[pull] main from kedacore:main#142
Closed
pull[bot] wants to merge 177 commits into
Closed
Conversation
Signed-off-by: Nikolay Rovdo <nichogaus@gmail.com>
* Add paths-filter action to PR validation workflow Signed-off-by: Rick Brouwer <rickbrouwer@gmail.com> * Update .github/workflows/pr-validation.yml Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com> Signed-off-by: Rick Brouwer <rickbrouwer@gmail.com> * Update .github/workflows/static-analysis-codeql.yml Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com> Signed-off-by: Rick Brouwer <rickbrouwer@gmail.com> * Update CodeQL workflow to handle push events Signed-off-by: Rick Brouwer <rickbrouwer@gmail.com> * restore codeql Signed-off-by: Rick Brouwer <rickbrouwer@gmail.com> --------- Signed-off-by: Rick Brouwer <rickbrouwer@gmail.com> Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
Signed-off-by: Rick Brouwer <rickbrouwer@gmail.com>
--------- Signed-off-by: Rick Brouwer <rickbrouwer@gmail.com>
Bump s390x node Signed-off-by: Jorge Turrado Ferrero <Jorge_turrado@hotmail.es>
* feat: Use informer cache for ReplicaSet replica count lookups GetCurrentReplicas() has special handling for Deployments and StatefulSets that uses the controller-runtime client (backed by informer cache) instead of the scale subresource API. This avoids live API calls on every poll. ReplicaSets were missing this optimization and always used the scale subresource, causing a live API call every polling interval. With many ScaledObjects targeting ReplicaSets, this creates significant API server load. This change adds ReplicaSet to the list of resource types that use the informer cache, reducing API calls for ReplicaSet-targeted ScaledObjects. Signed-off-by: Matt Sheppard <matt.sheppard@daily.co> * test: Add e2e test for ReplicaSet scaling Signed-off-by: Matt Sheppard <matt.sheppard@daily.co> * docs: Update CHANGELOG for PR 7466 Signed-off-by: Matt Sheppard <matt.sheppard@daily.co> * Add RBAC permissions and move helper to utils package - Add replicasets to ClusterRole for informer cache list/watch - Move WaitForReplicaSetReplicaReadyCount to tests/helper package - Update e2e test to use shared helper function Signed-off-by: Matt Sheppard <matt.sheppard@daily.co> * Move CHANGELOG message in to Other section Signed-off-by: Matt Sheppard <matt.sheppard@daily.co> --------- Signed-off-by: Matt Sheppard <matt.sheppard@daily.co>
Signed-off-by: Mohamed Amine Arous <mohamed.amine.arous93@gmail.com> Co-authored-by: Zbynek Roubalik <zroubalik@gmail.com>
Signed-off-by: Rick Brouwer <rickbrouwer@gmail.com>
| datasource | package | from | to | | ----------- | ----------------------- | ---- | -- | | github-tags | actions/upload-artifact | v6 | v7 | Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
| datasource | package | from | to | | ----------- | ---------------- | ------ | ------ | | github-tags | actions/setup-go | v6.2.0 | v6.3.0 | Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
* fix(gcp): validate Pub/Sub resource name in BuildMQLQuery Signed-off-by: Rick Brouwer <rickbrouwer@gmail.com> * add goog check Signed-off-by: Rick Brouwer <rickbrouwer@gmail.com> --------- Signed-off-by: Rick Brouwer <rickbrouwer@gmail.com>
The badge href pointed to the API badge image endpoint (api.scorecard.dev/projects/.../badge) which returns a 302 redirect to shields.io, instead of linking to the actual scorecard viewer page. Signed-off-by: Artem Muterko <artem@sopho.tech> Co-authored-by: Claude Opus 4.6 <noreply@anthropic.com>
) Bumps [aquasecurity/trivy-action](https://github.com/aquasecurity/trivy-action) from 0.32.0 to 0.34.1. - [Release notes](https://github.com/aquasecurity/trivy-action/releases) - [Commits](aquasecurity/trivy-action@dc5a429...e368e32) --- updated-dependencies: - dependency-name: aquasecurity/trivy-action dependency-version: 0.34.1 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps [helm/kind-action](https://github.com/helm/kind-action) from 1.13.0 to 1.14.0. - [Release notes](https://github.com/helm/kind-action/releases) - [Commits](helm/kind-action@92086f6...ef37e7f) --- updated-dependencies: - dependency-name: helm/kind-action dependency-version: 1.14.0 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
…7512) Bumps [go.opentelemetry.io/otel/sdk](https://github.com/open-telemetry/opentelemetry-go) from 1.39.0 to 1.40.0. - [Release notes](https://github.com/open-telemetry/opentelemetry-go/releases) - [Changelog](https://github.com/open-telemetry/opentelemetry-go/blob/main/CHANGELOG.md) - [Commits](open-telemetry/opentelemetry-go@v1.39.0...v1.40.0) --- updated-dependencies: - dependency-name: go.opentelemetry.io/otel/sdk dependency-version: 1.40.0 dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 4.32.0 to 4.32.4. - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](github/codeql-action@b20883b...89a39a4) --- updated-dependencies: - dependency-name: github/codeql-action dependency-version: 4.32.4 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps [filippo.io/edwards25519](https://github.com/FiloSottile/edwards25519) from 1.1.0 to 1.1.1. - [Commits](FiloSottile/edwards25519@v1.1.0...v1.1.1) --- updated-dependencies: - dependency-name: filippo.io/edwards25519 dependency-version: 1.1.1 dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* chore(deps): replace retracted k8s.io/client-go v1.5.2 with v0.35.0 v1.5.2 is a pre-Go-modules tag retracted upstream, see https://github.com/kubernetes/client-go/blob/32a6ebfbede364be10a92117004afe77f3957a3f/go.mod#L38-L39 The replace directive masked this locally, but replace directives don't propagate to consumers like the HTTP Add-on, so Go would select v1.5.2 over v0.x in downstream modules. Also removes an unused replace directive for github.com/chzyer/logex. Signed-off-by: Vincent Link <vlink@redhat.com> * chore(deps): replace retracted prometheus/common and prometheus versions Both prometheus/common v1.20.99 and prometheus/prometheus v1.99.0 are retracted upstream. Like the client-go v1.5.2 fix, the replace directives masked these locally but they poison downstream consumers via MVS. Signed-off-by: Vincent Link <vlink@redhat.com> --------- Signed-off-by: Vincent Link <vlink@redhat.com> Co-authored-by: Rick Brouwer <rickbrouwer@gmail.com>
Signed-off-by: Rick Brouwer <rickbrouwer@gmail.com>
…brancz/kube-rbac-proxy:v0.18.2 (#7531) Signed-off-by: Jan Wozniak <wozniak.jan@gmail.com>
Bumps [github.com/aws/aws-sdk-go-v2/service/dynamodb](https://github.com/aws/aws-sdk-go-v2) from 1.54.0 to 1.56.0. - [Release notes](https://github.com/aws/aws-sdk-go-v2/releases) - [Commits](aws/aws-sdk-go-v2@service/s3/v1.54.0...service/s3/v1.56.0) --- updated-dependencies: - dependency-name: github.com/aws/aws-sdk-go-v2/service/dynamodb dependency-version: 1.56.0 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps [go.opentelemetry.io/otel](https://github.com/open-telemetry/opentelemetry-go) from 1.39.0 to 1.40.0. - [Release notes](https://github.com/open-telemetry/opentelemetry-go/releases) - [Changelog](https://github.com/open-telemetry/opentelemetry-go/blob/main/CHANGELOG.md) - [Commits](open-telemetry/opentelemetry-go@v1.39.0...v1.40.0) --- updated-dependencies: - dependency-name: go.opentelemetry.io/otel dependency-version: 1.40.0 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps [fossas/fossa-action](https://github.com/fossas/fossa-action) from 1.7.0 to 1.8.0. - [Release notes](https://github.com/fossas/fossa-action/releases) - [Commits](fossas/fossa-action@3ebcea1...c414b9a) --- updated-dependencies: - dependency-name: fossas/fossa-action dependency-version: 1.8.0 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Rick Brouwer <rickbrouwer@gmail.com>
Bumps [go.opentelemetry.io/otel/sdk/metric](https://github.com/open-telemetry/opentelemetry-go) from 1.39.0 to 1.40.0. - [Release notes](https://github.com/open-telemetry/opentelemetry-go/releases) - [Changelog](https://github.com/open-telemetry/opentelemetry-go/blob/main/CHANGELOG.md) - [Commits](open-telemetry/opentelemetry-go@v1.39.0...v1.40.0) --- updated-dependencies: - dependency-name: go.opentelemetry.io/otel/sdk/metric dependency-version: 1.40.0 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
#7508) Bumps [github.com/aws/aws-sdk-go-v2/service/dynamodbstreams](https://github.com/aws/aws-sdk-go-v2) from 1.32.10 to 1.32.11. - [Release notes](https://github.com/aws/aws-sdk-go-v2/releases) - [Commits](aws/aws-sdk-go-v2@config/v1.32.10...service/mgn/v1.32.11) --- updated-dependencies: - dependency-name: github.com/aws/aws-sdk-go-v2/service/dynamodbstreams dependency-version: 1.32.11 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
…ic values (#7534) * fix: avoid int64 overflow in milli-quantity conversion for large metric values Values exceeding ~9.2e15 caused int64 overflow when multiplied by 1000 in GetMetricTargetMili() and GenerateMetricInMili(), resulting in metrics being reported as zero. Use resource.MustParse with string formatting instead to handle arbitrarily large float64 values. Signed-off-by: Munem Hashmi <munem.hashmi@gmail.com> * fix: handle NaN and Inf values to prevent panic in milli-quantity conversion MustParse panics on "NaN" or "+Inf" strings. Add a guard in quantityFromFloat64 that treats NaN/Inf as zero, preventing operator crashes from malformed metric API responses. Signed-off-by: Munem Hashmi <munem.hashmi@gmail.com> * test: simplify TestGetMetricTargetMili by removing unnecessary metricType variation The metric type only affects which struct field receives the quantity, not the conversion logic. Use a single metric type to keep the test focused on value conversion. Signed-off-by: Munem Hashmi <munem.hashmi@gmail.com> --------- Signed-off-by: Munem Hashmi <munem.hashmi@gmail.com>
* feat: add CRD-level validation markers for KEDA API types Add kubebuilder validation markers (Minimum, MinLength, MinItems, Enum) across ScaledObject, ScaledJob, ScaleTriggers, and TriggerAuthentication API types so that invalid values are rejected by the API server at admission time, before any webhook or controller runs. Validations added: - Minimum=0/1 on numeric fields (polling intervals, replica counts, cooldown periods, history limits, fallback thresholds) - MinItems=1 on Triggers arrays and secret provider Secrets arrays - MinLength=1 on ScaleTriggers.Type and ScaleTarget.Name - Enum constraints on RolloutStrategy, ScalingStrategy, Rollout, AuthenticationRef.Kind, VaultAuthentication, and VaultSecretType Also fixes several typos in comments. Signed-off-by: Mikhail Fedosin <mfedosin@redhat.com> * chore: address review comments Signed-off-by: Mikhail Fedosin <mfedosin@redhat.com> --------- Signed-off-by: Mikhail Fedosin <mfedosin@redhat.com>
… scaledObject (#7490) Signed-off-by: Mathis Raguin <mathis.raguin@gitguardian.com>
The events e2e test asserted events at fixed positions in a list sorted by .metadata.creationTimestamp. KEDA emits several events for a single ScaledObject/ScaledJob within the same second, and events.k8s.io creationTimestamp only has 1s granularity, so same-second events sort non-deterministically. After #7781 migrated event recording to events.k8s.io, "Started scalers watch" [1] and "ScaledJob is ready for scaling" [2] started swapping positions, failing the test every night. Match the expected reason/note pair against any event emitted for the resource instead of a fixed index, removing the ordering dependency. Signed-off-by: Jan Wozniak <wozniak.jan@gmail.com>
Signed-off-by: Jan Wozniak <wozniak.jan@gmail.com>
Signed-off-by: Puneet Dixit <236133619+puneetdixit200@users.noreply.github.com> Signed-off-by: Rick Brouwer <rickbrouwer@gmail.com> Co-authored-by: Puneet Dixit <236133619+puneetdixit200@users.noreply.github.com> Co-authored-by: Rick Brouwer <rickbrouwer@gmail.com> Co-authored-by: Deepak kudi <deepakkudi23@adsl-172-10-9-116.dsl.sndg02.sbcglobal.net>
…ration (#7808) #7755 added TestGetScaledObjectStateRecordsResourceScalerActiveMetric and TestGetScaledObjectStateSkipsResourceScalerActiveMetricWithModifiers using record.NewFakeRecorder. In the meantime #7781 migrated this file to the events recorder and dropped the k8s.io/client-go/tools/record import, so the merged result fails to compile with "undefined: record", breaking the unit-test build and Static Checks on main. Use events.NewFakeRecorder, matching the rest of the file and the events.EventRecorder type of the Recorder/recorder fields. Signed-off-by: Jan Wozniak <wozniak.jan@gmail.com>
WaitForAllPodRunningInNamespace(namespace, iterations, intervalSeconds) was called with minReplicaCount (1) as iterations and 180 as the interval, so it checked pod status once immediately after resource creation, slept 180s, and returned false without ever re-checking. The initial readiness assertion then failed whenever the nginx pod was not already Running in that single instant, turning the nightly e2e red regardless of scaler behavior. Swap to 18 iterations x 10s so it actually polls for ~3 minutes, as the message intends. Signed-off-by: Jan Wozniak <wozniak.jan@gmail.com>
Signed-off-by: Jan Wozniak <wozniak.jan@gmail.com>
- CHANGELOG: rename Unreleased -> v2.20.0, add a fresh empty Unreleased section, and drop the leftover TODO placeholders from the released section - Bump supported Kubernetes versions to 1.33-1.35 (welcome message) - Add 2.20.0 to the bug report template version dropdown Signed-off-by: Jan Wozniak <wozniak.jan@gmail.com>
Move v2.20 from upcoming estimations to previous releases (Jun 1st, 2026) and add v2.23 to keep the rolling 3-release window. Signed-off-by: Jan Wozniak <wozniak.jan@gmail.com>
…7809) Setup and teardown short-circuit run-all.go with os.Exit(1) before evaluateExecution runs, so dumpResults never writes passed.txt/failed.txt. On such failures the PR e2e comment showed no detail at all (only the reaction emoji), forcing maintainers into the raw logs to learn that the cluster never bootstrapped or that cleanup leaked resources. run-all.go now writes setup_and_teardown.txt to E2E_RESULTS_DIR when the setup or teardown step fails, naming the step, its test file, and the failing sub-test(s) parsed from the output (e.g. "setup failed (tests/utils/setup_test.go): TestSetUpStrimzi"). It is written explicitly before each early os.Exit (os.Exit skips deferred dumps) and only on failure, so its existence signals a setup/teardown failure. The runner stays output-format agnostic; rendering lives in the workflow. pr-e2e.yml renders a separate, expanded "setup / teardown failures" block (with a headline) only when setup_and_teardown.txt is non-empty, above the existing passed/failed blocks, and posts the comment when any of the three files is present. The passed/failed blocks stay single-purpose. Signed-off-by: Jan Wozniak <wozniak.jan@gmail.com>
Signed-off-by: Jan Wozniak <wozniak.jan@gmail.com>
* make scale-in tolerant of orphan runners * decouple scaling assertions from GitHub job execution Signed-off-by: Jan Wozniak <wozniak.jan@gmail.com>
* fix: concurrent map read/write data race in fallback updateStatus using mutex Signed-off-by: Jiyu Chen <jiyuchen@stripe.com> * fix: fallback logic to be thread safe through fallback.ScaledObjectHandler Signed-off-by: Jan Wozniak <wozniak.jan@gmail.com> --------- Signed-off-by: Jiyu Chen <jiyuchen@stripe.com> Signed-off-by: Jan Wozniak <wozniak.jan@gmail.com> Co-authored-by: Jan Wozniak <wozniak.jan@gmail.com>
| datasource | package | from | to | | ----------- | ---------------- | ------ | ------ | | github-tags | actions/checkout | v6.0.2 | v6.0.3 | Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
The vendor directory used 200+ MB and provided no meaningful benefit: go.sum ensures reproducibility, proxy.golang.org ensures availability, and vendoring bloated the repo and dependency update diffs. Changes: - Remove vendor/ directory - Remove -mod=vendor from build commands and -I vendor from protoc - Update Dockerfiles to cache and download dependencies - Update hack/update-codegen.sh to resolve code-generator via module cache - Remove vendor-related config from .golangci.yml, .pre-commit-config.yaml, .gitignore, and trivy.yml - Remove now-empty trivy.yml and its workflow reference Signed-off-by: Vincent Link <vlink@redhat.com>
Introduce new ClickHouse Scaler for scaling based on SQL query results. The scaler supports both connection string and individual connection parameters, with authentication via TriggerAuthentication. Refs: #7418 Refs: kedacore/keda-docs#1788 Refs: #7404 Signed-off-by: Izaak Schroeder <izaak.schroeder@gmail.com>
) * fix: add "default" to ScaledJob scalingStrategy.strategy CRD enum The CRD validation for ScaledJob.spec.scalingStrategy.strategy was missing "default" as a valid value, despite the docs listing it as valid. The runtime already handles empty/"default" via the switch default case; this aligns the CRD enum to match the documented behavior. Fixes #7855 Signed-off-by: Goutham Annem <gouthemannem@gmail.com> * Apply suggestions from code review Co-authored-by: Copilot Autofix powered by AI <175728472+Copilot@users.noreply.github.com> Signed-off-by: Jan Wozniak <wozniak.jan@gmail.com> --------- Signed-off-by: Goutham Annem <gouthemannem@gmail.com> Signed-off-by: Jan Wozniak <wozniak.jan@gmail.com> Co-authored-by: Jan Wozniak <wozniak.jan@gmail.com> Co-authored-by: Copilot Autofix powered by AI <175728472+Copilot@users.noreply.github.com>
Signed-off-by: s3onghyun <s3onghyun.hong@gmail.com>
WithConnectParams replaces grpc-go's default backoff with the supplied Backoff field; leaving it unset zeroed the backoff and caused a zero-delay reconnect loop that floods the metrics-apiserver logs when keda-operator is unreachable. Set Backoff to grpc's DefaultConfig. Signed-off-by: Chris Kandalaft <chris.kandalaft@affinity.co> Signed-off-by: Jan Wozniak <wozniak.jan@gmail.com> Co-authored-by: Jan Wozniak <wozniak.jan@gmail.com>
…7661) When the informer cache races with ScaledObject creation, scaledObject.Status.ScaleTargetGVKR can be nil at the point the scale loop invokes GetCurrentReplicas. The current code then dereferences .Group / .Kind on a nil pointer and panics, taking down the operator. This applies the same defensive pattern already used in ResolveScaleTargetPodSpec: re-fetch the ScaledObject via the client when Status.ScaleTargetGVKR is nil, and if it is still nil after re-fetch, return a descriptive error instead of panicking. Observed in a 10k-ScaledObject KWOK load test where kube-burner created ScaledObjects at 10/s; the cache-race window opened wide enough that the panic fired reliably within the first 750 objects. Refs: #4389, #4955, #6176 Signed-off-by: Greg Garber <ggarb@netflix.com> Signed-off-by: Rick Brouwer <rickbrouwer@gmail.com> Signed-off-by: Zbynek Roubalik <zroubalik@gmail.com> Co-authored-by: Rick Brouwer <rickbrouwer@gmail.com> Co-authored-by: Zbynek Roubalik <zroubalik@gmail.com>
* Add e2e coverage for paused annotation precedence Signed-off-by: Ali Aqel <aliaqel@stripe.com> * Add inverse paused annotation precedence e2e coverage Signed-off-by: Ali Aqel <aliaqel@stripe.com> * Add paused scale-out precedence e2e coverage Signed-off-by: Ali Aqel <aliaqel@stripe.com> * Include HPA deletion error in e2e assertion Signed-off-by: Ali Aqel <aliaqel@stripe.com> --------- Signed-off-by: Ali Aqel <aliaqel@stripe.com>
| datasource | package | from | to | | ----------- | -------------------- | ------ | ------ | | github-tags | actions/cache | v5.0.5 | v5.1.0 | | github-tags | actions/setup-go | v6.4.0 | v6.5.0 | | github-tags | actions/setup-python | v6.2.0 | v6.3.0 | Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
| datasource | package | from | to | | ----------- | ---------------- | ------ | ------ | | github-tags | actions/cache | v5.1.0 | v6.1.0 | | github-tags | actions/checkout | v6.0.3 | v7.0.0 | Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Add nil guards for CustomScalingQueueLengthDeduction (*int32) and CustomScalingRunningJobPercentage (*float64) in customScalingStrategy.GetEffectiveMaxScale. The CustomScalingQueueLengthDeduction field is declared with omitempty in the CRD spec, so it is nil whenever a ScaledJob is created without setting it. Previously the method unconditionally dereferenced the pointer, causing the controller goroutine to panic with a nil pointer dereference and interrupting the ScaledJob reconciliation loop. A nil deduction is now treated as zero, consistent with how the running job percentage is handled. A regression test is added that exercises both the direct struct path and the NewScalingStrategy factory path with the deduction omitted. Fixes #7798 Signed-off-by: itxaiohanglover <1531137510@qq.com>
… updates (#7884) Bumps the github-actions group with 12 updates in the / directory: | Package | From | To | | --- | --- | --- | | [sigstore/cosign-installer](https://github.com/sigstore/cosign-installer) | `4.1.1` | `4.1.2` | | [docker/login-action](https://github.com/docker/login-action) | `4.1.0` | `4.2.0` | | [docker/setup-buildx-action](https://github.com/docker/setup-buildx-action) | `4.0.0` | `4.1.0` | | [tspascoal/get-user-teams-membership](https://github.com/tspascoal/get-user-teams-membership) | `4.0.1` | `4.0.2` | | [dkershner6/reaction-action](https://github.com/dkershner6/reaction-action) | `2.2.1` | `3.0.0` | | [test-summary/action](https://github.com/test-summary/action) | `2.4` | `2.6` | | [softprops/action-gh-release](https://github.com/softprops/action-gh-release) | `2.6.1` | `3.0.1` | | [github/codeql-action/upload-sarif](https://github.com/github/codeql-action) | `4.35.1` | `4.36.2` | | [github/codeql-action/init](https://github.com/github/codeql-action) | `4.35.1` | `4.36.2` | | [github/codeql-action/autobuild](https://github.com/github/codeql-action) | `4.35.1` | `4.36.2` | | [github/codeql-action/analyze](https://github.com/github/codeql-action) | `4.35.1` | `4.36.2` | | [aquasecurity/trivy-action](https://github.com/aquasecurity/trivy-action) | `0.35.0` | `0.36.0` | Updates `sigstore/cosign-installer` from 4.1.1 to 4.1.2 - [Release notes](https://github.com/sigstore/cosign-installer/releases) - [Commits](sigstore/cosign-installer@cad07c2...6f9f177) Updates `docker/login-action` from 4.1.0 to 4.2.0 - [Release notes](https://github.com/docker/login-action/releases) - [Commits](docker/login-action@4907a6d...650006c) Updates `docker/setup-buildx-action` from 4.0.0 to 4.1.0 - [Release notes](https://github.com/docker/setup-buildx-action/releases) - [Commits](docker/setup-buildx-action@4d04d5d...d7f5e7f) Updates `tspascoal/get-user-teams-membership` from 4.0.1 to 4.0.2 - [Release notes](https://github.com/tspascoal/get-user-teams-membership/releases) - [Commits](tspascoal/get-user-teams-membership@818140d...b2546c5) Updates `dkershner6/reaction-action` from 2.2.1 to 3.0.0 - [Release notes](https://github.com/dkershner6/reaction-action/releases) - [Commits](dkershner6/reaction-action@97ede30...7aa8978) Updates `test-summary/action` from 2.4 to 2.6 - [Release notes](https://github.com/test-summary/action/releases) - [Commits](test-summary/action@31493c7...37b508c) Updates `softprops/action-gh-release` from 2.6.1 to 3.0.1 - [Release notes](https://github.com/softprops/action-gh-release/releases) - [Changelog](https://github.com/softprops/action-gh-release/blob/master/CHANGELOG.md) - [Commits](softprops/action-gh-release@153bb8e...718ea10) Updates `github/codeql-action/upload-sarif` from 4.35.1 to 4.36.2 - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](github/codeql-action@c10b806...8aad20d) Updates `github/codeql-action/init` from 4.35.1 to 4.36.2 - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](github/codeql-action@c10b806...8aad20d) Updates `github/codeql-action/autobuild` from 4.35.1 to 4.36.2 - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](github/codeql-action@c10b806...8aad20d) Updates `github/codeql-action/analyze` from 4.35.1 to 4.36.2 - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](github/codeql-action@c10b806...8aad20d) Updates `aquasecurity/trivy-action` from 0.35.0 to 0.36.0 - [Release notes](https://github.com/aquasecurity/trivy-action/releases) - [Commits](aquasecurity/trivy-action@57a97c7...ed142fd) --- updated-dependencies: - dependency-name: sigstore/cosign-installer dependency-version: 4.1.2 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: github-actions - dependency-name: docker/login-action dependency-version: 4.2.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: github-actions - dependency-name: docker/setup-buildx-action dependency-version: 4.1.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: github-actions - dependency-name: tspascoal/get-user-teams-membership dependency-version: 4.0.2 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: github-actions - dependency-name: dkershner6/reaction-action dependency-version: 3.0.0 dependency-type: direct:production update-type: version-update:semver-major dependency-group: github-actions - dependency-name: test-summary/action dependency-version: '2.6' dependency-type: direct:production update-type: version-update:semver-minor dependency-group: github-actions - dependency-name: softprops/action-gh-release dependency-version: 3.0.1 dependency-type: direct:production update-type: version-update:semver-major dependency-group: github-actions - dependency-name: github/codeql-action/upload-sarif dependency-version: 4.36.2 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: github-actions - dependency-name: github/codeql-action/init dependency-version: 4.36.2 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: github-actions - dependency-name: github/codeql-action/autobuild dependency-version: 4.36.2 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: github-actions - dependency-name: github/codeql-action/analyze dependency-version: 4.36.2 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: github-actions - dependency-name: aquasecurity/trivy-action dependency-version: 0.36.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: github-actions ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* fix: bump prometheus lib to fix CVE-2026-42151, CVE-2026-42154, CVE-2026-40179 Signed-off-by: Ronaldo Lanhellas <ronaldo.lanhellas@gmail.com> * fix: bump prometheus lib to fix CVE-2026-42151, CVE-2026-42154, CVE-2026-40179 Signed-off-by: Ronaldo Lanhellas <ronaldo.lanhellas@gmail.com> * fix: bump prometheus lib to fix CVE-2026-42151, CVE-2026-42154, CVE-2026-40179 Signed-off-by: Ronaldo Lanhellas <ronaldo.lanhellas@gmail.com> * fix: bump prometheus lib to fix CVE-2026-42151, CVE-2026-42154, CVE-2026-40179 Signed-off-by: Ronaldo Lanhellas <ronaldo.lanhellas@gmail.com> --------- Signed-off-by: Ronaldo Lanhellas <ronaldo.lanhellas@gmail.com> Signed-off-by: Rick Brouwer <rickbrouwer@gmail.com> Co-authored-by: Rick Brouwer <rickbrouwer@gmail.com>
…#7876) Azure Storage blob names never include a leading "/", but users naturally write path-style patterns like "/folder/sub/*.json". The gobwas/glob library treats a leading "/" in the pattern literally, so such patterns never matched any blob and the scaler silently never activated, regardless of single or double asterisk usage. Strip a leading "/" from the pattern before compiling it. Fixes #6492 Signed-off-by: Goutham Annem <gouthemannem@gmail.com>
…N) admission cost (#7681) verifyScaledObjects and verifyHpas each performed an unfiltered kc.List over every ScaledObject (or HPA) in the namespace on every admission. Because controller-runtime's cached client DeepCopies every returned item, this allocated O(N) memory per admission. A heap profile during a 10k SO creation burst showed verifyScaledObjects at 71% of inuse heap (106 MB). At 60k SOs the unfiltered List allocated ~900 MB per admission, OOMKilling the webhook under sustained creation bursts. Register three controller-runtime field indexes in SetupWebhookWithManager: scaleTargetRefNameIdx (spec.scaleTargetRef.name) on ScaledObject hpaNameIdx (spec.hpaName) on ScaledObject scaleTargetRefNameIdx (spec.scaleTargetRef.name) on HPA verifyScaledObjects now issues two narrow indexed Lists — one for duplicate scaleTargetRef and one for duplicate HPA name — each returning the small set of candidates that share the indexed value. The loop still post-filters by GVK so two SOs targeting the same workload name with different Kinds (e.g. Deployment foo and StatefulSet foo) are not flagged as duplicates. verifyHpas uses the same HPA index to narrow HPA-ownership checks. Adds a Ginkgo test covering the same-name-different-Kind case to guard against a false-positive regression on the indexed lookup. Signed-off-by: Greg Garber <ggarb@netflix.com> Co-authored-by: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
* feat(kafka): add optional fullMetadata trigger field Signed-off-by: Hanoch Arega <arega.hanoch@gmail.com> * feat(scalers): add fullMetadata field to schema Signed-off-by: Hanoch Arega <arega.hanoch@gmail.com> * fix(kafka): Improve error logging per review Signed-off-by: Hanoch Arega <arega.hanoch@gmail.com> --------- Signed-off-by: Hanoch Arega <arega.hanoch@gmail.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
See Commits and Changes for more details.
Created by
pull[bot] (v2.0.0-alpha.4)
Can you help keep this open source service alive? 💖 Please sponsor : )