NO-ISSUE: Bump sigs.k8s.io/controller-runtime from 0.20.3 to 0.20.4 #615
Conversation
![dependabot[bot]](https://avatars.githubusercontent.com/in/29110?s=60&v=4){kind=small}
Bumps [sigs.k8s.io/controller-runtime](https://github.com/kubernetes-sigs/controller-runtime) from 0.20.3 to 0.20.4. - [Release notes](https://github.com/kubernetes-sigs/controller-runtime/releases) - [Changelog](https://github.com/kubernetes-sigs/controller-runtime/blob/main/RELEASE.md) - [Commits](kubernetes-sigs/controller-runtime@v0.20.3...v0.20.4) --- updated-dependencies: - dependency-name: sigs.k8s.io/controller-runtime dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]>
dependabot
bot
added
dependencies
|
@dependabot[bot]: This pull request explicitly references no jira issue. In response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the openshift-eng/jira-lifecycle-plugin repository. |
openshift-ci-robot
added
the
jira/valid-reference
openshift-ci
bot
added
the
needs-ok-to-test
|
Hi @dependabot[bot]. Thanks for your PR. I'm waiting for a operator-framework member to verify that this patch is reasonable to test. If it is, they should reply with Once the patch is verified, the new status will be reflected by the I understand the commands that are listed here. Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository. |
|
/ok-to-test |
openshift-ci
bot
added
ok-to-test
| @@ -2,7 +2,7 @@ module github.com/operator-framework/operator-marketplace | |||
|
|
|||
| go 1.23.0 | |||
|
|
|||
| toolchain go1.23.4 | |||
| toolchain go1.24.1 | |||
There was a problem hiding this comment.
We probably need to do this one manually due this change
/hold
There was a problem hiding this comment.
toolchain go1.24 should be ok, no? even with 1.23?
There was a problem hiding this comment.
I guess, if it passes CI it should be ok?
There was a problem hiding this comment.
That is true, I was concern because usually we cannot update go version
maybe that is good re-check with @tmshort
This one seems fine we change the go-version
There was a problem hiding this comment.
I don't believe our CI here is sufficient to defuse concerns. ART runs builds in disconnected mode and sets GOTOOLCHAIN=local. I think that means that when ART tries to build with a toolchain extending beyond supported builder versions it will go BOOM.
https://redhat-internal.slack.com/archives/CB95J6R4N/p1714741413193429
There was a problem hiding this comment.
I think this is actually an unintended consequence of dependabot using the latest version of tooling for this operation.
When I bump this locally, I get no golang or toolchain version bump.
Maybe we just do this one manually?
There was a problem hiding this comment.
Now I'm really confused.
ART builds https://github.com/operator-framework/operator-marketplace/blob/master/Dockerfile, and if I replicate this PR on my local and build with it (taking some steps to ensure that my GOTOOLCHAIN is set to local for the build) ... it works fine.
I guess I expected it to try to download the toolchain and fail, and fail to build.
🤷
There was a problem hiding this comment.
Reading this as well as the fact that my local go get sigs.k8s.io/[email protected] doesn't bump the toolchain, I interpret this toolchain bump as arbitrary and not needed by any dependency.
Since it is arbitrary, the compile process ignores it, which means in our 1.23.6-constrained, local environment it will still compile.
There was a problem hiding this comment.
I think we could create a manual PR without the Go version bump.
However, regards it be passing in the CI, I either do not understand. I would actually expect it to fail as well until we be able to use up go version.
openshift-ci
bot
added
the
do-not-merge/hold
|
[APPROVALNOTIFIER] This PR is NOT APPROVED This pull-request has been approved by: camilamacedo86, dependabot[bot] The full list of commands accepted by this bot can be found here.
Needs approval from an approver in each of these files:
Approvers can indicate their approval by writing |
|
Superseded by #628. |
dependabot
bot
deleted the
dependabot/go_modules/sigs.k8s.io/controller-runtime-0.20.4
branch
Bumps sigs.k8s.io/controller-runtime from 0.20.3 to 0.20.4.
Release notes
Sourced from sigs.k8s.io/controller-runtime's releases.
Commits
0f7927cMerge pull request #3179 from alvaroaleman/lowpdefault9951869🌱 TypedRequestForOwner: Decrease priority when unchangedc7d5d83Fix godoc of TypedEventHandler2062f3a🌱 Remove redundant WithLowPriorityWhenUnchanged in builder2af3164🌱 Followups to default low priority in mappers29debb1🌱 Handlers: Use low priority when object is unchanged and priority q5355658🐛Implement priorityqueue as default on handlers if using priorityqueue interf...3156aceMerge pull request #3175 from k8s-infra-cherrypick-robot/cherry-pick-3166-to-...4ae5f39add version.version to tools/setup-envtest to show installed version833f208Merge pull request #3173 from k8s-infra-cherrypick-robot/cherry-pick-3167-to-...You can trigger a rebase of this PR by commenting
@dependabot rebase.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebasewill rebase this PR@dependabot recreatewill recreate this PR, overwriting any edits that have been made to it@dependabot mergewill merge this PR after your CI passes on it@dependabot squash and mergewill squash and merge this PR after your CI passes on it@dependabot cancel mergewill cancel a previously requested merge and block automerging@dependabot reopenwill reopen this PR if it is closed@dependabot closewill close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually@dependabot show <dependency name> ignore conditionswill show all of the ignore conditions of the specified dependency@dependabot ignore this major versionwill close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this minor versionwill close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this dependencywill close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)