Skip to content

1.17.10

Choose a tag to compare

View all tags
@cilium-release-bot cilium-release-bot released this 12 Nov 16:49
· 5332 commits to main since this release
v1.17.10
2661dea

Security Advisories

This release addresses GHSA-38pp-6gcp-rqvm.

Summary of Changes

Bugfixes:

  • cilium-operator: ciliumendpoints are not garbage collected until a minimum age is reached (5m by default) (Backport PR #42569, Upstream PR #42413, @zhouhaibing089)
  • encrypt status: also check tcx attachment on interfaces (Backport PR #42468, Upstream PR #42328, @bersoare)
  • Fix cilium_operator_lbipam_conflicting_pools metric to report correct value. (Backport PR #42316, Upstream PR #41999, @hanapedia)

CI Changes:

  • .github/actions/e2e: define static job names (Backport PR #42436, Upstream PR #42332, @aanm)
  • [v1.17] .github/workflows: Add base-SHA input to ariane triggered workflows (#42194, @dylandreimerink)
  • conformance-aws-cni: disable l7 proxy with aws-cni (Backport PR #42631, Upstream PR #42578, @aanm)
  • gh: ginkgo: fix focus for service hairpin test (Backport PR #42651, Upstream PR #42633, @julianwiedmann)
  • gh: ginkgo: reduce number of tested k8s versions in PRs (Backport PR #42471, Upstream PR #42465, @julianwiedmann)
  • gha: allow configuring runner for workflows building Cilium binaries (Backport PR #42631, Upstream PR #42582, @giorio94)
  • Testing for RHEL8 compatibility now uses a RHEL8.10-compatible kernel (previously this was a RHEL8.6-compatible kernel). (Backport PR #42626, Upstream PR #41639, @julianwiedmann)
  • workflows: fix GCP OIDC authentication's project ID (#42174, @nbusseneau)

Misc Changes:

  • [v1.17] deps: bump CNI plugins version (#42444, @ferozsalam)
  • chore(deps): update all github action dependencies (v1.17) (#42401, @cilium-renovate[bot])
  • chore(deps): update all github action dependencies (v1.17) (#42543, @cilium-renovate[bot])
  • chore(deps): update dependency cilium/cilium-cli to v0.18.8 (v1.17) (#41514, @cilium-renovate[bot])
  • chore(deps): update docker.io/library/golang:1.24.10 docker digest to c3ea417 (v1.17) (#42683, @cilium-renovate[bot])
  • chore(deps): update docker.io/library/golang:1.24.9 docker digest to 5034fa4 (v1.17) (#42409, @cilium-renovate[bot])
  • chore(deps): update docker.io/library/golang:1.24.9 docker digest to f542f0a (v1.17) (#42400, @cilium-renovate[bot])
  • chore(deps): update github artifact actions (v1.17) (#42403, @cilium-renovate[bot])
  • chore(deps): update go to v1.24.10 (v1.17) (#42622, @cilium-renovate[bot])
  • chore(deps): update stable lvh-images (v1.17) (patch) (#42542, @cilium-renovate[bot])
  • chore(deps): update stable lvh-images (v1.17) (patch) (#42684, @cilium-renovate[bot])
  • ci: Add workflow permissions for auto-approve and renovate (Backport PR #42316, Upstream PR #42281, @kyle-c-simmons)
  • ci: Fix call-backport-label-updater permissions (Backport PR #42631, Upstream PR #42510, @kyle-c-simmons)
  • cilium, routes: Downgrade warning on direct-routing-skip-unreachable (Backport PR #42468, Upstream PR #42210, @borkmann)
  • Don't emit error on ctmap GC delete attempts to delete key that does not exist. (Backport PR #42468, Upstream PR #38855, @tommyp1ckles)
  • fix: run post-release and publish-helm workflows on cilium org (Backport PR #42316, Upstream PR #42279, @sekhar-isovalent)

Other Changes:

  • [v1.17] test: ginkgo: skip BPF masq tests on configs without external node (#42463, @julianwiedmann)
  • install: Update image digests for v1.17.9 (#42343, @cilium-release-bot[bot])

Docker Manifests

cilium

quay.io/cilium/cilium:v1.17.10@sha256:d93cda710570df64dcb849807bd163013903143d74d5a4ebf16e1a659146c0d3

clustermesh-apiserver

quay.io/cilium/clustermesh-apiserver:v1.17.10@sha256:e93eb3a8c8b0691cc4262b54e1f301996b5f34b7952017817af5b01da56181a7

docker-plugin

quay.io/cilium/docker-plugin:v1.17.10@sha256:b1d3b8a41c6c9ad9e7d3820ae6a704214bd5a68db8fdc0d2cff51efd75e5e856

hubble-relay

quay.io/cilium/hubble-relay:v1.17.10@sha256:da6747dd2bccc2901693b49ed4a687723f8d5c1e37d40fb95ea04910d31eaab2

operator-alibabacloud

quay.io/cilium/operator-alibabacloud:v1.17.10@sha256:f67855587c3ecd7c2b6080e5ccabd87838b35c4bcf8a9ceed8a8a7a17cc07428

operator-aws

quay.io/cilium/operator-aws:v1.17.10@sha256:3f8ebc78a54dbded65156f58ae32db7dbb7afd1064a293e6cb7e40ff2cd3477b

operator-azure

quay.io/cilium/operator-azure:v1.17.10@sha256:77c113f2e48f90565541a9037cb049c21772a49b99dec51b110a5fc8ac8be49d

operator-generic

quay.io/cilium/operator-generic:v1.17.10@sha256:09cee355c86b8c50d43ecc8f63cedc5d4a8597aa41be72a63ca4479c31c2f2be

operator

quay.io/cilium/operator:v1.17.10@sha256:987ddbc6db78f5bceec753048bef10783d4345f9e0f300d13a34946959629f0e

Contributors

borkmann, ferozsalam, and 11 other contributors
Assets 2
Loading