Srishti Jaiswal
d5b91828a3
Use kubeam kubeconfig user instead of generating a kubeconfig with Ansible ( #12958 )
2026-02-12 15:16:01 +05:30
botsz
69258075e0
docs: update ansible-playbook inventory path in README ( #12615 ) ( #12992 )
2026-02-12 13:28:00 +05:30
ChengHao Yang
6965d8ded9
Support Fedora 41 ( #12138 )
...
* Add Fedora 41 CI support
Signed-off-by: ChengHao Yang <17496418+tico88612@users.noreply.github.com >
* Docs: add fedora41 support
Signed-off-by: ChengHao Yang <17496418+tico88612@users.noreply.github.com >
* Add Fedora 41 local vagrant test
Signed-off-by: ChengHao Yang <17496418+tico88612@users.noreply.github.com >
* Fix: Fedora 41+ need python3-libdnf5 for package management
Signed-off-by: ChengHao Yang <17496418+tico88612@users.noreply.github.com >
---------
Signed-off-by: ChengHao Yang <17496418+tico88612@users.noreply.github.com >
2026-02-11 08:26:01 +05:30
Meza
8bd5045ecf
cleanup: Deprecate Ingress-Nginx from kubernetes-apps ( #12767 )
...
* [docs] Remove ingress-nginx references in docs and scripts jinja
Signed-off-by: Meza <meza-xyz@proton.me >
* Remove ingress-nginx doc and remove references in readme and sidebar
Signed-off-by: Meza <meza-xyz@proton.me >
* Delete ingress-nginx dir from kubernetes-apps
Signed-off-by: Meza <meza-xyz@proton.me >
* Delete ingress-nginx from inventory addons
Signed-off-by: Meza <meza-xyz@proton.me >
* Delete ingress_nginx_enabled from default main
Signed-off-by: Meza <meza-xyz@proton.me >
* Delete ingress_nginx from download
Signed-off-by: Meza <meza-xyz@proton.me >
* Delete ingress_nginx from dependencies
Signed-off-by: Meza <meza-xyz@proton.me >
* Remove ingress_nginx from registry task
Signed-off-by: Meza <meza-xyz@proton.me >
---------
Signed-off-by: Meza <meza-xyz@proton.me >
2026-02-10 20:22:04 +05:30
Micke Nordin
8f73dc9c2f
Add services RBAC for calico-kube-controllers in KDD mode ( #12928 )
...
Commit 5fb85dckano@sunet.se >
2026-02-10 19:52:02 +05:30
Ali Afsharzadeh
cc05dd4d14
Upgrade ansible from 10.7.0 to 11.13.0 ( #12903 )
...
Signed-off-by: Ali Afsharzadeh <afsharzadeh8@gmail.com >
2026-02-10 19:48:07 +05:30
Mark Tsai
9582ab3dcd
image_updates: update openstack-cloud-controller to v1.35.0 ( #12972 )
2026-02-10 14:58:01 +05:30
Mohamed Omar Zaian
a77221d12b
[kubernetes] Support Kubernetes v1.35.0 ( #12812 )
2026-02-10 14:54:02 +05:30
Max Gautier
57364f4085
Patch versions updates ( #12973 )
...
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
2026-02-09 21:13:25 +05:30
Max Gautier
34f43d21e3
Revert "kubelet: conditionalize staticPodPath location ( #12433 )" ( #12970 )
...
* Revert "kubelet: conditionalize staticPodPath location (#12433 )"
This reverts commit 082507cff2
2026-02-09 07:31:09 +05:30
Srishti Jaiswal
052846aa28
removed deprecated containerd_registries from test file ( #12969 )
2026-02-08 11:11:08 +05:30
neo
a563431c68
Remove Kubernetes Dashboard support ( #12858 )
2026-02-07 22:49:08 +05:30
Max Gautier
3aa0c0cc64
coredns: allow to customize service name ( #12951 )
2026-02-06 09:52:29 +05:30
chun
9bbef44e32
Bump: Prometheus Operator CRD to 0.88.1 ( #12968 )
...
Signed-off-by: hcc429 <dev.hcc29@gmail.com >
2026-02-06 08:36:30 +05:30
Srishti Jaiswal
03cfdbf2a9
add removed var validation to validate_inventory ( #12942 )
2026-02-05 15:34:31 +05:30
Jordan Liggitt
b5b599ecf8
Clean up unused nodes/proxy permission from node-feature-discovery-gc ( #12955 )
2026-02-05 15:30:34 +05:30
Max Gautier
4245ddcee8
Make etcd node removal idempotent ( #12949 )
2026-02-05 11:40:28 +05:30
Joshua N Haupt
422e7366ec
Fix Gluster image_id and update openstack_blockstorage_volume_v3 ( #12910 )
...
This fixes the Terraform Gluster Compute image_id bug and updates the openstack_blockstorage_volume_v2 to
openstack_blockstorage_volume_v3.
Resolves:
[Bug] OpenStack Compute variable handling of image_id and image_name for Gluster nodes is broken
https://github.com/kubernetes-sigs/kubespray/issues/12902
Update openstack_blockstorage_volume_v2 to openstack_blockstorage_volume_v3
https://github.com/kubernetes-sigs/kubespray/issues/12901
Signed-off-by: Joshua Nathaniel Haupt <joshua@hauptj.com >
2026-02-04 11:08:26 +05:30
Tushar240503
bf69e67240
refactor/dynamic-role-loading-network ( #12933 )
...
Signed-off-by: Tushar Sharma <tusharkumargzb6@gmail.com >
2026-02-03 21:58:29 +05:30
Tushar240503
c5c2cf16a0
Move inline defaults to defaults/main.yml ( #12926 )
2026-02-03 14:14:29 +05:30
Ali Afsharzadeh
69e042bd9e
Remove software-properties-common from pipeline.Dockerfile ( #12945 )
...
Signed-off-by: Ali Afsharzadeh <afsharzadeh8@gmail.com >
2026-02-02 20:04:32 +05:30
dependabot[bot]
20da3bb1b0
build(deps): bump cryptography from 46.0.3 to 46.0.4 ( #12944 )
...
Bumps [cryptography](https://github.com/pyca/cryptography ) from 46.0.3 to 46.0.4.
- [Changelog](https://github.com/pyca/cryptography/blob/main/CHANGELOG.rst )
- [Commits](https://github.com/pyca/cryptography/compare/46.0.3...46.0.4 )
---
updated-dependencies:
- dependency-name: cryptography
dependency-version: 46.0.4
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-02-02 09:26:30 +05:30
Ieere Song
4d4058ee8e
fix: typo in validate_inventory task name (missing backtick) ( #12940 )
...
Co-authored-by: Cursor <cursoragent@cursor.com >
2026-01-31 20:02:24 +05:30
Tushar240503
f071fccc33
updated prometheus-operator crd checksum autobump ( #12939 )
...
* updated prometheus-operator crd checksum autobump
Signed-off-by: Tushar Sharma <tusharkumargzb6@gmail.com >
* updated to Next-Gen format
Signed-off-by: Tushar Sharma <tusharkumargzb6@gmail.com >
---------
Signed-off-by: Tushar Sharma <tusharkumargzb6@gmail.com >
2026-01-31 19:44:24 +05:30
Eugene Shutov
70daea701a
local_path_provisioner: add resources ( #12548 )
...
* local_path_provisioner: add resources
* Update roles/kubernetes-apps/external_provisioner/local_path_provisioner/templates/local-path-storage-deployment.yml.j2
Co-authored-by: ChengHao Yang <17496418+tico88612@users.noreply.github.com >
---------
Co-authored-by: ChengHao Yang <17496418+tico88612@users.noreply.github.com >
2026-01-31 00:08:25 +05:30
Ali Afsharzadeh
3e42b84e94
Upgrade Dockerfile base image from Ubuntu 22.04 to 24.04 ( #12935 )
...
* Upgrade Dockerfile base image from Ubuntu 22.04 to 24.04
* Add --break-system-packages flag to testcases_run.sh file
2026-01-30 19:57:44 +05:30
Max Gautier
868ff3cea9
Auto-bump checksums on last 3 branches ( #12934 )
...
We now have all supported release branches (last 3) using the new
checksums format, which means they all work with the auto-bump tooling.
2026-01-30 15:39:44 +05:30
Max Gautier
0b69a18e35
Remove nifcloud terraform provider support (it is no longer available) ( #12936 )
...
The nifcloud terraform provider has been deleted, so remove support and
CI.
2026-01-30 15:05:44 +05:30
ChengHao Yang
e30076016c
Releng: Galaxy version upgrade to 2.31.0 ( #12909 )
...
Signed-off-by: ChengHao Yang <17496418+tico88612@users.noreply.github.com >
2026-01-30 13:35:43 +05:30
ChengHao Yang
f4ccdb5e72
Docs: update 2.29.0 to 2.30.0 ( #12899 )
...
Signed-off-by: ChengHao Yang <17496418+tico88612@users.noreply.github.com >
2026-01-29 23:45:50 +05:30
Max Gautier
fcecaf6943
wait for control plane node to become ready after joining ( #12794 )
...
When joining a control plane node and "upgrading" the cluster setup (for
example, to update etcd addresses after adding a new etcd) in the same
playbook run, the node can take a bit of time to become ready after
joining.
This triggers a kubeadm preflight check (ControlPlaneNodesReady) in
kubeadm upgrade, which is run directly after the join tasks.
Add a configurable wait for the control plane node to become Ready to
fix this race condition.
2026-01-28 22:15:51 +05:30
Max Gautier
37f7a86014
etcd-certs: only change necessary permissions ( #12908 )
...
We currently **recursively** set the permissions of /etc/ssl/etcd/ssl
(default path) to 700. But this removes group permission from the files
under it, and certain composents (like calio with etcd datastore) rely
on it ; thus, the upgrade of a cluster can fail because the
calico-kube-controller can't access the certs, and thus the etcd.
This works in other case because as far as I can tell, the apiserver
which do access the etcd run as root (the owner of the files, not just
the "group owner")
We also for some reasons do this twice.
Only create the etcd cert directory with the correct permissions once,
not recursively.
2026-01-27 20:25:52 +05:30
Max Gautier
fff7f10a85
Patch versions updates ( #12912 )
...
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
2026-01-27 20:21:53 +05:30
ChengHao Yang
dc09298f7e
Docs: cilium_kube_proxy_replacement change boolean ( #12898 )
...
Signed-off-by: ChengHao Yang <17496418+tico88612@users.noreply.github.com >
2026-01-27 16:43:48 +05:30
dependabot[bot]
680db0c921
build(deps): bump jmespath from 1.0.1 to 1.1.0 ( #12905 )
...
Bumps [jmespath](https://github.com/jmespath/jmespath.py ) from 1.0.1 to 1.1.0.
- [Changelog](https://github.com/jmespath/jmespath.py/blob/develop/CHANGELOG.rst )
- [Commits](https://github.com/jmespath/jmespath.py/compare/1.0.1...1.1.0 )
---
updated-dependencies:
- dependency-name: jmespath
dependency-version: 1.1.0
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-01-27 16:39:49 +05:30
dependabot[bot]
9977d4dc10
build(deps): bump actions/checkout from 6.0.1 to 6.0.2 ( #12906 )
...
Bumps [actions/checkout](https://github.com/actions/checkout ) from 6.0.1 to 6.0.2.
- [Release notes](https://github.com/actions/checkout/releases )
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md )
- [Commits](8e8c483db8...de0fac2e45support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-01-26 20:41:53 +05:30
dependabot[bot]
1b6129566b
build(deps): bump peter-evans/create-pull-request from 8.0.0 to 8.1.0 ( #12907 )
...
Bumps [peter-evans/create-pull-request](https://github.com/peter-evans/create-pull-request ) from 8.0.0 to 8.1.0.
- [Release notes](https://github.com/peter-evans/create-pull-request/releases )
- [Commits](98357b18bf...c0f553fe54support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-01-26 20:37:51 +05:30
Ali Afsharzadeh
c3404c3685
Upgrade cilium from 1.18.5 to 1.18.6 ( #12900 )
...
Signed-off-by: Ali Afsharzadeh <afsharzadeh8@gmail.com >
2026-01-26 20:21:50 +05:30
Max Gautier
fba8708486
RELEASE.md: fix minor typo ( #12891 )
2026-01-22 16:43:29 +05:30
accuROAMC
8dacb9cd16
cri-o: fix duplicate top-level "auths" keys in registry config template ( #12845 )
...
The config.json.j2 template was generating invalid JSON when multiple
crio_registry_auth entries were defined, resulting in multiple top-level
"auths" objects being rendered, e.g.:
{
"auths": { "registry1": { "auth": "xxxx" } },
"auths": { "registry2": { "auth": "yyyy" } }
}
This change moves the loop inside the "auths" object so that all registries
are rendered as siblings under a single "auths" key, producing valid JSON:
{
"auths": {
"registry1": { "auth": "xxxx" },
"registry2": { "auth": "yyyy" }
}
}
2026-01-20 19:20:50 +05:30
Max Gautier
df3f0a2341
k8s-certs-renew: fix broken script ( #12876 )
...
Unproquer quoting of variable assignment make the shell interpret it as
a command ; since the variable is unused anyway, just delete it.
2026-01-19 22:57:47 +05:30
Kubernetes Prow Robot
62e90b3122
Merge pull request #12872 from VannTen/fix/defaut_lb_address
...
Use loadbalancer IP as default apiserver endpoint if no LB hostname is used
2026-01-19 21:45:50 +05:30
Max Gautier
6b5cc5bdfb
Fix defaults for apiserver_loadbalancer_domain_name
...
Since we're not longer injecting pseudo DNS into /etc/hosts,
'lb-apiserver.kubernetes.local' (the previous default) won't resolve to
anything.
Instead, default to the loadbalancer IP if defined, or to the node local
loadbalancer if it's in use.
Make the necessary adjustements in use site to deal with ip addresses as
well as hostnames.
2026-01-19 09:43:48 +01:00
dependabot[bot]
a277cfdee7
build(deps): bump stefanbuck/github-issue-parser from 3.2.2 to 3.2.3 ( #12874 )
...
Bumps [stefanbuck/github-issue-parser](https://github.com/stefanbuck/github-issue-parser ) from 3.2.2 to 3.2.3.
- [Release notes](https://github.com/stefanbuck/github-issue-parser/releases )
- [Commits](25f1485edf...10dcc54158support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-01-19 09:35:10 +05:30
Max Gautier
bc5528f585
Patch versions updates ( #12854 )
...
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
2026-01-17 23:57:09 +05:30
Max Gautier
2740c13c0c
Do not use apiserver LB in etcd certificates
...
etcd does not use the apiserver load balancer, there is no reason to
include it's DNS into etcd certificates.
2026-01-15 16:50:45 +01:00
Bas
52b68bccad
Fix: ansible_facts.selinux.status added. ( #12861 )
2026-01-14 23:31:40 +05:30
Will Xiang
82c4c0afdf
fix syntax in haproxy.cfg.j2 for IPv6 binding ( #12862 )
2026-01-14 12:33:35 +05:30
Kirill Statsenko
63a43cf6db
add metallb_namespace default value ( #12860 )
2026-01-13 20:55:43 +05:30
Ali Afsharzadeh
666a3a9500
Upgrade containerd and nerdctl from 2.1.6 to 2.2.1 ( #12825 )
2026-01-12 15:24:10 +05:30
