Skip to content

Merge https://github.com/kubernetes-sigs/cluster-api-provider-azure:v1.24.0 (f69aa53) into main #388

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
cloud-team-rebase-bot wants to merge 127 commits into
base: main
Choose a base branch
from
Open

Merge https://github.com/kubernetes-sigs/cluster-api-provider-azure:v1.24.0 (f69aa53) into main #388

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
127 commits
Select commit Hold shift + click to select a range
d4edea0
Add xtrace debugging
mboersma Oct 2, 2025
2302f6d
Updated Makefile to check and warn if az cli if unavailable in local
vishalanarase Mar 20, 2026
dccd5bd
Enable DRADeviceTaints and DRADeviceTaintRules feature gate in DRA te…
willie-yao Mar 24, 2026
5cdce5b
Update link to Google Artifact Registry staging
mboersma Mar 24, 2026
1317531
Merge pull request #6187 from mboersma/update-staging
k8s-ci-robot Mar 24, 2026
5f2be22
Update branches in security scanner workflow for release v1.23
willie-yao Mar 24, 2026
4885442
Merge pull request #6188 from willie-yao/update-security-scan
k8s-ci-robot Mar 24, 2026
b3ee04d
Add release notes for v1.22.2
willie-yao Mar 24, 2026
3a9b2b8
Merge pull request #6184 from willie-yao/fix-dra-conformance
k8s-ci-robot Mar 25, 2026
02c496b
Merge pull request #6177 from vishalanarase/fix/issue-5291
k8s-ci-robot Mar 25, 2026
ce59401
Merge pull request #6190 from willie-yao/release-notes-1.22.2
k8s-ci-robot Mar 25, 2026
b6eb0c4
bump test metadata for v1.23.0
willie-yao Mar 24, 2026
7ce1668
Merge pull request #6189 from willie-yao/bump-1.23-test-metadata
k8s-ci-robot Mar 25, 2026
51201df
dependabot(deps): bump the all-github-actions group with 3 updates
dependabot[bot] Mar 30, 2026
8bfadd8
Add alpha/beta feature gates to conformance test
willie-yao Mar 30, 2026
4c5753c
Merge pull request #6193 from kubernetes-sigs/dependabot/github_actio…
k8s-ci-robot Mar 31, 2026
481c3b7
Bump CAAPH to v0.6.2
mboersma Apr 2, 2026
8c97566
Merge pull request #6196 from willie-yao/alpha-conformance-tests
k8s-ci-robot Apr 2, 2026
7856368
Merge pull request #6201 from mboersma/bump-caaph
k8s-ci-robot Apr 3, 2026
6c9426c
Bump Ray and KubeRay e2e test versions to latest releases (#6203)
mboersma Apr 3, 2026
0cf2931
dependabot(deps): bump step-security/harden-runner
dependabot[bot] Apr 6, 2026
224125e
Merge pull request #6207 from kubernetes-sigs/dependabot/github_actio…
k8s-ci-robot Apr 6, 2026
bfcbba6
Bump Go toolchain to v1.25.8 (#6161)
mboersma Apr 6, 2026
81bbc7d
dependabot(deps): bump golang.org/x/text from 0.34.0 to 0.35.0
dependabot[bot] Apr 6, 2026
700593b
Merge pull request #6170 from kubernetes-sigs/dependabot/go_modules/g…
k8s-ci-robot Apr 6, 2026
f876d38
dependabot(deps): bump golang.org/x/mod from 0.33.0 to 0.34.0
dependabot[bot] Apr 6, 2026
fc77e8f
Merge pull request #6168 from kubernetes-sigs/dependabot/go_modules/g…
k8s-ci-robot Apr 6, 2026
2d66790
dependabot(deps): bump golang.org/x/crypto from 0.48.0 to 0.49.0
dependabot[bot] Apr 6, 2026
68e5ff6
Merge pull request #6169 from kubernetes-sigs/dependabot/go_modules/g…
k8s-ci-robot Apr 7, 2026
d9c4108
Add e2e spec for self-managed kuberay (#6200)
mboersma Apr 7, 2026
7095000
docs(aso): fix link formatting in ASO upgrade instructions
Meecr0b Apr 7, 2026
238b343
Merge pull request #6210 from Meecr0b/Meecr0b/docs/aso/fix-link
k8s-ci-robot Apr 7, 2026
811ba37
Fix custom-builds templates to use Azure Storage instead of dl.k8s.io
mboersma Apr 6, 2026
60627f9
dependabot(deps): bump go.opentelemetry.io/otel from 1.41.0 to 1.43.0…
dependabot[bot] Apr 7, 2026
d359ee9
Merge pull request #6212 from mboersma/fix-custom-builds-templates
k8s-ci-robot Apr 7, 2026
eb94a6b
Bump Go toolchain to v1.25.9
mboersma Apr 8, 2026
84c7570
Fix MachinePoolScope.Close() recreating machines during deletion (#6213)
mboersma Apr 8, 2026
23f95d1
Bump cert-manager to v1.20.1
mboersma Apr 8, 2026
68141ff
Merge pull request #6214 from mboersma/bump-go-toolchain
k8s-ci-robot Apr 8, 2026
55fe6f4
🌱 Bump CAPI to v1.13.0-rc.0 (#6182)
mboersma Apr 9, 2026
a248a9c
Merge pull request #6220 from mboersma/bump-cert-manager-v1.20.1
k8s-ci-robot Apr 10, 2026
eb7d7a4
Update trivy version to v0.69.3
mboersma Apr 10, 2026
8a287bb
Merge pull request #6224 from mboersma/fix-vulns-main
k8s-ci-robot Apr 10, 2026
d8a0b2e
Bump CAAPH preload image to v0.6.2
mboersma Apr 10, 2026
907d5a1
Merge pull request #6228 from mboersma/bump-caaph-preload
k8s-ci-robot Apr 10, 2026
df78d73
dependabot(deps): bump golang.org/x/mod from 0.34.0 to 0.35.0
dependabot[bot] Apr 13, 2026
8adb85a
dependabot(deps): bump the all-github-actions group with 3 updates
dependabot[bot] Apr 13, 2026
d6c5c0c
Merge pull request #6232 from kubernetes-sigs/dependabot/github_actio…
k8s-ci-robot Apr 13, 2026
ca6d5cf
Merge pull request #6230 from kubernetes-sigs/dependabot/go_modules/g…
k8s-ci-robot Apr 13, 2026
6699898
dependabot(deps): bump golang.org/x/crypto from 0.49.0 to 0.50.0
dependabot[bot] Apr 13, 2026
7b8b89d
Merge pull request #6229 from kubernetes-sigs/dependabot/go_modules/g…
k8s-ci-robot Apr 13, 2026
00b200c
Implement smarter retry for az commands in peer-vnets flow
willie-yao Apr 13, 2026
1360e4a
Merge pull request #6235 from willie-yao/fix-peer-vnet-throttle
k8s-ci-robot Apr 15, 2026
bc80e3b
dependabot(deps): bump github.com/moby/spdystream from 0.5.0 to 0.5.1
dependabot[bot] Apr 16, 2026
623c1b0
Merge pull request #6239 from kubernetes-sigs/dependabot/go_modules/g…
k8s-ci-robot Apr 20, 2026
9128981
dependabot(deps): bump github.com/Azure/azure-sdk-for-go/sdk/azcore
dependabot[bot] Apr 20, 2026
84d9215
dependabot(deps): bump the all-github-actions group with 4 updates
dependabot[bot] Apr 20, 2026
5d5205b
Merge pull request #6243 from kubernetes-sigs/dependabot/github_actio…
k8s-ci-robot Apr 20, 2026
8ee5c39
Bump CAPI dependency to v1.13.0-rc.1
mboersma Apr 20, 2026
dc8aba1
Merge pull request #6241 from kubernetes-sigs/dependabot/go_modules/g…
k8s-ci-robot Apr 20, 2026
ee2dc17
Update Kubernetes versions to 1.35
mboersma Apr 20, 2026
ec43dc0
Use concrete semver for KUBERNETES_VERSION_API_UPGRADE_FROM
mboersma Apr 20, 2026
b4f60db
Merge pull request #6245 from mboersma/bump-k8s-1.35
k8s-ci-robot Apr 21, 2026
4566dde
Merge pull request #6244 from mboersma/bump-capi-v1.13.0-rc.1
k8s-ci-robot Apr 21, 2026
c8e476a
Bump cert-manager to v1.20.2
mboersma Apr 21, 2026
94b5939
Merge pull request #6246 from mboersma/bump-cert-manager-v1.20.2
k8s-ci-robot Apr 21, 2026
ff8cf07
Bump CAPI to v1.13.0, old upgrade version to v1.12.7
mboersma Apr 21, 2026
e9c0a3a
Add multi zone template for Cloud Provider Azure CI
willie-yao Apr 22, 2026
20ba7b7
Merge pull request #6251 from mboersma/bump-capi-v1.13.0
k8s-ci-robot Apr 22, 2026
5f7f9dd
Add release notes for v1.22.3
mboersma Apr 23, 2026
5b44ff0
Merge pull request #6253 from mboersma/release-notes-v1.22.3
k8s-ci-robot Apr 23, 2026
edfcf73
Add release notes for v1.22.4
mboersma Apr 23, 2026
d06851e
Add release notes for v1.23.1 (#6254)
mboersma Apr 23, 2026
e8bd139
Merge pull request #6257 from mboersma/release-notes-v1.22.4
k8s-ci-robot Apr 23, 2026
17444b5
Bump Azure Service Operator from v2.13.0 to v2.16.0 (#6238)
mboersma Apr 23, 2026
97a294b
Use upstream k8s images if no artifacts are built
willie-yao Apr 24, 2026
7a7144f
Merge pull request #6258 from willie-yao/fix-dalec-substitution
k8s-ci-robot Apr 25, 2026
e0e956f
Merge pull request #6252 from willie-yao/fix-multi-zone-test
k8s-ci-robot Apr 27, 2026
b26a7b1
dependabot(deps): bump github.com/onsi/ginkgo/v2 from 2.28.1 to 2.28.2
dependabot[bot] Apr 27, 2026
d328b5f
Merge pull request #6261 from kubernetes-sigs/dependabot/go_modules/g…
k8s-ci-robot Apr 27, 2026
51fec6a
Bump CAPI to v1.13.1
mboersma Apr 29, 2026
dc662a2
Remove fake FakeClient
nojnhuh Apr 30, 2026
4a8e9f1
test/e2e: make collectNodes log dump best-effort
mboersma May 1, 2026
6f1f830
Merge pull request #6263 from nojnhuh/real-fake-client
k8s-ci-robot May 1, 2026
e845eba
Merge pull request #6265 from mboersma/fix-collectnodes-best-effort
k8s-ci-robot May 2, 2026
2cccd52
dependabot(deps): bump the all-github-actions group with 2 updates
dependabot[bot] May 4, 2026
78fdbfe
dependabot(deps): bump github.com/onsi/ginkgo/v2 from 2.28.2 to 2.28.3
dependabot[bot] May 4, 2026
403ab63
Merge pull request #6271 from kubernetes-sigs/dependabot/github_actio…
k8s-ci-robot May 4, 2026
61484a9
Add E2E test for AKS maintenance configurations via ASO
willie-yao Apr 30, 2026
bd1e799
Merge pull request #6272 from kubernetes-sigs/dependabot/go_modules/g…
k8s-ci-robot May 4, 2026
bf831d9
Use uuid.Validate over uuid.Parse where appropriate
mboersma May 5, 2026
7410779
Add unit tests for azuremachine_validation
mboersma May 5, 2026
628015f
Merge pull request #6262 from mboersma/bump-capi-v1.13.1
k8s-ci-robot May 5, 2026
bc2565d
Merge pull request #6264 from willie-yao/maintenance-config
k8s-ci-robot May 6, 2026
238c527
Merge pull request #6276 from mboersma/uuid-validate
k8s-ci-robot May 6, 2026
bd0f01b
Merge pull request #6277 from mboersma/azuremachine-validation-coverage
k8s-ci-robot May 6, 2026
0a73d23
Add release 1.24 to the metadata file
willie-yao May 6, 2026
c0e4eca
Add release notes for release 1.24
willie-yao May 6, 2026
8500275
Merge pull request #6283 from willie-yao/metadata-1.24
k8s-ci-robot May 6, 2026
f69aa53
Merge pull request #6284 from willie-yao/release-notes-1.24
k8s-ci-robot May 6, 2026
26de288
merge upstream/v1.24.0 into main
May 14, 2026
5f5c35e
UPSTREAM: <carry>: Add openshift specific changes
alexander-demicev Dec 13, 2021
e723c7a
UPSTREAM: <carry>: Add manifest generator tool
RadekManak May 23, 2024
2786556
UPSTREAM: <carry>: Add e2e-test.sh script
RadekManak Jul 17, 2024
d60f81d
UPSTREAM: <carry>: Delete ASO deployment
nrb Oct 30, 2024
deaec8c
UPSTREAM: <carry>: Don't install ASO CRDs
nrb Nov 21, 2024
03bf9a1
UPSTREAM: <carry>: Disable ASO API feature gate
nrb Nov 21, 2024
704bf76
UPSTREAM: <carry>: Updating ose-azure-cluster-api-controllers-contain…
Dec 5, 2024
b0943eb
UPSTREAM: <carry>: Remove unnecessary kustomize
RadekManak Feb 24, 2025
892df77
UPSTREAM: <carry>: Update manifests generator tooling
RadekManak Feb 24, 2025
82928f7
UPSTREAM: <carry>: update go mod dependency for konflux
ashwindasr Apr 4, 2025
8f3072c
UPSTREAM: <carry>: Updating ose-azure-cluster-api-controllers-contain…
Jun 19, 2025
b429dd6
UPSTREAM: <carry>: Sync OWNERS file
JoelSpeed Jul 22, 2025
ad6ba5b
UPSTREAM: <carry>: Sync OWNERS file
RadekManak Sep 4, 2025
31bcd1a
UPSTREAM: <carry>: Updating ose-azure-cluster-api-controllers-contain…
Sep 30, 2025
3ea921f
UPSTREAM: <carry>: Updating ose-azure-cluster-api-controllers-contain…
Dec 19, 2025
cc7d819
UPSTREAM: <carry>: Add manifests verify target
RadekManak Jan 15, 2026
30ddad6
UPSTREAM: <carry>: Reference main branch for CI
nrb May 12, 2025
467af6d
UPSTREAM: <carry>: Import provider-version.mk
mdbooth Jan 5, 2026
4170bba
UPSTREAM: <carry>: Bump manifests-gen
theobarberbany Feb 18, 2026
8672cb0
UPSTREAM: <carry>: Update to new manifests-gen
theobarberbany Feb 18, 2026
abd53f6
UPSTREAM: <carry>: Updating ose-azure-cluster-api-controllers-contain…
Mar 3, 2026
8d69880
UPSTREAM: <carry>: Sync OWNERS file
damdo Apr 14, 2026
d2c95d5
UPSTREAM: <carry>: Add TLS substitutions
mdbooth Apr 29, 2026
5425fc7
UPSTREAM: <drop>: Update manifests generator
May 14, 2026
1a1d229
UPSTREAM: <drop>: Generate OpenShift manifests
May 14, 2026
0d14003
UPSTREAM: <drop>: Updating and vendoring go modules after an upstream…
May 14, 2026
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
The table of contents is too big for display.
Diff view
Diff view
  •  
  •  
  •  
1 change: 1 addition & 0 deletions .codespellignore
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -7,3 +7,4 @@ shouldnot
decorder
overriden
wit
ist
8 changes: 4 additions & 4 deletions .github/workflows/codeql.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -41,7 +41,7 @@ jobs:

steps:
- name: Harden Runner
uses: step-security/harden-runner@fa2e9d605c4eeb9fcad4c99c224cee0c6c7f3594 # v2.16.0
uses: step-security/harden-runner@a5ad31d6a139d249332a2605b85202e8c0b78450 # v2.19.1
with:
egress-policy: audit

Expand All @@ -50,7 +50,7 @@ jobs:

# Initializes the CodeQL tools for scanning.
- name: Initialize CodeQL
uses: github/codeql-action/init@38697555549f1db7851b81482ff19f1fa5c4fedc # v4.34.1
uses: github/codeql-action/init@e46ed2cbd01164d986452f91f178727624ae40d7 # v4.35.3
with:
languages: ${{ matrix.language }}
# If you wish to specify custom queries, you can do so here or in a config file.
Expand All @@ -60,7 +60,7 @@ jobs:
# Autobuild attempts to build any compiled languages (C/C++, C#, or Java).
# If this step fails, then you should remove it and run the build manually (see below)
- name: Autobuild
uses: github/codeql-action/autobuild@38697555549f1db7851b81482ff19f1fa5c4fedc # v4.34.1
uses: github/codeql-action/autobuild@e46ed2cbd01164d986452f91f178727624ae40d7 # v4.35.3

# ℹ️ Command-line programs to run using the OS shell.
# 📚 See https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#jobsjob_idstepsrun
Expand All @@ -73,6 +73,6 @@ jobs:
# ./location_of_script_within_repo/buildscript.sh

- name: Perform CodeQL Analysis
uses: github/codeql-action/analyze@38697555549f1db7851b81482ff19f1fa5c4fedc # v4.34.1
uses: github/codeql-action/analyze@e46ed2cbd01164d986452f91f178727624ae40d7 # v4.35.3
with:
category: "/language:${{matrix.language}}"
6 changes: 3 additions & 3 deletions .github/workflows/dependabot-code-gen.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -20,20 +20,20 @@ jobs:
runs-on: ubuntu-latest
steps:
- name: Harden Runner
uses: step-security/harden-runner@fa2e9d605c4eeb9fcad4c99c224cee0c6c7f3594 # v2.16.0
uses: step-security/harden-runner@a5ad31d6a139d249332a2605b85202e8c0b78450 # v2.19.1
with:
egress-policy: audit
- name: Get Go version
id: vars
run: echo "go_version=$(make go-version)" >> $GITHUB_OUTPUT
Comment on lines 26 to 28
Copy link
Copy Markdown

@coderabbitai coderabbitai Bot May 7, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

⚠️ Potential issue | 🟡 Minor | ⚡ Quick win

Quote $GITHUB_OUTPUT to fix the shellcheck SC2086 warning, and move checkout before make go-version.

Two issues in this block:

  1. SC2086 (line 28): $GITHUB_OUTPUT is unquoted, triggering shellcheck's word-splitting warning.
  2. Step ordering (pre-existing): make go-version is invoked on line 28 before actions/checkout on line 34–35. Without the repository checked out, the Makefile is not present and this step will fail. Compare with the correct ordering in pr-golangci-lint.yaml (checkout → get-go-version → setup-go).
🐛 Proposed fix 
-    - name: Get Go version
-      id: vars
-      run: echo "go_version=$(make go-version)" >> $GITHUB_OUTPUT
-    - name: Set up Go
-      uses: actions/setup-go@4a3601121dd01d1626a1e23e37211e3254c1c06c # v6.4.0
-      with:
-        go-version: ${{ steps.vars.outputs.go_version }}
-      id: go
-    - name: Check out code into the Go module directory
-      uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
+    - name: Check out code into the Go module directory
+      uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
+    - name: Get Go version
+      id: vars
+      run: echo "go_version=$(make go-version)" >> "$GITHUB_OUTPUT"
+    - name: Set up Go
+      uses: actions/setup-go@4a3601121dd01d1626a1e23e37211e3254c1c06c # v6.4.0
+      with:
+        go-version: ${{ steps.vars.outputs.go_version }}
+      id: go
📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change
- name: Get Go version
id: vars
run: echo "go_version=$(make go-version)" >> $GITHUB_OUTPUT
- name: Check out code into the Go module directory
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
- name: Get Go version
id: vars
run: echo "go_version=$(make go-version)" >> "$GITHUB_OUTPUT"
- name: Set up Go
uses: actions/setup-go@4a3601121dd01d1626a1e23e37211e3254c1c06c # v6.4.0
with:
go-version: ${{ steps.vars.outputs.go_version }}
id: go
🧰 Tools
🪛 actionlint (1.7.12)

[error] 28-28: shellcheck reported issue in this script: SC2086:info:1:41: Double quote to prevent globbing and word splitting

(shellcheck)

🤖 Prompt for AI Agents 
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In @.github/workflows/dependabot-code-gen.yml around lines 26 - 28, The "Get Go
version" step (id: vars, using make go-version) runs before the repository is
checked out and writes to an unquoted $GITHUB_OUTPUT; fix by moving the
actions/checkout step to run before the "Get Go version" step so the Makefile is
available, and quote the variable when appending output (use "$GITHUB_OUTPUT")
to eliminate the shellcheck SC2086 warning — update the step that calls make
go-version and the surrounding job ordering accordingly.

- name: Set up Go
uses: actions/setup-go@4b73464bb391d4059bd26b0524d20df3927bd417 # v6.3.0
uses: actions/setup-go@4a3601121dd01d1626a1e23e37211e3254c1c06c # v6.4.0
with:
go-version: ${{ steps.vars.outputs.go_version }}
id: go
- name: Check out code into the Go module directory
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
- uses: actions/cache@668228422ae6a00e4ad889ee87cd7109ec5666a7 # tag=v5.0.4
- uses: actions/cache@27d5ce7f107fe9357f9df03efb73ab90386fccae # tag=v5.0.5
name: Restore go cache
with:
path: |
Expand Down
2 changes: 1 addition & 1 deletion .github/workflows/dependency-review.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -17,7 +17,7 @@ jobs:
runs-on: ubuntu-latest
steps:
- name: Harden Runner
uses: step-security/harden-runner@fa2e9d605c4eeb9fcad4c99c224cee0c6c7f3594 # v2.16.0
uses: step-security/harden-runner@a5ad31d6a139d249332a2605b85202e8c0b78450 # v2.19.1
with:
egress-policy: audit

Expand Down
2 changes: 1 addition & 1 deletion .github/workflows/pr-golangci-lint.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -25,7 +25,7 @@ jobs:
run: echo "go_version=$(make go-version)" >> $GITHUB_OUTPUT

- name: Set up Go
uses: actions/setup-go@4b73464bb391d4059bd26b0524d20df3927bd417 # tag=v6.3.0
uses: actions/setup-go@4a3601121dd01d1626a1e23e37211e3254c1c06c # tag=v6.4.0
with:
go-version: ${{ steps.vars.outputs.go_version }}

Expand Down
6 changes: 3 additions & 3 deletions .github/workflows/scorecards.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -31,7 +31,7 @@ jobs:

steps:
- name: Harden Runner
uses: step-security/harden-runner@fa2e9d605c4eeb9fcad4c99c224cee0c6c7f3594 # v2.16.0
uses: step-security/harden-runner@a5ad31d6a139d249332a2605b85202e8c0b78450 # v2.19.1
with:
egress-policy: audit

Expand Down Expand Up @@ -63,14 +63,14 @@ jobs:
# Upload the results as artifacts (optional). Commenting out will disable uploads of run results in SARIF
# format to the repository Actions tab.
- name: "Upload artifact"
uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7.0.0
uses: actions/upload-artifact@043fb46d1a93c77aae656e7c1c64a875d1fc6a0a # v7.0.1
with:
name: SARIF file
path: results.sarif
retention-days: 5

# Upload the results to GitHub's code scanning dashboard.
- name: "Upload to code-scanning"
uses: github/codeql-action/upload-sarif@38697555549f1db7851b81482ff19f1fa5c4fedc # v4.34.1
uses: github/codeql-action/upload-sarif@e46ed2cbd01164d986452f91f178727624ae40d7 # v4.35.3
with:
sarif_file: results.sarif
4 changes: 2 additions & 2 deletions .github/workflows/weekly-security-scan.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -14,7 +14,7 @@ jobs:
strategy:
fail-fast: false
matrix:
branch: [ main, release-1.22, release-1.21 ]
branch: [ main, release-1.23, release-1.22 ]
name: Trivy
runs-on: ubuntu-latest
steps:
Expand All @@ -26,7 +26,7 @@ jobs:
id: vars
run: echo "go_version=$(make go-version)" >> $GITHUB_OUTPUT
- name: Set up Go
uses: actions/setup-go@4b73464bb391d4059bd26b0524d20df3927bd417 # tag=v6.3.0
uses: actions/setup-go@4a3601121dd01d1626a1e23e37211e3254c1c06c # tag=v6.4.0
with:
go-version: ${{ steps.vars.outputs.go_version }}
- name: Run verify security target
Expand Down
6 changes: 5 additions & 1 deletion .golangci.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -160,7 +160,7 @@ linters:
- jsontags # Ensures proper JSON tag formatting
- nofloats # Prevents float type usage
- nomaps # Restricts map usage
- nonullable # Prevents usage of the nullable marker
- nonullable # Prevents usage of the nullable marker
- nophase # Prevents Phase field usage
- notimestamp # Prevents TimeStamp field usage
lintersConfig: {}
Expand Down Expand Up @@ -340,6 +340,10 @@ linters:
- staticcheck
path: .*\.go$
text: 'SA1019: "sigs.k8s.io/cluster-api/util/deprecated/.*" is deprecated: This package is deprecated and is going to be removed when support for v1beta1 will be dropped.'
# Ignore GetEventRecorderFor deprecation (CAPI itself still uses it).
- linters:
- staticcheck
text: 'SA1019: (env|mgr|testEnv).GetEventRecorderFor is deprecated'
# Ignore CAPZ v1beta1 deprecations (SharedGallery, VMState) still used for backward compatibility.
- linters:
- staticcheck
Expand Down
4 changes: 3 additions & 1 deletion AGENTS.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -117,6 +117,8 @@ make kind-reset

**tilt-settings.yaml** is required with Azure credentials (see docs/book/src/developers/development.md for details).

`make tilt-up` runs `check-az-cli`; if `az` is missing, it warns and tells you to install the Azure CLI and retry `make tilt-up` (needed for Tilt flows that call `az`, e.g. VNet peering with AKS as management cluster). Use `VERBOSE=1 make check-az-cli` to print the detected binary path.

### E2E Testing

```bash
Expand Down Expand Up @@ -201,7 +203,7 @@ make generate-go # Regenerates mocks in azure/services/*/mock_*/
- `main.go`: Entry point, registers controllers and webhooks
- `Makefile`: All build/test/dev targets
- `Tiltfile`: Local development with Tilt
- `go.mod`: Go dependencies (uses Go 1.24+)
- `go.mod`: Go dependencies (uses Go 1.25+)
- `config/`: Kustomize configurations for CRDs, RBAC, webhooks, manager
- `templates/`: Cluster template flavors for different scenarios
- `test/e2e/`: E2E test suites and data files
Expand Down
43 changes: 43 additions & 0 deletions CHANGELOG/v1.22.2.md
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,43 @@
## Changes by Kind

### Other (Cleanup or Flake)

- Bump CAPI to v1.11.7 ([#6174](https://github.com/kubernetes-sigs/cluster-api-provider-azure/pull/6174), [@mboersma](https://github.com/mboersma))

## Dependencies

### Added
- sigs.k8s.io/structured-merge-diff/v6: v6.3.2

### Changed
- cel.dev/expr: v0.24.0 → v0.25.1
- github.com/cloudflare/circl: [v1.6.1 → v1.6.3](https://github.com/cloudflare/circl/compare/v1.6.1...v1.6.3)
- github.com/cncf/xds/go: [0feb691 → ee656c7](https://github.com/cncf/xds/compare/0feb691...ee656c7)
- github.com/envoyproxy/go-control-plane/envoy: [v1.35.0 → v1.36.0](https://github.com/envoyproxy/go-control-plane/compare/envoy/v1.35.0...envoy/v1.36.0)
- github.com/envoyproxy/go-control-plane: [75eaa19 → v0.14.0](https://github.com/envoyproxy/go-control-plane/compare/75eaa19...v0.14.0)
- github.com/envoyproxy/protoc-gen-validate: [v1.2.1 → v1.3.0](https://github.com/envoyproxy/protoc-gen-validate/compare/v1.2.1...v1.3.0)
- github.com/grpc-ecosystem/grpc-gateway/v2: [v2.27.3 → v2.27.7](https://github.com/grpc-ecosystem/grpc-gateway/compare/v2.27.3...v2.27.7)
- go.opentelemetry.io/contrib/detectors/gcp: v1.38.0 → v1.39.0
- go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp: v0.60.0 → v0.65.0
- go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracegrpc: v1.39.0 → v1.40.0
- go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracehttp: v1.22.0 → v1.40.0
- go.opentelemetry.io/otel/exporters/otlp/otlptrace: v1.39.0 → v1.40.0
- go.opentelemetry.io/otel/metric: v1.39.0 → v1.40.0
- go.opentelemetry.io/otel/sdk/metric: v1.39.0 → v1.40.0
- go.opentelemetry.io/otel/sdk: v1.39.0 → v1.40.0
- go.opentelemetry.io/otel/trace: v1.39.0 → v1.40.0
- go.opentelemetry.io/otel: v1.39.0 → v1.40.0
- golang.org/x/oauth2: v0.32.0 → v0.34.0
- google.golang.org/genproto/googleapis/api: ff82c1b → 8636f87
- google.golang.org/genproto/googleapis/rpc: ff82c1b → 8636f87
- google.golang.org/grpc: v1.77.0 → v1.79.3
- google.golang.org/protobuf: v1.36.10 → v1.36.11
- sigs.k8s.io/cluster-api/test: v1.11.6 → v1.11.7
- sigs.k8s.io/cluster-api: v1.11.6 → v1.11.7

### Removed
_Nothing has changed._

## Details
<!-- markdown-link-check-disable-next-line -->
https://github.com/kubernetes-sigs/cluster-api-provider-azure/compare/v1.22.1...v1.22.2
63 changes: 63 additions & 0 deletions CHANGELOG/v1.22.4.md
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,63 @@
## Changes by Kind

### Other (Cleanup or Flake)

- Bump CAPI to v1.11.10 ([#6249](https://github.com/kubernetes-sigs/cluster-api-provider-azure/pull/6249), [@mboersma](https://github.com/mboersma))

## Dependencies

### Added
- github.com/moby/moby/api: [v1.54.1](https://github.com/moby/moby/tree/api/v1.54.1)
- github.com/moby/moby/client: [v0.4.0](https://github.com/moby/moby/tree/client/v0.4.0)
- github.com/russross/blackfriday: [v1.6.0](https://github.com/russross/blackfriday/tree/v1.6.0)
- github.com/santhosh-tekuri/jsonschema/v5: [v5.3.1](https://github.com/santhosh-tekuri/jsonschema/tree/v5.3.1)
- pgregory.net/rapid: v1.2.0

### Changed
- github.com/Azure/go-ansiterm: [306776e → faa5f7b](https://github.com/Azure/go-ansiterm/compare/306776e...faa5f7b)
- github.com/GoogleCloudPlatform/opentelemetry-operations-go/detectors/gcp: [v1.30.0 → v1.31.0](https://github.com/GoogleCloudPlatform/opentelemetry-operations-go/compare/detectors/gcp/v1.30.0...detectors/gcp/v1.31.0)
- github.com/Microsoft/go-winio: [v0.5.0 → v0.6.2](https://github.com/Microsoft/go-winio/compare/v0.5.0...v0.6.2)
- github.com/creack/pty: [v1.1.18 → v1.1.24](https://github.com/creack/pty/compare/v1.1.18...v1.1.24)
- github.com/docker/go-connections: [v0.5.0 → v0.6.0](https://github.com/docker/go-connections/compare/v0.5.0...v0.6.0)
- github.com/docker/go-units: [v0.4.0 → v0.5.0](https://github.com/docker/go-units/compare/v0.4.0...v0.5.0)
- github.com/emicklei/go-restful/v3: [v3.12.2 → v3.13.0](https://github.com/emicklei/go-restful/compare/v3.12.2...v3.13.0)
- github.com/grpc-ecosystem/grpc-gateway/v2: [v2.27.7 → v2.28.0](https://github.com/grpc-ecosystem/grpc-gateway/compare/v2.27.7...v2.28.0)
- github.com/moby/term: [v0.5.0 → v0.5.2](https://github.com/moby/term/compare/v0.5.0...v0.5.2)
- github.com/opencontainers/image-spec: [v1.0.2 → v1.1.1](https://github.com/opencontainers/image-spec/compare/v1.0.2...v1.1.1)
- go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracegrpc: v1.40.0 → v1.43.0
- go.opentelemetry.io/otel/exporters/otlp/otlptrace: v1.40.0 → v1.43.0
- go.opentelemetry.io/otel/metric: v1.40.0 → v1.43.0
- go.opentelemetry.io/otel/sdk/metric: v1.40.0 → v1.43.0
- go.opentelemetry.io/otel/sdk: v1.40.0 → v1.43.0
- go.opentelemetry.io/otel/trace: v1.40.0 → v1.43.0
- go.opentelemetry.io/otel: v1.40.0 → v1.43.0
- go.opentelemetry.io/proto/otlp: v1.9.0 → v1.10.0
- golang.org/x/crypto: v0.47.0 → v0.49.0
- golang.org/x/mod: v0.32.0 → v0.33.0
- golang.org/x/net: v0.49.0 → v0.52.0
- golang.org/x/oauth2: v0.34.0 → v0.35.0
- golang.org/x/sync: v0.19.0 → v0.20.0
- golang.org/x/sys: v0.40.0 → v0.42.0
- golang.org/x/telemetry: 8fff8a5 → e7419c6
- golang.org/x/term: v0.39.0 → v0.41.0
- golang.org/x/text: v0.33.0 → v0.35.0
- golang.org/x/tools: v0.40.0 → v0.42.0
- gonum.org/v1/gonum: v0.16.0 → v0.17.0
- google.golang.org/genproto/googleapis/api: 8636f87 → 9d38bb4
- google.golang.org/genproto/googleapis/rpc: 8636f87 → 9d38bb4
- google.golang.org/grpc: v1.79.3 → v1.80.0
- gotest.tools/v3: v3.4.0 → v3.5.2
- sigs.k8s.io/cluster-api/test: v1.11.7 → v1.11.10
- sigs.k8s.io/cluster-api: v1.11.7 → v1.11.10

### Removed
- github.com/containerd/log: [v0.1.0](https://github.com/containerd/log/tree/v0.1.0)
- github.com/docker/docker: [v28.3.3+incompatible](https://github.com/docker/docker/tree/v28.3.3)
- github.com/moby/sys/atomicwriter: [v0.1.0](https://github.com/moby/sys/tree/atomicwriter/v0.1.0)
- github.com/moby/sys/sequential: [v0.6.0](https://github.com/moby/sys/tree/sequential/v0.6.0)
- github.com/morikuni/aec: [v1.0.0](https://github.com/morikuni/aec/tree/v1.0.0)
- go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracehttp: v1.40.0

## Details
<!-- markdown-link-check-disable-next-line -->
https://github.com/kubernetes-sigs/cluster-api-provider-azure/compare/v1.22.2...v1.22.4
57 changes: 57 additions & 0 deletions CHANGELOG/v1.23.1.md
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,57 @@
## Changes by Kind

### Other (Cleanup or Flake)

- Bump CAPI to v1.12.7 ([#6250](https://github.com/kubernetes-sigs/cluster-api-provider-azure/pull/6250), [@mboersma](https://github.com/mboersma))

## Dependencies

### Added
- github.com/moby/moby/api: [v1.54.1](https://github.com/moby/moby/tree/api/v1.54.1)
- github.com/moby/moby/client: [v0.4.0](https://github.com/moby/moby/tree/client/v0.4.0)
- github.com/russross/blackfriday: [v1.6.0](https://github.com/russross/blackfriday/tree/v1.6.0)
- github.com/santhosh-tekuri/jsonschema/v5: [v5.3.1](https://github.com/santhosh-tekuri/jsonschema/tree/v5.3.1)
- pgregory.net/rapid: v1.2.0

### Changed
- github.com/GoogleCloudPlatform/opentelemetry-operations-go/detectors/gcp: [v1.30.0 → v1.31.0](https://github.com/GoogleCloudPlatform/opentelemetry-operations-go/compare/detectors/gcp/v1.30.0...detectors/gcp/v1.31.0)
- github.com/Microsoft/go-winio: [v0.5.0 → v0.6.2](https://github.com/Microsoft/go-winio/compare/v0.5.0...v0.6.2)
- github.com/coredns/corefile-migration: [v1.0.30 → v1.0.31](https://github.com/coredns/corefile-migration/compare/v1.0.30...v1.0.31)
- github.com/creack/pty: [v1.1.18 → v1.1.24](https://github.com/creack/pty/compare/v1.1.18...v1.1.24)
- github.com/docker/go-units: [v0.4.0 → v0.5.0](https://github.com/docker/go-units/compare/v0.4.0...v0.5.0)
- github.com/opencontainers/image-spec: [v1.0.2 → v1.1.1](https://github.com/opencontainers/image-spec/compare/v1.0.2...v1.1.1)
- go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracegrpc: v1.41.0 → v1.43.0
- go.opentelemetry.io/otel/exporters/otlp/otlptrace: v1.41.0 → v1.43.0
- go.opentelemetry.io/otel/metric: v1.41.0 → v1.43.0
- go.opentelemetry.io/otel/sdk/metric: v1.41.0 → v1.43.0
- go.opentelemetry.io/otel/sdk: v1.41.0 → v1.43.0
- go.opentelemetry.io/otel/trace: v1.41.0 → v1.43.0
- go.opentelemetry.io/otel: v1.41.0 → v1.43.0
- go.opentelemetry.io/proto/otlp: v1.9.0 → v1.10.0
- golang.org/x/crypto: v0.48.0 → v0.49.0
- golang.org/x/net: v0.50.0 → v0.52.0
- golang.org/x/sync: v0.19.0 → v0.20.0
- golang.org/x/sys: v0.41.0 → v0.42.0
- golang.org/x/telemetry: bd525da → e7419c6
- golang.org/x/term: v0.40.0 → v0.41.0
- golang.org/x/text: v0.34.0 → v0.35.0
- golang.org/x/tools: v0.41.0 → v0.42.0
- gonum.org/v1/gonum: v0.16.0 → v0.17.0
- google.golang.org/genproto/googleapis/api: 4cfbd41 → 9d38bb4
- google.golang.org/genproto/googleapis/rpc: 4cfbd41 → 9d38bb4
- google.golang.org/grpc: v1.79.1 → v1.80.0
- gotest.tools/v3: v3.4.0 → v3.5.2
- sigs.k8s.io/cluster-api/test: v1.12.4 → v1.12.7
- sigs.k8s.io/cluster-api: v1.12.4 → v1.12.7

### Removed
- github.com/containerd/log: [v0.1.0](https://github.com/containerd/log/tree/v0.1.0)
- github.com/docker/docker: [v28.5.2+incompatible](https://github.com/docker/docker/tree/v28.5.2)
- github.com/moby/sys/atomicwriter: [v0.1.0](https://github.com/moby/sys/tree/atomicwriter/v0.1.0)
- github.com/moby/sys/sequential: [v0.6.0](https://github.com/moby/sys/tree/sequential/v0.6.0)
- github.com/morikuni/aec: [v1.0.0](https://github.com/morikuni/aec/tree/v1.0.0)
- go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracehttp: v1.40.0

## Details
<!-- markdown-link-check-disable-next-line -->
https://github.com/kubernetes-sigs/cluster-api-provider-azure/compare/v1.23.0...v1.23.1
Loading