rancher/plugins
1
0
Fork 1
mirror of https://github.com/rancher/plugins.git synced 2026-05-14 23:22:58 +00:00
Code Issues Projects Releases Wiki Activity
1,912 Commits 18 Branches 68 Tags
main
Commit Graph

1912 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
dependabot[bot]
8202947cbb build(deps): bump google.golang.org/grpc from 1.69.0 to 1.79.3 
Bumps [google.golang.org/grpc](https://github.com/grpc/grpc-go) from 1.69.0 to 1.79.3.
- [Release notes](https://github.com/grpc/grpc-go/releases)
- [Commits](https://github.com/grpc/grpc-go/compare/v1.69.0...v1.79.3)

---
updated-dependencies:
- dependency-name: google.golang.org/grpc
  dependency-version: 1.79.3
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
 2026-03-30 16:31:44 +02:00
dependabot[bot]
928bc27093 build(deps): bump the golang group across 1 directory with 9 updates 
Bumps the golang group with 7 updates in the / directory:

| Package | From | To |
| --- | --- | --- |
| [github.com/buger/jsonparser](https://github.com/buger/jsonparser) | `1.1.1` | `1.1.2` |
| [github.com/coreos/go-systemd/v22](https://github.com/coreos/go-systemd) | `22.6.0` | `22.7.0` |
| [github.com/godbus/dbus/v5](https://github.com/godbus/dbus) | `5.1.0` | `5.2.2` |
| [github.com/onsi/ginkgo/v2](https://github.com/onsi/ginkgo) | `2.25.1` | `2.28.1` |
| [github.com/opencontainers/selinux](https://github.com/opencontainers/selinux) | `1.13.0` | `1.13.1` |
| [github.com/safchain/ethtool](https://github.com/safchain/ethtool) | `0.6.2` | `0.7.0` |
| [sigs.k8s.io/knftables](https://github.com/kubernetes-sigs/knftables) | `0.0.18` | `0.0.21` |



Updates `github.com/buger/jsonparser` from 1.1.1 to 1.1.2
- [Release notes](https://github.com/buger/jsonparser/releases)
- [Commits](https://github.com/buger/jsonparser/compare/v1.1.1...v1.1.2)

Updates `github.com/coreos/go-systemd/v22` from 22.6.0 to 22.7.0
- [Release notes](https://github.com/coreos/go-systemd/releases)
- [Commits](https://github.com/coreos/go-systemd/compare/v22.6.0...v22.7.0)

Updates `github.com/godbus/dbus/v5` from 5.1.0 to 5.2.2
- [Release notes](https://github.com/godbus/dbus/releases)
- [Commits](https://github.com/godbus/dbus/compare/v5.1.0...v5.2.2)

Updates `github.com/onsi/ginkgo/v2` from 2.25.1 to 2.28.1
- [Release notes](https://github.com/onsi/ginkgo/releases)
- [Changelog](https://github.com/onsi/ginkgo/blob/master/CHANGELOG.md)
- [Commits](https://github.com/onsi/ginkgo/compare/v2.25.1...v2.28.1)

Updates `github.com/onsi/gomega` from 1.38.1 to 1.39.0
- [Release notes](https://github.com/onsi/gomega/releases)
- [Changelog](https://github.com/onsi/gomega/blob/master/CHANGELOG.md)
- [Commits](https://github.com/onsi/gomega/compare/v1.38.1...v1.39.0)

Updates `github.com/opencontainers/selinux` from 1.13.0 to 1.13.1
- [Release notes](https://github.com/opencontainers/selinux/releases)
- [Commits](https://github.com/opencontainers/selinux/compare/v1.13.0...v1.13.1)

Updates `github.com/safchain/ethtool` from 0.6.2 to 0.7.0
- [Release notes](https://github.com/safchain/ethtool/releases)
- [Commits](https://github.com/safchain/ethtool/compare/v0.6.2...v0.7.0)

Updates `golang.org/x/sys` from 0.35.0 to 0.40.0
- [Commits](https://github.com/golang/sys/compare/v0.35.0...v0.40.0)

Updates `sigs.k8s.io/knftables` from 0.0.18 to 0.0.21
- [Changelog](https://github.com/kubernetes-sigs/knftables/blob/master/CHANGELOG.md)
- [Commits](https://github.com/kubernetes-sigs/knftables/compare/v0.0.18...v0.0.21)

---
updated-dependencies:
- dependency-name: github.com/buger/jsonparser
  dependency-version: 1.1.2
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: golang
- dependency-name: github.com/coreos/go-systemd/v22
  dependency-version: 22.7.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: golang
- dependency-name: github.com/godbus/dbus/v5
  dependency-version: 5.2.2
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: golang
- dependency-name: github.com/onsi/ginkgo/v2
  dependency-version: 2.28.1
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: golang
- dependency-name: github.com/onsi/gomega
  dependency-version: 1.39.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: golang
- dependency-name: github.com/opencontainers/selinux
  dependency-version: 1.13.1
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: golang
- dependency-name: github.com/safchain/ethtool
  dependency-version: 0.7.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: golang
- dependency-name: golang.org/x/sys
  dependency-version: 0.40.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: golang
- dependency-name: sigs.k8s.io/knftables
  dependency-version: 0.0.21
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: golang
...

Signed-off-by: dependabot[bot] <support@github.com>
 2026-03-30 16:20:09 +02:00
Tomofumi Hayashi
6d8f05b82e Bump go version to 1.26 
Signed-off-by: Tomofumi Hayashi <tohayash@redhat.com>
 2026-03-21 06:01:36 +01:00
Mads Jensen
f9f86fdfd4 fix revive linter 
Signed-off-by: Mads Jensen <atombrella@users.noreply.github.com>
 2026-03-19 14:42:11 +01:00
Mads Jensen
b2f232998a Update go.mod to Go 1.25. 
This reflects the version used in the GitHub workflows.

Signed-off-by: Mads Jensen <atombrella@users.noreply.github.com>
 2026-03-19 14:42:11 +01:00
Amulyam24
adc3e6b5b5 bridge: include attempted IP address in AddrAdd error message 
This PR includes the IP in the `AddrAdd` error message which could help debug better with any issues while adding the IP address to the bridge and improves the readability.

Signed-off-by: Amulyam24 <amulmek1@in.ibm.com>
 2026-02-19 12:31:52 +01:00
dependabot[bot]
4161e445d8 build(deps): bump golangci/golangci-lint-action from 8 to 9 
Bumps [golangci/golangci-lint-action](https://github.com/golangci/golangci-lint-action) from 8 to 9.
- [Release notes](https://github.com/golangci/golangci-lint-action/releases)
- [Commits](https://github.com/golangci/golangci-lint-action/compare/v8...v9)

---
updated-dependencies:
- dependency-name: golangci/golangci-lint-action
  dependency-version: '9'
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
 2026-02-18 11:13:47 +01:00
sbiradar10
dada84a99a CVE-2025-52881: Bump selinux to 1.13.0 
Signed-off-by: sbiradar10 <sbiradar@redhat.com>
 2026-02-17 16:01:02 +01:00
Marcelo Guerrero
dfb1f9acb4 fix(test): use shorter veth peer name 
The "test" prefix on hostVethName exceeds the 15-char Linux interface
name limit (IFNAMSIZ), causing ERANGE instead of EEXIST. Shorten the
prefix so the test exercises the intended error path.

Signed-off-by: Marcelo Guerrero <marcegue@cisco.com>
 2026-02-17 15:04:55 +01:00
Marcelo Guerrero
ccc8314dbb vrf: fix route filtering to preserve IPAM-configured routes 
The previous implementation filtered out routes without an explicit
source address (route.Src == nil), which incorrectly removed routes
added by IPAM plugins. IPAM plugins typically configure routes without
setting a source address, causing those routes to be lost when the
interface was moved to the VRF.

The SCOPE_UNIVERSE filter already excludes local and connected routes
that are automatically recreated by the kernel, so the additional
route.Src filter was both unnecessary and harmful.

Fixes #1223

Signed-off-by: Marcelo Guerrero <marcegue@cisco.com>
 2026-02-16 16:25:27 +01:00
Casey Callendrello
8c4a6b3beb bandwidth: handle nil bandwidth in CHECK 
Somehow we missed this case; if CHECK is called with no bandwidth
configuration, we segfault. Oops.

Fixes: #1221

Signed-off-by: Casey Callendrello <c1@caseyc.net>
 2025-12-16 17:31:35 +01:00
Etienne Champetier
9b3772e1a7 portmap: ensure nftables backend only intercept local traffic 
portmap iptables backend uses `-m addrtype --dst-type LOCAL`
and a common chain (CNI-HOSTPORT-DNAT) for both hostPort and hostIP/hostPort.

Before this commit, nftables backend was using 2 separate chains,
`hostip_hostports` and `hostports`. The goal was to avoid using
`fib daddr type local` before we jump to `hostip_hostports`,
but this is a behavior change compared to iptables backend,
and a security issue (hostIP: 1.1.1.1 / hostPort: 53).
Also while switching from input to prerouting hook, we forgot to
add the fib lookup for `hostports`, rendering the nftables backend half broken.

To allow transparent upgrades and avoid running the fib lookup twice,
we use an intermediate chain (`hostports_all`)
```
chain hostports_all {
    jump hostip_hostports
    jump hostports
}
```

Long-term we want to remove `hostip_hostports`,
so all new rules are created in the `hostports` chain.

We can't use implicit chains (`jump { jump hostip_hostports; jump hostports }`)
as it's not supported by knftables.Fake yet.

Fixes 9296c5f80a
Fixes 01a94e17c7

Signed-off-by: Etienne Champetier <e.champetier@ateme.com>
 2025-11-13 12:10:49 +01:00
Etienne Champetier
8ee59c6f6a portmap: fix CHECK for nftables backend 
Fixes 01a94e17c7

Signed-off-by: Etienne Champetier <e.champetier@ateme.com>
 2025-11-13 12:10:49 +01:00
Balazs Nemeth
372953dfb8 Ignore settling with down state since it will never settle 
Signed-off-by: Balazs Nemeth <bnemeth@redhat.com>
 2025-10-02 16:26:23 +02:00
Yuan Liu
85daca7d7b Fix file exists errro in dummy cni 
When the root net ns has "eth0", dummy CNI returns errror "failed to
create dummy: file exists"

The fix is to create the dummy interface directly in the pod net ns

Signed-off-by: Yuan Liu <liuyuan@google.com>
 2025-09-29 16:24:01 +02:00
Casey Callendrello
0e648479e1 lint: allow "util" package 
Perfection is impossible.

Signed-off-by: Casey Callendrello <c1@caseyc.net>
v1.8.0 		2025-09-01 17:23:06 +02:00
Casey Callendrello
3487bb29e9 ci, release: bump go to v1.25 
This does not change the API version, currently at v1.24

Signed-off-by: Casey Callendrello <c1@caseyc.net>
 2025-09-01 17:23:06 +02:00
Olivier Martin
d3e81722c1 Set value of SCOPE to SCOPE_LINK for opt121 routes with router unspecified with DHCP 
Default behavior of the plugin is to try and install routes without
        specifying SCOPE which results in not installing certain routes that
        do not have a gateway set in the DHCP server response. If the SCOPE is
        not set to LINK (in particular for NICs in some cloud environment
        that get assigned /32 IPs to them). This change enables routes to be
        installed without the router being specified, but sets to SCOPE_LINK.

Signed-off-by: Olivier Martin <martinolivier@google.com>
 2025-08-25 17:05:17 +02:00
dependabot[bot]
79c947a703 build(deps): bump the golang group across 1 directory with 5 updates 
Bumps the golang group with 4 updates in the / directory: [github.com/coreos/go-systemd/v22](https://github.com/coreos/go-systemd), [github.com/onsi/ginkgo/v2](https://github.com/onsi/ginkgo), [github.com/onsi/gomega](https://github.com/onsi/gomega) and [github.com/safchain/ethtool](https://github.com/safchain/ethtool).


Updates `github.com/coreos/go-systemd/v22` from 22.5.0 to 22.6.0
- [Release notes](https://github.com/coreos/go-systemd/releases)
- [Commits](https://github.com/coreos/go-systemd/compare/v22.5.0...v22.6.0)

Updates `github.com/onsi/ginkgo/v2` from 2.23.4 to 2.25.1
- [Release notes](https://github.com/onsi/ginkgo/releases)
- [Changelog](https://github.com/onsi/ginkgo/blob/master/CHANGELOG.md)
- [Commits](https://github.com/onsi/ginkgo/compare/v2.23.4...v2.25.1)

Updates `github.com/onsi/gomega` from 1.37.0 to 1.38.1
- [Release notes](https://github.com/onsi/gomega/releases)
- [Changelog](https://github.com/onsi/gomega/blob/master/CHANGELOG.md)
- [Commits](https://github.com/onsi/gomega/compare/v1.37.0...v1.38.1)

Updates `github.com/safchain/ethtool` from 0.6.1 to 0.6.2
- [Release notes](https://github.com/safchain/ethtool/releases)
- [Commits](https://github.com/safchain/ethtool/compare/v0.6.1...v0.6.2)

Updates `golang.org/x/sys` from 0.34.0 to 0.35.0
- [Commits](https://github.com/golang/sys/compare/v0.34.0...v0.35.0)

---
updated-dependencies:
- dependency-name: github.com/coreos/go-systemd/v22
  dependency-version: 22.6.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: golang
- dependency-name: github.com/onsi/ginkgo/v2
  dependency-version: 2.25.1
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: golang
- dependency-name: github.com/onsi/gomega
  dependency-version: 1.38.1
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: golang
- dependency-name: github.com/safchain/ethtool
  dependency-version: 0.6.2
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: golang
- dependency-name: golang.org/x/sys
  dependency-version: 0.35.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: golang
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-08-25 17:04:23 +02:00
runsisi
c70a3381f4 remove duplicate route.Table and route.Scope assignments 
Signed-off-by: runsisi <runsisi@gmail.com>
 2025-08-18 11:12:10 -04:00
Casey Callendrello
b0466813c3 .github: bump golangci-lint version 
Need a newer version to upgade the action.

Signed-off-by: Casey Callendrello <c1@caseyc.net>
 2025-07-21 19:53:01 +02:00
dependabot[bot]
e3390bc6a3 build(deps): bump alpine in /.github/actions/retest-action 
Bumps alpine from 3.21 to 3.22.

---
updated-dependencies:
- dependency-name: alpine
  dependency-version: '3.22'
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-07-21 17:26:52 +02:00
dependabot[bot]
40970ae85a build(deps): bump the golang group across 1 directory with 2 updates 
Bumps the golang group with 2 updates in the / directory: [github.com/safchain/ethtool](https://github.com/safchain/ethtool) and [golang.org/x/sys](https://github.com/golang/sys).


Updates `github.com/safchain/ethtool` from 0.6.0 to 0.6.1
- [Release notes](https://github.com/safchain/ethtool/releases)
- [Commits](https://github.com/safchain/ethtool/compare/v0.6.0...v0.6.1)

Updates `golang.org/x/sys` from 0.33.0 to 0.34.0
- [Commits](https://github.com/golang/sys/compare/v0.33.0...v0.34.0)

---
updated-dependencies:
- dependency-name: github.com/safchain/ethtool
  dependency-version: 0.6.1
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: golang
- dependency-name: golang.org/x/sys
  dependency-version: 0.34.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: golang
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-07-21 17:26:29 +02:00
Marcelo
48a4ae5ab5 Set default value of PreserveDefaultVlan to False 
Default behavior of the vlan implementation on the bridge
should guarantee complete vlan isolation. This complies with
what regular users expect from the vlan feature.

Signed-off-by: Marcelo <marguerr@redhat.com>
 2025-06-02 17:24:18 +02:00
Marcelo
e0b9952318 Allow vlan parameter to set native vlan on trunk ports 
This allows to set the native vlan on trunk ports
via the vlan parameter. It removes all previous
limitations set on the vlan trunk implementation.

Signed-off-by: Marcelo <marguerr@redhat.com>
 2025-06-02 17:24:10 +02:00
dependabot[bot]
f0eb51914e build(deps): bump the golang group with 4 updates 
Bumps the golang group with 4 updates: [github.com/Microsoft/hcsshim](https://github.com/Microsoft/hcsshim), [github.com/safchain/ethtool](https://github.com/safchain/ethtool), [github.com/vishvananda/netlink](https://github.com/vishvananda/netlink) and [golang.org/x/sys](https://github.com/golang/sys).


Updates `github.com/Microsoft/hcsshim` from 0.12.9 to 0.13.0
- [Release notes](https://github.com/Microsoft/hcsshim/releases)
- [Commits](https://github.com/Microsoft/hcsshim/compare/v0.12.9...v0.13.0)

Updates `github.com/safchain/ethtool` from 0.5.10 to 0.6.0
- [Release notes](https://github.com/safchain/ethtool/releases)
- [Commits](https://github.com/safchain/ethtool/compare/v0.5.10...v0.6.0)

Updates `github.com/vishvananda/netlink` from 1.3.1-0.20250303224720-0e7078ed04c8 to 1.3.1
- [Release notes](https://github.com/vishvananda/netlink/releases)
- [Commits](https://github.com/vishvananda/netlink/commits/v1.3.1)

Updates `golang.org/x/sys` from 0.32.0 to 0.33.0
- [Commits](https://github.com/golang/sys/compare/v0.32.0...v0.33.0)

---
updated-dependencies:
- dependency-name: github.com/Microsoft/hcsshim
  dependency-version: 0.13.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: golang
- dependency-name: github.com/safchain/ethtool
  dependency-version: 0.6.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: golang
- dependency-name: github.com/vishvananda/netlink
  dependency-version: 1.3.1
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: golang
- dependency-name: golang.org/x/sys
  dependency-version: 0.33.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: golang
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-05-27 10:53:11 +02:00
Casey Callendrello
569568399c ci: modprobe br-netfilter 
We need to ensure that bridged traffic goes through netfilter.

Signed-off-by: Casey Callendrello <c1@caseyc.net>
 2025-05-27 09:17:18 +02:00
Casey Callendrello
904f9e1bda firewall: run CI in isolated "root" network namespace 
Since the firewall plugin touches the root netns, we should run it in a
fresh "root" namespace for each invocation.

This matches the way ptp does it.

Signed-off-by: Casey Callendrello <c1@caseyc.net>
 2025-05-27 09:17:18 +02:00
dependabot[bot]
a5d507e2b8 build(deps): bump github.com/onsi/gomega in the golang group 
Bumps the golang group with 1 update: [github.com/onsi/gomega](https://github.com/onsi/gomega).


Updates `github.com/onsi/gomega` from 1.36.3 to 1.37.0
- [Release notes](https://github.com/onsi/gomega/releases)
- [Changelog](https://github.com/onsi/gomega/blob/master/CHANGELOG.md)
- [Commits](https://github.com/onsi/gomega/compare/v1.36.3...v1.37.0)

---
updated-dependencies:
- dependency-name: github.com/onsi/gomega
  dependency-version: 1.37.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: golang
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-04-25 13:18:48 +02:00
dependabot[bot]
d0d20a9e22 build(deps): bump golang.org/x/net from 0.37.0 to 0.38.0 
Bumps [golang.org/x/net](https://github.com/golang/net) from 0.37.0 to 0.38.0.
- [Commits](https://github.com/golang/net/compare/v0.37.0...v0.38.0)

---
updated-dependencies:
- dependency-name: golang.org/x/net
  dependency-version: 0.38.0
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-04-17 15:56:55 +02:00
Casey Callendrello
318c44b4ec tuning, vrf: fix test json unmarshal 
A signature change from libcni v1.3.0.

Signed-off-by: Casey Callendrello <c1@caseyc.net>
 2025-04-17 15:44:49 +02:00
Casey Callendrello
c5861e7003 vendor: bump libcni to v1.3.0 
Signed-off-by: Casey Callendrello <c1@caseyc.net>
 2025-04-17 15:44:49 +02:00
Marcelo Guerrero
d650da4810 Check error returned by ipv6 SettleAddresses 
IPv6 configuration is valid if DAD does not fail

Signed-off-by: Marcelo Guerrero <marguerr@redhat.com>
 2025-04-14 17:17:50 +02:00
dependabot[bot]
4754510b67 build(deps): bump the golang group across 1 directory with 5 updates 
Bumps the golang group with 3 updates in the / directory: [github.com/onsi/ginkgo/v2](https://github.com/onsi/ginkgo), [github.com/opencontainers/selinux](https://github.com/opencontainers/selinux) and [github.com/vishvananda/netns](https://github.com/vishvananda/netns).


Updates `github.com/onsi/ginkgo/v2` from 2.23.3 to 2.23.4
- [Release notes](https://github.com/onsi/ginkgo/releases)
- [Changelog](https://github.com/onsi/ginkgo/blob/master/CHANGELOG.md)
- [Commits](https://github.com/onsi/ginkgo/compare/v2.23.3...v2.23.4)

Updates `github.com/onsi/gomega` from 1.36.2 to 1.36.3
- [Release notes](https://github.com/onsi/gomega/releases)
- [Changelog](https://github.com/onsi/gomega/blob/master/CHANGELOG.md)
- [Commits](https://github.com/onsi/gomega/compare/v1.36.2...v1.36.3)

Updates `github.com/opencontainers/selinux` from 1.11.1 to 1.12.0
- [Release notes](https://github.com/opencontainers/selinux/releases)
- [Commits](https://github.com/opencontainers/selinux/compare/v1.11.1...v1.12.0)

Updates `github.com/vishvananda/netns` from 0.0.4 to 0.0.5
- [Release notes](https://github.com/vishvananda/netns/releases)
- [Commits](https://github.com/vishvananda/netns/compare/v0.0.4...v0.0.5)

Updates `golang.org/x/sys` from 0.31.0 to 0.32.0
- [Commits](https://github.com/golang/sys/compare/v0.31.0...v0.32.0)

---
updated-dependencies:
- dependency-name: github.com/onsi/ginkgo/v2
  dependency-version: 2.23.4
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: golang
- dependency-name: github.com/onsi/gomega
  dependency-version: 1.36.3
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: golang
- dependency-name: github.com/opencontainers/selinux
  dependency-version: 1.12.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: golang
- dependency-name: github.com/vishvananda/netns
  dependency-version: 0.0.5
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: golang
- dependency-name: golang.org/x/sys
  dependency-version: 0.32.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: golang
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-04-07 17:14:14 +02:00
Casey Callendrello
282f0a4f6e mechanical: fix lint errors 
Upgraded golangci-lint, some new errors appeared.

Signed-off-by: Casey Callendrello <c1@caseyc.net>
 2025-04-02 16:22:43 +02:00
Casey Callendrello
a8d8d0488c ci: bump to golangci-lint v2 
Signed-off-by: Casey Callendrello <c1@caseyc.net>
 2025-04-02 16:22:43 +02:00
Casey Callendrello
c8096ae06f go.mod: bump ginkgo 
Signed-off-by: Casey Callendrello <c1@caseyc.net>
 2025-04-02 16:22:43 +02:00
Casey Callendrello
57925a3a45 .github: bump go to v1.24 
Signed-off-by: Casey Callendrello <c1@caseyc.net>
 2025-04-02 16:22:43 +02:00
Marcelo Guerrero
f859b730da Implement exponential backoff in vrf plugin 
The current max waiting time for global IPV6 addresses
to be present in the kernel after reinserting them is not
sufficient for all use cases. SRIOV + VRF takes around 1.2s.

These changes increase the maximum waiting time to approximately
2.5s. An exponential backoff is implemented to reduce cpu overload.

Signed-off-by: Marcelo Guerrero <marguerr@redhat.com>
 2025-04-01 11:10:02 +02:00
Marcelo Guerrero
062b3fceb4 Enable KeepAddrOnDown for ipv6 addresses 
This enables the keep_addr_on_down sysctl parameter for
IPV6 addresses configured via the ConfigureIface function.

This prevents IPAM confiuration to be lost when users need
to refresh the link state of an interface that has IPV6 addresses.

Signed-off-by: Marcelo Guerrero <marguerr@redhat.com>
 2025-03-31 17:59:00 +02:00
Adrian Moisey
b088cc3162 Move calls to netlinksafe 
These are functions identified as potentially receiving ErrDumpInterrupted and needing to retry

Signed-off-by: Adrian Moisey <adrian@changeover.za.net>
 2025-03-31 17:22:17 +02:00
Adrian Moisey
5f88af10a0 Add netlinksafe 
A wrapper to add retry on for netlink when it receives a ErrDumpInterrupted

Signed-off-by: Adrian Moisey <adrian@changeover.za.net>
 2025-03-31 17:22:17 +02:00
Adrian Moisey
0464017aff Add linting rule to block use of unsafe netlink calls 
Signed-off-by: Adrian Moisey <adrian@changeover.za.net>
 2025-03-31 17:22:17 +02:00
Adrian Moisey
dcf43557ef Bump netlink 
Signed-off-by: Adrian Moisey <adrian@changeover.za.net>
 2025-03-31 17:22:17 +02:00
Marcelo Guerrero
35831f3d23 Fix addresses and routes reinserted to the VRF 
These changes make sure that only IPV6 global addresses
and non local/connected routes are reinserted to the VRF
table after slaving the interface

Signed-off-by: Marcelo Guerrero <marguerr@redhat.com>
 2025-03-24 16:20:31 +01:00
dougbtv
e20492f0d6 DHCP lease maintenance should terminate when interface no longer exists. 
Due to oberservations that threads can grow and the dhcp daemon uses an increasing amount of memory.

This situation can happen organically when using say, bridge CNI, and the bridge has been removed outside of the bridge CNI lifecycle, and an interface no longer exists on a pod.

Does so on a retry loop using the `backoffRetry()` method.

Signed-off-by: dougbtv <dosmith@redhat.com>
 2025-03-03 17:31:06 +01:00
Swagat Bora
3c224f5b5a Add a new firewall ingress-policy "isolated" 
IngressPolicyIsolated ("isolated") behaves  similar to ingress policy "same-bridge" with the exception
that connections from the same bridge are also blocked. This is meant to be functionally equivalent
to Docker network option "enable_icc" when set to false.

Signed-off-by: Swagat Bora <sbora@amazon.com>
 2025-03-03 17:30:00 +01:00
Sriram Yagnaraman
bd8da2000a host-device: Return interface name in result 
Signed-off-by: Sriram Yagnaraman <sriram.yagnaraman@ericsson.com>
 2025-03-03 17:13:29 +01:00
dependabot[bot]
44ec80b7cc build(deps): bump the golang group with 2 updates 
Bumps the golang group with 2 updates: [github.com/safchain/ethtool](https://github.com/safchain/ethtool) and [golang.org/x/sys](https://github.com/golang/sys).


Updates `github.com/safchain/ethtool` from 0.5.9 to 0.5.10
- [Release notes](https://github.com/safchain/ethtool/releases)
- [Commits](https://github.com/safchain/ethtool/compare/v0.5.9...v0.5.10)

Updates `golang.org/x/sys` from 0.29.0 to 0.30.0
- [Commits](https://github.com/golang/sys/compare/v0.29.0...v0.30.0)

---
updated-dependencies:
- dependency-name: github.com/safchain/ethtool
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: golang
- dependency-name: golang.org/x/sys
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: golang
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-03-03 17:11:27 +01:00
dependabot[bot]
6e7fb60738 build(deps): bump golang.org/x/sys in the golang group 
Bumps the golang group with 1 update: [golang.org/x/sys](https://github.com/golang/sys).


Updates `golang.org/x/sys` from 0.28.0 to 0.29.0
- [Commits](https://github.com/golang/sys/compare/v0.28.0...v0.29.0)

---
updated-dependencies:
- dependency-name: golang.org/x/sys
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: golang
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-02-04 14:56:44 +01:00