From 9ce0d6eae6f4c132526722d51821e2948aeaca25 Mon Sep 17 00:00:00 2001 From: Daniel Fox Date: Fri, 31 Mar 2023 16:40:51 -0700 Subject: [PATCH] Build v3.25.1 (#7444) * Update release notes generation to Python 3 * Add check_release_status script * Update manifests for release v3.25.1 * Fix up manifests make rule * Increase timeout from 3 hours to 6 for testing * Fix path for install-calico-windows.ps1 and OCP manifests packaging * Remove output capturing from building container images and send output to stdout/stderr * Update release notes --- .semaphore/release/release.yml | 2 +- Makefile | 4 +- calico/_data/versions.yml | 32 +- .../release-notes/v3.25.1-release-notes.md | 16 + charts/calico/values.yaml | 2 +- charts/tigera-operator/values.yaml | 4 +- hack/release/check_release_status.py | 322 ++++++++++++++++++ hack/release/generate-release-notes.py | 180 +++++++--- hack/release/pkg/builder/builder.go | 12 +- hack/release/pkg/builder/commands.go | 21 ++ manifests/apiserver.yaml | 2 +- manifests/calico-bpf.yaml | 10 +- manifests/calico-etcd.yaml | 8 +- manifests/calico-policy-only.yaml | 10 +- manifests/calico-typha.yaml | 12 +- manifests/calico-vxlan.yaml | 10 +- manifests/calico-windows-bgp.yaml | 8 +- manifests/calico-windows-vxlan.yaml | 6 +- manifests/calico.yaml | 10 +- manifests/calicoctl-etcd.yaml | 4 +- manifests/calicoctl.yaml | 4 +- manifests/canal-etcd.yaml | 8 +- manifests/canal.yaml | 8 +- manifests/csi-driver.yaml | 4 +- manifests/flannel-migration/calico.yaml | 10 +- manifests/ocp/02-tigera-operator.yaml | 6 +- manifests/tigera-operator.yaml | 4 +- release-notes | 1 + 28 files changed, 573 insertions(+), 147 deletions(-) create mode 100644 calico/_includes/release-notes/v3.25.1-release-notes.md create mode 100755 hack/release/check_release_status.py create mode 120000 release-notes diff --git a/.semaphore/release/release.yml b/.semaphore/release/release.yml index 29461b4f243..6855deff3f5 100644 --- a/.semaphore/release/release.yml +++ b/.semaphore/release/release.yml @@ -6,7 +6,7 @@ agent: os_image: ubuntu1804 execution_time_limit: - minutes: 180 + minutes: 360 blocks: - name: "Publish official release" diff --git a/Makefile b/Makefile index e09bcfe80fe..08f83e19984 100644 --- a/Makefile +++ b/Makefile @@ -134,12 +134,12 @@ bin/ocp.tgz: manifests/ocp/ .PHONY: release-notes release-notes: ifndef GITHUB_TOKEN - $(error GITHUB_TOKEN must be set) + $(error GITHUB_TOKEN must be set! Try `export GITHUB_TOKEN=xxx_yyyyy....`) endif ifndef VERSION $(error VERSION must be set) endif - VERSION=$(VERSION) GITHUB_TOKEN=$(GITHUB_TOKEN) python2 ./hack/release/generate-release-notes.py + python3 ./hack/release/generate-release-notes.py --version $(VERSION) ## Update the AUTHORS.md file. update-authors: diff --git a/calico/_data/versions.yml b/calico/_data/versions.yml index 67f9c983615..d0f7fdcb9c2 100644 --- a/calico/_data/versions.yml +++ b/calico/_data/versions.yml @@ -1,37 +1,37 @@ -- title: v3.25.0 - manifests_url: https://raw.githubusercontent.com/projectcalico/calico/v3.25.0 +- title: v3.25.1 + manifests_url: https://raw.githubusercontent.com/projectcalico/calico/v3.25.1 chart: version: 0 tigera-operator: image: tigera/operator registry: quay.io - version: v1.29.0 + version: v1.29.3 components: typha: - version: v3.25.0 + version: v3.25.1 calicoctl: - version: v3.25.0 + version: v3.25.1 calico/node: - version: v3.25.0 + version: v3.25.1 calico/cni: - version: v3.25.0 + version: v3.25.1 calico/apiserver: - version: v3.25.0 + version: v3.25.1 calico/kube-controllers: - version: v3.25.0 + version: v3.25.1 calico/flannel-migration-controller: - version: v3.25.0 + version: v3.25.1 calico/windows: - version: v3.25.0 + version: v3.25.1 networking-calico: - version: v3.25.0 + version: v3.25.1 flannel: version: v0.16.3 calico/dikastes: - version: v3.25.0 + version: v3.25.1 flexvol: - version: v3.25.0 + version: v3.25.1 csi-driver: - version: v3.25.0 + version: v3.25.1 csi-node-driver-registrar: - version: v3.25.0 + version: v3.25.1 diff --git a/calico/_includes/release-notes/v3.25.1-release-notes.md b/calico/_includes/release-notes/v3.25.1-release-notes.md new file mode 100644 index 00000000000..fced7fc890c --- /dev/null +++ b/calico/_includes/release-notes/v3.25.1-release-notes.md @@ -0,0 +1,16 @@ +31 Mar 2023 + +#### Bug fixes + + - Prevents Node kube-controller's internal pod cache from getting out-of-sync thus leaking memory. [calico #7503](https://github.com/projectcalico/calico/pull/7503) (@dilyevsky) + - Fix a panic in BPF mode when iterating over a per-CPU map with Debug enabled. [calico #7379](https://github.com/projectcalico/calico/pull/7379) (@fasaxc) + - Fix that the tunnel IP allocator did not respond to changes in the IP pool's allowedUses field. [calico #7360](https://github.com/projectcalico/calico/pull/7360) (@fasaxc) + - s390x: fix image mislabel in cni, typha and kube-controllers [calico #7315](https://github.com/projectcalico/calico/pull/7315) (@huoqifeng) + - Fix generation of `operator-crds.yaml` manifest. [calico #7217](https://github.com/projectcalico/calico/pull/7217) (@caseydavenport) + +#### Other changes + + - ebpf: Jumpmap versionincremented to prevent failures when upgrading from earlier calico versions [calico #7487](https://github.com/projectcalico/calico/pull/7487) (@tomastigera) + - Performance: on kernel 4.10+, use kernel-side route filtering when listing routes. Dramatically reduces CPU usage (and garbage collection) on systems with many interfaces and/or routes. [calico #7381](https://github.com/projectcalico/calico/pull/7381) (@fasaxc) + - ocp.tgz now hosted on GitHub [calico #7214](https://github.com/projectcalico/calico/pull/7214) (@caseydavenport) + - Enable s390x architecture support in 3.25 [calico #7210](https://github.com/projectcalico/calico/pull/7210) (@huoqifeng) diff --git a/charts/calico/values.yaml b/charts/calico/values.yaml index 8a2a1ab8966..23f2e768367 100644 --- a/charts/calico/values.yaml +++ b/charts/calico/values.yaml @@ -1,5 +1,5 @@ # The Calico version to use when generating manifests. -version: v3.25.0 +version: v3.25.1 # Configure the images to use when generating manifests. node: diff --git a/charts/tigera-operator/values.yaml b/charts/tigera-operator/values.yaml index d2351f585a4..e10b4d0766d 100644 --- a/charts/tigera-operator/values.yaml +++ b/charts/tigera-operator/values.yaml @@ -41,8 +41,8 @@ podLabels: {} # Image and registry configuration for the tigera/operator pod. tigeraOperator: image: tigera/operator - version: v1.29.0 + version: v1.29.3 registry: quay.io calicoctl: image: docker.io/calico/ctl - tag: v3.25.0 + tag: v3.25.1 diff --git a/hack/release/check_release_status.py b/hack/release/check_release_status.py new file mode 100755 index 00000000000..50a19e23117 --- /dev/null +++ b/hack/release/check_release_status.py @@ -0,0 +1,322 @@ +#!/usr/bin/env python3 + +# PYZSHCOMPLETE_OK + +import re +import time +import json +import argparse +import subprocess + +from functools import cache + +try: + import yaml + + import rich.color + from rich.text import Text + from rich.table import Table + from rich.style import Style + from rich.emoji import Emoji + from rich.console import Console + from rich.traceback import install as install_rich_traceback + from rich import print + + import xdg + +except ImportError as ex: + import sys + print(f"Err: Unable to load third-party module '{ex.name}'. Please try running '{sys.executable} -m pip install -U rich pyyaml xdg'", file=sys.stderr) + sys.exit(1) + +# import argcomplete +# import pyzshcomplete + +install_rich_traceback(show_locals=False, suppress=[rich]) + +# For creating our URLs +from urllib.parse import urlparse, urlunparse, quote_plus + +# Static defines +VERSIONS_FILE = "calico/_data/versions.yml" + +GH_JSON_FIELDS = ("number","title","url","labels", "body") +GH_LABELS_URL_BASE = 'https://github.com/projectcalico/calico/pulls?q=is%3Aopen+is%3Apr+milestone%3A"Calico+{milestone_version}"+label%3A{label_name}' +APP_NAME = "calico_oss_preflight" +CACHE_DIR = xdg.xdg_cache_home().joinpath(APP_NAME) + +CACHE_DIR.mkdir(exist_ok=True) + +STATUS = { + True: ":white_check_mark:", + False: ":cross_mark:" +} + + +def needs_which(f): + def which(self, params): + if self.which is None: + raise RuntimeError("You must set the object by calling pulls() or issues()") + else: + return f(self, params) + return which + +class GithubUrl: + def __init__(self, project): + self.project = project + self.baseurl = f"https://github.com/{project}" + self.pullsurl = f"{self.baseurl}/pulls" + self.issuesurl = f"{self.baseurl}/issues" + self.which = None + self.query_params = [] + def pulls(self): + self.which = "pulls" + self.query_params = [] + return self + def issues(self): + self.which = "issues" + self.query_params = [] + return self + @needs_which + def true(self, param): + self.query_params.append(f"is:{param}") + return self + def milestone(self, param): + self.query_params.append(f'milestone:"{param}"') + return self + def label(self, param): + self.query_params.append(f"label:{param}") + return self + @property + def object_url(self): + if self.which is None: + raise ValueError + return { + 'pulls': self.pullsurl, + 'issues': self.issuesurl + }[self.which] + @property + def url(self): + query_string = ' '.join(self.query_params) + query_string_quoted = quote_plus(query_string) + # returns: + # [0] [1] [2] [3] [4] [5] + # scheme='https', netloc='github.com', path='/projectcalico/calico/pulls', params='', query='q=this+is+a+test', fragment='' + parsed_url = urlparse(self.object_url) + new_url = urlunparse(( + parsed_url.scheme, + parsed_url.netloc, + parsed_url.path, + parsed_url.params, + f"q={query_string_quoted}", + parsed_url.fragment + )) + return new_url + +def get_cache_data(filename): + """Get data out of a cached file""" + cache_file = CACHE_DIR.joinpath(filename) + # If the file is a symlink, delete it (we don't trust symlinks) + if cache_file.is_symlink(): + cache_file.unlink() + # If the file is not a file, no cache to load + if not cache_file.is_file(): + return None + # Get the creation time of the file and the current time; + # if the file is more than 30m old, delete it. Otherwise, + # json-parse it. + ctime = cache_file.stat().st_ctime + now = time.time() + if now - ctime < 1800: + return json.load(cache_file.open()) + else: + cache_file.unlink() + return None + +def set_cache_data(filename, contents): + cache_file = CACHE_DIR.joinpath(filename) + # We don't trust symlinks. Remove them. + if cache_file.is_symlink(): + cache_file.unlink() + cache_file.write_text(json.dumps(contents)) + +@cache +def get_version_from_git_index(): + git_command = ["git", "show", f":{VERSIONS_FILE}"] + git_process = subprocess.Popen(git_command, stdout=subprocess.PIPE) + git_process.wait() + if git_process.returncode != 0: + console.log(f"Got error {git_process.returncode} from git process ({git_command})") + raise ChildProcessError + data = yaml.safe_load(git_process.stdout) + version = data[0]['title'] + # console.log(f"Got current version '{version}' from file git index") + return version + +def get_version_from_versions(): + with open(VERSIONS_FILE) as versions_yaml: + data = yaml.safe_load(versions_yaml) + version = data[0]['title'] + console.log(f"Got current version '{version}' from file {VERSIONS_FILE}") + return version + +@cache +def bump_patch_version(version): + major, minor, patch = map(int, version.strip("v").split(".")) + patch +=1 + new_version = f"v{major}.{minor}.{patch}" + console.log(f"Detected version '{version}' from git index, bumping to '{new_version}' for next release") + return new_version + +@cache +def get_next_patch_version(): + return bump_patch_version(get_version_from_git_index()) + +@cache +def calculate_foreground_color(hex): + parsed_color = rich.color.parse_rgb_hex(hex.strip("#")) + calculation = 0.2126 * (parsed_color.red/255) + 0.7152 * (parsed_color.green/255) + 0.0722 * (parsed_color.blue/255) + if calculation > 0.5: + return "black" + else: + return "white" + +def get_milestone_link_url(milestone): + return available_milestones[milestone]['url'] + +def check_release_notes(body_text): + pat = re.compile("(?<=```release-note\n).+?(?=\n```)", re.MULTILINE | re.DOTALL) + release_notes_text = pat.findall(body_text.replace("\r\n","\n")) + if not release_notes_text: + return False + return len(release_notes_text[0]) > 10 + +def get_prs_for_milestone_version(version): + console.log(f"Getting PR list for Calico version '{version}'") + cmd = ["gh", "pr", "list", "--search", f'milestone:"Calico {version}"', "--json", ",".join(GH_JSON_FIELDS)] + gh_process = subprocess.check_output(cmd) + prs = json.loads(gh_process) + return prs + +def get_closed_prs_for_milestone_label(version, label): + console.log(f"Getting closed PR list for Calico version '{version}' with label '{label}'") + cmd = ["gh", "pr", "list", "--label", "docs-pr-required", "--state", "closed", "--search", f'milestone:"Calico {version}"', "--json", ",".join(GH_JSON_FIELDS)] + gh_process = subprocess.check_output(cmd) + prs = json.loads(gh_process) + return prs + +def get_closed_prs_with_label_no_milestone(label): + console.log(f"Getting closed PRs with label '{label}' but no milestone") + cmd = ["gh", "pr", "list", "--label", "docs-pr-required", "--state", "closed", "--search", 'no:milestone', "--json", ",".join(GH_JSON_FIELDS)] + gh_process = subprocess.check_output(cmd) + prs = json.loads(gh_process) + return prs + +def get_prs_for_label(label, body=False): + console.log(f"Getting PR list for label '{label}'") + + cmd = ["gh", "pr", "list", "--label", label, "--json", ",".join(GH_JSON_FIELDS)] + gh_process = subprocess.check_output(cmd) + prs = json.loads(gh_process) + return prs + +def get_milestones(): + data = get_cache_data("github_milestones") + if data: + return data + else: + try: + cmd = ["gh", "milestone", "list", "--json", "number,title,url"] + gh_process = subprocess.check_output(cmd) + milestones = json.loads(gh_process) + milestones_map = {} + for milestone in milestones: + title = milestone['title'].replace("Calico ","") + milestones_map[title] = milestone + set_cache_data("github_milestones", milestones_map) + return milestones_map + except Exception as ex: + console.log(f"Could not get milestones list from `gh` command: {ex}") + return {} + +def render_pr_table(prs_list, title=None, label_links_with_milestone=True): + table = Table(title=title, padding=(1,1), collapse_padding=True) + table.add_column("PR", width=5) + table.add_column("Title") + table.add_column("Release Notes", width=7, justify="center") + table.add_column("Labels") + + for pr in prs: + title = Text(pr['title']) + title.highlight_words([pr['title']], style=Style(link=pr['url'])) + labels = Text(" ".join([label['name'] for label in pr['labels']])) + for label in pr['labels']: + name = label['name'] + bgcolor = label['color'] + color = calculate_foreground_color(bgcolor) + if label_links_with_milestone: + link = github_url.pulls().true("open").true("pr").label(name).milestone(f"Calico {milestone}").url + else: + link = github_url.pulls().true("open").true("pr").label(name).url + labels.highlight_words([name], style=Style(color=color, bgcolor=f"#{bgcolor}", bold=True, link=link)) + table.add_row( + f"#{pr['number']}", + title, + STATUS[check_release_notes(pr['body'])], + labels + ) + return table + + +# globals +console = Console() +github_url = GithubUrl("projectcalico/calico") + + +available_milestones = get_milestones() + +parser = argparse.ArgumentParser() +parser.add_argument("--milestone", action='store', help="Which milestone to get PRs for. Default: autodetect") +# argcomplete.autocomplete(parser) +# pyzshcomplete.autocomplete(parser) +args = parser.parse_args() + +milestone = args.milestone +new_version = get_next_patch_version() + +if milestone is None: + milestone = new_version + +if milestone != new_version: + console.log(f"Note: overriding detected version '{new_version}' with manually specified version '{milestone}'", style='yellow') + + +outputs = [] + +prs = get_prs_for_milestone_version(milestone) +table = render_pr_table(prs, title=f"Open PRs for {milestone}") +outputs.append(table) + +prs = get_prs_for_label('cherry-pick-candidate') +table = render_pr_table(prs, title=f"Currently open cherry-pick PRs") +outputs.append(table) + +prs = get_closed_prs_for_milestone_label(milestone, 'docs-pr-required') +table = render_pr_table(prs, title=f"Closed {milestone} PRs with docs PRs required") +outputs.append(table) + +prs = get_closed_prs_with_label_no_milestone("release-note-required") +table = render_pr_table(prs, title=f"Closed PRs which require release notes but have no milestone", label_links_with_milestone=False) +outputs.append(table) + +console.line() +console.rule(Text(f"Please check the following before continuing with a release", style="bold red"), align="left" ) +console.line() + +# with console.pager(styles=True, links=True) +for table in outputs: + if table.row_count > 0: + console.print(table) + else: + console.print(f"(The table '{table.title}' was empty, and so it was skipped)") + console.line() diff --git a/hack/release/generate-release-notes.py b/hack/release/generate-release-notes.py index 2bcae66859e..f11f3fe8f52 100755 --- a/hack/release/generate-release-notes.py +++ b/hack/release/generate-release-notes.py @@ -1,95 +1,163 @@ -#!/usr/bin/env python -import github -from github import Github # https://github.com/PyGithub/PyGithub +#!/usr/bin/env python3 import os import re -import io -import string +import sys +import logging +import pathlib +import argparse import datetime -# First create a Github instance. Create a token through Github website - provide "repo" auth. -g = Github(os.environ.get('GITHUB_TOKEN')) +import github # https://github.com/PyGithub/PyGithub -# The milestone to generate notes for. -assert os.environ.get('VERSION') -VERSION=os.environ.get('VERSION') -MILESTONE="Calico %s" % VERSION -RELEASE_STREAM = ".".join(VERSION.split(".")[:2]) +logging.basicConfig( + format='[Release Notes] [%(levelname)-7s] %(message)s', level=logging.INFO) -# The file where we'll store the release notes. -FILENAME="release-notes/%s-release-notes.md" % VERSION +# First create a Github instance. Since we're using public repositories, +# we don't need a token. If this changes, add a token with 'repo' access! +# If you get a rate limit error, export GITHUB_TOKEN +GITHUB_TOKEN = os.environ.get("GITHUB_TOKEN", None) +if GITHUB_TOKEN: + logging.info( + f"Using Github access token from GITHUB_TOKEN environment variable") + +g = github.Github(GITHUB_TOKEN) # Repositories we care about. Add repositories here to include them in release # note generation. REPOS = [ - "calico", - "bird", + "calico", + "bird", ] +parser = argparse.ArgumentParser() +parser.add_argument("--version", action="store", metavar="VERSION", required=True, + help="The version number of the release, in the format v3.xx.y") +parser.add_argument("--fail-missing", action="store_true", default=False, + help="Fail if a repository is missing its milestone") +parser.add_argument("--organization", action="store", metavar="ORG", default="projectcalico", + help="The organization to check for projects in. Defaults to 'projectcalico'.") +args = parser.parse_args() + +# The milestone to generate notes for. +VERSION = args.version +MILESTONE = f"Calico {VERSION}" +RELEASE_STREAM = ".".join(VERSION.split(".")[:2]) + +# The file where we'll store the release notes. +FILENAME = f"{VERSION}-release-notes.md" + + # Returns a dictionary where the keys are repositories, and the values are # a list of issues in the repository which match the milestone and # have a `release-note-required` label. def issues_by_repo(): all_issues = {} - org = g.get_organization("projectcalico") - for repo in org.get_repos(): - if not repo.name in REPOS: - continue - print("Processing repo %s/%s" % (org.login, repo.name)) + org = g.get_organization(args.organization) + for repo_name in REPOS: + repo = org.get_repo(repo_name) + sys.stdout.flush() # Find the milestone. This finds all open milestones. - milestones = repo.get_milestones() - for m in milestones: - if m.title == MILESTONE: - # Found the milestone in this repo - look for issues (but only - # ones that have been closed!) - # TODO: Assert that the PR has been merged somehow? - print(" found milestone %s" % m.title) - try: - label = repo.get_label("release-note-required") - except github.UnknownObjectException: - # Label doesn't exist, skip this repo. - break - issues = repo.get_issues(milestone=m, labels=[label], state="closed") - for i in issues: - all_issues.setdefault(repo.name, []).append(i) + all_milestones = repo.get_milestones() + matching_milestones = [ + m for m in all_milestones if m.title == MILESTONE] + all_milestones_titles = [m.title for m in all_milestones] + if len(matching_milestones) == 0: + logging.warning( + f"Fetching milestone {MILESTONE} from repo {org.login}/{repo.name} failed!") + logging.warning(f"Maybe you're looking for one of these?") + for milestone_title in all_milestones_titles: + logging.warning(f" - {milestone_title}") + if args.fail_missing: + logging.error( + f"Stopping here because --fail-missing was specified") + sys.exit(-2) + else: + continue + milestone = matching_milestones[0] + # Found the milestone in this repo - look for issues (but only + # ones that have been closed!) + # TODO: Assert that the PR has been merged somehow? + logging.info( + f"Fetching milestone {MILESTONE} from repo {org.login}/{repo.name} succeeded!") + try: + label = repo.get_label("release-note-required") + except github.UnknownObjectException: + # Label doesn't exist, skip this repo. + break + issues = repo.get_issues(milestone=milestone, labels=[ + label], state="closed") + for i in issues: + all_issues.setdefault(repo.name, []).append(i) return all_issues # Takes an issue and returns the appropriate release notes from that # issue as a list. If it has a release-note section defined, that is used. # If not, then it simply returns the title. + + def extract_release_notes(issue): + logging.debug(f" - #{issue.number} {issue.title}") # Look for a release note section in the body. matches = re.findall(r'```release-note(.*?)```', issue.body, re.DOTALL) if matches: return [m.strip() for m in matches] else: - print("WARNING: %s has no release-note section" % (issue.number)) + logging.warning(f"{issue.number} has no release-note section") return [issue.title.strip()] -if __name__ == "__main__": +# if __name__ == "__main__": + + +def main(): + logging.info( + f"Fetching all issues for repositories in milestone {MILESTONE} for these repositories: {', '.join(REPOS)}") # Get the list of issues. all_issues = issues_by_repo() + if not all_issues: + logging.warning( + "No issues were fetched from any repositories; your release notes will be empty!") + # Get date in the right format. date = datetime.date.today().strftime("%d %b %Y") # Make the directory, if needed. - os.makedirs("release-notes") - - # Write release notes out to a file. - with io.open(FILENAME, "w", encoding='utf-8') as f: - f.write(u"%s\n\n" % date) - f.write(u"#### Headline feature 1\n\n") - f.write(u"#### Headline feature 2\n\n") - f.write(u"#### Bug fixes\n\n") - f.write(u"#### Other changes\n\n") - for repo, issues in all_issues.items(): - print("Writing notes for %s" % repo) - for i in issues: - for note in extract_release_notes(i): - f.write(" - %s [%s #%d](%s) (@%s)\n" % (note, repo, i.number, i.html_url, i.user.login)) - - print("") - print("Release notes written to " + FILENAME) - print("Please review for accuracy, and format appropriately before releasing.") + release_notes_dir = pathlib.Path("release-notes") + release_notes_dir.mkdir(exist_ok=True) + release_notes_file = release_notes_dir.joinpath(FILENAME) + + # Generate release notes + output = [ + f"{date}", + "#### Headline feature 1", + "#### Headline feature 2", + "#### Bug fixes", + "#### Other changes" + ] + + release_notes_lines = [] + for repo, issues in all_issues.items(): + logging.info(f"Writing notes for repository {repo}") + for issue in issues: + for note in extract_release_notes(issue): + release_notes_lines.append( + f" - {note} [{repo} #{issue.number}]({issue.html_url}) (@{issue.user.login})") + + release_notes = "\n".join(release_notes_lines) + output.append(release_notes) + + final_output = "\n\n".join(output) + "\n" + + release_notes_file.write_text(final_output) + + logging.info(f"Release notes written to {FILENAME}") + logging.info( + "Please review for accuracy, and format appropriately before releasing.") + + +if __name__ == "__main__": + try: + main() + except github.RateLimitExceededException: + logging.error("Unable to access the Github API due to rate limiting. Please wait a bit before your next attempt, or `export GITHUB_TOKEN` with a token which has `repo` access.") diff --git a/hack/release/pkg/builder/builder.go b/hack/release/pkg/builder/builder.go index cc6f695c085..aaaeaa35786 100644 --- a/hack/release/pkg/builder/builder.go +++ b/hack/release/pkg/builder/builder.go @@ -326,13 +326,13 @@ func (r *ReleaseBuilder) collectGithubArtifacts(ver string) error { if _, err := r.runner.Run("cp", []string{fmt.Sprintf("node/dist/calico-windows-%s.zip", ver), uploadDir}, nil); err != nil { return err } - if _, err := r.runner.Run("cp", []string{"calico/_site/scripts/install-calico-windows.ps1", uploadDir}, nil); err != nil { + if _, err := r.runner.Run("cp", []string{"node/dist/install-calico-windows.ps1", uploadDir}, nil); err != nil { return err } if _, err := r.runner.Run("cp", []string{fmt.Sprintf("bin/tigera-operator-%s.tgz", ver), uploadDir}, nil); err != nil { return err } - if _, err := r.runner.Run("cp", []string{"manifests/ocp.tgz", ver, uploadDir}, nil); err != nil { + if _, err := r.runner.Run("cp", []string{"bin/ocp.tgz", uploadDir}, nil); err != nil { return err } @@ -416,7 +416,7 @@ func (r *ReleaseBuilder) buildReleaseTar(ver string, targetDir string) error { } // Add in manifests directory generated from the docs. - if _, err := r.runner.Run("cp", []string{"-r", "calico/_site/manifests", releaseBase}, nil); err != nil { + if _, err := r.runner.Run("cp", []string{"-r", "manifests", releaseBase}, nil); err != nil { return err } @@ -450,12 +450,10 @@ func (r *ReleaseBuilder) buildContainerImages(ver string) error { ) for _, dir := range releaseDirs { - out, err := r.makeInDirectoryWithOutput(dir, "release-build", env...) + err := r.makeInDirectory(dir, "release-build", env...) if err != nil { - logrus.Error(out) return fmt.Errorf("Failed to build %s: %s", dir, err) } - logrus.Info(out) } return nil } @@ -667,7 +665,7 @@ func (r *ReleaseBuilder) gitOrFail(args ...string) { } func (r *ReleaseBuilder) makeInDirectory(dir, target string, env ...string) error { - _, err := r.runner.Run("make", []string{"-C", dir, target}, env) + err := r.runner.RunNoCapture("make", []string{"-C", dir, target}, env) return err } diff --git a/hack/release/pkg/builder/commands.go b/hack/release/pkg/builder/commands.go index e10dd2ff9f7..9c4d5c40441 100644 --- a/hack/release/pkg/builder/commands.go +++ b/hack/release/pkg/builder/commands.go @@ -3,6 +3,8 @@ package builder import ( "bytes" "fmt" + "io" + "os" "os/exec" "strings" @@ -14,8 +16,10 @@ type CommandRunner interface { // Run takes the command to run, a list of args, and list of environment variables // in the form A=B, and returns stdout / error. Run(string, []string, []string) (string, error) + RunNoCapture(string, []string, []string) error RunInDir(string, string, []string, []string) (string, error) + RunInDirNoCapture(string, string, []string, []string) error } // RealCommandRunner runs a command for real on the host. @@ -39,6 +43,23 @@ func (r *RealCommandRunner) RunInDir(dir, name string, args []string, env []stri return strings.TrimSpace(outb.String()), err } +func (r *RealCommandRunner) RunInDirNoCapture(dir, name string, args []string, env []string) error { + cmd := exec.Command(name, args...) + if len(env) != 0 { + cmd.Env = env + } + cmd.Stdout = io.Writer(os.Stdout) + cmd.Stderr = io.Writer(os.Stderr) + cmd.Dir = dir + logrus.WithField("cmd", cmd.String()).Infof("Running %s command", name) + err := cmd.Run() + return err +} + func (r *RealCommandRunner) Run(name string, args []string, env []string) (string, error) { return r.RunInDir("", name, args, env) } + +func (r *RealCommandRunner) RunNoCapture(name string, args []string, env []string) error { + return r.RunInDirNoCapture("", name, args, env) +} diff --git a/manifests/apiserver.yaml b/manifests/apiserver.yaml index d6438590c18..bab2f0dfaf8 100644 --- a/manifests/apiserver.yaml +++ b/manifests/apiserver.yaml @@ -77,7 +77,7 @@ spec: env: - name: DATASTORE_TYPE value: kubernetes - image: calico/apiserver:v3.25.0 + image: calico/apiserver:v3.25.1 livenessProbe: httpGet: path: /version diff --git a/manifests/calico-bpf.yaml b/manifests/calico-bpf.yaml index b0968f70a5d..53bdb084963 100644 --- a/manifests/calico-bpf.yaml +++ b/manifests/calico-bpf.yaml @@ -4445,7 +4445,7 @@ spec: # It can be deleted if this is a fresh installation, or if you have already # upgraded to use calico-ipam. - name: upgrade-ipam - image: docker.io/calico/cni:v3.25.0 + image: docker.io/calico/cni:v3.25.1 imagePullPolicy: IfNotPresent command: ["/opt/cni/bin/calico-ipam", "-upgrade"] envFrom: @@ -4484,7 +4484,7 @@ spec: # This container installs the CNI binaries # and CNI network config file on each node. - name: install-cni - image: docker.io/calico/cni:v3.25.0 + image: docker.io/calico/cni:v3.25.1 imagePullPolicy: IfNotPresent command: ["/opt/cni/bin/install"] envFrom: @@ -4538,7 +4538,7 @@ spec: # i.e. bpf at /sys/fs/bpf and cgroup2 at /run/calico/cgroup. Calico-node initialisation is executed # in best effort fashion, i.e. no failure for errors, to not disrupt pod creation in iptable mode. - name: "mount-bpffs" - image: docker.io/calico/node:v3.25.0 + image: docker.io/calico/node:v3.25.1 imagePullPolicy: IfNotPresent command: ["calico-node", "-init", "-best-effort"] volumeMounts: @@ -4564,7 +4564,7 @@ spec: # container programs network policy and routes on each # host. - name: calico-node - image: docker.io/calico/node:v3.25.0 + image: docker.io/calico/node:v3.25.1 imagePullPolicy: IfNotPresent envFrom: - configMapRef: @@ -4795,7 +4795,7 @@ spec: priorityClassName: system-cluster-critical containers: - name: calico-kube-controllers - image: docker.io/calico/kube-controllers:v3.25.0 + image: docker.io/calico/kube-controllers:v3.25.1 imagePullPolicy: IfNotPresent env: # Choose which controllers to run. diff --git a/manifests/calico-etcd.yaml b/manifests/calico-etcd.yaml index 76b7776edb5..b7f5b7a1e7e 100644 --- a/manifests/calico-etcd.yaml +++ b/manifests/calico-etcd.yaml @@ -266,7 +266,7 @@ spec: # This container installs the CNI binaries # and CNI network config file on each node. - name: install-cni - image: docker.io/calico/cni:v3.25.0 + image: docker.io/calico/cni:v3.25.1 imagePullPolicy: IfNotPresent command: ["/opt/cni/bin/install"] envFrom: @@ -312,7 +312,7 @@ spec: # i.e. bpf at /sys/fs/bpf and cgroup2 at /run/calico/cgroup. Calico-node initialisation is executed # in best effort fashion, i.e. no failure for errors, to not disrupt pod creation in iptable mode. - name: "mount-bpffs" - image: docker.io/calico/node:v3.25.0 + image: docker.io/calico/node:v3.25.1 imagePullPolicy: IfNotPresent command: ["calico-node", "-init", "-best-effort"] volumeMounts: @@ -338,7 +338,7 @@ spec: # container programs network policy and routes on each # host. - name: calico-node - image: docker.io/calico/node:v3.25.0 + image: docker.io/calico/node:v3.25.1 imagePullPolicy: IfNotPresent envFrom: - configMapRef: @@ -578,7 +578,7 @@ spec: hostNetwork: true containers: - name: calico-kube-controllers - image: docker.io/calico/kube-controllers:v3.25.0 + image: docker.io/calico/kube-controllers:v3.25.1 imagePullPolicy: IfNotPresent env: # The location of the etcd cluster. diff --git a/manifests/calico-policy-only.yaml b/manifests/calico-policy-only.yaml index bc9368dd472..2bc25490b17 100644 --- a/manifests/calico-policy-only.yaml +++ b/manifests/calico-policy-only.yaml @@ -4441,7 +4441,7 @@ spec: # This container installs the CNI binaries # and CNI network config file on each node. - name: install-cni - image: docker.io/calico/cni:v3.25.0 + image: docker.io/calico/cni:v3.25.1 imagePullPolicy: IfNotPresent command: ["/opt/cni/bin/install"] envFrom: @@ -4478,7 +4478,7 @@ spec: # i.e. bpf at /sys/fs/bpf and cgroup2 at /run/calico/cgroup. Calico-node initialisation is executed # in best effort fashion, i.e. no failure for errors, to not disrupt pod creation in iptable mode. - name: "mount-bpffs" - image: docker.io/calico/node:v3.25.0 + image: docker.io/calico/node:v3.25.1 imagePullPolicy: IfNotPresent command: ["calico-node", "-init", "-best-effort"] volumeMounts: @@ -4504,7 +4504,7 @@ spec: # container programs network policy and routes on each # host. - name: calico-node - image: docker.io/calico/node:v3.25.0 + image: docker.io/calico/node:v3.25.1 imagePullPolicy: IfNotPresent envFrom: - configMapRef: @@ -4692,7 +4692,7 @@ spec: priorityClassName: system-cluster-critical containers: - name: calico-kube-controllers - image: docker.io/calico/kube-controllers:v3.25.0 + image: docker.io/calico/kube-controllers:v3.25.1 imagePullPolicy: IfNotPresent env: # Choose which controllers to run. @@ -4776,7 +4776,7 @@ spec: securityContext: fsGroup: 65534 containers: - - image: docker.io/calico/typha:v3.25.0 + - image: docker.io/calico/typha:v3.25.1 imagePullPolicy: IfNotPresent name: calico-typha ports: diff --git a/manifests/calico-typha.yaml b/manifests/calico-typha.yaml index d58a2e5a8fa..0d5009f1942 100644 --- a/manifests/calico-typha.yaml +++ b/manifests/calico-typha.yaml @@ -4476,7 +4476,7 @@ spec: # It can be deleted if this is a fresh installation, or if you have already # upgraded to use calico-ipam. - name: upgrade-ipam - image: docker.io/calico/cni:v3.25.0 + image: docker.io/calico/cni:v3.25.1 imagePullPolicy: IfNotPresent command: ["/opt/cni/bin/calico-ipam", "-upgrade"] envFrom: @@ -4504,7 +4504,7 @@ spec: # This container installs the CNI binaries # and CNI network config file on each node. - name: install-cni - image: docker.io/calico/cni:v3.25.0 + image: docker.io/calico/cni:v3.25.1 imagePullPolicy: IfNotPresent command: ["/opt/cni/bin/install"] envFrom: @@ -4547,7 +4547,7 @@ spec: # i.e. bpf at /sys/fs/bpf and cgroup2 at /run/calico/cgroup. Calico-node initialisation is executed # in best effort fashion, i.e. no failure for errors, to not disrupt pod creation in iptable mode. - name: "mount-bpffs" - image: docker.io/calico/node:v3.25.0 + image: docker.io/calico/node:v3.25.1 imagePullPolicy: IfNotPresent command: ["calico-node", "-init", "-best-effort"] volumeMounts: @@ -4573,7 +4573,7 @@ spec: # container programs network policy and routes on each # host. - name: calico-node - image: docker.io/calico/node:v3.25.0 + image: docker.io/calico/node:v3.25.1 imagePullPolicy: IfNotPresent envFrom: - configMapRef: @@ -4796,7 +4796,7 @@ spec: priorityClassName: system-cluster-critical containers: - name: calico-kube-controllers - image: docker.io/calico/kube-controllers:v3.25.0 + image: docker.io/calico/kube-controllers:v3.25.1 imagePullPolicy: IfNotPresent env: # Choose which controllers to run. @@ -4880,7 +4880,7 @@ spec: securityContext: fsGroup: 65534 containers: - - image: docker.io/calico/typha:v3.25.0 + - image: docker.io/calico/typha:v3.25.1 imagePullPolicy: IfNotPresent name: calico-typha ports: diff --git a/manifests/calico-vxlan.yaml b/manifests/calico-vxlan.yaml index 4876d794f79..fafe27c4c22 100644 --- a/manifests/calico-vxlan.yaml +++ b/manifests/calico-vxlan.yaml @@ -4440,7 +4440,7 @@ spec: # It can be deleted if this is a fresh installation, or if you have already # upgraded to use calico-ipam. - name: upgrade-ipam - image: docker.io/calico/cni:v3.25.0 + image: docker.io/calico/cni:v3.25.1 imagePullPolicy: IfNotPresent command: ["/opt/cni/bin/calico-ipam", "-upgrade"] envFrom: @@ -4468,7 +4468,7 @@ spec: # This container installs the CNI binaries # and CNI network config file on each node. - name: install-cni - image: docker.io/calico/cni:v3.25.0 + image: docker.io/calico/cni:v3.25.1 imagePullPolicy: IfNotPresent command: ["/opt/cni/bin/install"] envFrom: @@ -4511,7 +4511,7 @@ spec: # i.e. bpf at /sys/fs/bpf and cgroup2 at /run/calico/cgroup. Calico-node initialisation is executed # in best effort fashion, i.e. no failure for errors, to not disrupt pod creation in iptable mode. - name: "mount-bpffs" - image: docker.io/calico/node:v3.25.0 + image: docker.io/calico/node:v3.25.1 imagePullPolicy: IfNotPresent command: ["calico-node", "-init", "-best-effort"] volumeMounts: @@ -4537,7 +4537,7 @@ spec: # container programs network policy and routes on each # host. - name: calico-node - image: docker.io/calico/node:v3.25.0 + image: docker.io/calico/node:v3.25.1 imagePullPolicy: IfNotPresent envFrom: - configMapRef: @@ -4752,7 +4752,7 @@ spec: priorityClassName: system-cluster-critical containers: - name: calico-kube-controllers - image: docker.io/calico/kube-controllers:v3.25.0 + image: docker.io/calico/kube-controllers:v3.25.1 imagePullPolicy: IfNotPresent env: # Choose which controllers to run. diff --git a/manifests/calico-windows-bgp.yaml b/manifests/calico-windows-bgp.yaml index 1ac1ef76a3f..b111debff13 100644 --- a/manifests/calico-windows-bgp.yaml +++ b/manifests/calico-windows-bgp.yaml @@ -60,7 +60,7 @@ spec: operator: Exists initContainers: - name: install - image: calico/windows:v3.25.0 + image: calico/windows:v3.25.1 args: - ".\\host-process-install.ps1" imagePullPolicy: Always @@ -76,7 +76,7 @@ spec: fieldPath: spec.nodeName containers: - name: node - image: calico/windows:v3.25.0 + image: calico/windows:v3.25.1 imagePullPolicy: Always args: - ".\\node\\node-service.ps1" @@ -94,7 +94,7 @@ spec: apiVersion: v1 fieldPath: spec.nodeName - name: felix - image: calico/windows:v3.25.0 + image: calico/windows:v3.25.1 imagePullPolicy: Always args: - ".\\felix\\felix-service.ps1" @@ -128,7 +128,7 @@ spec: periodSeconds: 10 timeoutSeconds: 10 - name: confd - image: calico/windows:v3.25.0 + image: calico/windows:v3.25.1 imagePullPolicy: Always args: - ".\\confd\\confd-service.ps1" diff --git a/manifests/calico-windows-vxlan.yaml b/manifests/calico-windows-vxlan.yaml index 5aeca5eae6e..d6c18725b8a 100644 --- a/manifests/calico-windows-vxlan.yaml +++ b/manifests/calico-windows-vxlan.yaml @@ -60,7 +60,7 @@ spec: operator: Exists initContainers: - name: install - image: calico/windows:v3.25.0 + image: calico/windows:v3.25.1 args: - ".\\host-process-install.ps1" imagePullPolicy: Always @@ -76,7 +76,7 @@ spec: fieldPath: spec.nodeName containers: - name: node - image: calico/windows:v3.25.0 + image: calico/windows:v3.25.1 imagePullPolicy: Always args: - ".\\node\\node-service.ps1" @@ -94,7 +94,7 @@ spec: apiVersion: v1 fieldPath: spec.nodeName - name: felix - image: calico/windows:v3.25.0 + image: calico/windows:v3.25.1 imagePullPolicy: Always args: - ".\\felix\\felix-service.ps1" diff --git a/manifests/calico.yaml b/manifests/calico.yaml index 59cf3094294..3f3c1173185 100644 --- a/manifests/calico.yaml +++ b/manifests/calico.yaml @@ -4440,7 +4440,7 @@ spec: # It can be deleted if this is a fresh installation, or if you have already # upgraded to use calico-ipam. - name: upgrade-ipam - image: docker.io/calico/cni:v3.25.0 + image: docker.io/calico/cni:v3.25.1 imagePullPolicy: IfNotPresent command: ["/opt/cni/bin/calico-ipam", "-upgrade"] envFrom: @@ -4468,7 +4468,7 @@ spec: # This container installs the CNI binaries # and CNI network config file on each node. - name: install-cni - image: docker.io/calico/cni:v3.25.0 + image: docker.io/calico/cni:v3.25.1 imagePullPolicy: IfNotPresent command: ["/opt/cni/bin/install"] envFrom: @@ -4511,7 +4511,7 @@ spec: # i.e. bpf at /sys/fs/bpf and cgroup2 at /run/calico/cgroup. Calico-node initialisation is executed # in best effort fashion, i.e. no failure for errors, to not disrupt pod creation in iptable mode. - name: "mount-bpffs" - image: docker.io/calico/node:v3.25.0 + image: docker.io/calico/node:v3.25.1 imagePullPolicy: IfNotPresent command: ["calico-node", "-init", "-best-effort"] volumeMounts: @@ -4537,7 +4537,7 @@ spec: # container programs network policy and routes on each # host. - name: calico-node - image: docker.io/calico/node:v3.25.0 + image: docker.io/calico/node:v3.25.1 imagePullPolicy: IfNotPresent envFrom: - configMapRef: @@ -4754,7 +4754,7 @@ spec: priorityClassName: system-cluster-critical containers: - name: calico-kube-controllers - image: docker.io/calico/kube-controllers:v3.25.0 + image: docker.io/calico/kube-controllers:v3.25.1 imagePullPolicy: IfNotPresent env: # Choose which controllers to run. diff --git a/manifests/calicoctl-etcd.yaml b/manifests/calicoctl-etcd.yaml index 4714ea5d67e..b99540d2281 100644 --- a/manifests/calicoctl-etcd.yaml +++ b/manifests/calicoctl-etcd.yaml @@ -1,7 +1,7 @@ # Calico Version master # https://projectcalico.docs.tigera.io/releases#master # This manifest includes the following component versions: -# calico/ctl:v3.25.0 +# calico/ctl:v3.25.1 apiVersion: v1 kind: Pod @@ -14,7 +14,7 @@ spec: hostNetwork: true containers: - name: calicoctl - image: calico/ctl:v3.25.0 + image: calico/ctl:v3.25.1 command: - /calicoctl args: diff --git a/manifests/calicoctl.yaml b/manifests/calicoctl.yaml index 10dbe470abd..f78701e35c2 100644 --- a/manifests/calicoctl.yaml +++ b/manifests/calicoctl.yaml @@ -1,7 +1,7 @@ # Calico Version master # https://projectcalico.docs.tigera.io/releases#master # This manifest includes the following component versions: -# calico/ctl:v3.25.0 +# calico/ctl:v3.25.1 apiVersion: v1 kind: ServiceAccount @@ -23,7 +23,7 @@ spec: serviceAccountName: calicoctl containers: - name: calicoctl - image: calico/ctl:v3.25.0 + image: calico/ctl:v3.25.1 command: - /calicoctl args: diff --git a/manifests/canal-etcd.yaml b/manifests/canal-etcd.yaml index 47b74a4773f..eb14d8c1dee 100644 --- a/manifests/canal-etcd.yaml +++ b/manifests/canal-etcd.yaml @@ -345,7 +345,7 @@ spec: # This container installs the CNI binaries # and CNI network config file on each node. - name: install-cni - image: docker.io/calico/cni:v3.25.0 + image: docker.io/calico/cni:v3.25.1 imagePullPolicy: IfNotPresent command: ["/opt/cni/bin/install"] envFrom: @@ -415,7 +415,7 @@ spec: # i.e. bpf at /sys/fs/bpf and cgroup2 at /run/calico/cgroup. Calico-node initialisation is executed # in best effort fashion, i.e. no failure for errors, to not disrupt pod creation in iptable mode. - name: "mount-bpffs" - image: docker.io/calico/node:v3.25.0 + image: docker.io/calico/node:v3.25.1 imagePullPolicy: IfNotPresent command: ["calico-node", "-init", "-best-effort"] volumeMounts: @@ -441,7 +441,7 @@ spec: # container programs network policy and routes on each # host. - name: calico-node - image: docker.io/calico/node:v3.25.0 + image: docker.io/calico/node:v3.25.1 imagePullPolicy: IfNotPresent envFrom: - configMapRef: @@ -737,7 +737,7 @@ spec: hostNetwork: true containers: - name: calico-kube-controllers - image: docker.io/calico/kube-controllers:v3.25.0 + image: docker.io/calico/kube-controllers:v3.25.1 imagePullPolicy: IfNotPresent env: # The location of the etcd cluster. diff --git a/manifests/canal.yaml b/manifests/canal.yaml index 076ab3bca32..d92a30200fc 100644 --- a/manifests/canal.yaml +++ b/manifests/canal.yaml @@ -4463,7 +4463,7 @@ spec: # This container installs the CNI binaries # and CNI network config file on each node. - name: install-cni - image: docker.io/calico/cni:v3.25.0 + image: docker.io/calico/cni:v3.25.1 imagePullPolicy: IfNotPresent command: ["/opt/cni/bin/install"] envFrom: @@ -4512,7 +4512,7 @@ spec: # i.e. bpf at /sys/fs/bpf and cgroup2 at /run/calico/cgroup. Calico-node initialisation is executed # in best effort fashion, i.e. no failure for errors, to not disrupt pod creation in iptable mode. - name: "mount-bpffs" - image: docker.io/calico/node:v3.25.0 + image: docker.io/calico/node:v3.25.1 imagePullPolicy: IfNotPresent command: ["calico-node", "-init", "-best-effort"] volumeMounts: @@ -4538,7 +4538,7 @@ spec: # container programs network policy and routes on each # host. - name: calico-node - image: docker.io/calico/node:v3.25.0 + image: docker.io/calico/node:v3.25.1 imagePullPolicy: IfNotPresent envFrom: - configMapRef: @@ -4766,7 +4766,7 @@ spec: priorityClassName: system-cluster-critical containers: - name: calico-kube-controllers - image: docker.io/calico/kube-controllers:v3.25.0 + image: docker.io/calico/kube-controllers:v3.25.1 imagePullPolicy: IfNotPresent env: # Choose which controllers to run. diff --git a/manifests/csi-driver.yaml b/manifests/csi-driver.yaml index c783ae34c6b..d28e33e0389 100644 --- a/manifests/csi-driver.yaml +++ b/manifests/csi-driver.yaml @@ -50,7 +50,7 @@ spec: effect: NoSchedule containers: - name: calico-csi - image: calico/csi:v3.25.0 + image: calico/csi:v3.25.1 imagePullPolicy: IfNotPresent args: - --nodeid=$(KUBE_NODE_NAME) @@ -75,7 +75,7 @@ spec: mountPath: /var/lib/kubelet/ mountPropagation: "Bidirectional" - name: csi-node-driver-registrar - image: calico/node-driver-registrar:v3.25.0 + image: calico/node-driver-registrar:v3.25.1 imagePullPolicy: IfNotPresent args: - --v=5 diff --git a/manifests/flannel-migration/calico.yaml b/manifests/flannel-migration/calico.yaml index d7e93e45074..726155a7f8e 100644 --- a/manifests/flannel-migration/calico.yaml +++ b/manifests/flannel-migration/calico.yaml @@ -4442,7 +4442,7 @@ spec: # It can be deleted if this is a fresh installation, or if you have already # upgraded to use calico-ipam. - name: upgrade-ipam - image: docker.io/calico/cni:v3.25.0 + image: docker.io/calico/cni:v3.25.1 imagePullPolicy: IfNotPresent command: ["/opt/cni/bin/calico-ipam", "-upgrade"] envFrom: @@ -4470,7 +4470,7 @@ spec: # This container installs the CNI binaries # and CNI network config file on each node. - name: install-cni - image: docker.io/calico/cni:v3.25.0 + image: docker.io/calico/cni:v3.25.1 imagePullPolicy: IfNotPresent command: ["/opt/cni/bin/install"] envFrom: @@ -4513,7 +4513,7 @@ spec: # i.e. bpf at /sys/fs/bpf and cgroup2 at /run/calico/cgroup. Calico-node initialisation is executed # in best effort fashion, i.e. no failure for errors, to not disrupt pod creation in iptable mode. - name: "mount-bpffs" - image: docker.io/calico/node:v3.25.0 + image: docker.io/calico/node:v3.25.1 imagePullPolicy: IfNotPresent command: ["calico-node", "-init", "-best-effort"] volumeMounts: @@ -4539,7 +4539,7 @@ spec: # container programs network policy and routes on each # host. - name: calico-node - image: docker.io/calico/node:v3.25.0 + image: docker.io/calico/node:v3.25.1 imagePullPolicy: IfNotPresent envFrom: - configMapRef: @@ -4754,7 +4754,7 @@ spec: priorityClassName: system-cluster-critical containers: - name: calico-kube-controllers - image: docker.io/calico/kube-controllers:v3.25.0 + image: docker.io/calico/kube-controllers:v3.25.1 imagePullPolicy: IfNotPresent env: # Choose which controllers to run. diff --git a/manifests/ocp/02-tigera-operator.yaml b/manifests/ocp/02-tigera-operator.yaml index 357f9bc4cce..82e01f13cda 100644 --- a/manifests/ocp/02-tigera-operator.yaml +++ b/manifests/ocp/02-tigera-operator.yaml @@ -29,7 +29,7 @@ spec: dnsPolicy: ClusterFirstWithHostNet containers: - name: tigera-operator - image: quay.io/tigera/operator:v1.29.0 + image: quay.io/tigera/operator:v1.29.3 imagePullPolicy: IfNotPresent command: - operator @@ -47,7 +47,7 @@ spec: - name: OPERATOR_NAME value: "tigera-operator" - name: TIGERA_OPERATOR_INIT_IMAGE_VERSION - value: v1.29.0 + value: v1.29.3 envFrom: - configMapRef: name: kubernetes-services-endpoint @@ -66,7 +66,7 @@ spec: name: install-resources-script initContainers: - name: create-initial-resources - image: docker.io/calico/ctl:v3.25.0 + image: docker.io/calico/ctl:v3.25.1 env: - name: DATASTORE_TYPE value: kubernetes diff --git a/manifests/tigera-operator.yaml b/manifests/tigera-operator.yaml index 6dd9d538601..e3e3f5c1c06 100644 --- a/manifests/tigera-operator.yaml +++ b/manifests/tigera-operator.yaml @@ -18143,7 +18143,7 @@ spec: dnsPolicy: ClusterFirstWithHostNet containers: - name: tigera-operator - image: quay.io/tigera/operator:v1.29.0 + image: quay.io/tigera/operator:v1.29.3 imagePullPolicy: IfNotPresent command: - operator @@ -18161,7 +18161,7 @@ spec: - name: OPERATOR_NAME value: "tigera-operator" - name: TIGERA_OPERATOR_INIT_IMAGE_VERSION - value: v1.29.0 + value: v1.29.3 envFrom: - configMapRef: name: kubernetes-services-endpoint diff --git a/release-notes b/release-notes new file mode 120000 index 00000000000..2ebcae6862c --- /dev/null +++ b/release-notes @@ -0,0 +1 @@ +calico/_includes/release-notes \ No newline at end of file