rancher/plugins
1
0
Fork 1
mirror of https://github.com/rancher/plugins.git synced 2026-05-19 07:20:15 +00:00
Code Issues Projects Releases Wiki Activity
1,897 Commits 18 Branches 68 Tags
v1.8.0
Commit Graph

1897 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Casey Callendrello
0e648479e1 lint: allow "util" package 
Perfection is impossible.

Signed-off-by: Casey Callendrello <c1@caseyc.net>
v1.8.0 		2025-09-01 17:23:06 +02:00
Casey Callendrello
3487bb29e9 ci, release: bump go to v1.25 
This does not change the API version, currently at v1.24

Signed-off-by: Casey Callendrello <c1@caseyc.net>
 2025-09-01 17:23:06 +02:00
Olivier Martin
d3e81722c1 Set value of SCOPE to SCOPE_LINK for opt121 routes with router unspecified with DHCP 
Default behavior of the plugin is to try and install routes without
        specifying SCOPE which results in not installing certain routes that
        do not have a gateway set in the DHCP server response. If the SCOPE is
        not set to LINK (in particular for NICs in some cloud environment
        that get assigned /32 IPs to them). This change enables routes to be
        installed without the router being specified, but sets to SCOPE_LINK.

Signed-off-by: Olivier Martin <martinolivier@google.com>
 2025-08-25 17:05:17 +02:00
dependabot[bot]
79c947a703 build(deps): bump the golang group across 1 directory with 5 updates 
Bumps the golang group with 4 updates in the / directory: [github.com/coreos/go-systemd/v22](https://github.com/coreos/go-systemd), [github.com/onsi/ginkgo/v2](https://github.com/onsi/ginkgo), [github.com/onsi/gomega](https://github.com/onsi/gomega) and [github.com/safchain/ethtool](https://github.com/safchain/ethtool).


Updates `github.com/coreos/go-systemd/v22` from 22.5.0 to 22.6.0
- [Release notes](https://github.com/coreos/go-systemd/releases)
- [Commits](https://github.com/coreos/go-systemd/compare/v22.5.0...v22.6.0)

Updates `github.com/onsi/ginkgo/v2` from 2.23.4 to 2.25.1
- [Release notes](https://github.com/onsi/ginkgo/releases)
- [Changelog](https://github.com/onsi/ginkgo/blob/master/CHANGELOG.md)
- [Commits](https://github.com/onsi/ginkgo/compare/v2.23.4...v2.25.1)

Updates `github.com/onsi/gomega` from 1.37.0 to 1.38.1
- [Release notes](https://github.com/onsi/gomega/releases)
- [Changelog](https://github.com/onsi/gomega/blob/master/CHANGELOG.md)
- [Commits](https://github.com/onsi/gomega/compare/v1.37.0...v1.38.1)

Updates `github.com/safchain/ethtool` from 0.6.1 to 0.6.2
- [Release notes](https://github.com/safchain/ethtool/releases)
- [Commits](https://github.com/safchain/ethtool/compare/v0.6.1...v0.6.2)

Updates `golang.org/x/sys` from 0.34.0 to 0.35.0
- [Commits](https://github.com/golang/sys/compare/v0.34.0...v0.35.0)

---
updated-dependencies:
- dependency-name: github.com/coreos/go-systemd/v22
  dependency-version: 22.6.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: golang
- dependency-name: github.com/onsi/ginkgo/v2
  dependency-version: 2.25.1
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: golang
- dependency-name: github.com/onsi/gomega
  dependency-version: 1.38.1
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: golang
- dependency-name: github.com/safchain/ethtool
  dependency-version: 0.6.2
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: golang
- dependency-name: golang.org/x/sys
  dependency-version: 0.35.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: golang
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-08-25 17:04:23 +02:00
runsisi
c70a3381f4 remove duplicate route.Table and route.Scope assignments 
Signed-off-by: runsisi <runsisi@gmail.com>
 2025-08-18 11:12:10 -04:00
Casey Callendrello
b0466813c3 .github: bump golangci-lint version 
Need a newer version to upgade the action.

Signed-off-by: Casey Callendrello <c1@caseyc.net>
 2025-07-21 19:53:01 +02:00
dependabot[bot]
e3390bc6a3 build(deps): bump alpine in /.github/actions/retest-action 
Bumps alpine from 3.21 to 3.22.

---
updated-dependencies:
- dependency-name: alpine
  dependency-version: '3.22'
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-07-21 17:26:52 +02:00
dependabot[bot]
40970ae85a build(deps): bump the golang group across 1 directory with 2 updates 
Bumps the golang group with 2 updates in the / directory: [github.com/safchain/ethtool](https://github.com/safchain/ethtool) and [golang.org/x/sys](https://github.com/golang/sys).


Updates `github.com/safchain/ethtool` from 0.6.0 to 0.6.1
- [Release notes](https://github.com/safchain/ethtool/releases)
- [Commits](https://github.com/safchain/ethtool/compare/v0.6.0...v0.6.1)

Updates `golang.org/x/sys` from 0.33.0 to 0.34.0
- [Commits](https://github.com/golang/sys/compare/v0.33.0...v0.34.0)

---
updated-dependencies:
- dependency-name: github.com/safchain/ethtool
  dependency-version: 0.6.1
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: golang
- dependency-name: golang.org/x/sys
  dependency-version: 0.34.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: golang
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-07-21 17:26:29 +02:00
Marcelo
48a4ae5ab5 Set default value of PreserveDefaultVlan to False 
Default behavior of the vlan implementation on the bridge
should guarantee complete vlan isolation. This complies with
what regular users expect from the vlan feature.

Signed-off-by: Marcelo <marguerr@redhat.com>
 2025-06-02 17:24:18 +02:00
Marcelo
e0b9952318 Allow vlan parameter to set native vlan on trunk ports 
This allows to set the native vlan on trunk ports
via the vlan parameter. It removes all previous
limitations set on the vlan trunk implementation.

Signed-off-by: Marcelo <marguerr@redhat.com>
 2025-06-02 17:24:10 +02:00
dependabot[bot]
f0eb51914e build(deps): bump the golang group with 4 updates 
Bumps the golang group with 4 updates: [github.com/Microsoft/hcsshim](https://github.com/Microsoft/hcsshim), [github.com/safchain/ethtool](https://github.com/safchain/ethtool), [github.com/vishvananda/netlink](https://github.com/vishvananda/netlink) and [golang.org/x/sys](https://github.com/golang/sys).


Updates `github.com/Microsoft/hcsshim` from 0.12.9 to 0.13.0
- [Release notes](https://github.com/Microsoft/hcsshim/releases)
- [Commits](https://github.com/Microsoft/hcsshim/compare/v0.12.9...v0.13.0)

Updates `github.com/safchain/ethtool` from 0.5.10 to 0.6.0
- [Release notes](https://github.com/safchain/ethtool/releases)
- [Commits](https://github.com/safchain/ethtool/compare/v0.5.10...v0.6.0)

Updates `github.com/vishvananda/netlink` from 1.3.1-0.20250303224720-0e7078ed04c8 to 1.3.1
- [Release notes](https://github.com/vishvananda/netlink/releases)
- [Commits](https://github.com/vishvananda/netlink/commits/v1.3.1)

Updates `golang.org/x/sys` from 0.32.0 to 0.33.0
- [Commits](https://github.com/golang/sys/compare/v0.32.0...v0.33.0)

---
updated-dependencies:
- dependency-name: github.com/Microsoft/hcsshim
  dependency-version: 0.13.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: golang
- dependency-name: github.com/safchain/ethtool
  dependency-version: 0.6.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: golang
- dependency-name: github.com/vishvananda/netlink
  dependency-version: 1.3.1
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: golang
- dependency-name: golang.org/x/sys
  dependency-version: 0.33.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: golang
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-05-27 10:53:11 +02:00
Casey Callendrello
569568399c ci: modprobe br-netfilter 
We need to ensure that bridged traffic goes through netfilter.

Signed-off-by: Casey Callendrello <c1@caseyc.net>
 2025-05-27 09:17:18 +02:00
Casey Callendrello
904f9e1bda firewall: run CI in isolated "root" network namespace 
Since the firewall plugin touches the root netns, we should run it in a
fresh "root" namespace for each invocation.

This matches the way ptp does it.

Signed-off-by: Casey Callendrello <c1@caseyc.net>
 2025-05-27 09:17:18 +02:00
dependabot[bot]
a5d507e2b8 build(deps): bump github.com/onsi/gomega in the golang group 
Bumps the golang group with 1 update: [github.com/onsi/gomega](https://github.com/onsi/gomega).


Updates `github.com/onsi/gomega` from 1.36.3 to 1.37.0
- [Release notes](https://github.com/onsi/gomega/releases)
- [Changelog](https://github.com/onsi/gomega/blob/master/CHANGELOG.md)
- [Commits](https://github.com/onsi/gomega/compare/v1.36.3...v1.37.0)

---
updated-dependencies:
- dependency-name: github.com/onsi/gomega
  dependency-version: 1.37.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: golang
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-04-25 13:18:48 +02:00
dependabot[bot]
d0d20a9e22 build(deps): bump golang.org/x/net from 0.37.0 to 0.38.0 
Bumps [golang.org/x/net](https://github.com/golang/net) from 0.37.0 to 0.38.0.
- [Commits](https://github.com/golang/net/compare/v0.37.0...v0.38.0)

---
updated-dependencies:
- dependency-name: golang.org/x/net
  dependency-version: 0.38.0
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-04-17 15:56:55 +02:00
Casey Callendrello
318c44b4ec tuning, vrf: fix test json unmarshal 
A signature change from libcni v1.3.0.

Signed-off-by: Casey Callendrello <c1@caseyc.net>
 2025-04-17 15:44:49 +02:00
Casey Callendrello
c5861e7003 vendor: bump libcni to v1.3.0 
Signed-off-by: Casey Callendrello <c1@caseyc.net>
 2025-04-17 15:44:49 +02:00
Marcelo Guerrero
d650da4810 Check error returned by ipv6 SettleAddresses 
IPv6 configuration is valid if DAD does not fail

Signed-off-by: Marcelo Guerrero <marguerr@redhat.com>
 2025-04-14 17:17:50 +02:00
dependabot[bot]
4754510b67 build(deps): bump the golang group across 1 directory with 5 updates 
Bumps the golang group with 3 updates in the / directory: [github.com/onsi/ginkgo/v2](https://github.com/onsi/ginkgo), [github.com/opencontainers/selinux](https://github.com/opencontainers/selinux) and [github.com/vishvananda/netns](https://github.com/vishvananda/netns).


Updates `github.com/onsi/ginkgo/v2` from 2.23.3 to 2.23.4
- [Release notes](https://github.com/onsi/ginkgo/releases)
- [Changelog](https://github.com/onsi/ginkgo/blob/master/CHANGELOG.md)
- [Commits](https://github.com/onsi/ginkgo/compare/v2.23.3...v2.23.4)

Updates `github.com/onsi/gomega` from 1.36.2 to 1.36.3
- [Release notes](https://github.com/onsi/gomega/releases)
- [Changelog](https://github.com/onsi/gomega/blob/master/CHANGELOG.md)
- [Commits](https://github.com/onsi/gomega/compare/v1.36.2...v1.36.3)

Updates `github.com/opencontainers/selinux` from 1.11.1 to 1.12.0
- [Release notes](https://github.com/opencontainers/selinux/releases)
- [Commits](https://github.com/opencontainers/selinux/compare/v1.11.1...v1.12.0)

Updates `github.com/vishvananda/netns` from 0.0.4 to 0.0.5
- [Release notes](https://github.com/vishvananda/netns/releases)
- [Commits](https://github.com/vishvananda/netns/compare/v0.0.4...v0.0.5)

Updates `golang.org/x/sys` from 0.31.0 to 0.32.0
- [Commits](https://github.com/golang/sys/compare/v0.31.0...v0.32.0)

---
updated-dependencies:
- dependency-name: github.com/onsi/ginkgo/v2
  dependency-version: 2.23.4
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: golang
- dependency-name: github.com/onsi/gomega
  dependency-version: 1.36.3
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: golang
- dependency-name: github.com/opencontainers/selinux
  dependency-version: 1.12.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: golang
- dependency-name: github.com/vishvananda/netns
  dependency-version: 0.0.5
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: golang
- dependency-name: golang.org/x/sys
  dependency-version: 0.32.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: golang
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-04-07 17:14:14 +02:00
Casey Callendrello
282f0a4f6e mechanical: fix lint errors 
Upgraded golangci-lint, some new errors appeared.

Signed-off-by: Casey Callendrello <c1@caseyc.net>
 2025-04-02 16:22:43 +02:00
Casey Callendrello
a8d8d0488c ci: bump to golangci-lint v2 
Signed-off-by: Casey Callendrello <c1@caseyc.net>
 2025-04-02 16:22:43 +02:00
Casey Callendrello
c8096ae06f go.mod: bump ginkgo 
Signed-off-by: Casey Callendrello <c1@caseyc.net>
 2025-04-02 16:22:43 +02:00
Casey Callendrello
57925a3a45 .github: bump go to v1.24 
Signed-off-by: Casey Callendrello <c1@caseyc.net>
 2025-04-02 16:22:43 +02:00
Marcelo Guerrero
f859b730da Implement exponential backoff in vrf plugin 
The current max waiting time for global IPV6 addresses
to be present in the kernel after reinserting them is not
sufficient for all use cases. SRIOV + VRF takes around 1.2s.

These changes increase the maximum waiting time to approximately
2.5s. An exponential backoff is implemented to reduce cpu overload.

Signed-off-by: Marcelo Guerrero <marguerr@redhat.com>
 2025-04-01 11:10:02 +02:00
Marcelo Guerrero
062b3fceb4 Enable KeepAddrOnDown for ipv6 addresses 
This enables the keep_addr_on_down sysctl parameter for
IPV6 addresses configured via the ConfigureIface function.

This prevents IPAM confiuration to be lost when users need
to refresh the link state of an interface that has IPV6 addresses.

Signed-off-by: Marcelo Guerrero <marguerr@redhat.com>
 2025-03-31 17:59:00 +02:00
Adrian Moisey
b088cc3162 Move calls to netlinksafe 
These are functions identified as potentially receiving ErrDumpInterrupted and needing to retry

Signed-off-by: Adrian Moisey <adrian@changeover.za.net>
 2025-03-31 17:22:17 +02:00
Adrian Moisey
5f88af10a0 Add netlinksafe 
A wrapper to add retry on for netlink when it receives a ErrDumpInterrupted

Signed-off-by: Adrian Moisey <adrian@changeover.za.net>
 2025-03-31 17:22:17 +02:00
Adrian Moisey
0464017aff Add linting rule to block use of unsafe netlink calls 
Signed-off-by: Adrian Moisey <adrian@changeover.za.net>
 2025-03-31 17:22:17 +02:00
Adrian Moisey
dcf43557ef Bump netlink 
Signed-off-by: Adrian Moisey <adrian@changeover.za.net>
 2025-03-31 17:22:17 +02:00
Marcelo Guerrero
35831f3d23 Fix addresses and routes reinserted to the VRF 
These changes make sure that only IPV6 global addresses
and non local/connected routes are reinserted to the VRF
table after slaving the interface

Signed-off-by: Marcelo Guerrero <marguerr@redhat.com>
 2025-03-24 16:20:31 +01:00
dougbtv
e20492f0d6 DHCP lease maintenance should terminate when interface no longer exists. 
Due to oberservations that threads can grow and the dhcp daemon uses an increasing amount of memory.

This situation can happen organically when using say, bridge CNI, and the bridge has been removed outside of the bridge CNI lifecycle, and an interface no longer exists on a pod.

Does so on a retry loop using the `backoffRetry()` method.

Signed-off-by: dougbtv <dosmith@redhat.com>
 2025-03-03 17:31:06 +01:00
Swagat Bora
3c224f5b5a Add a new firewall ingress-policy "isolated" 
IngressPolicyIsolated ("isolated") behaves  similar to ingress policy "same-bridge" with the exception
that connections from the same bridge are also blocked. This is meant to be functionally equivalent
to Docker network option "enable_icc" when set to false.

Signed-off-by: Swagat Bora <sbora@amazon.com>
 2025-03-03 17:30:00 +01:00
Sriram Yagnaraman
bd8da2000a host-device: Return interface name in result 
Signed-off-by: Sriram Yagnaraman <sriram.yagnaraman@ericsson.com>
 2025-03-03 17:13:29 +01:00
dependabot[bot]
44ec80b7cc build(deps): bump the golang group with 2 updates 
Bumps the golang group with 2 updates: [github.com/safchain/ethtool](https://github.com/safchain/ethtool) and [golang.org/x/sys](https://github.com/golang/sys).


Updates `github.com/safchain/ethtool` from 0.5.9 to 0.5.10
- [Release notes](https://github.com/safchain/ethtool/releases)
- [Commits](https://github.com/safchain/ethtool/compare/v0.5.9...v0.5.10)

Updates `golang.org/x/sys` from 0.29.0 to 0.30.0
- [Commits](https://github.com/golang/sys/compare/v0.29.0...v0.30.0)

---
updated-dependencies:
- dependency-name: github.com/safchain/ethtool
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: golang
- dependency-name: golang.org/x/sys
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: golang
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-03-03 17:11:27 +01:00
dependabot[bot]
6e7fb60738 build(deps): bump golang.org/x/sys in the golang group 
Bumps the golang group with 1 update: [golang.org/x/sys](https://github.com/golang/sys).


Updates `golang.org/x/sys` from 0.28.0 to 0.29.0
- [Commits](https://github.com/golang/sys/compare/v0.28.0...v0.29.0)

---
updated-dependencies:
- dependency-name: golang.org/x/sys
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: golang
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-02-04 14:56:44 +01:00
Or Mergi
7c122fabb4 bridge: Add option to enable port isolation 
Enable bridge CNI plugin setting port-isolation [1] the interface.
When port-isolation is enabled, containers connected to the network
cannot communicate with each other over the linux-bridge.
Communication will be enable depending on the gateway appliance according
to its restrictions / policies.

For example: in a scenario the env connected to smart switch, enabling
port-isolation ensure traffic will go outbound, allowing the
smart-switch routing the traffic according to policies.

Add "portIsolation" flag to bridge plugin.
When true, configure the node interface with port-isolation [1].
Default is false.

[1] https://man7.org/linux/man-pages/man8/bridge.8.html (see "isolated" option)

Signed-off-by: Or Mergi <ormergi@redhat.com>
 2025-01-29 16:10:47 +01:00
Casey Callendrello
e4ca66b414 build: split CI and go.mod version 
Downstream users would like to lower the minimum required go version,
but it would be nice to test and release with the latest go. So, use a
placeholder go version file for CI.

Signed-off-by: Casey Callendrello <c1@caseyc.net>
 2025-01-21 13:36:19 +01:00
Tomofumi Hayashi
abfac4a938 Remove scripts/release.sh because of no longer used (#1137) 
scripts/release.sh is used for release plugins manually (by
maintainer's hand), previously. Now we introduced automated release
process by github action, hence it is no longer used and no longer
maintained. This change removes this file. Thanks, release.sh for a
long time!

Signed-off-by: Tomofumi Hayashi <tohayash@redhat.com>
 2025-01-15 09:51:48 +09:00
dependabot[bot]
eded0afca8 build(deps): bump the golang group across 1 directory with 3 updates 
Bumps the golang group with 1 update in the / directory: [github.com/onsi/ginkgo/v2](https://github.com/onsi/ginkgo).


Updates `github.com/onsi/ginkgo/v2` from 2.22.0 to 2.22.2
- [Release notes](https://github.com/onsi/ginkgo/releases)
- [Changelog](https://github.com/onsi/ginkgo/blob/master/CHANGELOG.md)
- [Commits](https://github.com/onsi/ginkgo/compare/v2.22.0...v2.22.2)

Updates `github.com/onsi/gomega` from 1.36.0 to 1.36.2
- [Release notes](https://github.com/onsi/gomega/releases)
- [Changelog](https://github.com/onsi/gomega/blob/master/CHANGELOG.md)
- [Commits](https://github.com/onsi/gomega/compare/v1.36.0...v1.36.2)

Updates `golang.org/x/sys` from 0.27.0 to 0.28.0
- [Commits](https://github.com/golang/sys/compare/v0.27.0...v0.28.0)

---
updated-dependencies:
- dependency-name: github.com/onsi/ginkgo/v2
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: golang
- dependency-name: github.com/onsi/gomega
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: golang
- dependency-name: golang.org/x/sys
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: golang
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-01-14 22:02:20 +01:00
dependabot[bot]
41d548592d build(deps): bump alpine in /.github/actions/retest-action 
Bumps alpine from 3.20 to 3.21.

---
updated-dependencies:
- dependency-name: alpine
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-01-14 17:50:13 +01:00
Casey Callendrello
e8c7d9b930 test: enable unpriv user namespaces 
These are disabled by default in some distros; we would like to test
rootless, however.

Signed-off-by: Casey Callendrello <c1@caseyc.net>
 2025-01-14 17:49:22 +01:00
jingyuanliang
ba8bc7d0c7 Bump Go version to 1.23 in scripts/release.sh (#1123) 
Signed-off-by: Jingyuan Liang <jingyuanliang@google.com>
 2025-01-07 01:39:11 +09:00
Etienne Champetier
7f756b411e portmap: fix iptables conditions detection 
As show in the docs, iptables conditions can also start with '!'

Fixes 01a94e17c7

Signed-off-by: Etienne Champetier <e.champetier@ateme.com>
v1.6.1 v1.6.2 		2024-12-02 17:06:11 +01:00
dependabot[bot]
3ffc42cdfd build(deps): bump the golang group across 1 directory with 7 updates 
Bumps the golang group with 6 updates in the / directory:

| Package | From | To |
| --- | --- | --- |
| [github.com/Microsoft/hcsshim](https://github.com/Microsoft/hcsshim) | `0.12.7` | `0.12.9` |
| [github.com/onsi/ginkgo/v2](https://github.com/onsi/ginkgo) | `2.20.2` | `2.22.0` |
| [github.com/onsi/gomega](https://github.com/onsi/gomega) | `1.34.2` | `1.36.0` |
| [github.com/opencontainers/selinux](https://github.com/opencontainers/selinux) | `1.11.0` | `1.11.1` |
| [github.com/safchain/ethtool](https://github.com/safchain/ethtool) | `0.4.1` | `0.5.9` |
| [sigs.k8s.io/knftables](https://github.com/kubernetes-sigs/knftables) | `0.0.17` | `0.0.18` |



Updates `github.com/Microsoft/hcsshim` from 0.12.7 to 0.12.9
- [Release notes](https://github.com/Microsoft/hcsshim/releases)
- [Commits](https://github.com/Microsoft/hcsshim/compare/v0.12.7...v0.12.9)

Updates `github.com/onsi/ginkgo/v2` from 2.20.2 to 2.22.0
- [Release notes](https://github.com/onsi/ginkgo/releases)
- [Changelog](https://github.com/onsi/ginkgo/blob/master/CHANGELOG.md)
- [Commits](https://github.com/onsi/ginkgo/compare/v2.20.2...v2.22.0)

Updates `github.com/onsi/gomega` from 1.34.2 to 1.36.0
- [Release notes](https://github.com/onsi/gomega/releases)
- [Changelog](https://github.com/onsi/gomega/blob/master/CHANGELOG.md)
- [Commits](https://github.com/onsi/gomega/compare/v1.34.2...v1.36.0)

Updates `github.com/opencontainers/selinux` from 1.11.0 to 1.11.1
- [Release notes](https://github.com/opencontainers/selinux/releases)
- [Commits](https://github.com/opencontainers/selinux/compare/v1.11.0...v1.11.1)

Updates `github.com/safchain/ethtool` from 0.4.1 to 0.5.9
- [Release notes](https://github.com/safchain/ethtool/releases)
- [Commits](https://github.com/safchain/ethtool/compare/v0.4.1...v0.5.9)

Updates `golang.org/x/sys` from 0.26.0 to 0.27.0
- [Commits](https://github.com/golang/sys/compare/v0.26.0...v0.27.0)

Updates `sigs.k8s.io/knftables` from 0.0.17 to 0.0.18
- [Changelog](https://github.com/kubernetes-sigs/knftables/blob/master/CHANGELOG.md)
- [Commits](https://github.com/kubernetes-sigs/knftables/compare/v0.0.17...v0.0.18)

---
updated-dependencies:
- dependency-name: github.com/Microsoft/hcsshim
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: golang
- dependency-name: github.com/onsi/ginkgo/v2
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: golang
- dependency-name: github.com/onsi/gomega
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: golang
- dependency-name: github.com/opencontainers/selinux
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: golang
- dependency-name: github.com/safchain/ethtool
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: golang
- dependency-name: golang.org/x/sys
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: golang
- dependency-name: sigs.k8s.io/knftables
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: golang
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-12-02 17:04:12 +01:00
Etienne Champetier
6de8a9853c ipmasq: fix nftables backend 
Rename
SetupIPMasqForNetwork -> SetupIPMasqForNetworks
TeardownIPMasqForNetwork -> TeardownIPMasqForNetworks
and have them take []*net.IPNet instead of *net.IPNet.

This allow the nftables backend to cleanup stale rules and recreate all
needed rules in a single transaction, where previously the stale rules
cleanup was breaking all but the last IPNet.

Fixes 61d078645a

Signed-off-by: Etienne Champetier <e.champetier@ateme.com>
 2024-11-21 20:23:25 +01:00
Etienne Champetier
9296c5f80a portmap: fix nftables backend 
We can't use dnat from the input hook,
depending on nftables (and kernel ?) version we get
"Error: Could not process rule: Operation not supported"
iptables backend also uses prerouting.

Also 'ip6 protocol tcp' is invalid, so rework / simplify the rules

Fixes 01a94e17c7

Signed-off-by: Etienne Champetier <e.champetier@ateme.com>
 2024-11-18 17:04:37 +01:00
Lionel Jouin
fec2d62676 Pass status along ipam update 
Signed-off-by: Lionel Jouin <lionel.jouin@est.tech>
v1.6.0 		2024-10-15 10:22:10 +02:00
Songmin Li
a4fc6f93c7 feat(dhcp): Cancel backoff retry on stop 
Signed-off-by: Songmin Li <lisongmin@protonmail.com>
 2024-10-14 17:42:30 +02:00
Songmin Li
d61e7e5e1f fix(dhcp): can not renew an ip address 
The dhcp server is systemd-networkd, and the dhcp
plugin can request an ip but can not renew it.
The systemd-networkd just ignore the renew request.

```
2024/09/14 21:46:00 no DHCP packet received within 10s
2024/09/14 21:46:00 retrying in 31.529038 seconds
2024/09/14 21:46:42 no DHCP packet received within 10s
2024/09/14 21:46:42 retrying in 63.150490 seconds
2024/09/14 21:47:45 98184616c91f15419f5cacd012697f85afaa2daeb5d3233e28b0ec21589fb45a/iot/eth1: no more tries
2024/09/14 21:47:45 98184616c91f15419f5cacd012697f85afaa2daeb5d3233e28b0ec21589fb45a/iot/eth1: renewal time expired, rebinding
2024/09/14 21:47:45 Link "eth1" down. Attempting to set up
2024/09/14 21:47:45 98184616c91f15419f5cacd012697f85afaa2daeb5d3233e28b0ec21589fb45a/iot/eth1: lease rebound, expiration is 2024-09-14 22:47:45.309270751 +0800 CST m=+11730.048516519
```

Follow the https://datatracker.ietf.org/doc/html/rfc2131#section-4.3.6,
following options must not be sent in renew

- Requested IP Address
- Server Identifier

Since the upstream code has been inactive for 6 years,
we should switch to another dhcpv4 library.
The new selected one is https://github.com/insomniacslk/dhcp.

Signed-off-by: Songmin Li <lisongmin@protonmail.com>
 2024-10-14 17:42:30 +02:00
dependabot[bot]
e4950728ce build(deps): bump golang.org/x/sys in the golang group 
Bumps the golang group with 1 update: [golang.org/x/sys](https://github.com/golang/sys).


Updates `golang.org/x/sys` from 0.25.0 to 0.26.0
- [Commits](https://github.com/golang/sys/compare/v0.25.0...v0.26.0)

---
updated-dependencies:
- dependency-name: golang.org/x/sys
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: golang
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-10-14 11:49:45 +02:00