Skip to content

Commit 5149dcf

Browse files
openshift-merge-bot[bot]openshift-merge-bot[bot]
authored
Merge pull request #1435 from renovate-bot/renovate/kubernetes-go
Update kubernetes packages to v0.32.1
2 parents 6629b7b + 87e6aac commit 5149dcf

9 files changed

+599
-55
lines changed

bundle/manifests/volsync.backube_replicationdestinations.yaml

Lines changed: 78 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -1225,6 +1225,32 @@ spec:
12251225
Note that this field cannot be set when spec.os.name is windows.
12261226
format: int64
12271227
type: integer
1228+
seLinuxChangePolicy:
1229+
description: |-
1230+
seLinuxChangePolicy defines how the container's SELinux label is applied to all volumes used by the Pod.
1231+
It has no effect on nodes that do not support SELinux or to volumes does not support SELinux.
1232+
Valid values are "MountOption" and "Recursive".
1233+
1234+
"Recursive" means relabeling of all files on all Pod volumes by the container runtime.
1235+
This may be slow for large volumes, but allows mixing privileged and unprivileged Pods sharing the same volume on the same node.
1236+
1237+
"MountOption" mounts all eligible Pod volumes with `-o context` mount option.
1238+
This requires all Pods that share the same volume to use the same SELinux label.
1239+
It is not possible to share the same volume among privileged and unprivileged Pods.
1240+
Eligible volumes are in-tree FibreChannel and iSCSI volumes, and all CSI volumes
1241+
whose CSI driver announces SELinux support by setting spec.seLinuxMount: true in their
1242+
CSIDriver instance. Other volumes are always re-labelled recursively.
1243+
"MountOption" value is allowed only when SELinuxMount feature gate is enabled.
1244+
1245+
If not specified and SELinuxMount feature gate is enabled, "MountOption" is used.
1246+
If not specified and SELinuxMount feature gate is disabled, "MountOption" is used for ReadWriteOncePod volumes
1247+
and "Recursive" for all other volumes.
1248+
1249+
This field affects only Pods that have SELinux label set, either in PodSecurityContext or in SecurityContext of all containers.
1250+
1251+
All Pods that use the same volume should use the same seLinuxChangePolicy, otherwise some pods can get stuck in ContainerCreating state.
1252+
Note that this field cannot be set when spec.os.name is windows.
1253+
type: string
12281254
seLinuxOptions:
12291255
description: |-
12301256
The SELinux context to be applied to all containers.
@@ -2560,6 +2586,32 @@ spec:
25602586
Note that this field cannot be set when spec.os.name is windows.
25612587
format: int64
25622588
type: integer
2589+
seLinuxChangePolicy:
2590+
description: |-
2591+
seLinuxChangePolicy defines how the container's SELinux label is applied to all volumes used by the Pod.
2592+
It has no effect on nodes that do not support SELinux or to volumes does not support SELinux.
2593+
Valid values are "MountOption" and "Recursive".
2594+
2595+
"Recursive" means relabeling of all files on all Pod volumes by the container runtime.
2596+
This may be slow for large volumes, but allows mixing privileged and unprivileged Pods sharing the same volume on the same node.
2597+
2598+
"MountOption" mounts all eligible Pod volumes with `-o context` mount option.
2599+
This requires all Pods that share the same volume to use the same SELinux label.
2600+
It is not possible to share the same volume among privileged and unprivileged Pods.
2601+
Eligible volumes are in-tree FibreChannel and iSCSI volumes, and all CSI volumes
2602+
whose CSI driver announces SELinux support by setting spec.seLinuxMount: true in their
2603+
CSIDriver instance. Other volumes are always re-labelled recursively.
2604+
"MountOption" value is allowed only when SELinuxMount feature gate is enabled.
2605+
2606+
If not specified and SELinuxMount feature gate is enabled, "MountOption" is used.
2607+
If not specified and SELinuxMount feature gate is disabled, "MountOption" is used for ReadWriteOncePod volumes
2608+
and "Recursive" for all other volumes.
2609+
2610+
This field affects only Pods that have SELinux label set, either in PodSecurityContext or in SecurityContext of all containers.
2611+
2612+
All Pods that use the same volume should use the same seLinuxChangePolicy, otherwise some pods can get stuck in ContainerCreating state.
2613+
Note that this field cannot be set when spec.os.name is windows.
2614+
type: string
25632615
seLinuxOptions:
25642616
description: |-
25652617
The SELinux context to be applied to all containers.
@@ -4030,6 +4082,32 @@ spec:
40304082
Note that this field cannot be set when spec.os.name is windows.
40314083
format: int64
40324084
type: integer
4085+
seLinuxChangePolicy:
4086+
description: |-
4087+
seLinuxChangePolicy defines how the container's SELinux label is applied to all volumes used by the Pod.
4088+
It has no effect on nodes that do not support SELinux or to volumes does not support SELinux.
4089+
Valid values are "MountOption" and "Recursive".
4090+
4091+
"Recursive" means relabeling of all files on all Pod volumes by the container runtime.
4092+
This may be slow for large volumes, but allows mixing privileged and unprivileged Pods sharing the same volume on the same node.
4093+
4094+
"MountOption" mounts all eligible Pod volumes with `-o context` mount option.
4095+
This requires all Pods that share the same volume to use the same SELinux label.
4096+
It is not possible to share the same volume among privileged and unprivileged Pods.
4097+
Eligible volumes are in-tree FibreChannel and iSCSI volumes, and all CSI volumes
4098+
whose CSI driver announces SELinux support by setting spec.seLinuxMount: true in their
4099+
CSIDriver instance. Other volumes are always re-labelled recursively.
4100+
"MountOption" value is allowed only when SELinuxMount feature gate is enabled.
4101+
4102+
If not specified and SELinuxMount feature gate is enabled, "MountOption" is used.
4103+
If not specified and SELinuxMount feature gate is disabled, "MountOption" is used for ReadWriteOncePod volumes
4104+
and "Recursive" for all other volumes.
4105+
4106+
This field affects only Pods that have SELinux label set, either in PodSecurityContext or in SecurityContext of all containers.
4107+
4108+
All Pods that use the same volume should use the same seLinuxChangePolicy, otherwise some pods can get stuck in ContainerCreating state.
4109+
Note that this field cannot be set when spec.os.name is windows.
4110+
type: string
40334111
seLinuxOptions:
40344112
description: |-
40354113
The SELinux context to be applied to all containers.

bundle/manifests/volsync.backube_replicationsources.yaml

Lines changed: 104 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -1209,6 +1209,32 @@ spec:
12091209
Note that this field cannot be set when spec.os.name is windows.
12101210
format: int64
12111211
type: integer
1212+
seLinuxChangePolicy:
1213+
description: |-
1214+
seLinuxChangePolicy defines how the container's SELinux label is applied to all volumes used by the Pod.
1215+
It has no effect on nodes that do not support SELinux or to volumes does not support SELinux.
1216+
Valid values are "MountOption" and "Recursive".
1217+
1218+
"Recursive" means relabeling of all files on all Pod volumes by the container runtime.
1219+
This may be slow for large volumes, but allows mixing privileged and unprivileged Pods sharing the same volume on the same node.
1220+
1221+
"MountOption" mounts all eligible Pod volumes with `-o context` mount option.
1222+
This requires all Pods that share the same volume to use the same SELinux label.
1223+
It is not possible to share the same volume among privileged and unprivileged Pods.
1224+
Eligible volumes are in-tree FibreChannel and iSCSI volumes, and all CSI volumes
1225+
whose CSI driver announces SELinux support by setting spec.seLinuxMount: true in their
1226+
CSIDriver instance. Other volumes are always re-labelled recursively.
1227+
"MountOption" value is allowed only when SELinuxMount feature gate is enabled.
1228+
1229+
If not specified and SELinuxMount feature gate is enabled, "MountOption" is used.
1230+
If not specified and SELinuxMount feature gate is disabled, "MountOption" is used for ReadWriteOncePod volumes
1231+
and "Recursive" for all other volumes.
1232+
1233+
This field affects only Pods that have SELinux label set, either in PodSecurityContext or in SecurityContext of all containers.
1234+
1235+
All Pods that use the same volume should use the same seLinuxChangePolicy, otherwise some pods can get stuck in ContainerCreating state.
1236+
Note that this field cannot be set when spec.os.name is windows.
1237+
type: string
12121238
seLinuxOptions:
12131239
description: |-
12141240
The SELinux context to be applied to all containers.
@@ -2511,6 +2537,32 @@ spec:
25112537
Note that this field cannot be set when spec.os.name is windows.
25122538
format: int64
25132539
type: integer
2540+
seLinuxChangePolicy:
2541+
description: |-
2542+
seLinuxChangePolicy defines how the container's SELinux label is applied to all volumes used by the Pod.
2543+
It has no effect on nodes that do not support SELinux or to volumes does not support SELinux.
2544+
Valid values are "MountOption" and "Recursive".
2545+
2546+
"Recursive" means relabeling of all files on all Pod volumes by the container runtime.
2547+
This may be slow for large volumes, but allows mixing privileged and unprivileged Pods sharing the same volume on the same node.
2548+
2549+
"MountOption" mounts all eligible Pod volumes with `-o context` mount option.
2550+
This requires all Pods that share the same volume to use the same SELinux label.
2551+
It is not possible to share the same volume among privileged and unprivileged Pods.
2552+
Eligible volumes are in-tree FibreChannel and iSCSI volumes, and all CSI volumes
2553+
whose CSI driver announces SELinux support by setting spec.seLinuxMount: true in their
2554+
CSIDriver instance. Other volumes are always re-labelled recursively.
2555+
"MountOption" value is allowed only when SELinuxMount feature gate is enabled.
2556+
2557+
If not specified and SELinuxMount feature gate is enabled, "MountOption" is used.
2558+
If not specified and SELinuxMount feature gate is disabled, "MountOption" is used for ReadWriteOncePod volumes
2559+
and "Recursive" for all other volumes.
2560+
2561+
This field affects only Pods that have SELinux label set, either in PodSecurityContext or in SecurityContext of all containers.
2562+
2563+
All Pods that use the same volume should use the same seLinuxChangePolicy, otherwise some pods can get stuck in ContainerCreating state.
2564+
Note that this field cannot be set when spec.os.name is windows.
2565+
type: string
25142566
seLinuxOptions:
25152567
description: |-
25162568
The SELinux context to be applied to all containers.
@@ -3974,6 +4026,32 @@ spec:
39744026
Note that this field cannot be set when spec.os.name is windows.
39754027
format: int64
39764028
type: integer
4029+
seLinuxChangePolicy:
4030+
description: |-
4031+
seLinuxChangePolicy defines how the container's SELinux label is applied to all volumes used by the Pod.
4032+
It has no effect on nodes that do not support SELinux or to volumes does not support SELinux.
4033+
Valid values are "MountOption" and "Recursive".
4034+
4035+
"Recursive" means relabeling of all files on all Pod volumes by the container runtime.
4036+
This may be slow for large volumes, but allows mixing privileged and unprivileged Pods sharing the same volume on the same node.
4037+
4038+
"MountOption" mounts all eligible Pod volumes with `-o context` mount option.
4039+
This requires all Pods that share the same volume to use the same SELinux label.
4040+
It is not possible to share the same volume among privileged and unprivileged Pods.
4041+
Eligible volumes are in-tree FibreChannel and iSCSI volumes, and all CSI volumes
4042+
whose CSI driver announces SELinux support by setting spec.seLinuxMount: true in their
4043+
CSIDriver instance. Other volumes are always re-labelled recursively.
4044+
"MountOption" value is allowed only when SELinuxMount feature gate is enabled.
4045+
4046+
If not specified and SELinuxMount feature gate is enabled, "MountOption" is used.
4047+
If not specified and SELinuxMount feature gate is disabled, "MountOption" is used for ReadWriteOncePod volumes
4048+
and "Recursive" for all other volumes.
4049+
4050+
This field affects only Pods that have SELinux label set, either in PodSecurityContext or in SecurityContext of all containers.
4051+
4052+
All Pods that use the same volume should use the same seLinuxChangePolicy, otherwise some pods can get stuck in ContainerCreating state.
4053+
Note that this field cannot be set when spec.os.name is windows.
4054+
type: string
39774055
seLinuxOptions:
39784056
description: |-
39794057
The SELinux context to be applied to all containers.
@@ -5230,6 +5308,32 @@ spec:
52305308
Note that this field cannot be set when spec.os.name is windows.
52315309
format: int64
52325310
type: integer
5311+
seLinuxChangePolicy:
5312+
description: |-
5313+
seLinuxChangePolicy defines how the container's SELinux label is applied to all volumes used by the Pod.
5314+
It has no effect on nodes that do not support SELinux or to volumes does not support SELinux.
5315+
Valid values are "MountOption" and "Recursive".
5316+
5317+
"Recursive" means relabeling of all files on all Pod volumes by the container runtime.
5318+
This may be slow for large volumes, but allows mixing privileged and unprivileged Pods sharing the same volume on the same node.
5319+
5320+
"MountOption" mounts all eligible Pod volumes with `-o context` mount option.
5321+
This requires all Pods that share the same volume to use the same SELinux label.
5322+
It is not possible to share the same volume among privileged and unprivileged Pods.
5323+
Eligible volumes are in-tree FibreChannel and iSCSI volumes, and all CSI volumes
5324+
whose CSI driver announces SELinux support by setting spec.seLinuxMount: true in their
5325+
CSIDriver instance. Other volumes are always re-labelled recursively.
5326+
"MountOption" value is allowed only when SELinuxMount feature gate is enabled.
5327+
5328+
If not specified and SELinuxMount feature gate is enabled, "MountOption" is used.
5329+
If not specified and SELinuxMount feature gate is disabled, "MountOption" is used for ReadWriteOncePod volumes
5330+
and "Recursive" for all other volumes.
5331+
5332+
This field affects only Pods that have SELinux label set, either in PodSecurityContext or in SecurityContext of all containers.
5333+
5334+
All Pods that use the same volume should use the same seLinuxChangePolicy, otherwise some pods can get stuck in ContainerCreating state.
5335+
Note that this field cannot be set when spec.os.name is windows.
5336+
type: string
52335337
seLinuxOptions:
52345338
description: |-
52355339
The SELinux context to be applied to all containers.

bundle/manifests/volsync.clusterserviceversion.yaml

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -55,7 +55,7 @@ metadata:
5555
}
5656
]
5757
capabilities: Basic Install
58-
createdAt: "2025-02-05T12:57:48Z"
58+
createdAt: "2025-02-12T17:31:00Z"
5959
olm.skipRange: '>=0.4.0 <0.12.0'
6060
operators.operatorframework.io/builder: operator-sdk-v1.31.0
6161
operators.operatorframework.io/project_layout: go.kubebuilder.io/v3

0 commit comments

Comments
 (0)