feat: Sync kamaji with upstream #15

mridulgain · 2025-07-28T08:00:35Z

https://platform9.atlassian.net/browse/KAAP-861

…#802) Bumps [github.com/testcontainers/testcontainers-go](https://github.com/testcontainers/testcontainers-go) from 0.36.0 to 0.37.0. - [Release notes](https://github.com/testcontainers/testcontainers-go/releases) - [Commits](testcontainers/testcontainers-go@v0.36.0...v0.37.0) --- updated-dependencies: - dependency-name: github.com/testcontainers/testcontainers-go dependency-version: 0.37.0 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: Dario Tranchitella <dario@tranchitella.eu> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* chore(github): releasing helm latest version Signed-off-by: Dario Tranchitella <dario@tranchitella.eu> * chore(helm): releasing helm latest version Signed-off-by: Dario Tranchitella <dario@tranchitella.eu> * docs: releasing helm latest version Signed-off-by: Dario Tranchitella <dario@tranchitella.eu> * fix(docs): upgrading supported k8s matrix Signed-off-by: Dario Tranchitella <dario@tranchitella.eu> --------- Signed-off-by: Dario Tranchitella <dario@tranchitella.eu>

…astix#807) Bumps [github.com/nats-io/nats.go](https://github.com/nats-io/nats.go) from 1.41.2 to 1.42.0. - [Release notes](https://github.com/nats-io/nats.go/releases) - [Commits](nats-io/nats.go@v1.41.2...v1.42.0) --- updated-dependencies: - dependency-name: github.com/nats-io/nats.go dependency-version: 1.42.0 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

Signed-off-by: Dario Tranchitella <dario@tranchitella.eu>

… 0.10.0 (clastix#809) * fix(ci): lint and diff for helm jobs Signed-off-by: Dario Tranchitella <dario@tranchitella.eu> * docs(helm): bump kamaji-etcd dependency from 0.9.2 to 0.10.0 Signed-off-by: Dario Tranchitella <dario@tranchitella.eu> --------- Signed-off-by: Dario Tranchitella <dario@tranchitella.eu>

Signed-off-by: Dario Tranchitella <dario@tranchitella.eu>

…pe uniqueness (clastix#812) * feat(api): relying on k8s list set for unique items Signed-off-by: Dario Tranchitella <dario@tranchitella.eu> * feat(crd)!: relying on k8s list set for unique items Signed-off-by: Dario Tranchitella <dario@tranchitella.eu> * chore(webhook): removing unused webhook for kubelet preferred address type Signed-off-by: Dario Tranchitella <dario@tranchitella.eu> * docs(crd): kubelet preferred address type uniqueness Signed-off-by: Dario Tranchitella <dario@tranchitella.eu> --------- Signed-off-by: Dario Tranchitella <dario@tranchitella.eu>

Bumps the k8s group with 1 update: [k8s.io/kubernetes](https://github.com/kubernetes/kubernetes). Updates `k8s.io/kubernetes` from 1.33.0 to 1.33.1 - [Release notes](https://github.com/kubernetes/kubernetes/releases) - [Commits](kubernetes/kubernetes@v1.33.0...v1.33.1) --- updated-dependencies: - dependency-name: k8s.io/kubernetes dependency-version: 1.33.1 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: k8s ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

…clastix#819) Bumps [sigs.k8s.io/controller-runtime](https://github.com/kubernetes-sigs/controller-runtime) from 0.20.4 to 0.21.0. - [Release notes](https://github.com/kubernetes-sigs/controller-runtime/releases) - [Changelog](https://github.com/kubernetes-sigs/controller-runtime/blob/main/RELEASE.md) - [Commits](kubernetes-sigs/controller-runtime@v0.20.4...v0.21.0) --- updated-dependencies: - dependency-name: sigs.k8s.io/controller-runtime dependency-version: 0.21.0 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

…#825) Bumps [github.com/go-logr/logr](https://github.com/go-logr/logr) from 1.4.2 to 1.4.3. - [Release notes](https://github.com/go-logr/logr/releases) - [Changelog](https://github.com/go-logr/logr/blob/master/CHANGELOG.md) - [Commits](go-logr/logr@v1.4.2...v1.4.3) --- updated-dependencies: - dependency-name: github.com/go-logr/logr dependency-version: 1.4.3 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

Bumps [github.com/docker/docker](https://github.com/docker/docker) from 28.1.1+incompatible to 28.2.0+incompatible. - [Release notes](https://github.com/docker/docker/releases) - [Commits](moby/moby@v28.1.1...v28.2.0) --- updated-dependencies: - dependency-name: github.com/docker/docker dependency-version: 28.2.0+incompatible dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

…cd subchart (clastix#822) Signed-off-by: Ricardo Pardini <ricardo@pardini.net>

* feat(k8s): upgrade support to v1.33.1 Signed-off-by: Dario Tranchitella <dario@tranchitella.eu> * feat(deps): upgrade support to k8s v1.33.1 Signed-off-by: Dario Tranchitella <dario@tranchitella.eu> --------- Signed-off-by: Dario Tranchitella <dario@tranchitella.eu>

Bumps [github.com/docker/docker](https://github.com/docker/docker) from 28.2.0+incompatible to 28.2.2+incompatible. - [Release notes](https://github.com/docker/docker/releases) - [Commits](moby/moby@v28.2.0...v28.2.2) --- updated-dependencies: - dependency-name: github.com/docker/docker dependency-version: 28.2.2+incompatible dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* feat(docs): add terraform guide * fix(docs): update metallb annotation

…astix#831) Bumps [github.com/nats-io/nats.go](https://github.com/nats-io/nats.go) from 1.42.0 to 1.43.0. - [Release notes](https://github.com/nats-io/nats.go/releases) - [Commits](nats-io/nats.go@v1.42.0...v1.43.0) --- updated-dependencies: - dependency-name: github.com/nats-io/nats.go dependency-version: 1.43.0 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

Signed-off-by: Dario Tranchitella <dario@tranchitella.eu>

* refactor: static names and avoiding clash Signed-off-by: Dario Tranchitella <dario@tranchitella.eu> * feat(metrics): exposing resource handlers time bucket Signed-off-by: Dario Tranchitella <dario@tranchitella.eu> --------- Signed-off-by: Dario Tranchitella <dario@tranchitella.eu>

* feat(migration): cleanup prior migration When using the annotation `kamaji.clastix.io/cleanup-prior-migration` with a true boolean value, Kamaji will perform a clean-up on the target DataStore to avoid stale resources when back and forth migrations occur. Signed-off-by: Dario Tranchitella <dario@tranchitella.eu> * docs: cleanup prior migration Signed-off-by: Dario Tranchitella <dario@tranchitella.eu> --------- Signed-off-by: Dario Tranchitella <dario@tranchitella.eu>

* feat(docs): add terraform guide * fix(docs): update metallb annotation * feat(docs): add llms.txt file

…lastix#843) Bumps [github.com/go-sql-driver/mysql](https://github.com/go-sql-driver/mysql) from 1.9.2 to 1.9.3. - [Release notes](https://github.com/go-sql-driver/mysql/releases) - [Changelog](https://github.com/go-sql-driver/mysql/blob/v1.9.3/CHANGELOG.md) - [Commits](go-sql-driver/mysql@v1.9.2...v1.9.3) --- updated-dependencies: - dependency-name: github.com/go-sql-driver/mysql dependency-version: 1.9.3 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

Bumps the k8s group with 1 update: [k8s.io/kubernetes](https://github.com/kubernetes/kubernetes). Updates `k8s.io/kubernetes` from 1.33.1 to 1.33.2 - [Release notes](https://github.com/kubernetes/kubernetes/releases) - [Commits](kubernetes/kubernetes@v1.33.1...v1.33.2) --- updated-dependencies: - dependency-name: k8s.io/kubernetes dependency-version: 1.33.2 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: k8s ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* feat(migration): customising timeout via tcp annotation Signed-off-by: Dario Tranchitella <dario@tranchitella.eu> * docs: customising migration timeout via tcp annotation Signed-off-by: Dario Tranchitella <dario@tranchitella.eu> * fix(migrate): delete job in case of timeout change This will delete the failed job due to an incorrect timeout and performs the creation of a new object rather than updating it, since its immutability in the API specification. Signed-off-by: Dario Tranchitella <dario@tranchitella.eu> --------- Signed-off-by: Dario Tranchitella <dario@tranchitella.eu>

Signed-off-by: Dario Tranchitella <dario@tranchitella.eu>

* chore(makefile): generating api docs for cluster api objects Signed-off-by: Dario Tranchitella <dario@tranchitella.eu> * docs: generating api docs for cluster api objects Signed-off-by: Dario Tranchitella <dario@tranchitella.eu> --------- Signed-off-by: Dario Tranchitella <dario@tranchitella.eu>

…tix#852) Signed-off-by: alecristofanilli <cristofanillia@gmail.com>

Bumps [github.com/docker/docker](https://github.com/docker/docker) from 28.2.2+incompatible to 28.3.0+incompatible. - [Release notes](https://github.com/docker/docker/releases) - [Commits](moby/moby@v28.2.2...v28.3.0) --- updated-dependencies: - dependency-name: github.com/docker/docker dependency-version: 28.3.0+incompatible dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

Signed-off-by: Dario Tranchitella <dario@tranchitella.eu>

…-types (clastix#859) This patch switches default kubelet-preferred-address-types to "InternalIP,ExternalIP,Hostname" to avoid failures in kube-apiserver connection to kubelet when node hostnames are not resolvable by the external DNS server. This improves out-of-the-box reliability across most environments by choosing node `InternalIP` as the preferred mode to reach Kubelet. Signed-off-by: Parth Yadav <parthyadav3105@gmail.com>

* chore(docs): aligning to latest capi cp provider docs Signed-off-by: Dario Tranchitella <dario@tranchitella.eu> * chore(ci): stripping binaries and avoiding cgo Signed-off-by: Dario Tranchitella <dario@tranchitella.eu> * chore(gh): upgrading to ubuntu-latest for e2e Signed-off-by: Dario Tranchitella <dario@tranchitella.eu> * chore(test): printing debug messages for node join in e2e Signed-off-by: Dario Tranchitella <dario@tranchitella.eu> * fix(ci): ignoring file existing error Signed-off-by: Dario Tranchitella <dario@tranchitella.eu> * fix(ci): enabling br_netfilter as github action step Signed-off-by: Dario Tranchitella <dario@tranchitella.eu> --------- Signed-off-by: Dario Tranchitella <dario@tranchitella.eu>

* feat(deps): upgrading kamaji-etcd helm dependency Signed-off-by: Dario Tranchitella <dario@tranchitella.eu> * feat(deps): upgrading kubeadm support to v1.33.2 Signed-off-by: Dario Tranchitella <dario@tranchitella.eu> --------- Signed-off-by: Dario Tranchitella <dario@tranchitella.eu>

Bumps [github.com/docker/docker](https://github.com/docker/docker) from 28.3.0+incompatible to 28.3.2+incompatible. - [Release notes](https://github.com/docker/docker/releases) - [Commits](moby/moby@v28.3.0...v28.3.2) --- updated-dependencies: - dependency-name: github.com/docker/docker dependency-version: 28.3.2+incompatible dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

…clastix#873) Signed-off-by: Dario Tranchitella <dario@tranchitella.eu>

* feat: pausing reconciliation of controlled objects Objects such as TenantControlPlane and Secret can be annotated with kamaji.clastix.io/paused to prevent controllers from processing them. This will stop reconciling objects for debugging or other purposes. Annotation value is irrelevant, just the key presence is evaluated. Signed-off-by: Dario Tranchitella <dario@tranchitella.eu> * docs: pausing reconciliation of controlled objects Signed-off-by: Dario Tranchitella <dario@tranchitella.eu> * chore(logs): typo for deleted resources Signed-off-by: Dario Tranchitella <dario@tranchitella.eu> --------- Signed-off-by: Dario Tranchitella <dario@tranchitella.eu>

) Bumps [github.com/spf13/pflag](https://github.com/spf13/pflag) from 1.0.6 to 1.0.7. - [Release notes](https://github.com/spf13/pflag/releases) - [Commits](spf13/pflag@v1.0.6...v1.0.7) --- updated-dependencies: - dependency-name: github.com/spf13/pflag dependency-version: 1.0.7 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

…#878) Bumps [github.com/testcontainers/testcontainers-go](https://github.com/testcontainers/testcontainers-go) from 0.37.0 to 0.38.0. - [Release notes](https://github.com/testcontainers/testcontainers-go/releases) - [Commits](testcontainers/testcontainers-go@v0.37.0...v0.38.0) --- updated-dependencies: - dependency-name: github.com/testcontainers/testcontainers-go dependency-version: 0.38.0 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* feat(konnectivity): support for deployment mode Signed-off-by: Dario Tranchitella <dario@tranchitella.eu> * feat(helm)!: support for konnectivity deployment mode Signed-off-by: Dario Tranchitella <dario@tranchitella.eu> * chore(sample): support for konnectivity deployment mode Signed-off-by: Dario Tranchitella <dario@tranchitella.eu> * docs: support for konnectivity deployment mode Signed-off-by: Dario Tranchitella <dario@tranchitella.eu> --------- Signed-off-by: Dario Tranchitella <dario@tranchitella.eu>

* fix(kubeconfig): checking certificate authority data for validity Signed-off-by: Dario Tranchitella <dario@tranchitella.eu> * feat: rotating certificates via annotation Signed-off-by: Dario Tranchitella <dario@tranchitella.eu> * docs: rotating certificates via annotation Signed-off-by: Dario Tranchitella <dario@tranchitella.eu> --------- Signed-off-by: Dario Tranchitella <dario@tranchitella.eu>

.github/workflows/pr.yaml

+    runs-on: ubuntu-22.04
+    steps:
+      - uses: amannn/action-semantic-pull-request@v5
+        with:
+          types: |
+            feat
+            fix
+            chore
+            docs
+            style
+            refactor
+            perf
+            test
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}


To fix the issue, we will add a permissions block at the root of the workflow file. This block will specify the minimal permissions required for the workflow to function. Based on the usage of the amannn/action-semantic-pull-request action, the workflow likely only needs contents: read to access repository contents and pull-requests: write to interact with pull requests. These permissions will be explicitly defined to limit the scope of the GITHUB_TOKEN.

indradhanush

This is a big change. Can you please remove your commits and keep this PR restricted to only the upstream changes? That makes it easier to review any changes over the top and makes it easy for us to approve the PR.

mridulgain · 2025-07-31T09:55:33Z

@indradhanush
There was an API changes & helm chart changes from out side. Without the APIdocs update commit the CI/Lint check was failing.

The 2nd commit was for fixing a conflict. internal/resources/konnectivity/agent.go was updated from both sides. Without that the code doesn't compile.

indradhanush · 2025-08-01T18:45:25Z

@indradhanush There was an API changes & helm chart changes from out side. Without the APIdocs update commit the CI/Lint check was failing.

The 2nd commit was for fixing a conflict. internal/resources/konnectivity/agent.go was updated from both sides. Without that the code doesn't compile.

Makes sense. please include context like this in the PR description. That helps with reviewing PRs. 👍

dependabot bot and others added 30 commits April 28, 2025 19:05

chore(helm): upgrading kamaji-etcd to v0.10.0 (clastix#808)

9db4ccc

Signed-off-by: Dario Tranchitella <dario@tranchitella.eu>

feat(ci): semantic pr title (clastix#810)

6b10c89

Signed-off-by: Dario Tranchitella <dario@tranchitella.eu>

Update kamaji-kind.md to install Clastix Helm repo (clastix#818)

16438eb

fix(helm): document importance of correct clusterDomain for kamaji-et…

a9c324e

…cd subchart (clastix#822) Signed-off-by: Ricardo Pardini <ricardo@pardini.net>

chore(adopters): add CBWS (clastix#830)

c156322

feat(docs): terraform guide (clastix#832)

501bd7a

* feat(docs): add terraform guide * fix(docs): update metallb annotation

refactor: requeue deprecated, migrating to requeue after (clastix#837)

ce8d5f2

Signed-off-by: Dario Tranchitella <dario@tranchitella.eu>

feat(docs): add llms.txt file (clastix#841)

80afd43

* feat(docs): add terraform guide * fix(docs): update metallb annotation * feat(docs): add llms.txt file

feat(docs): add user public quote (clastix#842)

d5d0295

chore(helm): ignoring helm files for stable packaging (clastix#848)

d7b21b5

Signed-off-by: Dario Tranchitella <dario@tranchitella.eu>

feat(api): display status version in TenantControlPlane columns (clas…

c97767b

…tix#852) Signed-off-by: alecristofanilli <cristofanillia@gmail.com>

prometherion and others added 15 commits June 27, 2025 12:37

feat(docs): enhancing navigation for api reference (clastix#853)

d40996d

Signed-off-by: Dario Tranchitella <dario@tranchitella.eu>

fix: wrong jsonpath for installed version (clastix#857)

3fd1882

Signed-off-by: Dario Tranchitella <dario@tranchitella.eu>

fix(docs): optimize kind getting started (clastix#847)

8290e84

feat(chore): support for customising container repository via ldflags (…

0ab8843

…clastix#873) Signed-off-by: Dario Tranchitella <dario@tranchitella.eu>

fix: typo in llms.txt (clastix#879)

63a29b4

Merge branch 'master' into private/mridul/master/k8s133

1943c4f

mridulgain self-assigned this Jul 28, 2025

mridulgain requested review from cruizen, srm6867, vaibhavd21 and hsinghal-pf9 July 28, 2025 08:00

mridulgain changed the title ~~Sync kamaji with upstream~~ feat: Sync kamaji with upstream Jul 28, 2025

github-advanced-security bot found potential problems Jul 28, 2025

View reviewed changes

mridulgain added 2 commits July 28, 2025 13:54

update README & api docs

fa0796f

fix type assertion issue

966e686

indradhanush requested changes Jul 29, 2025

View reviewed changes

mridulgain merged commit e4c3610 into master Aug 1, 2025
10 of 11 checks passed

mridulgain deleted the private/mridul/master/k8s133 branch August 1, 2025 11:11

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

feat: Sync kamaji with upstream #15

feat: Sync kamaji with upstream #15

Uh oh!

mridulgain commented Jul 28, 2025

Uh oh!

Check warning

Copilot Autofix

indradhanush left a comment

Uh oh!

mridulgain commented Jul 31, 2025 •

edited

Loading

Uh oh!

Uh oh!

indradhanush commented Aug 1, 2025

Uh oh!

Uh oh!

@@ -2,2 +2,6 @@
+            permissions:
+              contents: read
+              pull-requests: write
             on:

feat: Sync kamaji with upstream #15

feat: Sync kamaji with upstream #15

Uh oh!

Conversation

mridulgain commented Jul 28, 2025

Uh oh!

Check warning

Copilot Autofix

indradhanush left a comment

Choose a reason for hiding this comment

Uh oh!

mridulgain commented Jul 31, 2025 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Uh oh!

Uh oh!

indradhanush commented Aug 1, 2025

Uh oh!

Uh oh!

mridulgain commented Jul 31, 2025 •

edited

Loading