Skip to content

Tags: kumahq/kuma

Tags

2.11.5

Toggle 2.11.5's commit message

Verified

This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode 
feat(helm): switch kubectl image to `registry.k8s.io` (#14298)

## Motivation

Use the official Kubernetes image for kubectl to reduce third-party
dependencies, align with upstream defaults, and keep using a pinned
digest. This also avoids surprises from images that change ownership or
availability.

## Implementation information

- Switch `kubectl.image.registry` from `docker.io` to `registry.k8s.io`
- Switch `kubectl.image.repository` from `rancher/kubectl` to `kubectl`
- Bump `kubectl.image.tag` from `v1.33.3@sha256:26d09f...` to
`v1.33.4@sha256:261a9e...`
- Update `values.yaml`, generated docs
(`docs/generated/raw/helm-values.yaml`), test data
(`install-control-plane.dump-values.yaml`), and README values table
- No changes to hooks, containers, or logic; charts will now pull the
new image

## Supporting documentation

- Context: bitnami/charts#35164

Signed-off-by: Bart Smykla <bartek@smykla.com>

2.11.4

Toggle 2.11.4's commit message

Verified

This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode 
fix(tools): revert mise (#14146)

## Motivation

revert mise for now

<!--
> Changelog: skip
-->
<!--
Uncomment the above section to explicitly set a [`> Changelog:` entry
here](https://github.com/kumahq/kuma/blob/master/CONTRIBUTING.md#submitting-a-patch)?
-->

2.10.5

Toggle 2.10.5's commit message

Partially verified

This commit was created on GitHub.com and signed with GitHub’s verified signature.
We cannot verify signatures from co-authors, and some of the co-authors attributed to this commit require their commits to be signed. 
fix(helm): properly set addresses when a list is provided (backport of 

…#14112) (#14130)

Automatic cherry-pick of #14112 for branch release-2.10

Generated by
[action](https://github.com/kumahq/kuma/actions/runs/16725331751)

cherry-picked commit 155afc3

---------

Signed-off-by: Lukasz Dziedziak <lukidzi@gmail.com>
Co-authored-by: Lukasz Dziedziak <lukidzi@gmail.com>
Co-authored-by: Icarus Wu <icaruswu66@qq.com>

2.9.8

Toggle 2.9.8's commit message

Partially verified

This commit was created on GitHub.com and signed with GitHub’s verified signature.
We cannot verify signatures from co-authors, and some of the co-authors attributed to this commit require their commits to be signed. 
fix(helm): properly set addresses when a list is provided (backport of 

…#14112) (#14131)

Automatic cherry-pick of #14112 for branch release-2.9

Generated by
[action](https://github.com/kumahq/kuma/actions/runs/16725331751)

cherry-picked commit 155afc3

---------

Signed-off-by: Lukasz Dziedziak <lukidzi@gmail.com>
Co-authored-by: Lukasz Dziedziak <lukidzi@gmail.com>
Co-authored-by: Icarus Wu <icaruswu66@qq.com>

2.7.16

Toggle 2.7.16's commit message

Partially verified

This commit was created on GitHub.com and signed with GitHub’s verified signature.
We cannot verify signatures from co-authors, and some of the co-authors attributed to this commit require their commits to be signed. 
fix(helm): properly set addresses when a list is provided (backport of 

…#14112) (#14129)

Automatic cherry-pick of #14112 for branch release-2.7

Generated by
[action](https://github.com/kumahq/kuma/actions/runs/16725331751)

cherry-picked commit 155afc3

---------

Signed-off-by: Lukasz Dziedziak <lukidzi@gmail.com>
Co-authored-by: Lukasz Dziedziak <lukidzi@gmail.com>
Co-authored-by: Icarus Wu <icaruswu66@qq.com>

2.11.3

Toggle 2.11.3's commit message

Verified

This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode 
ci(gha): move clang-format from `make check` to action (backport of #…

…14012) (#14034)

Automatic cherry-pick of #14012 for branch release-2.11

Generated by
[action](https://github.com/kumahq/kuma/actions/runs/16444179902)

cherry-picked commit a8eab41

---------

Signed-off-by: Marcin Skalski <skalskimarcin33@gmail.com>
Co-authored-by: Marcin Skalski <marcin.skalski@konghq.com>
Co-authored-by: Marcin Skalski <skalskimarcin33@gmail.com>

2.10.4

Toggle 2.10.4's commit message

Verified

This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode 
ci(gha): move clang-format from `make check` to action (backport of #…

…14012) (#14033)

Automatic cherry-pick of #14012 for branch release-2.10

Generated by
[action](https://github.com/kumahq/kuma/actions/runs/16444179902)

cherry-picked commit a8eab41

---------

Signed-off-by: Marcin Skalski <skalskimarcin33@gmail.com>
Co-authored-by: Marcin Skalski <marcin.skalski@konghq.com>
Co-authored-by: Marcin Skalski <skalskimarcin33@gmail.com>

2.9.7

Toggle 2.9.7's commit message

Verified

This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode 
ci(gha): move clang-format from `make check` to action (backport of #…

…14012) (#14032)

Automatic cherry-pick of #14012 for branch release-2.9

Generated by
[action](https://github.com/kumahq/kuma/actions/runs/16444179902)

cherry-picked commit a8eab41

---------

Signed-off-by: Marcin Skalski <skalskimarcin33@gmail.com>
Co-authored-by: Marcin Skalski <marcin.skalski@konghq.com>
Co-authored-by: Marcin Skalski <skalskimarcin33@gmail.com>

2.7.15

Toggle 2.7.15's commit message

Verified

This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode 
ci(gha): move clang-format from `make check` to action (backport of #…

…14012) (#14031)

Automatic cherry-pick of #14012 for branch release-2.7

Generated by
[action](https://github.com/kumahq/kuma/actions/runs/16444179902)

cherry-picked commit a8eab41

---------

Signed-off-by: Marcin Skalski <skalskimarcin33@gmail.com>
Co-authored-by: Marcin Skalski <marcin.skalski@konghq.com>
Co-authored-by: Marcin Skalski <skalskimarcin33@gmail.com>

2.10.3

Toggle 2.10.3's commit message

Verified

This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode 
chore(deps): security update (#13901)

### Summary

This PR updates the `helm.sh/helm/v3` dependency to **v3.18.4** to
address
[GHSA-557j-xg8c-q2mm](https://osv.dev/vulnerability/GHSA-557j-xg8c-q2mm),
a high-severity CVE (score 8.5). According to our support policy, all
CVEs with critical and high severity must be addressed.

### Details

* The vulnerability is not patched in the Helm `v3.17.x`, which we were
previously using

* Upgrading to `v3.18.4` is the only available fix

* Unfortunately, this upgrade required cascading changes due to:

* Changes of compatibility requirements in Helm's transitive
dependencies

  * Updates to Kubernetes libraries pulled by Helm

  * A required bump in the Go version to ensure compatibility

### Scan output

Before update:

| OSV URL | CVSS | ECOSYSTEM | PACKAGE | VERSION | SOURCE |

|-------------------------------------|------|-----------|-----------------|---------|--------|
| https://osv.dev/GHSA-557j-xg8c-q2mm | 8.5 | Go | helm.sh/helm/v3 |
3.17.3 | go.mod |

After update:

Signed-off-by: kumahq[bot] <110050114+kumahq[bot]@users.noreply.github.com>
Signed-off-by: Bart Smykla <bartek@smykla.com>
Co-authored-by: kumahq[bot] <110050114+kumahq[bot]@users.noreply.github.com>
Co-authored-by: Bart Smykla <bartek@smykla.com>