chore(deps): update all minor dependencies #2650

renovate · 2024-06-01T06:58:32Z

This PR contains the following updates:

Package	Update	Change
karpenter	minor	`0.36.1` -> `0.37.6`
karpenter-crd (source)	minor	`0.36.1` -> `0.37.6`
kube-state-metrics (source)	minor	`5.18.1` -> `5.27.0`

Review

Updates have been tested and work
If updates are AWS related, versions match the infrastructure (e.g. Lambda runtime, database, etc.)

Release Notes

aws/karpenter (karpenter-crd)

`v0.37.6`

Compare Source

Bug Fixes

smoke test for webhook e2e (#7218) #7218 (Reed Schalo)
0.37.x: disable webhooks appropriately in chart (#7177) #7177 (Jason Deal)
simplify e2e for webhooks (#7229) #7229 (Reed Schalo)
Template v1 and Conversion CRD stanzas v0.37.x (#7237) #7237 (Reed Schalo)
env var in test (#7260) #7260 (Reed Schalo)
0.37.x: discover deprecated EKS optimized AMIs (#7245) #7245 (Jason Deal)
chart snapshot for webhook test v0.37.x (#7262) #7262 (Reed Schalo)
remove skip-crds (#7267) #7267 (Reed Schalo)
scope CRD update permissions v0.37.x (#7329) #7329 (Reed Schalo)

Tests

add smoke test for webhooks (#7186) #7186 (Reed Schalo)

Commits

v0.37.x: feat: invalidate SSM cache upon AMI deprecation (#7301) (#7335) #7335 (Jason Deal)
5f55b1d: bump sigs.k8s.io/karpenter (jigisha620) #7352

`v0.37.5`

Compare Source

Bug Fixes

Fix webhook owner reference causing ArgoCD leak (#7080) #7080 (Jonathan Innis)
gpu label test v0.37.x (#7156) #7156 (Reed Schalo)

Tests

wait for node intialization in zone-id tests (#7159) #7159 (Jason Deal)

Commits

bump sigs.k8s.io/karpenter to v0.37.5 (#7162) #7162 (Jonathan Innis)

`v0.37.4`

Compare Source

Continuous Integration

Update Commit used for the Upgrade tests for release-v0.37.x (#7093) #7093 (Amanuel Engeda)

Chores

update gomod for cherry-pick (#7031) #7031 (Nick Tran)
add e2es and drop annotation on conversion #7073 (Reed Schalo)
bump core v0.37.x (#7101) #7101 (Reed Schalo)

Commits

04cfa57: cherry-pick(0.37.x): fix: ensure alias version isn't dropped round-trip (#6777) (#7005) (Jason Deal) #7005
c91b87a: rename test (Reed Schalo) #7073
9371083: updates to name (Reed Schalo) #7073

`v0.37.3`

Compare Source

Bug Fixes

enable webhooks by default (#6900) #6900 (Reed Schalo)

Documentation

run docgen and make upgrade guide update v0.37.x (#6950) #6950 (Reed Schalo)

Chores

update linting for release-v0.37.x (#6934) #6934 (Reed Schalo)
update golangci (#6941) #6941 (Reed Schalo)
bump karpenter core 37 (#6946) #6946 (Reed Schalo)
Bump v037 core (#6963) #6963 (Reed Schalo)

`v0.37.2`

Compare Source

Chores

Alow service namespace override (#6849) #6854 (Jonathan Innis)

Commits

e0d0f0c: (backport) chore: Remove Post Install Hook (#6827) for v0.37.x (#6836) (Amanuel Engeda) #6836
db6ed57: Bump Karpenter (Amanuel Engeda) #6854

`v0.37.1`

Compare Source

Features

convert unpinned Ubuntu EC2NodeClasses (#6699) #6711 (Jason Deal)
cache SSM calls #6728 (Jason Deal)

Tests

Fix AMI Discovery for v0.37.x (#6738) #6738 (Jonathan Innis)

Continuous Integration

Enable webhooks for v0.37.x (#6686) #6686 (Amanuel Engeda)

Chores

Add v1 APIs and Conversion webhooks for v0.37.x (#6622) #6622 (Amanuel Engeda)
make image configurable (#6716) #6711 (Nick Tran)

Commits

e614da2: Bump Karpenter (Amanuel Engeda) #6711
f6d4c79: Disable conversion block by default (Amanuel Engeda) #6711
3eba110: Update nilableDuration (Amanuel Engeda) #6711
bump sigs.k8s.io/karpenter to v0.37.1 (#6740) #6740 (Jason Deal)

`v0.37.0`

Compare Source

Note: This release adds a readiness condition to the EC2NodeClass. A CRD upgrade will be required. Please refer to the upgrade guide for more details.

Features

Add ability to select instance by EBS Maximum Bandwidth (#5925) #5925 (Netanel Kadosh)
Add nodepool label to karpenter_interruption_actions_performed (#6094) #6094 (Ant Smith @Apple)
Add extra fields to Bottlerocket k8s config (#6252) #6252 (Nathaniel Emerson)

Bug Fixes

chart: Correct fix for ServiceMonitor indentation (#6029) #6029 (Steve Hipwell)
chart: Updated release to not duplicate AH config (#6022) #6022 (Steve Hipwell)
Update docs about queue name change (#6062) #6062 (Max Forasteiro)
Fix volume size validation (#6072) #6072 (Jonathan Innis)
create tag script error (InvalidID) when multiple sunbets for eks nodegroup (#6073) #6073 (WTTAT)
correct AMI ordering function (#6164) #6164 (Nick Tran)
Ensure shallow copy of data when returning back cached data (#6167) #6167 (Jonathan Innis)
Increase to large instance size for scale tests (#6184) #6184 (Amanuel Engeda)
Add truncating back to cloudprovider, considering minValues (#6182) #6182 (Jonathan Innis)
adjust status conditions to only use root condition (#6195) #6195 (Nick Tran)

Documentation

Clarify need for credentials when running make codegen (#6014) #6014 (lplazas)
add information about consolidateAfter not working with WhenUnderutilized (#6016) #6016 (morre)
Refactor note in amiSelectorTerms documentation for clarity (#6026) #6026 (Omer Aplatony)
Drop note on budget schedules sometimes being in utc (#6060) #6060 (Jonathan Innis)
Clarify interruption queue setting in docs (#6059) #6059 (Jonathan Innis)
Clarify conceptual docs around Exists operator (#6070) #6070 (Jonathan Innis)
Fix reference to total cluster size constraint (#6071) #6071 (Jeff Harris)
Remove settings.aws.enablePodENI from docs (#6088) #6088 (Maciej Józefczyk)
release v0.36.1 (#6101) #6101 (Jason Deal)
revert version bump in upgrade guide (#6105) #6105 (Jason Deal)
Add Getting Started note for IAM private clusters (#6161) #6161 (Jonathan Innis)
fix migrating from cas node affinity guide (#6218) #6218 (Nick Tran)
update patch versions for v0.31.x-v0.36.x (#6230) #6230 (Jason Deal)
update instance type generation for AL2023 (#6231) #6231 (Jason Deal)
Fix to add cury brackets (#6261) #6261 (oddy)
add note about eksctl breaking change (#6276) #6276 (Jason Deal)

Tests

Add a test for returning eksnodeclass-hash-version on Create() (#6031) #6031 (Jonathan Innis)
Run E2E and CI on staging branches (#6119) #6119 (Jonathan Innis)
fix daemonset sensitive tests (#6123) #6123 (Jason Deal)
fix remaining DaemonSet induced flakes (#6148) #6148 (Jason Deal)
Fix drift testing with AL2023 on 1.23 (#6151) #6151 (Jonathan Innis)
Fix AMI selection when performing version compat e2e (#6170) #6170 (Jonathan Innis)
Fix NotFound error on upgrade (#6176) #6176 (Jonathan Innis)
Fix failing testing to validate correct message value (#6197) #6197 (Jonathan Innis)
fix race in flakey drift test (#6174) #6174 (Jason Deal)

Continuous Integration

Excluded cluster should not be run for Soak Testing (#6041) #6041 (Amanuel Engeda)
Add postsubmit task for hydrating proxy (#6047) #6047 (Jonathan Innis)
Always add retention policy to E2E run logs (#6104) #6104 (Amanuel Engeda)
Remove unneeded log retention (#6139) #6139 (Jonathan Innis)
Fix docgen by calling providers directly (#6138) #6138 (Jonathan Innis)
Remove daemonsets causing testing issues (#6140) #6140 (Jonathan Innis)
bump upgrade suite source commit (#6149) #6149 (Jason Deal)
pin cloudwatch addon version (#6169) #6169 (Jason Deal)
Bump dependency for resource package (#6157) #6157 (Amanuel Engeda)
pin upgrade test (#6175) #6175 (Jason Deal)
Update golangci-lint config to latest (#6196) #6196 (Jonathan Innis)
Add Cloudwatch Policy on Karpetner nodes for Windows nodes (#6208) #6208 (Amanuel Engeda)
Fix status condition E2E check (#6210) #6210 (Jonathan Innis)
Find all of instance-profiles in the CI account (#6137) #6137 (Amanuel Engeda)
enable eks 1.30 (#6265) #6265 (Jason Deal)
drop cloudwatch agent (#6269) #6269 (Jason Deal)
pin upgrade source commit (#6270) #6270 (Jason Deal)
revert AH config duplication fix (#6277) #6277 (Jason Deal)

Chores

Delete launch template with context (#6021) #6021 (Jonathan Innis)
Use group constants for launch template naming (#6027) #6027 (Jonathan Innis)
Remove instanceProfileProvider from the launchTemplateProvider (#6033) #6033 (Amanuel Engeda)
Add an instance profile interface to instance profile provider (#6034) #6034 (Jonathan Innis)
Use queueURL instead of queueName for sqs provider (#6035) #6035 (Jonathan Innis)
deps: bump the go-deps group with 2 updates (#6039) #6039 (dependabot[bot])
deps: bump sigs.k8s.io/controller-runtime from 0.17.2 to 0.17.3 in the k8s-go-deps group (#6038) #6038 (dependabot[bot])
Add Rate limiter for Hash and Status Controller (#6043) #6043 (Amanuel Engeda)
Update endpointConfig comment for the helm values (#6044) #6044 (Amanuel Engeda)
Update apigroup from const to var (#6046) #6046 (Jonathan Innis)
Move Pricing controller to a providers controllers package (#6052) #6052 (Amanuel Engeda)
Move launch template managed tag (#6051) #6051 (Jonathan Innis)
deps: bump golang.org/x/net from 0.19.0 to 0.23.0 in /test/hack/resource (#6064) #6064 (dependabot[bot])
deps: bump golang.org/x/net from 0.17.0 to 0.23.0 in /tools/allocatable-diff (#6063) #6063 (dependabot[bot])
Add an Instancetype Controller to Asynchronously Hydrate InstanceType Data (#6045) #6045 (Amanuel Engeda)
Hydrate Instance Type Data for docs-gen (#6067) #6067 (Amanuel Engeda)
deps: bump the go-deps group with 2 updates (#6075) #6075 (dependabot[bot])
deps: bump actions/checkout from 4.1.2 to 4.1.3 in /.github/actions/e2e/install-prometheus in the action-deps group (#6076) #6076 (dependabot[bot])
deps: bump actions/checkout from 4.1.2 to 4.1.3 in /.github/actions/e2e/slack/notify in the action-deps group (#6077) #6077 (dependabot[bot])
deps: bump actions/checkout from 4.1.2 to 4.1.3 in /.github/actions/e2e/install-karpenter in the action-deps group (#6080) #6080 (dependabot[bot])
deps: bump actions/checkout from 4.1.2 to 4.1.3 in /.github/actions/e2e/upgrade-crds in the action-deps group (#6081) #6081 (dependabot[bot])
deps: bump actions/checkout from 4.1.2 to 4.1.3 in /.github/actions/e2e/cleanup in the action-deps group (#6082) #6082 (dependabot[bot])
deps: bump actions/upload-artifact from 4.3.1 to 4.3.2 in the actions-deps group (#6083) #6083 (dependabot[bot])
deps: bump actions/checkout from 4.1.2 to 4.1.3 in /.github/actions/e2e/setup-cluster in the action-deps group (#6078) #6078 (dependabot[bot])
Forward Container logs for E2E tests (#5982) #5982 (Amanuel Engeda)
Use Security Group Status Controller to Asynchronously Hydrate Security Group Data (#6069) #6069 (Amanuel Engeda)
deps: bump actions/checkout from 4.1.3 to 4.1.4 in /.github/actions/e2e/cleanup in the action-deps group (#6115) #6115 (dependabot[bot])
deps: bump aws-actions/aws-codebuild-run-build from b0a7ca5 to b31229d in /.github/actions/e2e/run-tests-private-cluster in the action-deps group (#6116) #6116 (dependabot[bot])
deps: bump actions/upload-artifact from 4.3.2 to 4.3.3 in the actions-deps group (#6114) #6114 (dependabot[bot])
deps: bump actions/checkout from 4.1.3 to 4.1.4 in /.github/actions/e2e/install-karpenter in the action-deps group (#6106) #6106 (dependabot[bot])
deps: bump actions/checkout from 4.1.3 to 4.1.4 in /.github/actions/e2e/setup-cluster in the action-deps group (#6107) #6107 (dependabot[bot])
deps: bump actions/checkout from 4.1.3 to 4.1.4 in /.github/actions/e2e/upgrade-crds in the action-deps group (#6108) #6108 (dependabot[bot])
deps: bump actions/checkout from 4.1.3 to 4.1.4 in /.github/actions/e2e/install-prometheus in the action-deps group (#6113) #6113 (dependabot[bot])
deps: bump actions/checkout from 4.1.3 to 4.1.4 in /.github/actions/e2e/slack/notify in the action-deps group (#6109) #6109 (dependabot[bot])
deps: bump the go-deps group with 2 updates (#6110) #6110 (dependabot[bot])
Add an Subnet Controller to Asynchronously Hydrate Subnet Data (#6057) #6057 (Amanuel Engeda)
Replace ratelimiters with those from awslabs/operatorpkg (#6134) #6134 (Reed Schalo)
deps: bump actions/setup-go from 5.0.0 to 5.0.1 in the actions-deps group (#6152) #6152 (dependabot[bot])
deps: bump the go-deps group with 4 updates (#6153) #6153 (dependabot[bot])
deps: bump actions/setup-go from 5.0.0 to 5.0.1 in /.github/actions/e2e/cleanup in the action-deps group (#6154) #6154 (dependabot[bot])
deps: bump actions/setup-go from 5.0.0 to 5.0.1 in /.github/actions/install-deps in the action-deps group (#6155) #6155 (dependabot[bot])
Update to latest ENI Max Pods file (#6147) #6147 (Jonathan Innis)
Bump kubernetes-sigs/karpenter to the latest HEAD (#6178) #6178 (Jonathan Innis)
deps: bump sigs.k8s.io/controller-runtime from 0.18.1 to 0.18.2 in the k8s-go-deps group across 1 directory (#6179) #6179 (dependabot[bot])
deps: bump actions/checkout from 4.1.4 to 4.1.5 in /.github/actions/e2e/upgrade-crds in the action-deps group (#6186) #6186 (dependabot[bot])
deps: bump actions/checkout from 4.1.4 to 4.1.5 in /.github/actions/e2e/slack/notify in the action-deps group (#6187) #6187 (dependabot[bot])
deps: bump actions/checkout from 4.1.4 to 4.1.5 in /.github/actions/e2e/cleanup in the action-deps group (#6189) #6189 (dependabot[bot])
deps: bump actions/checkout from 4.1.4 to 4.1.5 in /.github/actions/e2e/install-karpenter in the action-deps group (#6190) #6190 (dependabot[bot])
deps: bump the go-deps group with 3 updates (#6188) #6188 (dependabot[bot])
deps: bump actions/checkout from 4.1.4 to 4.1.5 in /.github/actions/e2e/install-prometheus in the action-deps group (#6192) #6192 (dependabot[bot])
deps: bump actions/checkout from 4.1.4 to 4.1.5 in /.github/actions/e2e/setup-cluster in the action-deps group (#6193) #6193 (dependabot[bot])
Update data from AWS APIs (#6194) #6194 (github-actions[bot])
Add status conditions on nodeclass #6121 (jigisha620)
Update associatePublicIPAddress to not be set in the launch templets (#6159) #6159 (Amanuel Engeda)
Use AMI Status Controller to Asynchronously Hydrate AMI Data (#6089) #6089 (Amanuel Engeda)
Auto generate and apply CRDs (#6209) #6209 (Reed Schalo)
Convert to controller-runtime's new reconcile.AsReconciler (#6185) #6185 (Jonathan Innis)
deps: bump actions/checkout from 4.1.5 to 4.1.6 in /.github/actions/e2e/setup-cluster in the action-deps group (#6241) #6241 (dependabot[bot])
deps: bump actions/checkout from 4.1.5 to 4.1.6 in /.github/actions/e2e/cleanup in the action-deps group (#6240) #6240 (dependabot[bot])
deps: bump actions/checkout from 4.1.5 to 4.1.6 in /.github/actions/e2e/slack/notify in the action-deps group (#6239) #6239 (dependabot[bot])
deps: bump actions/checkout from 4.1.5 to 4.1.6 in /.github/actions/e2e/upgrade-crds in the action-deps group (#6237) #6237 (dependabot[bot])
deps: bump actions/checkout from 4.1.5 to 4.1.6 in /.github/actions/e2e/install-prometheus in the action-deps group (#6236) #6236 (dependabot[bot])
deps: bump actions/checkout from 4.1.5 to 4.1.6 in /.github/actions/e2e/install-karpenter in the action-deps group (#6235) #6235 (dependabot[bot])
Use AMI IDs in the logs for AMI discovery (#6220) #6220 (Amanuel Engeda)
deps: bump github.com/aws/aws-sdk-go from 1.53.0 to 1.53.6 in the go-deps group across 1 directory (#6246) #6246 (dependabot[bot])
deps: bump the k8s-go-deps group with 4 updates (#6232) #6232 (dependabot[bot])
change knative ptr to lo ptr (#6260) #6260 (Nick Tran)
add label and ability to schedule for az-id (#6216) #6216 (Reed Schalo)
bump karpenter to v0.37.0 (#6275) #6275 (Jason Deal)

Commits

1f3e7cc: Stable Release updates Release v0.36.0. (jigisha620) #6018
1fbdafa: Fix the website to correctly point to the latest release (jigisha620) #6020
c730713: Pinning Karpenter version for upgrade test suite (jigisha620) #6030
9a07a6d: BREAKING CHANGE: Refactor NodeClass controller (#5949) (Amanuel Engeda) #5949
bbdc07c: fix network bandwidth script and run codegen (jigisha620) [#6099](https://redirect.github.com/aws/karpent

Configuration

📅 Schedule: Branch creation - "every weekend" in timezone America/Montreal, Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.

If you want to rebase/retry this PR, check this box

This PR was generated by Mend Renovate. View the repository job log.

github-actions · 2024-06-03T14:07:25Z

ingress	nginx    	2       	2024-02-12 19:08:42.93215444 +0000 UTC	deployed	nginx-ingress-1.1.2	3.4.2      

xray-daemon	xray     	1       	2024-07-29 19:45:48.684608347 +0000 UTC	deployed	aws-xray-4.0.8	3.3.12     

Comparing release=k8s-event-logger, chart=/tmp/helmfile82792783/amazon-cloudwatch/staging/k8s-event-logger/k8s-event-logger/1.1.8/k8s-event-logger
Comparing release=karpenter-crd, chart=/tmp/helmfile82792783/karpenter/staging/karpenter-crd/karpenter-crd/0.36.1/karpenter-crd
Comparing release=karpenter, chart=/tmp/helmfile82792783/karpenter/staging/karpenter/karpenter/0.37.6/karpenter
karpenter, karpenter, ClusterRole (rbac.authorization.k8s.io) has changed:
  # Source: karpenter/templates/clusterrole.yaml
  apiVersion: rbac.authorization.k8s.io/v1
  kind: ClusterRole
  metadata:
    name: karpenter
    labels:
-     helm.sh/chart: karpenter-0.36.1
+     helm.sh/chart: karpenter-0.37.6
      app.kubernetes.io/name: karpenter
      app.kubernetes.io/instance: karpenter
-     app.kubernetes.io/version: "0.36.1"
+     app.kubernetes.io/version: "0.37.6"
      app.kubernetes.io/managed-by: Helm
  rules:
    # Read
    - apiGroups: ["karpenter.k8s.aws"]
      resources: ["ec2nodeclasses"]
      verbs: ["get", "list", "watch"]
    # Write
    - apiGroups: ["karpenter.k8s.aws"]
      resources: ["ec2nodeclasses", "ec2nodeclasses/status"]
      verbs: ["patch", "update"]
+   - apiGroups: ["admissionregistration.k8s.io"]
+     resources: ["validatingwebhookconfigurations"]
+     verbs: ["update"]
+     resourceNames: ["validation.webhook.karpenter.k8s.aws"]
+   - apiGroups: ["admissionregistration.k8s.io"]
+     resources: ["mutatingwebhookconfigurations"]
+     verbs: ["update"]
+     resourceNames: ["defaulting.webhook.karpenter.k8s.aws"]
karpenter, karpenter, ClusterRoleBinding (rbac.authorization.k8s.io) has changed:
  # Source: karpenter/templates/clusterrole.yaml
  apiVersion: rbac.authorization.k8s.io/v1
  kind: ClusterRoleBinding
  metadata:
    name: karpenter
    labels:
-     helm.sh/chart: karpenter-0.36.1
+     helm.sh/chart: karpenter-0.37.6
      app.kubernetes.io/name: karpenter
      app.kubernetes.io/instance: karpenter
-     app.kubernetes.io/version: "0.36.1"
+     app.kubernetes.io/version: "0.37.6"
      app.kubernetes.io/managed-by: Helm
  roleRef:
    apiGroup: rbac.authorization.k8s.io
    kind: ClusterRole
    name: karpenter
  subjects:
    - kind: ServiceAccount
      name: karpenter
      namespace: karpenter
karpenter, karpenter, Deployment (apps) has changed:
  # Source: karpenter/templates/deployment.yaml
  apiVersion: apps/v1
  kind: Deployment
  metadata:
    name: karpenter
    namespace: karpenter
    labels:
-     helm.sh/chart: karpenter-0.36.1
+     helm.sh/chart: karpenter-0.37.6
      app.kubernetes.io/name: karpenter
      app.kubernetes.io/instance: karpenter
-     app.kubernetes.io/version: "0.36.1"
+     app.kubernetes.io/version: "0.37.6"
      app.kubernetes.io/managed-by: Helm
  spec:
    replicas: 2
    revisionHistoryLimit: 10
    strategy:
      rollingUpdate:
        maxUnavailable: 1
    selector:
      matchLabels:
        app.kubernetes.io/name: karpenter
        app.kubernetes.io/instance: karpenter
    template:
      metadata:
        labels:
          app.kubernetes.io/name: karpenter
          app.kubernetes.io/instance: karpenter
        annotations:
      spec:
        serviceAccountName: karpenter
        securityContext:
          fsGroup: 65532
        priorityClassName: "system-cluster-critical"
        dnsPolicy: ClusterFirst
        containers:
          - name: controller
            securityContext:
              runAsUser: 65532
              runAsGroup: 65532
              runAsNonRoot: true
              seccompProfile:
                type: RuntimeDefault
              allowPrivilegeEscalation: false
              capabilities:
                drop:
                  - ALL
              readOnlyRootFilesystem: true
-           image: public.ecr.aws/karpenter/controller:0.36.1@sha256:5b245674ae0ac97558cd335ebae19c0c80e911daac2352cb74ee0ccdba7f5e2b
+           image: public.ecr.aws/karpenter/controller:0.37.6@sha256:3b06d83204d84bb03572032474d5edac25d0eed40124b81b341da024b37d95a9
            imagePullPolicy: IfNotPresent
            env:
              - name: KUBERNETES_MIN_VERSION
                value: "1.19.0-0"
              - name: KARPENTER_SERVICE
                value: karpenter
+             - name: WEBHOOK_PORT
+               value: "8443"
+             - name: WEBHOOK_METRICS_PORT
+               value: "8001"
+             - name: DISABLE_WEBHOOK
+               value: "false"
              - name: LOG_LEVEL
                value: "info"
              - name: METRICS_PORT
                value: "8000"
              - name: HEALTH_PROBE_PORT
                value: "8081"
              - name: SYSTEM_NAMESPACE
                valueFrom:
                  fieldRef:
                    fieldPath: metadata.namespace
              - name: MEMORY_LIMIT
                valueFrom:
                  resourceFieldRef:
                    containerName: controller
                    divisor: "0"
                    resource: limits.memory
              - name: FEATURE_GATES
                value: "Drift=true,SpotToSpotConsolidation=false"
              - name: BATCH_MAX_DURATION
                value: "10s"
              - name: BATCH_IDLE_DURATION
                value: "1s"
              - name: ASSUME_ROLE_DURATION
                value: "15m"
              - name: CLUSTER_NAME
                value: "notification-canada-ca-staging-eks-cluster"
              - name: VM_MEMORY_OVERHEAD_PERCENT
                value: "0.075"
              - name: RESERVED_ENIS
                value: "0"
            ports:
              - name: http-metrics
                containerPort: 8000
+               protocol: TCP
+             - name: webhook-metrics
+               containerPort: 8001
+               protocol: TCP
+             - name: https-webhook
+               containerPort: 8443
                protocol: TCP
              - name: http
                containerPort: 8081
                protocol: TCP
            livenessProbe:
              initialDelaySeconds: 30
              timeoutSeconds: 30
              httpGet:
                path: /healthz
                port: http
            readinessProbe:
              initialDelaySeconds: 5
              timeoutSeconds: 30
              httpGet:
                path: /readyz
                port: http
        nodeSelector:
          kubernetes.io/os: linux
        # The template below patches the .Values.affinity to add a default label selector where not specificed
        affinity:
          nodeAffinity:
            requiredDuringSchedulingIgnoredDuringExecution:
              nodeSelectorTerms:
              - matchExpressions:
                - key: karpenter.sh/nodepool
                  operator: DoesNotExist
          podAntiAffinity:
            requiredDuringSchedulingIgnoredDuringExecution:
            - labelSelector:
                matchLabels:
                  app.kubernetes.io/instance: karpenter
                  app.kubernetes.io/name: karpenter
              topologyKey: kubernetes.io/hostname
        # The template below patches the .Values.topologySpreadConstraints to add a default label selector where not specificed
        topologySpreadConstraints:
          - labelSelector:
              matchLabels:
                app.kubernetes.io/instance: karpenter
                app.kubernetes.io/name: karpenter
            maxSkew: 1
            topologyKey: topology.kubernetes.io/zone
            whenUnsatisfiable: ScheduleAnyway
        tolerations:
          - key: CriticalAddonsOnly
            operator: Exists
karpenter, karpenter, PodDisruptionBudget (policy) has changed:
  # Source: karpenter/templates/poddisruptionbudget.yaml
  apiVersion: policy/v1
  kind: PodDisruptionBudget
  metadata:
    name: karpenter
    namespace: karpenter
    labels:
-     helm.sh/chart: karpenter-0.36.1
+     helm.sh/chart: karpenter-0.37.6
      app.kubernetes.io/name: karpenter
      app.kubernetes.io/instance: karpenter
-     app.kubernetes.io/version: "0.36.1"
+     app.kubernetes.io/version: "0.37.6"
      app.kubernetes.io/managed-by: Helm
  spec:
    maxUnavailable: 1
    selector:
      matchLabels:
        app.kubernetes.io/name: karpenter
        app.kubernetes.io/instance: karpenter
karpenter, karpenter, Role (rbac.authorization.k8s.io) has changed:
  # Source: karpenter/templates/role.yaml
  apiVersion: rbac.authorization.k8s.io/v1
  kind: Role
  metadata:
    name: karpenter
    namespace: karpenter
    labels:
-     helm.sh/chart: karpenter-0.36.1
+     helm.sh/chart: karpenter-0.37.6
      app.kubernetes.io/name: karpenter
      app.kubernetes.io/instance: karpenter
-     app.kubernetes.io/version: "0.36.1"
+     app.kubernetes.io/version: "0.37.6"
      app.kubernetes.io/managed-by: Helm
  rules:
    # Read
    - apiGroups: ["coordination.k8s.io"]
      resources: ["leases"]
      verbs: ["get", "watch"]
+   - apiGroups: [""]
+     resources: ["configmaps", "secrets"]
+     verbs: ["get", "list", "watch"]
    # Write
+   - apiGroups: [""]
+     resources: ["secrets"]
+     verbs: ["update"]
+     resourceNames:
+       - "karpenter-cert"
    - apiGroups: ["coordination.k8s.io"]
      resources: ["leases"]
      verbs: ["patch", "update"]
      resourceNames:
        - "karpenter-leader-election"
    # Cannot specify resourceNames on create
    # https://kubernetes.io/docs/reference/access-authn-authz/rbac/#referring-to-resources
    - apiGroups: ["coordination.k8s.io"]
      resources: ["leases"]
      verbs: ["create"]
karpenter, karpenter, RoleBinding (rbac.authorization.k8s.io) has changed:
  # Source: karpenter/templates/rolebinding.yaml
  apiVersion: rbac.authorization.k8s.io/v1
  kind: RoleBinding
  metadata:
    name: karpenter
    namespace: karpenter
    labels:
-     helm.sh/chart: karpenter-0.36.1
+     helm.sh/chart: karpenter-0.37.6
      app.kubernetes.io/name: karpenter
      app.kubernetes.io/instance: karpenter
-     app.kubernetes.io/version: "0.36.1"
+     app.kubernetes.io/version: "0.37.6"
      app.kubernetes.io/managed-by: Helm
  roleRef:
    apiGroup: rbac.authorization.k8s.io
    kind: Role
    name: karpenter
  subjects:
    - kind: ServiceAccount
      name: karpenter
      namespace: karpenter
karpenter, karpenter, Service (v1) has changed:
  # Source: karpenter/templates/service.yaml
  apiVersion: v1
  kind: Service
  metadata:
    name: karpenter
    namespace: karpenter
    labels:
-     helm.sh/chart: karpenter-0.36.1
+     helm.sh/chart: karpenter-0.37.6
      app.kubernetes.io/name: karpenter
      app.kubernetes.io/instance: karpenter
-     app.kubernetes.io/version: "0.36.1"
+     app.kubernetes.io/version: "0.37.6"
      app.kubernetes.io/managed-by: Helm
  spec:
    type: ClusterIP
    ports:
      - name: http-metrics
        port: 8000
        targetPort: http-metrics
+       protocol: TCP
+     - name: webhook-metrics
+       port: 8001
+       targetPort: webhook-metrics
+       protocol: TCP
+     - name: https-webhook
+       port: 8443
+       targetPort: https-webhook
        protocol: TCP
    selector:
      app.kubernetes.io/name: karpenter
      app.kubernetes.io/instance: karpenter
karpenter, karpenter, ServiceAccount (v1) has changed:
  # Source: karpenter/templates/serviceaccount.yaml
  apiVersion: v1
  kind: ServiceAccount
  metadata:
    name: karpenter
    namespace: karpenter
    labels:
-     helm.sh/chart: karpenter-0.36.1
+     helm.sh/chart: karpenter-0.37.6
      app.kubernetes.io/name: karpenter
      app.kubernetes.io/instance: karpenter
-     app.kubernetes.io/version: "0.36.1"
+     app.kubernetes.io/version: "0.37.6"
      app.kubernetes.io/managed-by: Helm
    annotations:
      eks.amazonaws.com/role-arn: arn:aws:iam::239043911459:role/karpenter-controller-eks
karpenter, karpenter-admin, ClusterRole (rbac.authorization.k8s.io) has changed:
  # Source: karpenter/templates/aggregate-clusterrole.yaml
  apiVersion: rbac.authorization.k8s.io/v1
  kind: ClusterRole
  metadata:
    name: karpenter-admin
    labels:
      rbac.authorization.k8s.io/aggregate-to-admin: "true"
-     helm.sh/chart: karpenter-0.36.1
+     helm.sh/chart: karpenter-0.37.6
      app.kubernetes.io/name: karpenter
      app.kubernetes.io/instance: karpenter
-     app.kubernetes.io/version: "0.36.1"
+     app.kubernetes.io/version: "0.37.6"
      app.kubernetes.io/managed-by: Helm
  rules:
    - apiGroups: ["karpenter.sh"]
      resources: ["nodepools", "nodepools/status", "nodeclaims", "nodeclaims/status"]
      verbs: ["get", "list", "watch", "create", "delete", "patch"]
    - apiGroups: ["karpenter.k8s.aws"]
      resources: ["ec2nodeclasses"]
      verbs: ["get", "list", "watch", "create", "delete", "patch"]
karpenter, karpenter-core, ClusterRole (rbac.authorization.k8s.io) has changed:
  # Source: karpenter/templates/clusterrole-core.yaml
  apiVersion: rbac.authorization.k8s.io/v1
  kind: ClusterRole
  metadata:
    name: karpenter-core
    labels:
-     helm.sh/chart: karpenter-0.36.1
+     helm.sh/chart: karpenter-0.37.6
      app.kubernetes.io/name: karpenter
      app.kubernetes.io/instance: karpenter
-     app.kubernetes.io/version: "0.36.1"
+     app.kubernetes.io/version: "0.37.6"
      app.kubernetes.io/managed-by: Helm
  rules:
    # Read
    - apiGroups: ["karpenter.sh"]
      resources: ["nodepools", "nodepools/status", "nodeclaims", "nodeclaims/status"]
      verbs: ["get", "list", "watch"]
    - apiGroups: [""]
      resources: ["pods", "nodes", "persistentvolumes", "persistentvolumeclaims", "replicationcontrollers", "namespaces"]
      verbs: ["get", "list", "watch"]
    - apiGroups: ["storage.k8s.io"]
      resources: ["storageclasses", "csinodes"]
      verbs: ["get", "watch", "list"]
    - apiGroups: ["apps"]
      resources: ["daemonsets", "deployments", "replicasets", "statefulsets"]
      verbs: ["list", "watch"]
+   - apiGroups: ["admissionregistration.k8s.io"]
+     resources: ["validatingwebhookconfigurations", "mutatingwebhookconfigurations"]
+     verbs: ["get", "watch", "list"]
+   - apiGroups: ["apiextensions.k8s.io"]
+     resources: ["customresourcedefinitions"]
+     verbs: ["watch", "list"]
    - apiGroups: ["policy"]
      resources: ["poddisruptionbudgets"]
      verbs: ["get", "list", "watch"]
    # Write
    - apiGroups: ["karpenter.sh"]
      resources: ["nodeclaims", "nodeclaims/status"]
      verbs: ["create", "delete", "update", "patch"]
    - apiGroups: ["karpenter.sh"]
      resources: ["nodepools", "nodepools/status"]
      verbs: ["update", "patch"]
    - apiGroups: [""]
      resources: ["events"]
      verbs: ["create", "patch"]
    - apiGroups: [""]
      resources: ["nodes"]
      verbs: ["patch", "delete"]
    - apiGroups: [""]
      resources: ["pods/eviction"]
      verbs: ["create"]
+   - apiGroups: ["admissionregistration.k8s.io"]
+     resources: ["validatingwebhookconfigurations"]
+     verbs: ["update"]
+     resourceNames: ["validation.webhook.karpenter.sh", "validation.webhook.config.karpenter.sh"]
+   - apiGroups: ["apiextensions.k8s.io"]
+     resources: ["customresourcedefinitions"]
+     resourceNames: ["ec2nodeclasses.karpenter.k8s.aws", "nodepools.karpenter.sh", "nodeclaims.karpenter.sh"]
+     verbs: ["update"]
karpenter, karpenter-core, ClusterRoleBinding (rbac.authorization.k8s.io) has changed:
  # Source: karpenter/templates/clusterrole-core.yaml
  apiVersion: rbac.authorization.k8s.io/v1
  kind: ClusterRoleBinding
  metadata:
    name: karpenter-core
    labels:
-     helm.sh/chart: karpenter-0.36.1
+     helm.sh/chart: karpenter-0.37.6
      app.kubernetes.io/name: karpenter
      app.kubernetes.io/instance: karpenter
-     app.kubernetes.io/version: "0.36.1"
+     app.kubernetes.io/version: "0.37.6"
      app.kubernetes.io/managed-by: Helm
  roleRef:
    apiGroup: rbac.authorization.k8s.io
    kind: ClusterRole
    name: karpenter-core
  subjects:
    - kind: ServiceAccount
      name: karpenter
      namespace: karpenter
kube-node-lease, karpenter-lease, Role (rbac.authorization.k8s.io) has changed:
  # Source: karpenter/templates/role.yaml
  apiVersion: rbac.authorization.k8s.io/v1
  kind: Role
  metadata:
    name: karpenter-lease
    namespace: kube-node-lease
    labels:
-     helm.sh/chart: karpenter-0.36.1
+     helm.sh/chart: karpenter-0.37.6
      app.kubernetes.io/name: karpenter
      app.kubernetes.io/instance: karpenter
-     app.kubernetes.io/version: "0.36.1"
+     app.kubernetes.io/version: "0.37.6"
      app.kubernetes.io/managed-by: Helm
  rules:
    # Read
    - apiGroups: ["coordination.k8s.io"]
      resources: ["leases"]
      verbs: ["get", "list", "watch"]
    # Write
    - apiGroups: ["coordination.k8s.io"]
      resources: ["leases"]
      verbs: ["delete"]
kube-node-lease, karpenter-lease, RoleBinding (rbac.authorization.k8s.io) has changed:
  # Source: karpenter/templates/rolebinding.yaml
  apiVersion: rbac.authorization.k8s.io/v1
  kind: RoleBinding
  metadata:
    name: karpenter-lease
    namespace: kube-node-lease
    labels:
-     helm.sh/chart: karpenter-0.36.1
+     helm.sh/chart: karpenter-0.37.6
      app.kubernetes.io/name: karpenter
      app.kubernetes.io/instance: karpenter
-     app.kubernetes.io/version: "0.36.1"
+     app.kubernetes.io/version: "0.37.6"
      app.kubernetes.io/managed-by: Helm
  roleRef:
    apiGroup: rbac.authorization.k8s.io
    kind: Role
    name: karpenter-lease
  subjects:
    - kind: ServiceAccount
      name: karpenter
      namespace: karpenter
kube-system, karpenter-dns, Role (rbac.authorization.k8s.io) has changed:
  # Source: karpenter/templates/role.yaml
  apiVersion: rbac.authorization.k8s.io/v1
  kind: Role
  metadata:
    name: karpenter-dns
    namespace: kube-system
    labels:
-     helm.sh/chart: karpenter-0.36.1
+     helm.sh/chart: karpenter-0.37.6
      app.kubernetes.io/name: karpenter
      app.kubernetes.io/instance: karpenter
-     app.kubernetes.io/version: "0.36.1"
+     app.kubernetes.io/version: "0.37.6"
      app.kubernetes.io/managed-by: Helm
  rules:
    # Read
    - apiGroups: [""]
      resources: ["services"]
      resourceNames: ["kube-dns"]
      verbs: ["get"]
kube-system, karpenter-dns, RoleBinding (rbac.authorization.k8s.io) has changed:
  # Source: karpenter/templates/rolebinding.yaml
  apiVersion: rbac.authorization.k8s.io/v1
  kind: RoleBinding
  metadata:
    name: karpenter-dns
    namespace: kube-system
    labels:
-     helm.sh/chart: karpenter-0.36.1
+     helm.sh/chart: karpenter-0.37.6
      app.kubernetes.io/name: karpenter
      app.kubernetes.io/instance: karpenter
-     app.kubernetes.io/version: "0.36.1"
+     app.kubernetes.io/version: "0.37.6"
      app.kubernetes.io/managed-by: Helm
  roleRef:
    apiGroup: rbac.authorization.k8s.io
    kind: Role
    name: karpenter-dns
  subjects:
    - kind: ServiceAccount
      name: karpenter
      namespace: karpenter
karpenter, defaulting.webhook.karpenter.k8s.aws, MutatingWebhookConfiguration (admissionregistration.k8s.io) has been added:
- 
+ # Source: karpenter/templates/webhooks.yaml
+ apiVersion: admissionregistration.k8s.io/v1
+ kind: MutatingWebhookConfiguration
+ metadata:
+   name: defaulting.webhook.karpenter.k8s.aws
+   labels:
+     helm.sh/chart: karpenter-0.37.6
+     app.kubernetes.io/name: karpenter
+     app.kubernetes.io/instance: karpenter
+     app.kubernetes.io/version: "0.37.6"
+     app.kubernetes.io/managed-by: Helm
+ webhooks:
+   - name: defaulting.webhook.karpenter.k8s.aws
+     admissionReviewVersions: ["v1"]
+     clientConfig:
+       service:
+         name: karpenter
+         namespace: karpenter
+         port: 8443
+     failurePolicy: Fail
+     sideEffects: None
+     rules:
+       - apiGroups:
+           - karpenter.k8s.aws
+         apiVersions:
+           - v1beta1
+         operations:
+           - CREATE
+           - UPDATE
+         resources:
+           - ec2nodeclasses
+           - ec2nodeclasses/status
+         scope: '*'
karpenter, karpenter-cert, Secret (v1) has been added:
+ # Source: karpenter/templates/secret-webhook-cert.yaml
+ apiVersion: v1
+ kind: Secret
+ metadata:
+   labels:
+     app.kubernetes.io/instance: karpenter
+     app.kubernetes.io/managed-by: Helm
+     app.kubernetes.io/name: karpenter
+     app.kubernetes.io/version: 0.37.6
+     helm.sh/chart: karpenter-0.37.6
+   name: karpenter-cert
+   namespace: karpenter

karpenter, validation.webhook.config.karpenter.sh, ValidatingWebhookConfiguration (admissionregistration.k8s.io) has been added:
- 
+ # Source: karpenter/templates/webhooks-core.yaml
+ apiVersion: admissionregistration.k8s.io/v1
+ kind: ValidatingWebhookConfiguration
+ metadata:
+   name: validation.webhook.config.karpenter.sh
+   labels:
+     helm.sh/chart: karpenter-0.37.6
+     app.kubernetes.io/name: karpenter
+     app.kubernetes.io/instance: karpenter
+     app.kubernetes.io/version: "0.37.6"
+     app.kubernetes.io/managed-by: Helm
+ webhooks:
+   - name: validation.webhook.config.karpenter.sh
+     admissionReviewVersions: ["v1"]
+     clientConfig:
+       service:
+         name: karpenter
+         namespace: karpenter
+         port: 8443
+     failurePolicy: Fail
+     sideEffects: None
+     objectSelector:
+       matchLabels:
+         app.kubernetes.io/part-of: karpenter
karpenter, validation.webhook.karpenter.k8s.aws, ValidatingWebhookConfiguration (admissionregistration.k8s.io) has been added:
- 
+ # Source: karpenter/templates/webhooks.yaml
+ apiVersion: admissionregistration.k8s.io/v1
+ kind: ValidatingWebhookConfiguration
+ metadata:
+   name: validation.webhook.karpenter.k8s.aws
+   labels:
+     helm.sh/chart: karpenter-0.37.6
+     app.kubernetes.io/name: karpenter
+     app.kubernetes.io/instance: karpenter
+     app.kubernetes.io/version: "0.37.6"
+     app.kubernetes.io/managed-by: Helm
+ webhooks:
+   - name: validation.webhook.karpenter.k8s.aws
+     admissionReviewVersions: ["v1"]
+     clientConfig:
+       service:
+         name: karpenter
+         namespace: karpenter
+         port: 8443
+     failurePolicy: Fail
+     sideEffects: None
+     rules:
+       - apiGroups:
+           - karpenter.k8s.aws
+         apiVersions:
+           - v1beta1
+         operations:
+           - CREATE
+           - UPDATE
+         resources:
+           - ec2nodeclasses
+           - ec2nodeclasses/status
+         scope: '*'
karpenter, validation.webhook.karpenter.sh, ValidatingWebhookConfiguration (admissionregistration.k8s.io) has been added:
- 
+ # Source: karpenter/templates/webhooks-core.yaml
+ apiVersion: admissionregistration.k8s.io/v1
+ kind: ValidatingWebhookConfiguration
+ metadata:
+   name: validation.webhook.karpenter.sh
+   labels:
+     helm.sh/chart: karpenter-0.37.6
+     app.kubernetes.io/name: karpenter
+     app.kubernetes.io/instance: karpenter
+     app.kubernetes.io/version: "0.37.6"
+     app.kubernetes.io/managed-by: Helm
+ webhooks:
+   - name: validation.webhook.karpenter.sh
+     admissionReviewVersions: ["v1"]
+     clientConfig:
+       service:
+         name: karpenter
+         namespace: karpenter
+         port: 8443
+     failurePolicy: Fail
+     sideEffects: None
+     rules:
+       - apiGroups:
+           - karpenter.sh
+         apiVersions:
+           - v1beta1
+         operations:
+           - CREATE
+           - UPDATE
+         resources:
+           - nodeclaims
+           - nodeclaims/status
+         scope: '*'
+       - apiGroups:
+           - karpenter.sh
+         apiVersions:
+           - v1beta1
+         operations:
+           - CREATE
+           - UPDATE
+         resources:
+           - nodepools
+           - nodepools/status
+         scope: '*'

Comparing release=karpenter-nodepool, chart=charts/karpenter-nodepool
Comparing release=priority-classes, chart=deliveryhero/priority-class
Comparing release=secrets-store-csi-driver, chart=secrets-store-csi-driver/secrets-store-csi-driver
Comparing release=aws-secrets-provider, chart=aws-secrets-manager/secrets-store-csi-driver-provider-aws
Comparing release=kube-state-metrics, chart=prometheus-community/kube-state-metrics
kube-system, kube-state-metrics, ClusterRole (rbac.authorization.k8s.io) has changed:
  # Source: kube-state-metrics/templates/role.yaml
  apiVersion: rbac.authorization.k8s.io/v1
  kind: ClusterRole
  metadata:
    labels:    
-     helm.sh/chart: kube-state-metrics-5.18.1
+     helm.sh/chart: kube-state-metrics-5.27.0
      app.kubernetes.io/managed-by: Helm
      app.kubernetes.io/component: metrics
      app.kubernetes.io/part-of: kube-state-metrics
      app.kubernetes.io/name: kube-state-metrics
      app.kubernetes.io/instance: kube-state-metrics
-     app.kubernetes.io/version: "2.12.0"
+     app.kubernetes.io/version: "2.14.0"
      app.kubernetes.io/component: exporter
      app.kubernetes.io/name: kube-state-metrics
      app.kubernetes.io/version: 2.8.2
    name: kube-state-metrics
  rules:

  - apiGroups: ["certificates.k8s.io"]
    resources:
    - certificatesigningrequests
    verbs: ["list", "watch"]

  - apiGroups: [""]
    resources:
    - configmaps
    verbs: ["list", "watch"]

  - apiGroups: ["batch"]
    resources:
    - cronjobs
    verbs: ["list", "watch"]

  - apiGroups: ["extensions", "apps"]
    resources:
    - daemonsets
    verbs: ["list", "watch"]

  - apiGroups: ["extensions", "apps"]
    resources:
    - deployments
    verbs: ["list", "watch"]

  - apiGroups: [""]
    resources:
    - endpoints
    verbs: ["list", "watch"]

  - apiGroups: ["autoscaling"]
    resources:
    - horizontalpodautoscalers
    verbs: ["list", "watch"]

  - apiGroups: ["extensions", "networking.k8s.io"]
    resources:
    - ingresses
    verbs: ["list", "watch"]

  - apiGroups: ["batch"]
    resources:
    - jobs
    verbs: ["list", "watch"]

  - apiGroups: ["coordination.k8s.io"]
    resources:
    - leases
    verbs: ["list", "watch"]

  - apiGroups: [""]
    resources:
    - limitranges
    verbs: ["list", "watch"]

  - apiGroups: ["admissionregistration.k8s.io"]
    resources:
      - mutatingwebhookconfigurations
    verbs: ["list", "watch"]

  - apiGroups: [""]
    resources:
    - namespaces
    verbs: ["list", "watch"]

  - apiGroups: ["networking.k8s.io"]
    resources:
    - networkpolicies
    verbs: ["list", "watch"]

  - apiGroups: [""]
    resources:
    - nodes
    verbs: ["list", "watch"]

  - apiGroups: [""]
    resources:
    - persistentvolumeclaims
    verbs: ["list", "watch"]

  - apiGroups: [""]
    resources:
    - persistentvolumes
    verbs: ["list", "watch"]

  - apiGroups: ["policy"]
    resources:
      - poddisruptionbudgets
    verbs: ["list", "watch"]

  - apiGroups: [""]
    resources:
    - pods
    verbs: ["list", "watch"]

  - apiGroups: ["extensions", "apps"]
    resources:
    - replicasets
    verbs: ["list", "watch"]

  - apiGroups: [""]
    resources:
    - replicationcontrollers
    verbs: ["list", "watch"]

  - apiGroups: [""]
    resources:
    - resourcequotas
    verbs: ["list", "watch"]

  - apiGroups: [""]
    resources:
    - secrets
    verbs: ["list", "watch"]

  - apiGroups: [""]
    resources:
    - services
    verbs: ["list", "watch"]

  - apiGroups: ["apps"]
    resources:
    - statefulsets
    verbs: ["list", "watch"]

  - apiGroups: ["storage.k8s.io"]
    resources:
      - storageclasses
    verbs: ["list", "watch"]

  - apiGroups: ["admissionregistration.k8s.io"]
    resources:
      - validatingwebhookconfigurations
    verbs: ["list", "watch"]

  - apiGroups: ["storage.k8s.io"]
    resources:
      - volumeattachments
    verbs: ["list", "watch"]
kube-system, kube-state-metrics, ClusterRoleBinding (rbac.authorization.k8s.io) has changed:
  # Source: kube-state-metrics/templates/clusterrolebinding.yaml
  apiVersion: rbac.authorization.k8s.io/v1
  kind: ClusterRoleBinding
  metadata:
    labels:    
-     helm.sh/chart: kube-state-metrics-5.18.1
+     helm.sh/chart: kube-state-metrics-5.27.0
      app.kubernetes.io/managed-by: Helm
      app.kubernetes.io/component: metrics
      app.kubernetes.io/part-of: kube-state-metrics
      app.kubernetes.io/name: kube-state-metrics
      app.kubernetes.io/instance: kube-state-metrics
-     app.kubernetes.io/version: "2.12.0"
+     app.kubernetes.io/version: "2.14.0"
      app.kubernetes.io/component: exporter
      app.kubernetes.io/name: kube-state-metrics
      app.kubernetes.io/version: 2.8.2
    name: kube-state-metrics
  roleRef:
    apiGroup: rbac.authorization.k8s.io
    kind: ClusterRole
    name: kube-state-metrics
  subjects:
  - kind: ServiceAccount
    name: kube-state-metrics
    namespace: kube-system
kube-system, kube-state-metrics, Deployment (apps) has changed:
  # Source: kube-state-metrics/templates/deployment.yaml
  apiVersion: apps/v1
  kind: Deployment
  metadata:
    name: kube-state-metrics
    namespace: kube-system
    labels:    
-     helm.sh/chart: kube-state-metrics-5.18.1
+     helm.sh/chart: kube-state-metrics-5.27.0
      app.kubernetes.io/managed-by: Helm
      app.kubernetes.io/component: metrics
      app.kubernetes.io/part-of: kube-state-metrics
      app.kubernetes.io/name: kube-state-metrics
      app.kubernetes.io/instance: kube-state-metrics
-     app.kubernetes.io/version: "2.12.0"
+     app.kubernetes.io/version: "2.14.0"
      app.kubernetes.io/component: exporter
      app.kubernetes.io/name: kube-state-metrics
      app.kubernetes.io/version: 2.8.2
  spec:
    selector:
      matchLabels:      
        app.kubernetes.io/name: kube-state-metrics
        app.kubernetes.io/instance: kube-state-metrics
    replicas: 1
    strategy:
      type: RollingUpdate
    revisionHistoryLimit: 10
    template:
      metadata:
        labels:        
-         helm.sh/chart: kube-state-metrics-5.18.1
+         helm.sh/chart: kube-state-metrics-5.27.0
          app.kubernetes.io/managed-by: Helm
          app.kubernetes.io/component: metrics
          app.kubernetes.io/part-of: kube-state-metrics
          app.kubernetes.io/name: kube-state-metrics
          app.kubernetes.io/instance: kube-state-metrics
-         app.kubernetes.io/version: "2.12.0"
+         app.kubernetes.io/version: "2.14.0"
          app.kubernetes.io/component: exporter
          app.kubernetes.io/name: kube-state-metrics
          app.kubernetes.io/version: 2.8.2
      spec:
+       automountServiceAccountToken: true
        hostNetwork: false
        serviceAccountName: kube-state-metrics
        securityContext:
          fsGroup: 65534
          runAsGroup: 65534
          runAsNonRoot: true
          runAsUser: 65534
          seccompProfile:
            type: RuntimeDefault
        priorityClassName: system-node-critical
        containers:
        - name: kube-state-metrics
          args:
          - --port=8080
          - --resources=certificatesigningrequests,configmaps,cronjobs,daemonsets,deployments,endpoints,horizontalpodautoscalers,ingresses,jobs,leases,limitranges,mutatingwebhookconfigurations,namespaces,networkpolicies,nodes,persistentvolumeclaims,persistentvolumes,poddisruptionbudgets,pods,replicasets,replicationcontrollers,resourcequotas,secrets,services,statefulsets,storageclasses,validatingwebhookconfigurations,volumeattachments
          imagePullPolicy: IfNotPresent
-         image: registry.k8s.io/kube-state-metrics/kube-state-metrics:v2.12.0
+         image: registry.k8s.io/kube-state-metrics/kube-state-metrics:v2.14.0
          ports:
          - containerPort: 8080
            name: "http"
          livenessProbe:
            failureThreshold: 3
            httpGet:
              httpHeaders:
-             path: /healthz
+             path: /livez
              port: 8080
              scheme: HTTP
            initialDelaySeconds: 5
            periodSeconds: 10
            successThreshold: 1
            timeoutSeconds: 5
          readinessProbe:
            failureThreshold: 3
            httpGet:
              httpHeaders:
-             path: /
-             port: 8080
+             path: /readyz
+             port: 8081
              scheme: HTTP
            initialDelaySeconds: 5
            periodSeconds: 10
            successThreshold: 1
            timeoutSeconds: 5
+         resources:
+           {}
          securityContext:
            allowPrivilegeEscalation: false
            capabilities:
              drop:
              - ALL
            readOnlyRootFilesystem: true
kube-system, kube-state-metrics, Service (v1) has changed:
  # Source: kube-state-metrics/templates/service.yaml
  apiVersion: v1
  kind: Service
  metadata:
    name: kube-state-metrics
    namespace: kube-system
    labels:    
-     helm.sh/chart: kube-state-metrics-5.18.1
+     helm.sh/chart: kube-state-metrics-5.27.0
      app.kubernetes.io/managed-by: Helm
      app.kubernetes.io/component: metrics
      app.kubernetes.io/part-of: kube-state-metrics
      app.kubernetes.io/name: kube-state-metrics
      app.kubernetes.io/instance: kube-state-metrics
-     app.kubernetes.io/version: "2.12.0"
+     app.kubernetes.io/version: "2.14.0"
      app.kubernetes.io/component: exporter
      app.kubernetes.io/name: kube-state-metrics
      app.kubernetes.io/version: 2.8.2
    annotations:
      prometheus.io/scrape: 'true'
  spec:
    type: "ClusterIP"
    ports:
    - name: "http"
      protocol: TCP
      port: 8080
      targetPort: 8080
    
    selector:    
      app.kubernetes.io/name: kube-state-metrics
      app.kubernetes.io/instance: kube-state-metrics
kube-system, kube-state-metrics, ServiceAccount (v1) has changed:
  # Source: kube-state-metrics/templates/serviceaccount.yaml
  apiVersion: v1
  kind: ServiceAccount
+ automountServiceAccountToken: true
  metadata:
    labels:    
-     helm.sh/chart: kube-state-metrics-5.18.1
+     helm.sh/chart: kube-state-metrics-5.27.0
      app.kubernetes.io/managed-by: Helm
      app.kubernetes.io/component: metrics
      app.kubernetes.io/part-of: kube-state-metrics
      app.kubernetes.io/name: kube-state-metrics
      app.kubernetes.io/instance: kube-state-metrics
-     app.kubernetes.io/version: "2.12.0"
+     app.kubernetes.io/version: "2.14.0"
      app.kubernetes.io/component: exporter
      app.kubernetes.io/name: kube-state-metrics
      app.kubernetes.io/version: 2.8.2
    name: kube-state-metrics
    namespace: kube-system

Comparing release=blazer, chart=stakater/application
Comparing release=ingress, chart=charts/nginx-ingress
Comparing release=xray-daemon, chart=okgolove/aws-xray

renovate bot requested a review from jimleroyer as a code owner June 1, 2024 06:58

renovate bot added Dependencies Renovate labels Jun 1, 2024

renovate bot force-pushed the renovate/all-minor branch from a0a43a1 to d187cb7 Compare June 1, 2024 14:05

renovate bot changed the title ~~chore(deps): update gha-runner-scale-set docker tag to v0.9.2~~ chore(deps): update all minor dependencies Jun 1, 2024

renovate bot changed the title ~~chore(deps): update all minor dependencies~~ chore(deps): update gha-runner-scale-set docker tag to v0.9.2 Jun 1, 2024

renovate bot changed the title ~~chore(deps): update gha-runner-scale-set docker tag to v0.9.2~~ chore(deps): update all minor dependencies Jun 1, 2024

renovate bot changed the title ~~chore(deps): update all minor dependencies~~ chore(deps): update gha-runner-scale-set docker tag to v0.9.2 Jun 2, 2024

renovate bot changed the title ~~chore(deps): update gha-runner-scale-set docker tag to v0.9.2~~ chore(deps): update all minor dependencies Jun 2, 2024

renovate bot changed the title ~~chore(deps): update all minor dependencies~~ chore(deps): update gha-runner-scale-set docker tag to v0.9.2 Jun 2, 2024

renovate bot changed the title ~~chore(deps): update gha-runner-scale-set docker tag to v0.9.2~~ chore(deps): update all minor dependencies to v0.37.0 Jun 2, 2024

renovate bot changed the title ~~chore(deps): update all minor dependencies to v0.37.0~~ chore(deps): update all minor dependencies Jun 2, 2024

renovate bot force-pushed the renovate/all-minor branch from d187cb7 to b4336d0 Compare June 3, 2024 14:04

renovate bot force-pushed the renovate/all-minor branch 16 times, most recently from c317cf3 to 45e2e91 Compare June 5, 2024 16:04

renovate bot force-pushed the renovate/all-minor branch 10 times, most recently from 8d21d15 to 990f1b6 Compare December 9, 2024 14:35

renovate bot force-pushed the renovate/all-minor branch 18 times, most recently from 2a93dc4 to e383b8e Compare December 12, 2024 23:02

chore(deps): update all minor dependencies

0069e39

renovate bot force-pushed the renovate/all-minor branch from e383b8e to 0069e39 Compare December 13, 2024 17:03

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

chore(deps): update all minor dependencies #2650

chore(deps): update all minor dependencies #2650

renovate bot commented Jun 1, 2024 •

edited

Loading

github-actions bot commented Jun 3, 2024 •

edited

Loading

chore(deps): update all minor dependencies #2650

Are you sure you want to change the base?

chore(deps): update all minor dependencies #2650

Conversation

renovate bot commented Jun 1, 2024 • edited Loading

Review

Release Notes

v0.37.6

Bug Fixes

Tests

Commits

v0.37.5

Bug Fixes

Tests

Commits

v0.37.4

Continuous Integration

Chores

Commits

v0.37.3

Bug Fixes

Documentation

Chores

v0.37.2

Chores

Commits

v0.37.1

Features

Tests

Continuous Integration

Chores

Commits

v0.37.0

Features

Bug Fixes

Documentation

Tests

Continuous Integration

Chores

Commits

Configuration

github-actions bot commented Jun 3, 2024 • edited Loading

renovate bot commented Jun 1, 2024 •

edited

Loading

`v0.37.6`

`v0.37.5`

`v0.37.4`

`v0.37.3`

`v0.37.2`

`v0.37.1`

`v0.37.0`

github-actions bot commented Jun 3, 2024 •

edited

Loading