feat(docker): update system-upgrade-controller-genmachine #575
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
![pipelines-github-app[bot]](https://avatars.githubusercontent.com/in/1156216?s=80&v=4){kind=small}
--- main/system-upgrade-controller_gitops_manifests_system-upgrade-controller_genmachine_manifest_main.yaml 2025-10-16 03:32:29.440485416 +0000
+++ pr/system-upgrade-controller_gitops_manifests_system-upgrade-controller_genmachine_manifest_pr.yaml 2025-10-16 03:32:28.710483917 +0000
@@ -1,73 +1,73 @@
---
# Source: system-upgrade-controller/charts/system-upgrade-controller/templates/serviceaccount.yaml
apiVersion: v1
kind: ServiceAccount
metadata:
name: system-upgrade
labels:
- helm.sh/chart: system-upgrade-controller-0.2.4
+ helm.sh/chart: system-upgrade-controller-0.3.2
app.kubernetes.io/name: system-upgrade-controller
app.kubernetes.io/instance: system-upgrade-controller
- app.kubernetes.io/version: "v0.15.3"
+ app.kubernetes.io/version: "v0.16.3"
app.kubernetes.io/managed-by: Helm
namespace: default
automountServiceAccountToken: true
---
# Source: system-upgrade-controller/charts/system-upgrade-controller/templates/serviceaccount.yaml
apiVersion: talos.dev/v1alpha1
kind: ServiceAccount
metadata:
name: system-upgrade-talos
labels:
- helm.sh/chart: system-upgrade-controller-0.2.4
+ helm.sh/chart: system-upgrade-controller-0.3.2
app.kubernetes.io/name: system-upgrade-controller
app.kubernetes.io/instance: system-upgrade-controller
- app.kubernetes.io/version: "v0.15.3"
+ app.kubernetes.io/version: "v0.16.3"
app.kubernetes.io/managed-by: Helm
namespace: default
spec:
roles:
- os:admin
---
# Source: system-upgrade-controller/charts/system-upgrade-controller/templates/configmap.yaml
apiVersion: v1
kind: ConfigMap
metadata:
name: system-upgrade-controller-env
labels:
- helm.sh/chart: system-upgrade-controller-0.2.4
+ helm.sh/chart: system-upgrade-controller-0.3.2
app.kubernetes.io/name: system-upgrade-controller
app.kubernetes.io/instance: system-upgrade-controller
- app.kubernetes.io/version: "v0.15.3"
+ app.kubernetes.io/version: "v0.16.3"
app.kubernetes.io/managed-by: Helm
data:
SYSTEM_UPGRADE_CONTROLLER_DEBUG: "false"
SYSTEM_UPGRADE_CONTROLLER_THREADS: "2"
SYSTEM_UPGRADE_JOB_ACTIVE_DEADLINE_SECONDS: "1800"
SYSTEM_UPGRADE_JOB_BACKOFF_LIMIT: "1"
SYSTEM_UPGRADE_JOB_IMAGE_PULL_POLICY: "IfNotPresent"
- SYSTEM_UPGRADE_JOB_KUBECTL_IMAGE: "registry.k8s.io/kubectl:v1.33.4"
+ SYSTEM_UPGRADE_JOB_KUBECTL_IMAGE: "registry.k8s.io/kubectl:v1.34.1"
SYSTEM_UPGRADE_JOB_PRIVILEGED: "true"
SYSTEM_UPGRADE_JOB_TTL_SECONDS_AFTER_FINISH: "900"
SYSTEM_UPGRADE_PLAN_POLLING_INTERVAL: "15m"
---
# Source: system-upgrade-controller/charts/system-upgrade-controller/templates/clusterrole.yaml
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
name: system-upgrade-controller
labels:
- helm.sh/chart: system-upgrade-controller-0.2.4
+ helm.sh/chart: system-upgrade-controller-0.3.2
app.kubernetes.io/name: system-upgrade-controller
app.kubernetes.io/instance: system-upgrade-controller
- app.kubernetes.io/version: "v0.15.3"
+ app.kubernetes.io/version: "v0.16.3"
app.kubernetes.io/managed-by: Helm
rules:
- apiGroups:
- batch
resources:
- jobs
verbs:
- get
- list
- watch
@@ -134,24 +134,24 @@
- patch
- update
- delete
---
# Source: system-upgrade-controller/charts/system-upgrade-controller/templates/clusterrole.yaml
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
name: system-upgrade-controller-drainer
labels:
- helm.sh/chart: system-upgrade-controller-0.2.4
+ helm.sh/chart: system-upgrade-controller-0.3.2
app.kubernetes.io/name: system-upgrade-controller
app.kubernetes.io/instance: system-upgrade-controller
- app.kubernetes.io/version: "v0.15.3"
+ app.kubernetes.io/version: "v0.16.3"
app.kubernetes.io/managed-by: Helm
rules:
# Needed to evict pods
- apiGroups:
- ""
resources:
- "pods/eviction"
verbs:
- "create"
# Needed to list/delete pods by Node
@@ -181,64 +181,64 @@
verbs:
- "get"
- "list"
---
# Source: system-upgrade-controller/charts/system-upgrade-controller/templates/clusterrolebinding.yaml
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
name: system-upgrade-controller:drainer
labels:
- helm.sh/chart: system-upgrade-controller-0.2.4
+ helm.sh/chart: system-upgrade-controller-0.3.2
app.kubernetes.io/name: system-upgrade-controller
app.kubernetes.io/instance: system-upgrade-controller
- app.kubernetes.io/version: "v0.15.3"
+ app.kubernetes.io/version: "v0.16.3"
app.kubernetes.io/managed-by: Helm
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: system-upgrade-controller-drainer
subjects:
- kind: ServiceAccount
name: system-upgrade
namespace: default
---
# Source: system-upgrade-controller/charts/system-upgrade-controller/templates/clusterrolebinding.yaml
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
name: system-upgrade-controller
labels:
- helm.sh/chart: system-upgrade-controller-0.2.4
+ helm.sh/chart: system-upgrade-controller-0.3.2
app.kubernetes.io/name: system-upgrade-controller
app.kubernetes.io/instance: system-upgrade-controller
- app.kubernetes.io/version: "v0.15.3"
+ app.kubernetes.io/version: "v0.16.3"
app.kubernetes.io/managed-by: Helm
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: system-upgrade-controller
subjects:
- kind: ServiceAccount
name: system-upgrade
namespace: default
---
# Source: system-upgrade-controller/charts/system-upgrade-controller/templates/clusterrole.yaml
apiVersion: rbac.authorization.k8s.io/v1
kind: Role
metadata:
name: system-upgrade-controller-upgrade
labels:
- helm.sh/chart: system-upgrade-controller-0.2.4
+ helm.sh/chart: system-upgrade-controller-0.3.2
app.kubernetes.io/name: system-upgrade-controller
app.kubernetes.io/instance: system-upgrade-controller
- app.kubernetes.io/version: "v0.15.3"
+ app.kubernetes.io/version: "v0.16.3"
app.kubernetes.io/managed-by: Helm
namespace: default
rules:
- apiGroups:
- batch
resources:
- jobs
verbs:
- create
- delete
@@ -256,84 +256,84 @@
- get
- list
- watch
---
# Source: system-upgrade-controller/charts/system-upgrade-controller/templates/clusterrolebinding.yaml
apiVersion: rbac.authorization.k8s.io/v1
kind: RoleBinding
metadata:
name: system-upgrade-controller:upgrade
labels:
- helm.sh/chart: system-upgrade-controller-0.2.4
+ helm.sh/chart: system-upgrade-controller-0.3.2
app.kubernetes.io/name: system-upgrade-controller
app.kubernetes.io/instance: system-upgrade-controller
- app.kubernetes.io/version: "v0.15.3"
+ app.kubernetes.io/version: "v0.16.3"
app.kubernetes.io/managed-by: Helm
namespace: default
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: Role
name: system-upgrade-controller-upgrade
subjects:
- kind: ServiceAccount
name: system-upgrade
namespace: default
---
# Source: system-upgrade-controller/charts/system-upgrade-controller/templates/deployment.yaml
apiVersion: apps/v1
kind: Deployment
metadata:
name: system-upgrade-controller
labels:
- helm.sh/chart: system-upgrade-controller-0.2.4
+ helm.sh/chart: system-upgrade-controller-0.3.2
app.kubernetes.io/name: system-upgrade-controller
app.kubernetes.io/instance: system-upgrade-controller
- app.kubernetes.io/version: "v0.15.3"
+ app.kubernetes.io/version: "v0.16.3"
app.kubernetes.io/managed-by: Helm
spec:
replicas: 1
strategy:
type: RollingUpdate
rollingUpdate:
maxUnavailable: 1
selector:
matchLabels:
app.kubernetes.io/name: system-upgrade-controller
app.kubernetes.io/instance: system-upgrade-controller
template:
metadata:
labels:
- helm.sh/chart: system-upgrade-controller-0.2.4
+ helm.sh/chart: system-upgrade-controller-0.3.2
app.kubernetes.io/name: system-upgrade-controller
app.kubernetes.io/instance: system-upgrade-controller
- app.kubernetes.io/version: "v0.15.3"
+ app.kubernetes.io/version: "v0.16.3"
app.kubernetes.io/managed-by: Helm
spec:
enableServiceLinks: false
serviceAccountName: system-upgrade
securityContext:
fsGroup: 65534
fsGroupChangePolicy: OnRootMismatch
containers:
- name: system-upgrade-controller
securityContext:
allowPrivilegeEscalation: false
capabilities:
drop:
- ALL
readOnlyRootFilesystem: true
runAsGroup: 65534
runAsNonRoot: true
runAsUser: 65534
seccompProfile:
type: RuntimeDefault
- image: "rancher/system-upgrade-controller:v0.16.3"
+ image: "rancher/system-upgrade-controller:v0.17.0"
imagePullPolicy: IfNotPresent
env:
- name: SYSTEM_UPGRADE_CONTROLLER_NAME
value: system-upgrade-controller
- name: SYSTEM_UPGRADE_CONTROLLER_NAMESPACE
valueFrom:
fieldRef:
fieldPath: metadata.namespace
- name: SYSTEM_UPGRADE_CONTROLLER_NODE_NAME
valueFrom:
@@ -364,21 +364,21 @@
- effect: NoSchedule
key: node-role.kubernetes.io/control-plane
operator: Exists
---
# Source: system-upgrade-controller/templates/plan-k8s.yaml
apiVersion: upgrade.cattle.io/v1
kind: Plan
metadata:
name: k8s
spec:
- version: v1.33.4
+ version: v1.34.1
concurrency: 1
exclusive: true
jobActiveDeadlineSecs: 3600
serviceAccountName: system-upgrade
nodeSelector:
matchExpressions:
- key: kubernetes.io/hostname
operator: Exists
tolerations:
- key: CriticalAddonsOnly
@@ -387,38 +387,38 @@
operator: Exists
effect: NoSchedule
secrets:
- name: system-upgrade-talos
path: /var/run/secrets/talos.dev
ignoreUpdates: true
drain:
ignoreDaemonSets: true
force: true
upgrade:
- image: ghcr.io/siderolabs/talosctl:v1.10.7
+ image: ghcr.io/siderolabs/talosctl:v1.11.3
envs:
- name: NODE_IP
valueFrom:
fieldRef:
fieldPath: status.hostIP
args:
- --nodes=$(NODE_IP)
- upgrade-k8s
- --to=$(SYSTEM_UPGRADE_PLAN_LATEST_VERSION)
---
# Source: system-upgrade-controller/templates/plan-talos.yaml
apiVersion: upgrade.cattle.io/v1
kind: Plan
metadata:
name: talos
spec:
- version: v1.10.7
+ version: v1.11.3
concurrency: 1
exclusive: true
jobActiveDeadlineSecs: 3600
serviceAccountName: system-upgrade
nodeSelector:
matchExpressions:
- key: kubernetes.io/hostname
operator: Exists
tolerations:
- key: CriticalAddonsOnly
|
pipelines-github-app
bot
force-pushed
the
renovate/cluster/system-upgrade-controller-genmachine
branch
6 times, most recently
from
a39eb78 to
61cffbf
Compare
pipelines-github-app
bot
force-pushed
the
renovate/cluster/system-upgrade-controller-genmachine
branch
8 times, most recently
from
cc40669 to
5db9761
Compare
pipelines-github-app
bot
force-pushed
the
renovate/cluster/system-upgrade-controller-genmachine
branch
8 times, most recently
from
3829ac0 to
c0cfd50
Compare
pipelines-github-app
bot
force-pushed
the
renovate/cluster/system-upgrade-controller-genmachine
branch
7 times, most recently
from
5c1b84c to
548a84f
Compare
pipelines-github-app
bot
force-pushed
the
renovate/cluster/system-upgrade-controller-genmachine
branch
10 times, most recently
from
49e927d to
6c705db
Compare
pipelines-github-app
bot
force-pushed
the
renovate/cluster/system-upgrade-controller-genmachine
branch
6 times, most recently
from
f5e4fa9 to
27a586e
Compare
pipelines-github-app
bot
force-pushed
the
renovate/cluster/system-upgrade-controller-genmachine
branch
7 times, most recently
from
5f63cf7 to
cd7947e
Compare
pipelines-github-app
bot
force-pushed
the
renovate/cluster/system-upgrade-controller-genmachine
branch
5 times, most recently
from
cee16f5 to
8cfbdc1
Compare
| datasource | package | from | to | | ---------- | --------------------------------- | ------- | ------- | | docker | ghcr.io/siderolabs/installer | v1.10.7 | v1.11.3 | | docker | ghcr.io/siderolabs/kubelet | v1.33.4 | v1.34.1 | | docker | rancher/system-upgrade-controller | v0.16.3 | v0.17.0 | | docker | registry.k8s.io/kubectl | v1.33.4 | v1.34.1 | | helm | system-upgrade-controller | 0.2.4 | 0.3.2 | Co-authored-by: renovate[bot] <[email protected]>
pipelines-github-app
bot
force-pushed
the
renovate/cluster/system-upgrade-controller-genmachine
branch
from
8cfbdc1 to
1fb3b2a
Compare
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This PR contains the following updates:
v1.10.7->v1.11.3v1.33.4->v1.34.1v0.16.3->v0.17.0v1.33.4->v1.34.10.2.4->0.3.2Warning
Some dependencies could not be looked up. Check the Dependency Dashboard for more information.
Release Notes
siderolabs/kubelet (ghcr.io/siderolabs/kubelet)
v1.34.1Compare Source
v1.34.0Compare Source
v1.33.5Compare Source
rancher/system-upgrade-controller (rancher/system-upgrade-controller)
v0.17.0Compare Source
What's Changed
Full Changelog: rancher/system-upgrade-controller@v0.16.3...v0.17.0
sergelogvinov/helm-charts (system-upgrade-controller)
v0.3.2Compare Source
System Upgrade Controller for Talos
v0.3.1Compare Source
System Upgrade Controller for Talos
v0.3.0Compare Source
System Upgrade Controller for Talos
Configuration
📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).
🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.
♻ Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.
👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.
This PR has been generated by Renovate Bot.