@amazon.com> * Update .go-version to 1.22.2 to fix CVE reports. (aws#2870) * CHANGELOG, chart, and manifest changes following VPC CNI v1.18.0 release (aws#2876) Co-authored-by: Joseph Chen <chenjoez@amazon.com> * Update changelogs and charts for v1.18.0 release (aws#2858) (aws#2881) Co-authored-by: Joseph Chen <chenjoez@amazon.com> * Improve "cni-metrics-helper" setup experience (aws#2874) Co-authored-by: Senthil Kumaran <senthilx@amazon.com> * Add correct labels to CNI metrics chart. (aws#2889) * Added information on the build troubleshooting. (aws#2890) * Remove unused code in vpc cni init and vpc cni binary. (aws#2891) * Bump golang.org/x/sys from 0.18.0 to 0.19.0 in /test/agent (aws#2898) Bumps [golang.org/x/sys](https://github.com/golang/sys) from 0.18.0 to 0.19.0. - [Commits](golang/sys@v0.18.0...v0.19.0) --- updated-dependencies: - dependency-name: golang.org/x/sys dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Filter Managed ENI. (aws#2895) If the SG reconcile loop runs before the ENI/IP reconcile loop it will modify the security groups as the ENI/IP reconcile hasn't had a chance to check the tags on the ENI yet. Without relying on cache, when the SG reconcile is run, it will not update the ENI with the node.k8s.amazonaws.com/no_manage: true tag * Merge release-1.18 to master after v1.18.1 release (aws#2914) * Update changelogs and charts for v1.18.0 release (aws#2858) Co-authored-by: Joseph Chen <chenjoez@amazon.com> * Resolve merge conflicts from master to release 1.18 (aws#2885) * Mount /run/xtables.lock as FileOrCreate (aws#2841) Otherwise, if the file doesn't already exist on the host at startup, it will be created as a directory. This breaks (among other things) `kube-proxy`, which leads to the AWS CNI not being able to reach the API-server, which leads to the node being stuck in `NotReady` state. Co-authored-by: Senthil Kumaran <senthilx@amazon.com> * Bump github.com/onsi/ginkgo/v2 from 2.14.0 to 2.17.1 (aws#2864) Bumps [github.com/onsi/ginkgo/v2](https://github.com/onsi/ginkgo) from 2.14.0 to 2.17.1. - [Release notes](https://github.com/onsi/ginkgo/releases) - [Changelog](https://github.com/onsi/ginkgo/blob/master/CHANGELOG.md) - [Commits](onsi/ginkgo@v2.14.0...v2.17.1) --- updated-dependencies: - dependency-name: github.com/onsi/ginkgo/v2 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Senthil Kumaran <senthilx@amazon.com> * Bump github.com/stretchr/testify from 1.8.4 to 1.9.0 (aws#2863) Bumps [github.com/stretchr/testify](https://github.com/stretchr/testify) from 1.8.4 to 1.9.0. - [Release notes](https://github.com/stretchr/testify/releases) - [Commits](stretchr/testify@v1.8.4...v1.9.0) --- updated-dependencies: - dependency-name: github.com/stretchr/testify dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump github.com/prometheus/common from 0.48.0 to 0.52.2 (aws#2866) Bumps [github.com/prometheus/common](https://github.com/prometheus/common) from 0.48.0 to 0.52.2. - [Release notes](https://github.com/prometheus/common/releases) - [Commits](prometheus/common@v0.48.0...v0.52.2) --- updated-dependencies: - dependency-name: github.com/prometheus/common dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump helm.sh/helm/v3 from 3.14.2 to 3.14.3 (aws#2862) Bumps [helm.sh/helm/v3](https://github.com/helm/helm) from 3.14.2 to 3.14.3. - [Release notes](https://github.com/helm/helm/releases) - [Commits](helm/helm@v3.14.2...v3.14.3) --- updated-dependencies: - dependency-name: helm.sh/helm/v3 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Senthil Kumaran <senthilx@amazon.com> * Bump golang.org/x/sys from 0.17.0 to 0.18.0 in /test/agent (aws#2859) Bumps [golang.org/x/sys](https://github.com/golang/sys) from 0.17.0 to 0.18.0. - [Commits](golang/sys@v0.17.0...v0.18.0) --- updated-dependencies: - dependency-name: golang.org/x/sys dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Senthil Kumaran <senthilx@amazon.com> * Bump github.com/containernetworking/plugins from 1.4.0 to 1.4.1 (aws#2860) Bumps [github.com/containernetworking/plugins](https://github.com/containernetworking/plugins) from 1.4.0 to 1.4.1. - [Release notes](https://github.com/containernetworking/plugins/releases) - [Commits](containernetworking/plugins@v1.4.0...v1.4.1) --- updated-dependencies: - dependency-name: github.com/containernetworking/plugins dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Senthil Kumaran <senthilx@amazon.com> * remove unused Dockerfile (aws#2869) * remove unused Dockerfile * update golang and dependencies to fix CVE * Update Kops test for 1.30 (aws#2868) Co-authored-by: Joseph Chen <chenjoez@amazon.com> * Update .go-version to 1.22.2 to fix CVE reports. (aws#2870) * CHANGELOG, chart, and manifest changes following VPC CNI v1.18.0 release (aws#2876) Co-authored-by: Joseph Chen <chenjoez@amazon.com> * Update changelogs and charts for v1.18.0 release (aws#2858) (aws#2881) Co-authored-by: Joseph Chen <chenjoez@amazon.com> --------- Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: Kai Wohlfahrt <kai.wohlfahrt@gmail.com> Co-authored-by: Senthil Kumaran <senthilx@amazon.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Sushmitha Ravikumar <58063229+sushrk@users.noreply.github.com> Co-authored-by: Joseph Chen <76720045+jchen6585@users.noreply.github.com> Co-authored-by: Joseph Chen <chenjoez@amazon.com> * Merge master to release-1.18 for v1.18.1 release (aws#2882) * Mount /run/xtables.lock as FileOrCreate (aws#2841) Otherwise, if the file doesn't already exist on the host at startup, it will be created as a directory. This breaks (among other things) `kube-proxy`, which leads to the AWS CNI not being able to reach the API-server, which leads to the node being stuck in `NotReady` state. Co-authored-by: Senthil Kumaran <senthilx@amazon.com> * Bump github.com/onsi/ginkgo/v2 from 2.14.0 to 2.17.1 (aws#2864) Bumps [github.com/onsi/ginkgo/v2](https://github.com/onsi/ginkgo) from 2.14.0 to 2.17.1. - [Release notes](https://github.com/onsi/ginkgo/releases) - [Changelog](https://github.com/onsi/ginkgo/blob/master/CHANGELOG.md) - [Commits](onsi/ginkgo@v2.14.0...v2.17.1) --- updated-dependencies: - dependency-name: github.com/onsi/ginkgo/v2 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Senthil Kumaran <senthilx@amazon.com> * Bump github.com/stretchr/testify from 1.8.4 to 1.9.0 (aws#2863) Bumps [github.com/stretchr/testify](https://github.com/stretchr/testify) from 1.8.4 to 1.9.0. - [Release notes](https://github.com/stretchr/testify/releases) - [Commits](stretchr/testify@v1.8.4...v1.9.0) --- updated-dependencies: - dependency-name: github.com/stretchr/testify dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump github.com/prometheus/common from 0.48.0 to 0.52.2 (aws#2866) Bumps [github.com/prometheus/common](https://github.com/prometheus/common) from 0.48.0 to 0.52.2. - [Release notes](https://github.com/prometheus/common/releases) - [Commits](prometheus/common@v0.48.0...v0.52.2) --- updated-dependencies: - dependency-name: github.com/prometheus/common dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump helm.sh/helm/v3 from 3.14.2 to 3.14.3 (aws#2862) Bumps [helm.sh/helm/v3](https://github.com/helm/helm) from 3.14.2 to 3.14.3. - [Release notes](https://github.com/helm/helm/releases) - [Commits](helm/helm@v3.14.2...v3.14.3) --- updated-dependencies: - dependency-name: helm.sh/helm/v3 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Senthil Kumaran <senthilx@amazon.com> * Bump golang.org/x/sys from 0.17.0 to 0.18.0 in /test/agent (aws#2859) Bumps [golang.org/x/sys](https://github.com/golang/sys) from 0.17.0 to 0.18.0. - [Commits](golang/sys@v0.17.0...v0.18.0) --- updated-dependencies: - dependency-name: golang.org/x/sys dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Senthil Kumaran <senthilx@amazon.com> * Bump github.com/containernetworking/plugins from 1.4.0 to 1.4.1 (aws#2860) Bumps [github.com/containernetworking/plugins](https://github.com/containernetworking/plugins) from 1.4.0 to 1.4.1. - [Release notes](https://github.com/containernetworking/plugins/releases) - [Commits](containernetworking/plugins@v1.4.0...v1.4.1) --- updated-dependencies: - dependency-name: github.com/containernetworking/plugins dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Senthil Kumaran <senthilx@amazon.com> * remove unused Dockerfile (aws#2869) * remove unused Dockerfile * update golang and dependencies to fix CVE * Update Kops test for 1.30 (aws#2868) Co-authored-by: Joseph Chen <chenjoez@amazon.com> * Update .go-version to 1.22.2 to fix CVE reports. (aws#2870) * CHANGELOG, chart, and manifest changes following VPC CNI v1.18.0 release (aws#2876) Co-authored-by: Joseph Chen <chenjoez@amazon.com> * Update changelogs and charts for v1.18.0 release (aws#2858) (aws#2881) Co-authored-by: Joseph Chen <chenjoez@amazon.com> --------- Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: Kai Wohlfahrt <kai.wohlfahrt@gmail.com> Co-authored-by: Senthil Kumaran <senthilx@amazon.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Sushmitha Ravikumar <58063229+sushrk@users.noreply.github.com> Co-authored-by: Joseph Chen <chenjoez@amazon.com> * CHANGELOG, chart, and manifest updates for v1.18.1 release (aws#2894) Co-authored-by: Joseph Chen <chenjoez@amazon.com> * Fix metrics readme --------- Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: Joseph Chen <chenjoez@amazon.com> Co-authored-by: Jay Deokar <23660509+jaydeokar@users.noreply.github.com> Co-authored-by: Kai Wohlfahrt <kai.wohlfahrt@gmail.com> Co-authored-by: Senthil Kumaran <senthilx@amazon.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Sushmitha Ravikumar <58063229+sushrk@users.noreply.github.com> * Update .go-version to fix GO-2024-2824 (aws#2911) * Soak Test for CNI. (aws#2915) * Soak Test for CNI. Soak Test runs a fundamental test, like connectivity across pods launched in both primary and secondary eni interfaces. It launches pods, tests connectivity, tears them down, and repeats this process for 1 hour. The run time configurable with how long we want to run the soak test. This test helps in discoverying race condition issues, compatiblity issues with underlying AMI. * Fix for make check. * Bump github.com/aws/amazon-vpc-resource-controller-k8s (aws#2910) Bumps [github.com/aws/amazon-vpc-resource-controller-k8s](https://github.com/aws/amazon-vpc-resource-controller-k8s) from 1.4.1 to 1.5.0. - [Release notes](https://github.com/aws/amazon-vpc-resource-controller-k8s/releases) - [Commits](aws/amazon-vpc-resource-controller-k8s@v1.4.1...v1.5.0) --- updated-dependencies: - dependency-name: github.com/aws/amazon-vpc-resource-controller-k8s dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Update ENI Limits. (aws#2920) * Skip Soak Test while running other tests. (aws#2922) * Update golang to go1.22.3 (aws#2924) * Bump k8s.io/api from 0.29.3 to 0.30.1 (aws#2918) Bumps [k8s.io/api](https://github.com/kubernetes/api) from 0.29.3 to 0.30.1. - [Commits](kubernetes/api@v0.29.3...v0.30.1) --- updated-dependencies: - dependency-name: k8s.io/api dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Switch to counter for awscni_no_available_ip_addresses (aws#2919) Co-authored-by: Liptan Biswas <lbiswas@slack-corp.com> Co-authored-by: Senthil Kumaran <senthilx@amazon.com> * Expose network policy log file location to be configured using helm (aws#2925) * Expose network policy log file location to be configured using helm chart values. * Updated log file location name. * Merge release branch release_1.18 (aws#2929) * Update changelogs and charts for v1.18.0 release (aws#2858) Co-authored-by: Joseph Chen <chenjoez@amazon.com> * Resolve merge conflicts from master to release 1.18 (aws#2885) * Mount /run/xtables.lock as FileOrCreate (aws#2841) Otherwise, if the file doesn't already exist on the host at startup, it will be created as a directory. This breaks (among other things) `kube-proxy`, which leads to the AWS CNI not being able to reach the API-server, which leads to the node being stuck in `NotReady` state. Co-authored-by: Senthil Kumaran <senthilx@amazon.com> * Bump github.com/onsi/ginkgo/v2 from 2.14.0 to 2.17.1 (aws#2864) Bumps [github.com/onsi/ginkgo/v2](https://github.com/onsi/ginkgo) from 2.14.0 to 2.17.1. - [Release notes](https://github.com/onsi/ginkgo/releases) - [Changelog](https://github.com/onsi/ginkgo/blob/master/CHANGELOG.md) - [Commits](onsi/ginkgo@v2.14.0...v2.17.1) --- updated-dependencies: - dependency-name: github.com/onsi/ginkgo/v2 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Senthil Kumaran <senthilx@amazon.com> * Bump github.com/stretchr/testify from 1.8.4 to 1.9.0 (aws#2863) Bumps [github.com/stretchr/testify](https://github.com/stretchr/testify) from 1.8.4 to 1.9.0. - [Release notes](https://github.com/stretchr/testify/releases) - [Commits](stretchr/testify@v1.8.4...v1.9.0) --- updated-dependencies: - dependency-name: github.com/stretchr/testify dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump github.com/prometheus/common from 0.48.0 to 0.52.2 (aws#2866) Bumps [github.com/prometheus/common](https://github.com/prometheus/common) from 0.48.0 to 0.52.2. - [Release notes](https://github.com/prometheus/common/releases) - [Commits](prometheus/common@v0.48.0...v0.52.2) --- updated-dependencies: - dependency-name: github.com/prometheus/common dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump helm.sh/helm/v3 from 3.14.2 to 3.14.3 (aws#2862) Bumps [helm.sh/helm/v3](https://github.com/helm/helm) from 3.14.2 to 3.14.3. - [Release notes](https://github.com/helm/helm/releases) - [Commits](helm/helm@v3.14.2...v3.14.3) --- updated-dependencies: - dependency-name: helm.sh/helm/v3 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Senthil Kumaran <senthilx@amazon.com> * Bump golang.org/x/sys from 0.17.0 to 0.18.0 in /test/agent (aws#2859) Bumps [golang.org/x/sys](https://github.com/golang/sys) from 0.17.0 to 0.18.0. - [Commits](golang/sys@v0.17.0...v0.18.0) --- updated-dependencies: - dependency-name: golang.org/x/sys dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Senthil Kumaran <senthilx@amazon.com> * Bump github.com/containernetworking/plugins from 1.4.0 to 1.4.1 (aws#2860) Bumps [github.com/containernetworking/plugins](https://github.com/containernetworking/plugins) from 1.4.0 to 1.4.1. - [Release notes](https://github.com/containernetworking/plugins/releases) - [Commits](containernetworking/plugins@v1.4.0...v1.4.1) --- updated-dependencies: - dependency-name: github.com/containernetworking/plugins dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Senthil Kumaran <senthilx@amazon.com> * remove unused Dockerfile (aws#2869) * remove unused Dockerfile * update golang and dependencies to fix CVE * Update Kops test for 1.30 (aws#2868) Co-authored-by: Joseph Chen <chenjoez@amazon.com> * Update .go-version to 1.22.2 to fix CVE reports. (aws#2870) * CHANGELOG, chart, and manifest changes following VPC CNI v1.18.0 release (aws#2876) Co-authored-by: Joseph Chen <chenjoez@amazon.com> * Update changelogs and charts for v1.18.0 release (aws#2858) (aws#2881) Co-authored-by: Joseph Chen <chenjoez@amazon.com> --------- Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: Kai Wohlfahrt <kai.wohlfahrt@gmail.com> Co-authored-by: Senthil Kumaran <senthilx@amazon.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Sushmitha Ravikumar <58063229+sushrk@users.noreply.github.com> Co-authored-by: Joseph Chen <76720045+jchen6585@users.noreply.github.com> Co-authored-by: Joseph Chen <chenjoez@amazon.com> * Merge master to release-1.18 for v1.18.1 release (aws#2882) * Mount /run/xtables.lock as FileOrCreate (aws#2841) Otherwise, if the file doesn't already exist on the host at startup, it will be created as a directory. This breaks (among other things) `kube-proxy`, which leads to the AWS CNI not being able to reach the API-server, which leads to the node being stuck in `NotReady` state. Co-authored-by: Senthil Kumaran <senthilx@amazon.com> * Bump github.com/onsi/ginkgo/v2 from 2.14.0 to 2.17.1 (aws#2864) Bumps [github.com/onsi/ginkgo/v2](https://github.com/onsi/ginkgo) from 2.14.0 to 2.17.1. - [Release notes](https://github.com/onsi/ginkgo/releases) - [Changelog](https://github.com/onsi/ginkgo/blob/master/CHANGELOG.md) - [Commits](onsi/ginkgo@v2.14.0...v2.17.1) --- updated-dependencies: - dependency-name: github.com/onsi/ginkgo/v2 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Senthil Kumaran <senthilx@amazon.com> * Bump github.com/stretchr/testify from 1.8.4 to 1.9.0 (aws#2863) Bumps [github.com/stretchr/testify](https://github.com/stretchr/testify) from 1.8.4 to 1.9.0. - [Release notes](https://github.com/stretchr/testify/releases) - [Commits](stretchr/testify@v1.8.4...v1.9.0) --- updated-dependencies: - dependency-name: github.com/stretchr/testify dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump github.com/prometheus/common from 0.48.0 to 0.52.2 (aws#2866) Bumps [github.com/prometheus/common](https://github.com/prometheus/common) from 0.48.0 to 0.52.2. - [Release notes](https://github.com/prometheus/common/releases) - [Commits](prometheus/common@v0.48.0...v0.52.2) --- updated-dependencies: - dependency-name: github.com/prometheus/common dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump helm.sh/helm/v3 from 3.14.2 to 3.14.3 (aws#2862) Bumps [helm.sh/helm/v3](https://github.com/helm/helm) from 3.14.2 to 3.14.3. - [Release notes](https://github.com/helm/helm/releases) - [Commits](helm/helm@v3.14.2...v3.14.3) --- updated-dependencies: - dependency-name: helm.sh/helm/v3 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Senthil Kumaran <senthilx@amazon.com> * Bump golang.org/x/sys from 0.17.0 to 0.18.0 in /test/agent (aws#2859) Bumps [golang.org/x/sys](https://github.com/golang/sys) from 0.17.0 to 0.18.0. - [Commits](golang/sys@v0.17.0...v0.18.0) --- updated-dependencies: - dependency-name: golang.org/x/sys dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Senthil Kumaran <senthilx@amazon.com> * Bump github.com/containernetworking/plugins from 1.4.0 to 1.4.1 (aws#2860) Bumps [github.com/containernetworking/plugins](https://github.com/containernetworking/plugins) from 1.4.0 to 1.4.1. - [Release notes](https://github.com/containernetworking/plugins/releases) - [Commits](containernetworking/plugins@v1.4.0...v1.4.1) --- updated-dependencies: - dependency-name: github.com/containernetworking/plugins dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Senthil Kumaran <senthilx@amazon.com> * remove unused Dockerfile (aws#2869) * remove unused Dockerfile * update golang and dependencies to fix CVE * Update Kops test for 1.30 (aws#2868) Co-authored-by: Joseph Chen <chenjoez@amazon.com> * Update .go-version to 1.22.2 to fix CVE reports. (aws#2870) * CHANGELOG, chart, and manifest changes following VPC CNI v1.18.0 release (aws#2876) Co-authored-by: Joseph Chen <chenjoez@amazon.com> * Update changelogs and charts for v1.18.0 release (aws#2858) (aws#2881) Co-authored-by: Joseph Chen <chenjoez@amazon.com> --------- Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: Kai Wohlfahrt <kai.wohlfahrt@gmail.com> Co-authored-by: Senthil Kumaran <senthilx@amazon.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Sushmitha Ravikumar <58063229+sushrk@users.noreply.github.com> Co-authored-by: Joseph Chen <chenjoez@amazon.com> * CHANGELOG, chart, and manifest updates for v1.18.1 release (aws#2894) Co-authored-by: Joseph Chen <chenjoez@amazon.com> --------- Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: Joseph Chen <76720045+jchen6585@users.noreply.github.com> Co-authored-by: Joseph Chen <chenjoez@amazon.com> Co-authored-by: Jay Deokar <23660509+jaydeokar@users.noreply.github.com> Co-authored-by: Kai Wohlfahrt <kai.wohlfahrt@gmail.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Sushmitha Ravikumar <58063229+sushrk@users.noreply.github.com> --------- Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: Kai Wohlfahrt <kai.wohlfahrt@gmail.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Sushmitha Ravikumar <58063229+sushrk@users.noreply.github.com> Co-authored-by: Joseph Chen <76720045+jchen6585@users.noreply.github.com> Co-authored-by: Joseph Chen <chenjoez@amazon.com> Co-authored-by: guessi <guessi@gmail.com> Co-authored-by: Jay Deokar <23660509+jaydeokar@users.noreply.github.com> Co-authored-by: Liptan Biswas <liptanbiswas@gmail.com> Co-authored-by: Liptan Biswas <lbiswas@slack-corp.com>
jaydeokar · Sep 26, 2024 · 73048de · 73048de
1 parent a1ea5d2
commit 73048de
Show file tree

Hide file tree

Showing 8 changed files with 90 additions and 82 deletions.
diff --git a/.go-version b/.go-version
@@ -1 +1 @@
-1.22.2
+1.22.3
diff --git a/charts/cni-metrics-helper/README.md b/charts/cni-metrics-helper/README.md
@@ -55,26 +55,34 @@ $ helm uninstall cni-metrics-helper --namespace kube-system
 
 The following table lists the configurable parameters for this chart and their default values.
 
-| Parameter                    | Description                                                   | Default            |
-|------------------------------|---------------------------------------------------------------|--------------------|
-| fullnameOverride             | Override the fullname of the chart                            | cni-metrics-helper |
-| image.region                 | ECR repository region to use. Should match your cluster       | us-west-2          |
-| image.tag                    | Image tag                                                     | v1.18.1            |
-| image.account                | ECR repository account number                                 | 602401143452       |
-| image.domain                 | ECR repository domain                                         | amazonaws.com      |
-| env.USE_CLOUDWATCH           | Whether to export CNI metrics to CloudWatch                   | true               |
-| env.USE_PROMETHEUS           | Whether to export CNI metrics to Prometheus                   | false              |
-| env.AWS_CLUSTER_ID           | ID of the cluster to use when exporting metrics to CloudWatch | default            |
-| env.AWS_VPC_K8S_CNI_LOGLEVEL | Log verbosity level (ie. FATAL, ERROR, WARN, INFO, DEBUG)     | INFO               |
-| env.METRIC_UPDATE_INTERVAL   | Interval at which to update CloudWatch metrics, in seconds.   |                    |
-|                              | Metrics are published to CloudWatch at 2x the interval        | 30                 |
-| serviceAccount.name          | The name of the ServiceAccount to use                         | nil                |
-| serviceAccount.create        | Specifies whether a ServiceAccount should be created          | true               |
-| serviceAccount.annotations   | Specifies the annotations for ServiceAccount                  | {}                 |
-| podAnnotations               | Specifies the annotations for pods                            | {}                 |
-| revisionHistoryLimit         | The number of revisions to keep                               | 10                 |
-| podSecurityContext           | SecurityContext to set on the pod                             | {}                 |
-| containerSecurityContext     | SecurityContext to set on the container                       | {}                 |
+
+| Parameter                      | Description                                                   | Default                             |
+| -------------------------------|---------------------------------------------------------------|-------------------------------------|
+| `affinity`                     | Map of node/pod affinities                                    | `{}`                                |
+| `fullnameOverride`             | Override the fullname of the chart                            | `cni-metrics-helper`                |
+| `image.tag`                    | Image tag                                                     | `v1.18.1`                           |
+| `image.domain`                 | ECR repository domain                                         | `amazonaws.com`                     |
+| `image.region`                 | ECR repository region to use. Should match your cluster       | `us-west-2`                         |
+| `image.account`                | ECR repository account number                                 | `602401143452`                      |
+| `env.USE_CLOUDWATCH`           | Whether to export CNI metrics to CloudWatch                   | `true`                              |
+| `env.USE_PROMETHEUS`           | Whether to export CNI metrics to Prometheus                   | `false`                             |
+| `env.AWS_CLUSTER_ID`           | ID of the cluster to use when exporting metrics to CloudWatch | `default`                           |
+| `env.AWS_VPC_K8S_CNI_LOGLEVEL` | Log verbosity level (ie. FATAL, ERROR, WARN, INFO, DEBUG)     | `INFO`                              |
+| `env.METRIC_UPDATE_INTERVAL`   | Interval at which to update CloudWatch metrics, in seconds.   |                                     |
+|                                | Metrics are published to CloudWatch at 2x the interval        | `30`                                |
+| `serviceAccount.name`          | The name of the ServiceAccount to use                         | `nil`                               |
+| `serviceAccount.create`        | Specifies whether a ServiceAccount should be created          | `true`                              |
+| `serviceAccount.annotations`   | Specifies the annotations for ServiceAccount                  | `{}`                                |
+| `podAnnotations`               | Specifies the annotations for pods                            | `{}`                                |
+| `revisionHistoryLimit`         | The number of revisions to keep                               | `10`                                |
+| `podSecurityContext`           | SecurityContext to set on the pod                             | `{}`                                |
+| `containerSecurityContext`     | SecurityContext to set on the container                       | `{}`                                |
+| `tolerations`                  | Optional deployment tolerations                               | `[]`                                |
+| `updateStrategy`               | Optional update strategy                                      | `{}`                                |
+| `imagePullSecrets`             | Docker registry pull secret                                   | `[]`                                |
+| `nodeSelector`                 | Node labels for pod assignment                                | `{}`                                |
+| `tolerations`                  | Optional deployment tolerations                               | `[]`                                |
+
 
 Specify each parameter using the `--set key=value[,key=value]` argument to `helm install` or provide a YAML file containing the values for the above parameters:
 

diff --git a/charts/cni-metrics-helper/templates/deployment.yaml b/charts/cni-metrics-helper/templates/deployment.yaml
@@ -41,11 +41,6 @@ spec:
 {{- end }}
         name: cni-metrics-helper
         image: "{{- if .Values.image.override }}{{- .Values.image.override }}{{- else }}{{- .Values.image.account }}.dkr.ecr.{{- .Values.image.region }}.{{- .Values.image.domain }}/cni-metrics-helper:{{- .Values.image.tag }}{{- end}}"
-{{- if eq (get .Values.env "USE_PROMETHEUS") "true" }}
-        ports:
-        - containerPort: 61681
-          name: metrics
-{{- end }}
       serviceAccountName: {{ template "cni-metrics-helper.serviceAccountName" . }}
       {{- with .Values.tolerations }}
       tolerations:

diff --git a/go.mod b/go.mod
@@ -5,37 +5,37 @@ go 1.22.3
 require (
 	github.com/apparentlymart/go-cidr v1.1.0
 	github.com/aws/amazon-vpc-cni-k8s/test/agent v0.0.0-20231212223725-21c4bd73015b
-	github.com/aws/amazon-vpc-resource-controller-k8s v1.4.1
-	github.com/aws/aws-sdk-go v1.50.29
+	github.com/aws/amazon-vpc-resource-controller-k8s v1.5.0
+	github.com/aws/aws-sdk-go v1.51.32
 	github.com/containernetworking/cni v1.1.2
 	github.com/containernetworking/plugins v1.4.1
 	github.com/coreos/go-iptables v0.7.0
 	github.com/go-logr/logr v1.4.1
 	github.com/golang/mock v1.6.0
 	github.com/google/go-cmp v0.6.0
-	github.com/onsi/ginkgo/v2 v2.17.1
-	github.com/onsi/gomega v1.31.1
+	github.com/onsi/ginkgo/v2 v2.17.2
+	github.com/onsi/gomega v1.33.1
 	github.com/pkg/errors v0.9.1
 	github.com/prometheus/client_golang v1.19.0
 	github.com/prometheus/client_model v0.6.0
-	github.com/prometheus/common v0.52.2
+	github.com/prometheus/common v0.53.0
 	github.com/samber/lo v1.39.0
 	github.com/sirupsen/logrus v1.9.3
 	github.com/spf13/pflag v1.0.5
 	github.com/stretchr/testify v1.9.0
 	github.com/vishvananda/netlink v1.2.1-beta.2
 	go.uber.org/zap v1.26.0
-	golang.org/x/net v0.23.0
-	golang.org/x/sys v0.18.0
+	golang.org/x/net v0.24.0
+	golang.org/x/sys v0.19.0
 	google.golang.org/grpc v1.62.0
 	google.golang.org/protobuf v1.34.2
 	gopkg.in/natefinch/lumberjack.v2 v2.2.1
 	gopkg.in/yaml.v2 v2.4.0
 	helm.sh/helm/v3 v3.14.3
-	k8s.io/api v0.29.0
-	k8s.io/apimachinery v0.29.2
+	k8s.io/api v0.30.1
+	k8s.io/apimachinery v0.30.1
 	k8s.io/cli-runtime v0.29.0
-	k8s.io/client-go v0.29.0
+	k8s.io/client-go v0.29.3
 	sigs.k8s.io/controller-runtime v0.17.0
 )
 
@@ -147,22 +147,22 @@ require (
 	golang.org/x/crypto v0.21.0 // indirect
 	golang.org/x/exp v0.0.0-20231006140011-7918f672742d // indirect
 	golang.org/x/oauth2 v0.18.0 // indirect
-	golang.org/x/sync v0.6.0 // indirect
-	golang.org/x/term v0.18.0 // indirect
+	golang.org/x/sync v0.7.0 // indirect
+	golang.org/x/term v0.19.0 // indirect
 	golang.org/x/text v0.14.0 // indirect
-	golang.org/x/time v0.3.0 // indirect
-	golang.org/x/tools v0.17.0 // indirect
+	golang.org/x/time v0.5.0 // indirect
+	golang.org/x/tools v0.20.0 // indirect
 	gomodules.xyz/jsonpatch/v2 v2.4.0 // indirect
 	google.golang.org/appengine v1.6.8 // indirect
 	google.golang.org/genproto/googleapis/rpc v0.0.0-20240123012728-ef4313101c80 // indirect
 	gopkg.in/inf.v0 v0.9.1 // indirect
 	gopkg.in/yaml.v3 v3.0.1 // indirect
-	k8s.io/apiextensions-apiserver v0.30.1 // indirect
-	k8s.io/apiserver v0.30.1 // indirect
-	k8s.io/component-base v0.30.1 // indirect
+	k8s.io/apiextensions-apiserver v0.29.0 // indirect
+	k8s.io/apiserver v0.29.0 // indirect
+	k8s.io/component-base v0.29.0 // indirect
 	k8s.io/klog/v2 v2.120.1 // indirect
 	k8s.io/kube-openapi v0.0.0-20240228011516-70dd3763d340 // indirect
-	k8s.io/kubectl v0.30.0 // indirect
+	k8s.io/kubectl v0.29.0 // indirect
 	k8s.io/utils v0.0.0-20230726121419-3b25d923346b // indirect
 	oras.land/oras-go v1.2.5 // indirect
 	sigs.k8s.io/json v0.0.0-20221116044647-bc3834ca7abd // indirect
@@ -179,3 +179,6 @@ replace golang.org/x/crypto => golang.org/x/crypto v0.17.0
 
 // Cannot be removed until all dependencies use net library v0.23.0 or higher
 replace golang.org/x/net => golang.org/x/net v0.23.0
+
+// Version of go-cose v1.2.0 and v1.2.1 have been deprecated in favor v1.1.0
+replace github.com/veraison/go-cose => github.com/veraison/go-cose v1.1.0