From 6fd4d4b15c9847a475613ec5cecc5bee6b965dcc Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Sun, 28 Sep 2025 16:48:33 +0200 Subject: [PATCH] chore(deps): renovate 2025-09-28 chore(deps): update dependency grafana/grafana-operator to v5.19.4 (#368) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> chore(deps): update dependency unpoller/unpoller to v2.15.4 (#380) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> chore(deps): update github actions (#369) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Co-authored-by: Vegard Stenhjem Hagen chore(deps): update helm release kube-prometheus-stack to v75.18.1 (#370) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> chore(deps): update terraform google to ~> 6.50.0 (#372) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> chore(deps): update netbird (#373) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> chore(deps): update sealed-secrets docker tag to v2.5.19 (#374) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> chore(deps): update cloudflare/cloudflared docker tag to v2025.9.1 (#375) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> chore(deps): update cilium (#379) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> chore(deps): update media containers (#377) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> chore(deps): update docker.io/adguard/adguardhome docker tag to v0.107.66 (#381) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> chore(deps): update docker.io/lldap/lldap docker tag to v0.6.2 (#382) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> chore(deps): update ghcr.io/authelia/authelia docker tag to v4.39.10 (#383) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> chore(deps): update helm release authelia to v0.10.46 (#384) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> chore(deps): update helm release node-feature-discovery to v0.17.4 (#385) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> chore(deps): update proxmox-csi-plugin docker tag to v0.3.14 (#386) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> chore(deps): update dependency kubernetes/kubernetes to v1.34.1 (#387) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> chore(deps): update dependency siderolabs/talos to v1.11.2 (#388) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> chore(deps): update docker.io/grafana/grafana docker tag to v12.2.0 (#389) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> chore(deps): update ghcr.io/advplyr/audiobookshelf docker tag to v2.29.0 (#390) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> chore(deps): update helm release argo-cd to v8.5.7 (#391) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> chore(deps): update helm release cloudnative-pg to v0.26.0 (#392) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> chore(deps): update intel device plugins to v0.34.0 (#393) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> chore(deps): update registry.k8s.io/git-sync/git-sync docker tag to v4.5.0 (#394) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> chore(deps): update terraform proxmox to v0.84.0 (#395) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> chore(deps): update terraform talos to v0.9.0 (#396) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> chore(deps): update actions/checkout action to v5 (#397) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> chore(deps): update ghcr.io/home-operations/radarr docker tag to v6 (#398) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> chore(deps): update helm release kube-prometheus-stack to v77 (#399) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> chore(deps): update terraform google to v7 (#400) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Signed-off-by: Vegard Hagen --- .github/workflows/build-devcontainer.yaml | 4 ++-- .github/workflows/tofu-format.yaml | 2 +- k8s/apps/media/arr/lidarr/deployment.yaml | 2 +- k8s/apps/media/arr/prowlarr/deployment.yaml | 2 +- k8s/apps/media/arr/radarr/deployment.yaml | 2 +- k8s/apps/media/audiobookshelf/deployment.yaml | 2 +- k8s/apps/media/plex/deployment.yaml | 2 +- k8s/apps/utils/torrent/deployment.yaml | 2 +- k8s/apps/utils/unpoller/deployment.yaml | 2 +- k8s/infra/auth/authelia/kustomization.yaml | 2 +- k8s/infra/auth/authelia/values.yaml | 2 +- k8s/infra/auth/lldap/deployment.yaml | 2 +- k8s/infra/controllers/argocd/kustomization.yaml | 2 +- .../controllers/intel-device-plugins/gpu/kustomization.yaml | 2 +- .../intel-device-plugins/operator/kustomization.yaml | 2 +- .../controllers/node-feature-discovery/kustomization.yaml | 4 ++-- k8s/infra/controllers/sealed-secrets/kustomization.yaml | 2 +- k8s/infra/database/cnpg/kustomization.yaml | 2 +- k8s/infra/monitoring/grafana/grafana.yaml | 2 +- k8s/infra/monitoring/grafana/kustomization.yaml | 2 +- k8s/infra/monitoring/kube-prometheus-stack/kustomization.yaml | 2 +- k8s/infra/network/cilium/kustomization.yaml | 2 +- k8s/infra/network/cloudflared/daemon-set.yaml | 2 +- k8s/infra/network/dns/adguard/deployment.yaml | 2 +- k8s/infra/storage/proxmox-csi/kustomization.yaml | 2 +- k8s/infra/vpn/netbird/agent/daemon-set.yaml | 2 +- k8s/infra/vpn/netbird/dashboard/deployment.yaml | 2 +- k8s/infra/vpn/netbird/management/deployment.yaml | 2 +- k8s/infra/vpn/netbird/relay/deployment.yaml | 2 +- k8s/infra/vpn/netbird/signal/deployment.yaml | 2 +- tofu/home-assistant/main.tofu | 2 +- tofu/kubernetes/providers.tofu | 4 ++-- tofu/kubernetes/talos/inline-manifests/cilium-install.yaml | 4 ++-- tofu/kubernetes/talos_cluster.auto.tfvars | 2 +- tofu/kubernetes/talos_image.auto.tfvars | 2 +- tofu/state/gcs/providers.tofu | 2 +- tofu/state/providers.tofu | 2 +- 37 files changed, 41 insertions(+), 41 deletions(-) diff --git a/.github/workflows/build-devcontainer.yaml b/.github/workflows/build-devcontainer.yaml index bb0f2b9..a5aa831 100644 --- a/.github/workflows/build-devcontainer.yaml +++ b/.github/workflows/build-devcontainer.yaml @@ -18,7 +18,7 @@ jobs: steps: - name: Checkout - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 + uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 - name: Set up QEMU for multi-architecture builds uses: docker/setup-qemu-action@29109295f81e9208d7d86ff1c6c12d2833863392 #v3.6.0 @@ -27,7 +27,7 @@ jobs: uses: docker/setup-buildx-action@e468171a9de216ec08956ac3ada2f0791b6bd435 #v3.11.1 - name: Login to GitHub Container Registry - uses: docker/login-action@74a5d142397b4f367a81961eba4e8cd7edddf772 #v3.4.0 + uses: docker/login-action@184bdaa0721073962dff0199f1fb9940f07167d1 # v3.5.0 with: registry: ghcr.io username: ${{ github.repository_owner }} diff --git a/.github/workflows/tofu-format.yaml b/.github/workflows/tofu-format.yaml index d0adaac..3cb7f76 100644 --- a/.github/workflows/tofu-format.yaml +++ b/.github/workflows/tofu-format.yaml @@ -28,7 +28,7 @@ jobs: steps: - name: Checkout - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 + uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 - name: Tofu format run: tofu fmt -recursive -diff -check diff --git a/k8s/apps/media/arr/lidarr/deployment.yaml b/k8s/apps/media/arr/lidarr/deployment.yaml index 5f64156..15462ac 100644 --- a/k8s/apps/media/arr/lidarr/deployment.yaml +++ b/k8s/apps/media/arr/lidarr/deployment.yaml @@ -30,7 +30,7 @@ spec: type: RuntimeDefault containers: - name: lidarr - image: ghcr.io/home-operations/lidarr:2.13.1 # renovate: docker=ghcr.io/home-operations/lidarr + image: ghcr.io/home-operations/lidarr:2.14.3 # renovate: docker=ghcr.io/home-operations/lidarr securityContext: allowPrivilegeEscalation: false readOnlyRootFilesystem: true diff --git a/k8s/apps/media/arr/prowlarr/deployment.yaml b/k8s/apps/media/arr/prowlarr/deployment.yaml index 432c261..98a70e2 100644 --- a/k8s/apps/media/arr/prowlarr/deployment.yaml +++ b/k8s/apps/media/arr/prowlarr/deployment.yaml @@ -30,7 +30,7 @@ spec: type: RuntimeDefault containers: - name: prowlarr - image: ghcr.io/home-operations/prowlarr:2.0.2 # renovate: docker=ghcr.io/home-operations/prowlarr + image: ghcr.io/home-operations/prowlarr:2.1.2 # renovate: docker=ghcr.io/home-operations/prowlarr securityContext: allowPrivilegeEscalation: false readOnlyRootFilesystem: true diff --git a/k8s/apps/media/arr/radarr/deployment.yaml b/k8s/apps/media/arr/radarr/deployment.yaml index e0cd867..ad59ae6 100644 --- a/k8s/apps/media/arr/radarr/deployment.yaml +++ b/k8s/apps/media/arr/radarr/deployment.yaml @@ -30,7 +30,7 @@ spec: type: RuntimeDefault containers: - name: radarr - image: ghcr.io/home-operations/radarr:5.27.3 # renovate: docker=ghcr.io/home-operations/radarr + image: ghcr.io/home-operations/radarr:6.0.0 # renovate: docker=ghcr.io/home-operations/radarr securityContext: allowPrivilegeEscalation: false readOnlyRootFilesystem: true diff --git a/k8s/apps/media/audiobookshelf/deployment.yaml b/k8s/apps/media/audiobookshelf/deployment.yaml index 344bf0f..e5b685b 100644 --- a/k8s/apps/media/audiobookshelf/deployment.yaml +++ b/k8s/apps/media/audiobookshelf/deployment.yaml @@ -30,7 +30,7 @@ spec: type: RuntimeDefault containers: - name: audiobookshelf - image: ghcr.io/advplyr/audiobookshelf:2.27.0 # renovate: docker=ghcr.io/advplyr/audiobookshelf + image: ghcr.io/advplyr/audiobookshelf:2.29.0 # renovate: docker=ghcr.io/advplyr/audiobookshelf securityContext: allowPrivilegeEscalation: false readOnlyRootFilesystem: true diff --git a/k8s/apps/media/plex/deployment.yaml b/k8s/apps/media/plex/deployment.yaml index fca7707..eba3659 100644 --- a/k8s/apps/media/plex/deployment.yaml +++ b/k8s/apps/media/plex/deployment.yaml @@ -28,7 +28,7 @@ spec: type: RuntimeDefault containers: - name: plex - image: ghcr.io/home-operations/plex:1.41.9.9961 # renovate: docker=ghcr.io/home-operations/plex versioning=loose + image: ghcr.io/home-operations/plex:1.42.2.10156 # renovate: docker=ghcr.io/home-operations/plex versioning=loose securityContext: allowPrivilegeEscalation: false readOnlyRootFilesystem: true diff --git a/k8s/apps/utils/torrent/deployment.yaml b/k8s/apps/utils/torrent/deployment.yaml index be42e15..f07c32e 100644 --- a/k8s/apps/utils/torrent/deployment.yaml +++ b/k8s/apps/utils/torrent/deployment.yaml @@ -30,7 +30,7 @@ spec: type: RuntimeDefault containers: - name: git-sync-vuetorrent - image: registry.k8s.io/git-sync/git-sync:v4.4.2 # renovate: docker=registry.k8s.io/git-sync/git-sync + image: registry.k8s.io/git-sync/git-sync:v4.5.0 # renovate: docker=registry.k8s.io/git-sync/git-sync securityContext: allowPrivilegeEscalation: false readOnlyRootFilesystem: true diff --git a/k8s/apps/utils/unpoller/deployment.yaml b/k8s/apps/utils/unpoller/deployment.yaml index a7ae3d2..df8e04b 100644 --- a/k8s/apps/utils/unpoller/deployment.yaml +++ b/k8s/apps/utils/unpoller/deployment.yaml @@ -22,7 +22,7 @@ spec: type: RuntimeDefault containers: - name: unpoller - image: ghcr.io/unpoller/unpoller:v2.15.3 # renovate: github-releases=unpoller/unpoller + image: ghcr.io/unpoller/unpoller:v2.15.4 # renovate: github-releases=unpoller/unpoller securityContext: allowPrivilegeEscalation: false readOnlyRootFilesystem: true diff --git a/k8s/infra/auth/authelia/kustomization.yaml b/k8s/infra/auth/authelia/kustomization.yaml index 7f3ce71..e1856a3 100644 --- a/k8s/infra/auth/authelia/kustomization.yaml +++ b/k8s/infra/auth/authelia/kustomization.yaml @@ -27,7 +27,7 @@ helmCharts: repo: https://charts.authelia.com releaseName: authelia namespace: authelia - version: 0.10.41 + version: 0.10.46 valuesFile: values.yaml patches: diff --git a/k8s/infra/auth/authelia/values.yaml b/k8s/infra/auth/authelia/values.yaml index 5852345..8b2eb6c 100644 --- a/k8s/infra/auth/authelia/values.yaml +++ b/k8s/infra/auth/authelia/values.yaml @@ -2,7 +2,7 @@ image: registry: ghcr.io repository: authelia/authelia - tag: 4.39.5 # renovate: docker=ghcr.io/authelia/authelia + tag: 4.39.10 # renovate: docker=ghcr.io/authelia/authelia pullPolicy: IfNotPresent pod: diff --git a/k8s/infra/auth/lldap/deployment.yaml b/k8s/infra/auth/lldap/deployment.yaml index 2dec09b..192c8e1 100644 --- a/k8s/infra/auth/lldap/deployment.yaml +++ b/k8s/infra/auth/lldap/deployment.yaml @@ -25,7 +25,7 @@ spec: type: RuntimeDefault containers: - name: lldap - image: docker.io/lldap/lldap:v0.6.1-alpine-rootless # renovate: docker=docker.io/lldap/lldap + image: docker.io/lldap/lldap:v0.6.2-alpine-rootless # renovate: docker=docker.io/lldap/lldap securityContext: allowPrivilegeEscalation: false readOnlyRootFilesystem: true diff --git a/k8s/infra/controllers/argocd/kustomization.yaml b/k8s/infra/controllers/argocd/kustomization.yaml index 80c6826..7322621 100644 --- a/k8s/infra/controllers/argocd/kustomization.yaml +++ b/k8s/infra/controllers/argocd/kustomization.yaml @@ -20,7 +20,7 @@ resources: helmCharts: - name: argo-cd repo: https://argoproj.github.io/argo-helm - version: 8.2.5 + version: 8.5.7 releaseName: "argocd" namespace: argocd valuesFile: values.yaml diff --git a/k8s/infra/controllers/intel-device-plugins/gpu/kustomization.yaml b/k8s/infra/controllers/intel-device-plugins/gpu/kustomization.yaml index 20c63bf..bd971f4 100644 --- a/k8s/infra/controllers/intel-device-plugins/gpu/kustomization.yaml +++ b/k8s/infra/controllers/intel-device-plugins/gpu/kustomization.yaml @@ -4,7 +4,7 @@ kind: Kustomization helmCharts: - name: intel-device-plugins-gpu repo: https://intel.github.io/helm-charts/ - version: 0.32.1 + version: 0.34.0 namespace: intel-device-plugins releaseName: intel-device-plugins-gpu includeCRDs: true diff --git a/k8s/infra/controllers/intel-device-plugins/operator/kustomization.yaml b/k8s/infra/controllers/intel-device-plugins/operator/kustomization.yaml index 594fee0..6c62d05 100644 --- a/k8s/infra/controllers/intel-device-plugins/operator/kustomization.yaml +++ b/k8s/infra/controllers/intel-device-plugins/operator/kustomization.yaml @@ -4,7 +4,7 @@ kind: Kustomization helmCharts: - name: intel-device-plugins-operator repo: https://intel.github.io/helm-charts/ - version: 0.32.1 + version: 0.34.0 namespace: intel-device-plugins releaseName: intel-device-plugins-operator includeCRDs: true diff --git a/k8s/infra/controllers/node-feature-discovery/kustomization.yaml b/k8s/infra/controllers/node-feature-discovery/kustomization.yaml index 234f2cc..0d9928f 100644 --- a/k8s/infra/controllers/node-feature-discovery/kustomization.yaml +++ b/k8s/infra/controllers/node-feature-discovery/kustomization.yaml @@ -4,13 +4,13 @@ kind: Kustomization resources: - ns.yaml # NFD rules for Intel HW - - https://github.com/intel/intel-device-plugins-for-kubernetes/deployments/nfd/overlays/node-feature-rules?ref=v0.32.1 + - https://github.com/intel/intel-device-plugins-for-kubernetes/deployments/nfd/overlays/node-feature-rules?ref=v0.34.0 # https://kubernetes-sigs.github.io/node-feature-discovery/v0.16/deployment/helm.html helmCharts: - name: node-feature-discovery repo: https://kubernetes-sigs.github.io/node-feature-discovery/charts - version: 0.17.3 + version: 0.17.4 releaseName: nfd includeCRDs: true namespace: node-feature-discovery diff --git a/k8s/infra/controllers/sealed-secrets/kustomization.yaml b/k8s/infra/controllers/sealed-secrets/kustomization.yaml index a748380..1e6274e 100644 --- a/k8s/infra/controllers/sealed-secrets/kustomization.yaml +++ b/k8s/infra/controllers/sealed-secrets/kustomization.yaml @@ -4,7 +4,7 @@ kind: Kustomization helmCharts: - name: sealed-secrets repo: oci://registry-1.docker.io/bitnamicharts - version: 2.5.16 + version: 2.5.19 releaseName: sealed-secrets-controller namespace: sealed-secrets includeCRDs: true diff --git a/k8s/infra/database/cnpg/kustomization.yaml b/k8s/infra/database/cnpg/kustomization.yaml index c5fffac..b1fd7bb 100644 --- a/k8s/infra/database/cnpg/kustomization.yaml +++ b/k8s/infra/database/cnpg/kustomization.yaml @@ -11,5 +11,5 @@ helmCharts: releaseName: cnpg namespace: cnpg-system includeCRDs: true - version: 0.25.0 + version: 0.26.0 valuesFile: values.yaml diff --git a/k8s/infra/monitoring/grafana/grafana.yaml b/k8s/infra/monitoring/grafana/grafana.yaml index 124c473..d480e5c 100644 --- a/k8s/infra/monitoring/grafana/grafana.yaml +++ b/k8s/infra/monitoring/grafana/grafana.yaml @@ -33,7 +33,7 @@ spec: allow_assign_grafana_admin: "true" role_attribute_path: contains(grafana[*], 'grafana_admin') && 'GrafanaAdmin' || contains(grafana[*], 'admin') && 'Admin' || contains(grafana[*], 'editor') && 'Editor' || 'Viewer' auto_login: "true" - version: 12.1.0 # renovate: docker=docker.io/grafana/grafana + version: 12.2.0 # renovate: docker=docker.io/grafana/grafana deployment: spec: template: diff --git a/k8s/infra/monitoring/grafana/kustomization.yaml b/k8s/infra/monitoring/grafana/kustomization.yaml index 6f8e54f..2562150 100644 --- a/k8s/infra/monitoring/grafana/kustomization.yaml +++ b/k8s/infra/monitoring/grafana/kustomization.yaml @@ -16,6 +16,6 @@ helmCharts: repo: oci://ghcr.io/grafana/helm-charts includeCRDs: true namespace: grafana - version: v5.19.1 # renovate: github-releases=grafana/grafana-operator + version: v5.19.4 # renovate: github-releases=grafana/grafana-operator releaseName: grafana-operator valuesFile: ./values.yaml diff --git a/k8s/infra/monitoring/kube-prometheus-stack/kustomization.yaml b/k8s/infra/monitoring/kube-prometheus-stack/kustomization.yaml index f763b91..a7eb9bc 100644 --- a/k8s/infra/monitoring/kube-prometheus-stack/kustomization.yaml +++ b/k8s/infra/monitoring/kube-prometheus-stack/kustomization.yaml @@ -11,6 +11,6 @@ helmCharts: repo: https://prometheus-community.github.io/helm-charts includeCRDs: true namespace: monitoring - version: 75.15.1 + version: 77.12.0 releaseName: kube-prometheus-stack valuesFile: ./values.yaml diff --git a/k8s/infra/network/cilium/kustomization.yaml b/k8s/infra/network/cilium/kustomization.yaml index d5f9e24..d831251 100644 --- a/k8s/infra/network/cilium/kustomization.yaml +++ b/k8s/infra/network/cilium/kustomization.yaml @@ -10,7 +10,7 @@ resources: helmCharts: - name: cilium repo: https://helm.cilium.io - version: 1.18.0 # renovate: github-releases=cilium/cilium + version: 1.18.2 # renovate: github-releases=cilium/cilium releaseName: "cilium" includeCRDs: true namespace: kube-system diff --git a/k8s/infra/network/cloudflared/daemon-set.yaml b/k8s/infra/network/cloudflared/daemon-set.yaml index fdb7b43..11ab102 100644 --- a/k8s/infra/network/cloudflared/daemon-set.yaml +++ b/k8s/infra/network/cloudflared/daemon-set.yaml @@ -16,7 +16,7 @@ spec: spec: containers: - name: cloudflared - image: cloudflare/cloudflared:2025.7.0 # renovate: docker=cloudflare/cloudflared + image: cloudflare/cloudflared:2025.9.1 # renovate: docker=cloudflare/cloudflared imagePullPolicy: IfNotPresent args: - tunnel diff --git a/k8s/infra/network/dns/adguard/deployment.yaml b/k8s/infra/network/dns/adguard/deployment.yaml index 780c3bd..2b099b4 100644 --- a/k8s/infra/network/dns/adguard/deployment.yaml +++ b/k8s/infra/network/dns/adguard/deployment.yaml @@ -49,7 +49,7 @@ spec: mountPath: /opt/adguardhome/conf containers: - name: adguard - image: docker.io/adguard/adguardhome:v0.107.64 # renovate: docker=docker.io/adguard/adguardhome + image: docker.io/adguard/adguardhome:v0.107.66 # renovate: docker=docker.io/adguard/adguardhome securityContext: allowPrivilegeEscalation: false readOnlyRootFilesystem: true diff --git a/k8s/infra/storage/proxmox-csi/kustomization.yaml b/k8s/infra/storage/proxmox-csi/kustomization.yaml index 8ffacbe..d1d0b06 100644 --- a/k8s/infra/storage/proxmox-csi/kustomization.yaml +++ b/k8s/infra/storage/proxmox-csi/kustomization.yaml @@ -4,7 +4,7 @@ kind: Kustomization helmCharts: - name: proxmox-csi-plugin repo: oci://ghcr.io/sergelogvinov/charts - version: 0.3.13 + version: 0.3.14 releaseName: proxmox-csi-plugin includeCRDs: true namespace: csi-proxmox diff --git a/k8s/infra/vpn/netbird/agent/daemon-set.yaml b/k8s/infra/vpn/netbird/agent/daemon-set.yaml index 99c6f35..5886b83 100644 --- a/k8s/infra/vpn/netbird/agent/daemon-set.yaml +++ b/k8s/infra/vpn/netbird/agent/daemon-set.yaml @@ -22,7 +22,7 @@ spec: value: "1" containers: - name: agent - image: docker.io/netbirdio/netbird:0.52.2 # renovate: docker=docker.io/netbirdio/netbird + image: docker.io/netbirdio/netbird:0.58.2 # renovate: docker=docker.io/netbirdio/netbird securityContext: allowPrivilegeEscalation: false readOnlyRootFilesystem: false diff --git a/k8s/infra/vpn/netbird/dashboard/deployment.yaml b/k8s/infra/vpn/netbird/dashboard/deployment.yaml index 4a1d3f1..2528e4b 100644 --- a/k8s/infra/vpn/netbird/dashboard/deployment.yaml +++ b/k8s/infra/vpn/netbird/dashboard/deployment.yaml @@ -17,7 +17,7 @@ spec: type: RuntimeDefault containers: - name: dashboard - image: docker.io/netbirdio/dashboard:v2.15.0 # renovate: docker=docker.io/netbirdio/dashboard + image: docker.io/netbirdio/dashboard:v2.18.1 # renovate: docker=docker.io/netbirdio/dashboard securityContext: allowPrivilegeEscalation: false readOnlyRootFilesystem: false diff --git a/k8s/infra/vpn/netbird/management/deployment.yaml b/k8s/infra/vpn/netbird/management/deployment.yaml index 0d344ab..7b874e1 100644 --- a/k8s/infra/vpn/netbird/management/deployment.yaml +++ b/k8s/infra/vpn/netbird/management/deployment.yaml @@ -54,7 +54,7 @@ spec: mountPath: /tmp/netbird containers: - name: management - image: docker.io/netbirdio/management:0.52.2 # renovate: docker=docker.io/netbirdio/management + image: docker.io/netbirdio/management:0.58.2 # renovate: docker=docker.io/netbirdio/management args: [ --dns-domain, $(DNS_DOMAIN), --log-level, $(LOG_LEVEL), --log-file, console, --idp-sign-key-refresh-enabled ] securityContext: allowPrivilegeEscalation: false diff --git a/k8s/infra/vpn/netbird/relay/deployment.yaml b/k8s/infra/vpn/netbird/relay/deployment.yaml index f759620..9828588 100644 --- a/k8s/infra/vpn/netbird/relay/deployment.yaml +++ b/k8s/infra/vpn/netbird/relay/deployment.yaml @@ -16,7 +16,7 @@ spec: seccompProfile: type: RuntimeDefault containers: - - image: docker.io/netbirdio/relay:0.52.2 # renovate: docker=docker.io/netbirdio/relay + - image: docker.io/netbirdio/relay:0.58.2 # renovate: docker=docker.io/netbirdio/relay imagePullPolicy: IfNotPresent name: relay securityContext: diff --git a/k8s/infra/vpn/netbird/signal/deployment.yaml b/k8s/infra/vpn/netbird/signal/deployment.yaml index f6080e3..32a0d90 100644 --- a/k8s/infra/vpn/netbird/signal/deployment.yaml +++ b/k8s/infra/vpn/netbird/signal/deployment.yaml @@ -21,7 +21,7 @@ spec: type: RuntimeDefault containers: - name: signal - image: docker.io/netbirdio/signal:0.52.2 # renovate: docker=docker.io/netbirdio/signal + image: docker.io/netbirdio/signal:0.58.2 # renovate: docker=docker.io/netbirdio/signal args: [ --port, $(PORT), --log-level, $(LOG_LEVEL), --log-file, console ] securityContext: allowPrivilegeEscalation: false diff --git a/tofu/home-assistant/main.tofu b/tofu/home-assistant/main.tofu index c6ada24..9165bd4 100644 --- a/tofu/home-assistant/main.tofu +++ b/tofu/home-assistant/main.tofu @@ -2,7 +2,7 @@ terraform { required_providers { proxmox = { source = "bpg/proxmox" - version = "0.81.0" + version = "0.84.0" } } } diff --git a/tofu/kubernetes/providers.tofu b/tofu/kubernetes/providers.tofu index 2c8f1f9..2ecf3d9 100644 --- a/tofu/kubernetes/providers.tofu +++ b/tofu/kubernetes/providers.tofu @@ -6,11 +6,11 @@ terraform { } proxmox = { source = "bpg/proxmox" - version = "0.81.0" + version = "0.84.0" } talos = { source = "siderolabs/talos" - version = "0.8.1" + version = "0.9.0" } restapi = { source = "Mastercard/restapi" diff --git a/tofu/kubernetes/talos/inline-manifests/cilium-install.yaml b/tofu/kubernetes/talos/inline-manifests/cilium-install.yaml index a282371..f207e5e 100644 --- a/tofu/kubernetes/talos/inline-manifests/cilium-install.yaml +++ b/tofu/kubernetes/talos/inline-manifests/cilium-install.yaml @@ -59,7 +59,7 @@ spec: hostNetwork: true containers: - name: cilium-install - image: quay.io/cilium/cilium-cli:v0.18.6 # renovate: github-releases=cilium/cilium-cli + image: quay.io/cilium/cilium-cli:v0.18.7 # renovate: github-releases=cilium/cilium-cli env: - name: KUBERNETES_SERVICE_HOST valueFrom: @@ -75,7 +75,7 @@ spec: command: - cilium - install - - --version=v1.18.0 # renovate: github-releases=cilium/cilium + - --version=v1.18.2 # renovate: github-releases=cilium/cilium - --set - kubeProxyReplacement=true - --values diff --git a/tofu/kubernetes/talos_cluster.auto.tfvars b/tofu/kubernetes/talos_cluster.auto.tfvars index 0bb94fb..cb8a5a9 100644 --- a/tofu/kubernetes/talos_cluster.auto.tfvars +++ b/tofu/kubernetes/talos_cluster.auto.tfvars @@ -9,7 +9,7 @@ talos_cluster_config = { # Uncomment to use this instead of version from talos_image. # talos_machine_config_version = "v1.9.2" proxmox_cluster = "homelab" - kubernetes_version = "v1.33.3" # renovate: github-releases=kubernetes/kubernetes + kubernetes_version = "v1.34.1" # renovate: github-releases=kubernetes/kubernetes cilium = { bootstrap_manifest_path = "talos/inline-manifests/cilium-install.yaml" values_file_path = "../../k8s/infra/network/cilium/values.yaml" diff --git a/tofu/kubernetes/talos_image.auto.tfvars b/tofu/kubernetes/talos_image.auto.tfvars index ad690ff..a06dd22 100644 --- a/tofu/kubernetes/talos_image.auto.tfvars +++ b/tofu/kubernetes/talos_image.auto.tfvars @@ -1,6 +1,6 @@ talos_image = { version = "v1.10.3" - update_version = "v1.10.6" # renovate: github-releases=siderolabs/talos + update_version = "v1.11.2" # renovate: github-releases=siderolabs/talos schematic_path = "talos/image/schematic.yaml" # Point this to a new schematic file to update the schematic # update_schematic_path = "talos/image/schematic.yaml" diff --git a/tofu/state/gcs/providers.tofu b/tofu/state/gcs/providers.tofu index bb034e0..138749a 100644 --- a/tofu/state/gcs/providers.tofu +++ b/tofu/state/gcs/providers.tofu @@ -2,7 +2,7 @@ terraform { required_providers { google = { source = "hashicorp/google" - version = "~> 6.46.0" + version = "~> 7.4.0" } } encryption { diff --git a/tofu/state/providers.tofu b/tofu/state/providers.tofu index d8cff37..0ea0909 100644 --- a/tofu/state/providers.tofu +++ b/tofu/state/providers.tofu @@ -2,7 +2,7 @@ terraform { required_providers { google = { source = "hashicorp/google" - version = "~> 6.46.0" + version = "~> 7.4.0" } } encryption {