feat: add tenant list to status of capsuleconfiguration#1935
Merged
oliverbaehler merged 1 commit intoJun 3, 2026
Merged
Conversation
sandert-k8s
changed the title
Contributor
There was a problem hiding this comment.
Pull request overview
Note
Copilot was unable to run its full agentic suite in this review.
This PR adds status observedGeneration tracking across multiple Capsule CRDs/controllers, and extends CapsuleConfiguration status to aggregate tenant and managed-namespace counts (with additional watches/predicates to keep it updated).
Changes:
- Add
status.observedGenerationfields to several APIs/CRDs and set them during status updates in controllers. - Update
CapsuleConfigurationreconciliation to computetenantCount/managedNamespaceCount, set a Ready condition, and requeue on Tenant create/delete andstatus.sizechanges. - Add/extend E2E coverage to assert
status.observedGeneration == metadata.generation.
Reviewed changes
Copilot reviewed 31 out of 32 changed files in this pull request and generated 2 comments.
Show a summary per file
| File | Description |
|---|---|
| pkg/runtime/predicates/tenant_change.go | Adds a predicate to trigger reconciles on Tenant create/delete and status.size changes. |
| internal/controllers/tenant/status.go | Sets Tenant.status.observedGeneration during status updates. |
| internal/controllers/rulestatus/manager.go | Sets RuleStatus.status.observedGeneration during status updates. |
| internal/controllers/resources/namespaced.go | Sets TenantResource.status.observedGeneration during status updates. |
| internal/controllers/resources/global.go | Sets GlobalTenantResource.status.observedGeneration during status updates. |
| internal/controllers/resourcepools/pool_controller.go | Sets ResourcePool.status.observedGeneration during status updates. |
| internal/controllers/resourcepools/claim_controller.go | Sets ResourcePoolClaim.status.observedGeneration and adjusts Ready condition input. |
| internal/controllers/customquotas/global_custom_quota_controller.go | Sets GlobalCustomQuota.status.observedGeneration during status updates. |
| internal/controllers/customquotas/custom_quota_controller.go | Sets CustomQuota.status.observedGeneration during status updates. |
| internal/controllers/cfg/status/manager.go | Watches Tenants, aggregates counts into CapsuleConfiguration.status, and sets Ready condition + observedGeneration. |
| e2e/utils_test.go | Extends Tenant readiness helper to assert observedGeneration matches generation. |
| e2e/observed_generation_test.go | Adds E2E specs for observedGeneration on Tenant/CapsuleConfiguration/RuleStatus. |
| charts/capsule/crds/capsule.clastix.io_tenants.yaml | Adds status.observedGeneration to the Tenant CRD schema. |
| charts/capsule/crds/capsule.clastix.io_tenantresources.yaml | Adds status.observedGeneration to the TenantResource CRD schema. |
| charts/capsule/crds/capsule.clastix.io_tenantowners.yaml | Adds status.observedGeneration to the TenantOwner CRD schema. |
| charts/capsule/crds/capsule.clastix.io_rulestatuses.yaml | Adds status.observedGeneration to the RuleStatus CRD schema. |
| charts/capsule/crds/capsule.clastix.io_resourcepools.yaml | Adds status.observedGeneration to the ResourcePool CRD schema. |
| charts/capsule/crds/capsule.clastix.io_resourcepoolclaims.yaml | Adds status.observedGeneration to the ResourcePoolClaim CRD schema. |
| charts/capsule/crds/capsule.clastix.io_globaltenantresources.yaml | Adds status.observedGeneration to the GlobalTenantResource CRD schema. |
| charts/capsule/crds/capsule.clastix.io_globalcustomquotas.yaml | Adds status.observedGeneration to the GlobalCustomQuota CRD schema. |
| charts/capsule/crds/capsule.clastix.io_customquotas.yaml | Adds status.observedGeneration to the CustomQuota CRD schema. |
| charts/capsule/crds/capsule.clastix.io_capsuleconfigurations.yaml | Adds printer columns + status schema fields for counts/conditions/observedGeneration. |
| api/v1beta2/tenantresource_types.go | Adds ObservedGeneration to common status for TenantResource-like APIs. |
| api/v1beta2/tenantowner_types.go | Adds ObservedGeneration to TenantOwner status. |
| api/v1beta2/tenant_status.go | Adds ObservedGeneration to Tenant status. |
| api/v1beta2/rule_status_type.go | Adds ObservedGeneration to RuleStatus status and renames the status type. |
| api/v1beta2/resourcepoolclaim_types.go | Adds ObservedGeneration to ResourcePoolClaim status. |
| api/v1beta2/resourcepool_status.go | Adds ObservedGeneration to ResourcePool status. |
| api/v1beta2/customquota_status.go | Adds ObservedGeneration to CustomQuota status. |
| api/v1beta2/capsuleconfiguration_types.go | Adds kubebuilder printer columns for CapsuleConfiguration. |
| api/v1beta2/capsuleconfiguration_status.go | Adds conditions + counts + observedGeneration to CapsuleConfiguration status. |
Files not reviewed (1)
- api/v1beta2/zz_generated.deepcopy.go: Language not supported
Comments suppressed due to low confidence (2)
internal/controllers/tenant/status.go:1
- In a RetryOnConflict-style status update,
instance.GetGeneration()can be stale relative to the freshly-fetchedlatestobject. This can persist an out-of-datestatus.observedGenerationeven though you're updating the current object. Prefer settinglatest.Status.ObservedGenerationfromlatest.GetGeneration()(and, if any conditions use generation, base them onlatestas well).
pkg/runtime/predicates/tenant_change.go:1 - The comment says
namespaceCount changes, but the controller status field introduced/used elsewhere ismanagedNamespaceCount(aggregated from Tenantstatus.size). Consider updating the wording to match the exposed status field name to avoid confusion for future maintainers.
sandert-k8s
force-pushed
the
capsule-configuration-status
branch
2 times, most recently
from
912930e to
75f6fe6
Compare
Contributor
There was a problem hiding this comment.
Pull request overview
Copilot reviewed 31 out of 32 changed files in this pull request and generated 5 comments.
Files not reviewed (1)
- api/v1beta2/zz_generated.deepcopy.go: Language not supported
Comments suppressed due to low confidence (1)
pkg/runtime/predicates/tenant_change.go:1
- The comment mentions
namespaceCount changes, but the aggregated field introduced in this PR ismanagedNamespaceCount(and it’s derived fromstatus.size). Updating the wording to match the actual status field name would reduce confusion when correlating predicates, reconcile triggers, andCapsuleConfigurationstatus.
sandert-k8s
force-pushed
the
capsule-configuration-status
branch
from
75f6fe6 to
ebfbc93
Compare
sandert-k8s
force-pushed
the
capsule-configuration-status
branch
from
ebfbc93 to
141a710
Compare
Contributor
There was a problem hiding this comment.
Pull request overview
Copilot reviewed 31 out of 32 changed files in this pull request and generated 3 comments.
Files not reviewed (1)
- api/v1beta2/zz_generated.deepcopy.go: Language not supported
Comments suppressed due to low confidence (2)
api/v1beta2/rule_status_type.go:1
- Renaming the exported type from
RuleStatusSpectoRuleStatusStatusis a compile-time breaking change for any Go consumers importingapi/v1beta2. If the old name was already part of the public API surface, consider preserving backwards compatibility via a type alias (e.g.,type RuleStatusSpec = RuleStatusStatus) or keeping the original exported type name and only adjusting field semantics/comments.
// Copyright 2020-2026 Project Capsule Authors
pkg/runtime/predicates/tenant_change.go:1
- The comment says
namespaceCount changes, but in this PR the aggregated field ismanagedNamespaceCountand it is derived fromTenant.Status.Size. Updating the comment to match the public status field name will avoid confusion about what’s being tracked.
Contributor
There was a problem hiding this comment.
Pull request overview
Copilot reviewed 31 out of 32 changed files in this pull request and generated 4 comments.
Files not reviewed (1)
- api/v1beta2/zz_generated.deepcopy.go: Language not supported
Comments suppressed due to low confidence (1)
pkg/runtime/predicates/tenant_change.go:1
- The comment refers to
namespaceCount, but the config status field added in this PR ismanagedNamespaceCount(and the predicate isstatus.size-driven). Consider updating the wording to match the actual field name to avoid confusion when tracing why a reconcile was enqueued.
sandert-k8s
force-pushed
the
capsule-configuration-status
branch
2 times, most recently
from
2ff38e1 to
ed3ae8a
Compare
Contributor
There was a problem hiding this comment.
Pull request overview
Copilot reviewed 32 out of 33 changed files in this pull request and generated 4 comments.
Files not reviewed (1)
- api/v1beta2/zz_generated.deepcopy.go: Language not supported
Comments suppressed due to low confidence (2)
internal/controllers/tenant/status.go:1
ObservedGenerationis being set frominstance.GetGeneration()whilelatestis the object that will be written. In retry-on-conflict patterns (or if the object generation advanced between fetch and status update), this can persist a staleobservedGenerationthat no longer corresponds to the resource you’re updating. A safer approach is to (a) setObservedGenerationfromlatest.GetGeneration()and/or (b) detectlatest.GetGeneration() != instance.GetGeneration()and abort/requeue so you don’t mark a newer generation as “observed” without reconciling it.
pkg/runtime/predicates/tenant_change.go:1- The wording “namespaceCount changes” is a bit ambiguous given the
CapsuleConfigurationfield is namedManagedNamespaceCountand the predicate is based onTenant.status.size. Consider clarifying this to something like “managed namespace count changes” (or explicitly “sum of Tenant.status.size changes”) to reduce confusion about what is being counted.
sandert-k8s
force-pushed
the
capsule-configuration-status
branch
from
ed3ae8a to
4c2167c
Compare
sandert-k8s
force-pushed
the
capsule-configuration-status
branch
from
4c2167c to
b4ba322
Compare
sandert-k8s
changed the title
sandert-k8s
force-pushed
the
capsule-configuration-status
branch
from
b4ba322 to
fe67d3b
Compare
sandert-k8s
force-pushed
the
capsule-configuration-status
branch
from
fe67d3b to
3feafed
Compare
sandert-k8s
force-pushed
the
capsule-configuration-status
branch
from
3feafed to
0f4fdac
Compare
sandert-k8s
force-pushed
the
capsule-configuration-status
branch
from
0f4fdac to
e3206e5
Compare
sandert-k8s
force-pushed
the
capsule-configuration-status
branch
3 times, most recently
from
e3206e5 to
d9099ba
Compare
Comment on lines
+274
to
+286
| latest.Status.Users = instance.Status.Users | ||
| latest.Status.ObservedGeneration = latest.GetGeneration() | ||
|
|
||
| // Only overwrite Tenants when this reconcile actually refreshed them | ||
| // (tenant event or bootstrap). A config-spec reconcile must not clobber | ||
| // a newer status.tenants written by a concurrent tenant-event reconcile. | ||
| if isTenantEvent || len(instance.Status.Tenants) > 0 { | ||
| latest.Status.Tenants = instance.Status.Tenants | ||
| } | ||
|
|
||
| readyCondition := capmeta.NewReadyCondition(latest) | ||
| readyCondition.ObservedGeneration = latest.GetGeneration() | ||
| readyCondition.Status = metav1.ConditionTrue |
sandert-k8s
force-pushed
the
capsule-configuration-status
branch
from
d9099ba to
13527c8
Compare
sandert-k8s
force-pushed
the
capsule-configuration-status
branch
from
13527c8 to
50d220a
Compare
Signed-off-by: sandert-k8s <sandert98@gmail.com>
sandert-k8s
force-pushed
the
capsule-configuration-status
branch
from
50d220a to
17b13c6
Compare
Comment on lines
+285
to
+300
| latest.Status.Users = instance.Status.Users | ||
| latest.Status.ObservedGeneration = latest.GetGeneration() | ||
|
|
||
| // Only overwrite Tenants when this reconcile actually refreshed them. | ||
| // A config-spec reconcile must not clobber a newer status.tenants | ||
| // written by a concurrent tenant-event reconcile. Using an explicit | ||
| // boolean (not a length check) also handles the zero-tenant case | ||
| // correctly. | ||
| if didRefreshTenants { | ||
| latest.Status.Tenants = instance.Status.Tenants | ||
| } | ||
|
|
||
| readyCondition := capmeta.NewReadyCondition(latest) | ||
| readyCondition.ObservedGeneration = latest.GetGeneration() | ||
| readyCondition.Status = metav1.ConditionTrue | ||
| readyCondition.Reason = capmeta.SucceededReason |
Comment on lines
+175
to
+176
| // +kubebuilder:printcolumn:name="Ready",type="string",JSONPath=".status.conditions[?(@.type==\"Ready\")].status",description="Reconcile status" | ||
| // +kubebuilder:printcolumn:name="Age",type="date",JSONPath=".metadata.creationTimestamp" |
Comment on lines
+1261
to
+1266
| conditions: | ||
| description: |- | ||
| Conditions holds the reconciliation conditions for this CapsuleConfiguration. | ||
| Includes a Ready condition indicating whether the configuration was | ||
| successfully validated and applied. | ||
| items: |
Comment on lines
+1319
to
+1320
| type: object | ||
| type: array |
| } | ||
|
|
||
| readyCondition := capmeta.NewReadyCondition(latest) | ||
| readyCondition.ObservedGeneration = latest.GetGeneration() |
oliverbaehler
pushed a commit
to oliverbaehler/capsule
that referenced
this pull request
Jun 8, 2026
…le#1935) Signed-off-by: sandert-k8s <sandert98@gmail.com> Signed-off-by: Oliver Baehler <oliver@sudo-i.net>
oliverbaehler
added a commit
that referenced
this pull request
Jun 8, 2026
* fix(controller): decode old object for delete requests Signed-off-by: Oliver Bähler <oliverbaehler@hotmail.com> Signed-off-by: Oliver Baehler <oliver@sudo-i.net> * chore: modernize golang Signed-off-by: Oliver Bähler <oliverbaehler@hotmail.com> Signed-off-by: Oliver Baehler <oliver@sudo-i.net> * chore: modernize golang Signed-off-by: Oliver Bähler <oliverbaehler@hotmail.com> Signed-off-by: Oliver Baehler <oliver@sudo-i.net> * chore: modernize golang Signed-off-by: Oliver Bähler <oliverbaehler@hotmail.com> Signed-off-by: Oliver Baehler <oliver@sudo-i.net> * chore(deps): update codecov/codecov-action action to v5.5.2 (#1783) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Signed-off-by: Oliver Baehler <oliver@sudo-i.net> * chore(deps): update anchore/sbom-action digest to 43a17d6 (#1781) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Signed-off-by: Oliver Baehler <oliver@sudo-i.net> * fix(deps): update module k8s.io/dynamic-resource-allocation to v0.34.3 (#1786) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Signed-off-by: Oliver Baehler <oliver@sudo-i.net> * fix(deps): update module k8s.io/apiextensions-apiserver to v0.34.3 (#1785) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Signed-off-by: Oliver Baehler <oliver@sudo-i.net> * fix(controller): allow no spaces in template references (#1789) * fix(controller): decode old object for delete requests Signed-off-by: Oliver Bähler <oliverbaehler@hotmail.com> * chore: modernize golang Signed-off-by: Oliver Bähler <oliverbaehler@hotmail.com> * chore: modernize golang Signed-off-by: Oliver Bähler <oliverbaehler@hotmail.com> * chore: modernize golang Signed-off-by: Oliver Bähler <oliverbaehler@hotmail.com> * fix(controller): allow no spaces in template references Signed-off-by: Oliver Bähler <oliverbaehler@hotmail.com> * fix(controller): allow no spaces in template references Signed-off-by: Oliver Bähler <oliverbaehler@hotmail.com> --------- Signed-off-by: Oliver Bähler <oliverbaehler@hotmail.com> Signed-off-by: Oliver Baehler <oliver@sudo-i.net> * chore(deps): update securego/gosec action to v2.22.11 (#1788) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Signed-off-by: Oliver Baehler <oliver@sudo-i.net> * chore(deps): update all-ci-updates (#1791) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Signed-off-by: Oliver Baehler <oliver@sudo-i.net> * fix(deps): update k8s.io/utils digest to 61b37f7 (#1801) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Signed-off-by: Oliver Baehler <oliver@sudo-i.net> * fix(controller): template concurrency (#1802) Signed-off-by: Oliver Bähler <oliverbaehler@hotmail.com> Signed-off-by: Oliver Baehler <oliver@sudo-i.net> * chore(deps): update all-ci-updates (#1795) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Signed-off-by: Oliver Baehler <oliver@sudo-i.net> * chore(deps): update dependency kubernetes-sigs/kind to v0.31.0 (#1796) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Signed-off-by: Oliver Baehler <oliver@sudo-i.net> * fix(deps): update kubernetes packages to v0.35.0 (#1797) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Signed-off-by: Oliver Baehler <oliver@sudo-i.net> * fix(deps): update module k8s.io/dynamic-resource-allocation to v0.35.0 (#1798) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Signed-off-by: Oliver Baehler <oliver@sudo-i.net> * chore(deps): update dependency kubernetes-sigs/controller-tools to v0.20.0 (#1799) * chore(deps): update dependency kubernetes-sigs/controller-tools to v0.20.0 * chore(deps): update dependency kubernetes-sigs/controller-tools to v0.20.0 Signed-off-by: Hristo Hristov <me@hhristov.info> --------- Signed-off-by: Hristo Hristov <me@hhristov.info> Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Co-authored-by: Hristo Hristov <me@hhristov.info> Signed-off-by: Oliver Baehler <oliver@sudo-i.net> * fix(deps): update k8s.io/utils digest to 98d557b (#1803) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Signed-off-by: Oliver Baehler <oliver@sudo-i.net> * chore(deps): update all-ci-updates (#1793) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Signed-off-by: Oliver Baehler <oliver@sudo-i.net> * fix(deps): update module github.com/onsi/ginkgo/v2 to v2.27.3 (#1776) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Signed-off-by: Oliver Baehler <oliver@sudo-i.net> * chore(deps): update github/codeql-action digest to f67ec12 (#1790) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Signed-off-by: Oliver Baehler <oliver@sudo-i.net> * chore(deps): update dependency google/ko to v0.18.1 (#1792) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Signed-off-by: Oliver Baehler <oliver@sudo-i.net> * fix(deps): update module github.com/onsi/gomega to v1.38.3 (#1777) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Signed-off-by: Oliver Baehler <oliver@sudo-i.net> * fix(deps): update module sigs.k8s.io/cluster-api to v1.12.1 (#1784) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Signed-off-by: Oliver Baehler <oliver@sudo-i.net> * fix(deps): update k8s.io/utils digest to 383b50a (#1804) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Signed-off-by: Oliver Baehler <oliver@sudo-i.net> * chore(deps): update actions/stale digest to a21a081 (#1808) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Signed-off-by: Oliver Baehler <oliver@sudo-i.net> * chore: adjust makefile and releaser for kubernetes 1.35 (#1809) * chore: adjust makefile and releaser for kubernetes 1.35 Signed-off-by: Hristo Hristov <me@hhristov.info> * chore: adjust makefile and releaser for kubernetes 1.35 Signed-off-by: Hristo Hristov <me@hhristov.info> --------- Signed-off-by: Hristo Hristov <me@hhristov.info> Signed-off-by: Oliver Baehler <oliver@sudo-i.net> * chore(deps): update all-ci-updates (#1807) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Signed-off-by: Oliver Baehler <oliver@sudo-i.net> * fix(deps): update k8s.io/utils digest to 718f0e5 (#1806) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Signed-off-by: Oliver Baehler <oliver@sudo-i.net> * chore(deps): update anchore/sbom-action digest to a930d0a (#1805) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Signed-off-by: Oliver Baehler <oliver@sudo-i.net> * chore(deps): update helm release kube-prometheus-stack to v80.8.2 (#1810) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Signed-off-by: Oliver Baehler <oliver@sudo-i.net> * feat: add dynamic capsule user evaluation (#1811) * chore: improve dev targets Signed-off-by: Oliver Bähler <oliverbaehler@hotmail.com> * feat(controller): implement deterministic rolebinding reflection Signed-off-by: Oliver Bähler <oliverbaehler@hotmail.com> * feat(controller): capsule users are determined from configuration status Signed-off-by: Oliver Bähler <oliverbaehler@hotmail.com> * feat(tenantowners): added agreggate option - tenantowners are always considered capsule users Signed-off-by: Oliver Bähler <oliverbaehler@hotmail.com> * feat(tenantowner): add implicit aggregation for tenants Signed-off-by: Oliver Bähler <oliverbaehler@hotmail.com> * chore: remove helm flags Signed-off-by: Oliver Bähler <oliverbaehler@hotmail.com> * fix(config): remove usergroups default Signed-off-by: Oliver Bähler <oliverbaehler@hotmail.com> --------- Signed-off-by: Oliver Bähler <oliverbaehler@hotmail.com> Signed-off-by: Oliver Baehler <oliver@sudo-i.net> * chore(deps): update helm release kube-prometheus-stack to v80.9.2 (#1812) Signed-off-by: Oliver Baehler <oliver@sudo-i.net> * chore(deps): update all-ci-updates (#1814) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Signed-off-by: Oliver Baehler <oliver@sudo-i.net> * chore(deps): update amannn/action-semantic-pull-request digest to 71b07ef (#1815) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Signed-off-by: Oliver Baehler <oliver@sudo-i.net> * chore(deps): update github/codeql-action digest to fd448f7 (#1816) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Signed-off-by: Oliver Baehler <oliver@sudo-i.net> * feat: use cert-manager certificates by default (#1818) * fix(controller): decode old object for delete requests Signed-off-by: Oliver Bähler <oliverbaehler@hotmail.com> * chore: modernize golang Signed-off-by: Oliver Bähler <oliverbaehler@hotmail.com> * chore: modernize golang Signed-off-by: Oliver Bähler <oliverbaehler@hotmail.com> * chore: modernize golang Signed-off-by: Oliver Bähler <oliverbaehler@hotmail.com> * feat(helm): use cert-manager certificates by default Signed-off-by: Oliver Bähler <oliverbaehler@hotmail.com> * chore: move dependencies to trackable resources Signed-off-by: Oliver Bähler <oliverbaehler@hotmail.com> * chore: move dependencies to trackable resources Signed-off-by: Oliver Bähler <oliverbaehler@hotmail.com> * chore: move dependencies to trackable resources Signed-off-by: Oliver Bähler <oliverbaehler@hotmail.com> * chore: move dependencies to trackable resources Signed-off-by: Oliver Bähler <oliverbaehler@hotmail.com> * chore: move dependencies to trackable resources Signed-off-by: Oliver Bähler <oliverbaehler@hotmail.com> * chore: move dependencies to trackable resources Signed-off-by: Oliver Bähler <oliverbaehler@hotmail.com> --------- Signed-off-by: Oliver Bähler <oliverbaehler@hotmail.com> Signed-off-by: Oliver Baehler <oliver@sudo-i.net> * chore(deps): update helm release kube-prometheus-stack to v80.13.2 (#1817) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Signed-off-by: Oliver Baehler <oliver@sudo-i.net> * chore(deps): update dependency prometheus-operator/prometheus-operator to v0.87.1 (#1820) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Signed-off-by: Oliver Baehler <oliver@sudo-i.net> * chore(deps): update dependency golangci/golangci-lint to v2.8.0 (#1823) * chore(deps): update dependency golangci/golangci-lint to v2.8.0 * chore(deps): update dependency golangci/golangci-lint to v2.8.0 Signed-off-by: Hristo Hristov <me@hhristov.info> * chore(deps): update dependency golangci/golangci-lint to v2.8.0 Signed-off-by: Hristo Hristov <me@hhristov.info> * chore(deps): update dependency golangci/golangci-lint to v2.8.0 Signed-off-by: Hristo Hristov <me@hhristov.info> --------- Signed-off-by: Hristo Hristov <me@hhristov.info> Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Co-authored-by: Hristo Hristov <me@hhristov.info> Signed-off-by: Oliver Baehler <oliver@sudo-i.net> * chore(deps): update helm release kube-prometheus-stack to v80.13.3 (#1827) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Signed-off-by: Oliver Baehler <oliver@sudo-i.net> * fix(deps): update module github.com/onsi/gomega to v1.39.0 (#1826) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Signed-off-by: Oliver Baehler <oliver@sudo-i.net> * chore(deps): update dependency prometheus-operator/prometheus-operator to v0.88.0 (#1828) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Signed-off-by: Oliver Baehler <oliver@sudo-i.net> * fix(deps): update module github.com/onsi/ginkgo/v2 to v2.27.4 (#1825) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Signed-off-by: Oliver Baehler <oliver@sudo-i.net> * chore(deps): update anchore/sbom-action digest to 0b82b0b (#1824) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Signed-off-by: Oliver Baehler <oliver@sudo-i.net> * fix(deps): update k8s.io/utils digest to 914a6e7 (#1822) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Signed-off-by: Oliver Baehler <oliver@sudo-i.net> * chore(deps): update all-ci-updates (#1830) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Signed-off-by: Oliver Baehler <oliver@sudo-i.net> * chore(deps): update actions/stale digest to d6f8a33 (#1843) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Signed-off-by: Oliver Baehler <oliver@sudo-i.net> * chore(deps): update amannn/action-semantic-pull-request digest to b439535 (#1835) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Signed-off-by: Oliver Baehler <oliver@sudo-i.net> * chore(deps): update actions/checkout action to v6.0.2 (#1845) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Signed-off-by: Oliver Baehler <oliver@sudo-i.net> * chore(deps): update all-ci-updates (#1847) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Signed-off-by: Oliver Baehler <oliver@sudo-i.net> * chore(deps): update all-ci-updates (#1848) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Signed-off-by: Oliver Baehler <oliver@sudo-i.net> * feat: add ruleset api(#1844) * fix(controller): decode old object for delete requests Signed-off-by: Oliver Bähler <oliverbaehler@hotmail.com> * chore: modernize golang Signed-off-by: Oliver Bähler <oliverbaehler@hotmail.com> * chore: modernize golang Signed-off-by: Oliver Bähler <oliverbaehler@hotmail.com> * chore: modernize golang Signed-off-by: Oliver Bähler <oliverbaehler@hotmail.com> * fix(config): remove usergroups default Signed-off-by: Oliver Bähler <oliverbaehler@hotmail.com> * fix(config): remove usergroups default Signed-off-by: Oliver Bähler <oliverbaehler@hotmail.com> * sec(GHSA-2ww6-hf35-mfjm): intercept namespace subresource Signed-off-by: Oliver Bähler <oliverbaehler@hotmail.com> * feat(api): add rulestatus api Signed-off-by: Oliver Bähler <oliverbaehler@hotmail.com> * chore: conflicts Signed-off-by: Oliver Bähler <oliverbaehler@hotmail.com> * chore: conflicts Signed-off-by: Oliver Bähler <oliverbaehler@hotmail.com> * chore: conflicts Signed-off-by: Oliver Bähler <oliverbaehler@hotmail.com> * chore: conflicts Signed-off-by: Oliver Bähler <oliverbaehler@hotmail.com> * chore: conflicts Signed-off-by: Oliver Bähler <oliverbaehler@hotmail.com> * chore: conflicts Signed-off-by: Oliver Bähler <oliverbaehler@hotmail.com> * chore: conflicts Signed-off-by: Oliver Bähler <oliverbaehler@hotmail.com> * chore: conflicts Signed-off-by: Oliver Bähler <oliverbaehler@hotmail.com> * chore: conflicts Signed-off-by: Oliver Bähler <oliverbaehler@hotmail.com> * chore: conflicts Signed-off-by: Oliver Bähler <oliverbaehler@hotmail.com> * chore: conflicts Signed-off-by: Oliver Bähler <oliverbaehler@hotmail.com> * feat(api): add rulestatus api Signed-off-by: Oliver Bähler <oliverbaehler@hotmail.com> * feat(api): add rulestatus api Signed-off-by: Oliver Bähler <oliverbaehler@hotmail.com> * feat(api): add rulestatus api Signed-off-by: Oliver Bähler <oliverbaehler@hotmail.com> * feat(api): add rulestatus api Signed-off-by: Oliver Bähler <oliverbaehler@hotmail.com> * feat(api): add rulestatus api Signed-off-by: Oliver Bähler <oliverbaehler@hotmail.com> * feat(api): add rulestatus api Signed-off-by: Oliver Bähler <oliverbaehler@hotmail.com> --------- Signed-off-by: Oliver Bähler <oliverbaehler@hotmail.com> Signed-off-by: Oliver Baehler <oliver@sudo-i.net> * chore(deps): update dependency alessandrojcm/commitlint-pre-commit-hook to v9.24.0 (#1833) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Signed-off-by: Oliver Baehler <oliver@sudo-i.net> * chore(deps): update anchore/sbom-action digest to deef08a (#1836) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Signed-off-by: Oliver Baehler <oliver@sudo-i.net> * chore(deps): update dependency adrienverge/yamllint to v1.38.0 (#1832) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Signed-off-by: Oliver Baehler <oliver@sudo-i.net> * chore(deps): update github/codeql-action digest to b2ff80d (#1821) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Signed-off-by: Oliver Baehler <oliver@sudo-i.net> * chore(deps): update github/codeql-action digest to f985be5 (#1850) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Signed-off-by: Oliver Baehler <oliver@sudo-i.net> * chore(deps): update anchore/sbom-action digest to 5620efe (#1852) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Signed-off-by: Oliver Baehler <oliver@sudo-i.net> * chore(deps): update all-ci-updates (#1851) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Signed-off-by: Oliver Baehler <oliver@sudo-i.net> * chore(deps): update all-ci-updates (#1837) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Signed-off-by: Oliver Baehler <oliver@sudo-i.net> * chore(deps): update all-ci-updates (#1856) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Signed-off-by: Oliver Baehler <oliver@sudo-i.net> * chore(deps): update github/codeql-action digest to 8aac4e4 (#1855) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Signed-off-by: Oliver Baehler <oliver@sudo-i.net> * feat: diverse performance improvements (#1861) Signed-off-by: Oliver Bähler <oliverbaehler@hotmail.com> Signed-off-by: Oliver Baehler <oliver@sudo-i.net> * chore(deps): update actions/stale digest to dcd2b94 (#1857) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Signed-off-by: Oliver Baehler <oliver@sudo-i.net> * fix(docs): update home in chart.yaml (#1864) * fix(docs): update home in chart.yaml Signed-off-by: sandert-k8s <sandert98@gmail.com> * fix: linter Signed-off-by: sandert-k8s <sandert98@gmail.com> --------- Signed-off-by: sandert-k8s <sandert98@gmail.com> Signed-off-by: Oliver Baehler <oliver@sudo-i.net> * chore(deps): update actions/stale digest to b5d41d4 (#1866) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Signed-off-by: Oliver Baehler <oliver@sudo-i.net> * chore(deps): update zgosalvez/github-actions-ensure-sha-pinned-actions action to v5 (#1865) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Signed-off-by: Oliver Baehler <oliver@sudo-i.net> * chore(deps): update amannn/action-semantic-pull-request digest to ac7e3fc (#1871) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Signed-off-by: Oliver Baehler <oliver@sudo-i.net> * chore(deps): update anchore/sbom-action digest to 6d473d3 (#1860) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Signed-off-by: Oliver Baehler <oliver@sudo-i.net> * chore(deps): update anchore/sbom-action digest to 17ae174 (#1876) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Signed-off-by: Oliver Baehler <oliver@sudo-i.net> * chore(deps): update github/codeql-action digest to 0ec47d0 (#1858) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Signed-off-by: Oliver Baehler <oliver@sudo-i.net> * chore(deps): update anchore/sbom-action digest to 57aae52 (#1882) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Signed-off-by: Oliver Baehler <oliver@sudo-i.net> * chore(deps): update actions/stale digest to db5d06a (#1886) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Signed-off-by: Oliver Baehler <oliver@sudo-i.net> * chore(deps): update anchore/sbom-action digest to a0a6512 (#1887) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Signed-off-by: Oliver Baehler <oliver@sudo-i.net> * chore(deps): update anchore/sbom-action digest to e22c389 (#1888) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Signed-off-by: Oliver Baehler <oliver@sudo-i.net> * chore(deps): update anchore/sbom-action digest to f0d33c1 (#1893) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Signed-off-by: Oliver Baehler <oliver@sudo-i.net> * chore(workflows): bump trivy action to 0.35.0 (#1896) Signed-off-by: Hristo Hristov <me@hhristov.info> Signed-off-by: Oliver Baehler <oliver@sudo-i.net> * fix(webhook): adapt to controller-runtime breaking change in newwebhookmanagedby (#1898) Signed-off-by: Hristo Hristov <me@hhristov.info> Signed-off-by: Oliver Baehler <oliver@sudo-i.net> * feat: add e2e openshift support (#1894) * feat: add e2e openshift support Signed-off-by: Hristo Hristov <me@hhristov.info> * feat: add e2e openshift support Signed-off-by: Hristo Hristov <me@hhristov.info> * feat: add e2e openshift support Signed-off-by: Hristo Hristov <me@hhristov.info> * feat: add e2e openshift support Signed-off-by: Hristo Hristov <me@hhristov.info> * feat: add e2e openshift support Signed-off-by: Hristo Hristov <me@hhristov.info> * feat: add e2e openshift support Signed-off-by: Hristo Hristov <me@hhristov.info> * feat: add e2e openshift support Signed-off-by: Hristo Hristov <me@hhristov.info> * feat: add e2e openshift support Signed-off-by: Hristo Hristov <me@hhristov.info> * feat: add e2e openshift support Signed-off-by: Hristo Hristov <me@hhristov.info> * feat: add e2e openshift support Signed-off-by: Hristo Hristov <me@hhristov.info> * feat: add e2e openshift support Signed-off-by: Hristo Hristov <me@hhristov.info> * feat: add e2e openshift support Signed-off-by: Hristo Hristov <me@hhristov.info> * feat: add e2e openshift support Signed-off-by: Hristo Hristov <me@hhristov.info> * feat: add e2e openshift support Signed-off-by: Hristo Hristov <me@hhristov.info> * feat: add e2e openshift support Signed-off-by: Hristo Hristov <me@hhristov.info> --------- Signed-off-by: Hristo Hristov <me@hhristov.info> Signed-off-by: Oliver Baehler <oliver@sudo-i.net> * chore(deps): update all-ci-updates (#1873) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Signed-off-by: Oliver Baehler <oliver@sudo-i.net> * chore(deps): update all-ci-updates (#1859) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Signed-off-by: Oliver Baehler <oliver@sudo-i.net> * chore(deps): update dependency alessandrojcm/commitlint-pre-commit-hook to v9.25.0 (#1907) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Signed-off-by: Oliver Baehler <oliver@sudo-i.net> * chore(deps): set renovate minimum release age to 14 days (#1908) Signed-off-by: Hristo Hristov <me@hhristov.info> Signed-off-by: Oliver Baehler <oliver@sudo-i.net> * chore: add lfx status badges (#1909) Signed-off-by: Hristo Hristov <me@hhristov.info> Signed-off-by: Oliver Baehler <oliver@sudo-i.net> * ci: pin slsa provenance workflow (#1903) Signed-off-by: Akash Kumar <meakash7902@gmail.com> Signed-off-by: Oliver Baehler <oliver@sudo-i.net> * chore(deps): update dependency b1nary-gr0up/nwa to v0.7.8 (#1906) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Signed-off-by: Oliver Baehler <oliver@sudo-i.net> * chore(deps): update all-ci-updates (#1900) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Signed-off-by: Oliver Baehler <oliver@sudo-i.net> * feat: upstream enterprise preview (#1841) feat: upstream enterprise preview --------- Signed-off-by: Oliver Baehler <oliver@sudo-i.net> Co-authored-by: CorentinPtrl <pitrel.corentin@gmail.com> Signed-off-by: Oliver Baehler <oliver@sudo-i.net> * chore: bump supported version (#1918) * fix(controller): decode old object for delete requests Signed-off-by: Oliver Bähler <oliverbaehler@hotmail.com> * chore: modernize golang Signed-off-by: Oliver Bähler <oliverbaehler@hotmail.com> * chore: modernize golang Signed-off-by: Oliver Bähler <oliverbaehler@hotmail.com> * chore: modernize golang Signed-off-by: Oliver Bähler <oliverbaehler@hotmail.com> * chore: bump makefile 1.35 --------- Signed-off-by: Oliver Bähler <oliverbaehler@hotmail.com> Signed-off-by: Oliver Baehler <oliver@sudo-i.net> * fix: release workflows (#1919) * fix(controller): decode old object for delete requests Signed-off-by: Oliver Bähler <oliverbaehler@hotmail.com> * chore: modernize golang Signed-off-by: Oliver Bähler <oliverbaehler@hotmail.com> * chore: modernize golang Signed-off-by: Oliver Bähler <oliverbaehler@hotmail.com> * chore: modernize golang Signed-off-by: Oliver Bähler <oliverbaehler@hotmail.com> * chore: bump makefile 1.35 * fix: release workflows Signed-off-by: Oliver Baehler <oliver@sudo-i.net> --------- Signed-off-by: Oliver Bähler <oliverbaehler@hotmail.com> Signed-off-by: Oliver Baehler <oliver@sudo-i.net> * fix: reuse webhookport from values (#1927) * fix(controller): decode old object for delete requests Signed-off-by: Oliver Bähler <oliverbaehler@hotmail.com> * chore: modernize golang Signed-off-by: Oliver Bähler <oliverbaehler@hotmail.com> * chore: modernize golang Signed-off-by: Oliver Bähler <oliverbaehler@hotmail.com> * chore: modernize golang Signed-off-by: Oliver Bähler <oliverbaehler@hotmail.com> * fix: reuse webhookport from values Signed-off-by: Oliver Baehler <oliver@sudo-i.net> * fix: consider webhooks.service.port Signed-off-by: Oliver Baehler <oliver@sudo-i.net> * fix: consider webhooks.service.port Signed-off-by: Oliver Baehler <oliver@sudo-i.net> --------- Signed-off-by: Oliver Bähler <oliverbaehler@hotmail.com> Signed-off-by: Oliver Baehler <oliver@sudo-i.net> * fix: correct helm values schema for webservcie ports (#1928) Signed-off-by: bakito <github@bakito.ch> Signed-off-by: Oliver Baehler <oliver@sudo-i.net> * fix: correct helm docs for webhook service port schema (#1929) Signed-off-by: bakito <github@bakito.ch> Signed-off-by: Oliver Baehler <oliver@sudo-i.net> * chore(deps): update capsule-proxy docker tag to v0.12.0 (#1846) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Signed-off-by: Oliver Baehler <oliver@sudo-i.net> * chore(deps): update dependency prometheus-operator/prometheus-operator to v0.91.0 (#1849) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Signed-off-by: Oliver Baehler <oliver@sudo-i.net> * chore(deps): update dependency grafana/grafana-operator to v5.22.2 (#1819) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Signed-off-by: Oliver Baehler <oliver@sudo-i.net> * chore: use release age for all managers except helm (#1931) * fix(controller): decode old object for delete requests Signed-off-by: Oliver Bähler <oliverbaehler@hotmail.com> * chore: modernize golang Signed-off-by: Oliver Bähler <oliverbaehler@hotmail.com> * chore: modernize golang Signed-off-by: Oliver Bähler <oliverbaehler@hotmail.com> * chore: modernize golang Signed-off-by: Oliver Bähler <oliverbaehler@hotmail.com> * chore: use release age for all managers except helm Signed-off-by: Oliver Baehler <oliver@sudo-i.net> --------- Signed-off-by: Oliver Bähler <oliverbaehler@hotmail.com> Signed-off-by: Oliver Baehler <oliver@sudo-i.net> * chore(deps): update capsule-proxy docker tag to v0.13.1 (#1932) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Signed-off-by: Oliver Baehler <oliver@sudo-i.net> * feat: add observedgeneration to status object of all crds (#1930) * feat: add observedgeneration to status object of all crds Signed-off-by: sandert-k8s <sandert98@gmail.com> * chore(api): rename rulestatusspec to rulestatusstatus Signed-off-by: sandert-k8s <sandert98@gmail.com> --------- Signed-off-by: sandert-k8s <sandert98@gmail.com> Signed-off-by: Oliver Baehler <oliver@sudo-i.net> * chore: promote sander tervoert as maintainer (#1933) * chore: promote sander tervoert as maintainer Signed-off-by: Hristo Hristov <me@hhristov.info> * chore: promote sander tervoert as maintainer Signed-off-by: Hristo Hristov <me@hhristov.info> * chore: promote sander tervoert as maintainer Signed-off-by: Hristo Hristov <me@hhristov.info> * chore: promote sander tervoert as maintainer Signed-off-by: Hristo Hristov <me@hhristov.info> --------- Signed-off-by: Hristo Hristov <me@hhristov.info> Signed-off-by: Oliver Baehler <oliver@sudo-i.net> * chore: promote sander tervoert as maintainer (#1939) Signed-off-by: Hristo Hristov <me@hhristov.info> Signed-off-by: Oliver Baehler <oliver@sudo-i.net> * ci: add goreleaser dry run (#1936) Signed-off-by: Alan <alan747271363-art@users.noreply.github.com> Co-authored-by: Alan <alan747271363-art@users.noreply.github.com> Signed-off-by: Oliver Baehler <oliver@sudo-i.net> * fix(deps): update module gomodules.xyz/jsonpatch/v2 to v3 (#1917) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Signed-off-by: Oliver Baehler <oliver@sudo-i.net> * chore(deps): update helm release kube-prometheus-stack to v85 (#1914) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Signed-off-by: Oliver Baehler <oliver@sudo-i.net> * fix(deps): update module go.uber.org/zap to v1.28.0 (#1904) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Signed-off-by: Oliver Baehler <oliver@sudo-i.net> * fix: avoid rejection when users are classified as administrators (#1941) * fix(controller): decode old object for delete requests Signed-off-by: Oliver Bähler <oliverbaehler@hotmail.com> * chore: modernize golang Signed-off-by: Oliver Bähler <oliverbaehler@hotmail.com> * chore: modernize golang Signed-off-by: Oliver Bähler <oliverbaehler@hotmail.com> * chore: modernize golang Signed-off-by: Oliver Bähler <oliverbaehler@hotmail.com> * fix: avoid rejection when users are classified as administrators Signed-off-by: Oliver Baehler <oliver@sudo-i.net> --------- Signed-off-by: Oliver Bähler <oliverbaehler@hotmail.com> Signed-off-by: Oliver Baehler <oliver@sudo-i.net> * chore(deps): update capsule-proxy docker tag to v0.13.2 (#1942) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Signed-off-by: Oliver Baehler <oliver@sudo-i.net> * fix(deps): update module sigs.k8s.io/gateway-api to v1.5.1 (#1878) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Signed-off-by: Oliver Baehler <oliver@sudo-i.net> * chore: typo in ruleset description crd (#1944) Signed-off-by: sandert-k8s <sandert98@gmail.com> Signed-off-by: Oliver Baehler <oliver@sudo-i.net> * feat: add tenant list to status of capsuleconfiguration (#1935) Signed-off-by: sandert-k8s <sandert98@gmail.com> Signed-off-by: Oliver Baehler <oliver@sudo-i.net> * fix: correct tls reconciler and add tenantowners (#1946) * fix(controller): decode old object for delete requests Signed-off-by: Oliver Bähler <oliverbaehler@hotmail.com> * chore: modernize golang Signed-off-by: Oliver Bähler <oliverbaehler@hotmail.com> * chore: modernize golang Signed-off-by: Oliver Bähler <oliverbaehler@hotmail.com> * chore: modernize golang Signed-off-by: Oliver Bähler <oliverbaehler@hotmail.com> * fix: tls controller Signed-off-by: Oliver Baehler <oliver@sudo-i.net> * feat: add tenantowner tenant status reference Signed-off-by: Oliver Baehler <oliver@sudo-i.net> * fix: tlsreconciler only patches cabundles Signed-off-by: Oliver Baehler <oliver@sudo-i.net> * chore: refactor logger usage Signed-off-by: Oliver Baehler <oliver@sudo-i.net> * Potential fix for pull request finding Co-authored-by: Copilot Autofix powered by AI <175728472+Copilot@users.noreply.github.com> * Potential fix for pull request finding Co-authored-by: Copilot Autofix powered by AI <175728472+Copilot@users.noreply.github.com> * fix: tlsreconciler only patches cabundles Signed-off-by: Oliver Baehler <oliver@sudo-i.net> * fix: tlsreconciler only patches cabundles Signed-off-by: Oliver Baehler <oliver@sudo-i.net> --------- Signed-off-by: Oliver Bähler <oliverbaehler@hotmail.com> Signed-off-by: Oliver Baehler <oliver@sudo-i.net> Co-authored-by: Copilot Autofix powered by AI <175728472+Copilot@users.noreply.github.com> Signed-off-by: Oliver Baehler <oliver@sudo-i.net> * chore: fix typo (#1945) * chore: typo in ruleset description crd Signed-off-by: sandert-k8s <sandert98@gmail.com> * chore: fix typo Signed-off-by: sandert-k8s <sandert98@gmail.com> --------- Signed-off-by: sandert-k8s <sandert98@gmail.com> Signed-off-by: Oliver Baehler <oliver@sudo-i.net> * fix: allow managed metadata defined per tenant (#1947) * fix: allow managed metadata defined per tenant Signed-off-by: Oliver Baehler <oliver@sudo-i.net> * fix: allow managed metadata defined per tenant Signed-off-by: Oliver Baehler <oliver@sudo-i.net> --------- Signed-off-by: Oliver Baehler <oliver@sudo-i.net> * feat: action type Signed-off-by: Oliver Baehler <oliver@sudo-i.net> * fix: preserve ca-bundles injected from external providers (#1948) * fix: preserve ca-bundles injected from external providers (#1948) Signed-off-by: Oliver Baehler <oliver@sudo-i.net> * fix(deps): update module sigs.k8s.io/cluster-api to v1.13.2 (#1874) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Signed-off-by: Oliver Baehler <oliver@sudo-i.net> * feat(deps): bump golang 1.26.4 (#1949) * fix(controller): decode old object for delete requests Signed-off-by: Oliver Bähler <oliverbaehler@hotmail.com> * chore: modernize golang Signed-off-by: Oliver Bähler <oliverbaehler@hotmail.com> * chore: modernize golang Signed-off-by: Oliver Bähler <oliverbaehler@hotmail.com> * chore: modernize golang Signed-off-by: Oliver Bähler <oliverbaehler@hotmail.com> * fix: preserve ca-bundles injected from external providers Signed-off-by: Oliver Baehler <oliver@sudo-i.net> * feat(deps): bump golang 1.26.4 Signed-off-by: Oliver Baehler <oliver@sudo-i.net> * Potential fix for pull request finding Co-authored-by: Copilot Autofix powered by AI <175728472+Copilot@users.noreply.github.com> * feat(deps): bump golang 1.26.4 Signed-off-by: Oliver Baehler <oliver@sudo-i.net> --------- Signed-off-by: Oliver Bähler <oliverbaehler@hotmail.com> Signed-off-by: Oliver Baehler <oliver@sudo-i.net> Co-authored-by: Copilot Autofix powered by AI <175728472+Copilot@users.noreply.github.com> Signed-off-by: Oliver Baehler <oliver@sudo-i.net> * chore(deps): update capsule-proxy docker tag to v0.13.3 (#1950) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Signed-off-by: Oliver Baehler <oliver@sudo-i.net> * chore(deps): update all-ci-updates (#1902) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Signed-off-by: Oliver Baehler <oliver@sudo-i.net> * fix: best effort patch reconciling status (#1952) * fix(controller): decode old object for delete requests Signed-off-by: Oliver Bähler <oliverbaehler@hotmail.com> * chore: modernize golang Signed-off-by: Oliver Bähler <oliverbaehler@hotmail.com> * chore: modernize golang Signed-off-by: Oliver Bähler <oliverbaehler@hotmail.com> * chore: modernize golang Signed-off-by: Oliver Bähler <oliverbaehler@hotmail.com> * fix: preserve ca-bundles injected from external providers Signed-off-by: Oliver Baehler <oliver@sudo-i.net> * fix: best effort patch reconciling status Signed-off-by: Oliver Baehler <oliver@sudo-i.net> --------- Signed-off-by: Oliver Bähler <oliverbaehler@hotmail.com> Signed-off-by: Oliver Baehler <oliver@sudo-i.net> * fix: use different match strategy for truthy and match (#1953) * fix(controller): decode old object for delete requests Signed-off-by: Oliver Bähler <oliverbaehler@hotmail.com> * chore: modernize golang Signed-off-by: Oliver Bähler <oliverbaehler@hotmail.com> * chore: modernize golang Signed-off-by: Oliver Bähler <oliverbaehler@hotmail.com> * chore: modernize golang Signed-off-by: Oliver Bähler <oliverbaehler@hotmail.com> * fix: preserve ca-bundles injected from external providers Signed-off-by: Oliver Baehler <oliver@sudo-i.net> * fix: best effort patch reconciling status Signed-off-by: Oliver Baehler <oliver@sudo-i.net> * fix: use different match strategy for truthy and match Signed-off-by: Oliver Baehler <oliver@sudo-i.net> --------- Signed-off-by: Oliver Bähler <oliverbaehler@hotmail.com> Signed-off-by: Oliver Baehler <oliver@sudo-i.net> * progress Signed-off-by: Oliver Baehler <oliver@sudo-i.net> * feat: add registry Signed-off-by: Oliver Baehler <oliver@sudo-i.net> * feat: add registry Signed-off-by: Oliver Baehler <oliver@sudo-i.net> * chore: update all gihub actions, use digest versioning and remove obsolete docs-lint workflow (#1955) Signed-off-by: bakito <github@bakito.ch> Signed-off-by: Oliver Baehler <oliver@sudo-i.net> * fix: translate serviceaccounts to type serviceaccount not user (#1956) * fix(controller): decode old object for delete requests Signed-off-by: Oliver Bähler <oliverbaehler@hotmail.com> * chore: modernize golang Signed-off-by: Oliver Bähler <oliverbaehler@hotmail.com> * chore: modernize golang Signed-off-by: Oliver Bähler <oliverbaehler@hotmail.com> * chore: modernize golang Signed-off-by: Oliver Bähler <oliverbaehler@hotmail.com> * fix: preserve ca-bundles injected from external providers Signed-off-by: Oliver Baehler <oliver@sudo-i.net> * fix: translate serviceaccounts to type serviceaccount not user Signed-off-by: Oliver Baehler <oliver@sudo-i.net> --------- Signed-off-by: Oliver Bähler <oliverbaehler@hotmail.com> Signed-off-by: Oliver Baehler <oliver@sudo-i.net> * feat: add improved registry enforcement Signed-off-by: Oliver Baehler <oliver@sudo-i.net> --------- Signed-off-by: Oliver Bähler <oliverbaehler@hotmail.com> Signed-off-by: Oliver Baehler <oliver@sudo-i.net> Signed-off-by: Hristo Hristov <me@hhristov.info> Signed-off-by: sandert-k8s <sandert98@gmail.com> Signed-off-by: Akash Kumar <meakash7902@gmail.com> Signed-off-by: bakito <github@bakito.ch> Signed-off-by: Alan <alan747271363-art@users.noreply.github.com> Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Co-authored-by: Hristo Hristov <me@hhristov.info> Co-authored-by: Sander Tervoert <32864332+sandert-k8s@users.noreply.github.com> Co-authored-by: Akash Kumar <91385321+AkashKumar7902@users.noreply.github.com> Co-authored-by: CorentinPtrl <pitrel.corentin@gmail.com> Co-authored-by: Marc Brugger <github@bakito.ch> Co-authored-by: alan747271363-art <alan747271363@gmail.com> Co-authored-by: Alan <alan747271363-art@users.noreply.github.com> Co-authored-by: Copilot Autofix powered by AI <175728472+Copilot@users.noreply.github.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Add objects to status of CapsuleConfiguration: