From fdca86ccde1de77c67304ffbe245bc00e272ebe3 Mon Sep 17 00:00:00 2001 From: "octo-sts[bot]" <157150467+octo-sts@users.noreply.github.com> Date: Mon, 29 Dec 2025 07:32:25 +0000 Subject: [PATCH 1/4] kuma-2.13: updated --- kuma-2.13.yaml | 179 +++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 179 insertions(+) create mode 100644 kuma-2.13.yaml diff --git a/kuma-2.13.yaml b/kuma-2.13.yaml new file mode 100644 index 00000000000..b95493a56ca --- /dev/null +++ b/kuma-2.13.yaml @@ -0,0 +1,179 @@ +package: + name: kuma-2.13 + version: "v2.13.0" + epoch: 0 # GHSA-jv3w-x3r3-g6rm + description: A multi-zone service mesh for containers, Kubernetes and VMs. + copyright: + - license: Apache-2.0 + dependencies: + provides: + - kuma=${{package.full-version}} + +var-transforms: + - from: ${{package.version}} + match: ^(\d+\.\d+)\.\d+$ + replace: "$1" + to: major-minor-version + +pipeline: + - uses: git-checkout + with: + repository: https://github.com/kumahq/kuma + tag: ${{package.version}} + expected-commit: 99bb946e09bcdf7f7e6c1275c8bf14206db77274 + + - uses: patch + with: + patches: remove_envoy_version_check.patch + +subpackages: + - name: kumactl-${{vars.major-minor-version}} + description: Kuma control plane command-line utility + dependencies: + provides: + - kumactl=${{package.full-version}} + pipeline: + - uses: go/build + with: + packages: ./app/kumactl + output: kumactl + ldflags: | + -X github.com/kumahq/kuma/pkg/version.version=${{package.version}} + -X github.com/kumahq/kuma/pkg/version.gitTag=$(git name-rev --tags --name-only $(git rev-parse HEAD)) + -X github.com/kumahq/kuma/pkg/version.gitCommit=$(git rev-parse HEAD) + -X github.com/kumahq/kuma/pkg/version.buildDate=$(date ${SOURCE_DATE_EPOCH:+ -d@${SOURCE_DATE_EPOCH}} "+%Y-%m-%dT%H:%M:%SZ") + -X github.com/kumahq/kuma/pkg/version.Envoy=$(cat ./mk/dev.mk | grep "ENVOY_VERSION ?= " | sed "s/ENVOY_VERSION ?= //g") + test: + pipeline: + - name: Test kumactl + runs: | + kumactl help + kumactl version | grep ${{package.version}} + + - name: kuma-cp-${{vars.major-minor-version}} + description: Kuma control plane + dependencies: + provides: + - kuma-cp=${{package.full-version}} + pipeline: + - uses: go/build + with: + packages: ./app/kuma-cp + output: kuma-cp + ldflags: | + -X github.com/kumahq/kuma/pkg/version.version=${{package.version}} + -X github.com/kumahq/kuma/pkg/version.gitTag=$(git name-rev --tags --name-only $(git rev-parse HEAD)) + -X github.com/kumahq/kuma/pkg/version.gitCommit=$(git rev-parse HEAD) + -X github.com/kumahq/kuma/pkg/version.buildDate=$(date ${SOURCE_DATE_EPOCH:+ -d@${SOURCE_DATE_EPOCH}} "+%Y-%m-%dT%H:%M:%SZ") + -X github.com/kumahq/kuma/pkg/version.Envoy=$(cat ./mk/dev.mk | grep "ENVOY_VERSION ?= " | sed "s/ENVOY_VERSION ?= //g") + test: + pipeline: + - name: Test kuma control plane + runs: | + kuma-cp help + kuma-cp version | grep ${{package.version}} + + - name: kuma-dp-${{vars.major-minor-version}} + description: Kuma data plane + dependencies: + provides: + - kuma-dp=${{package.full-version}} + pipeline: + - uses: go/build + with: + packages: ./app/kuma-dp + output: kuma-dp + ldflags: | + -X github.com/kumahq/kuma/pkg/version.version=${{package.version}} + -X github.com/kumahq/kuma/pkg/version.gitTag=$(git name-rev --tags --name-only $(git rev-parse HEAD)) + -X github.com/kumahq/kuma/pkg/version.gitCommit=$(git rev-parse HEAD) + -X github.com/kumahq/kuma/pkg/version.buildDate=$(date ${SOURCE_DATE_EPOCH:+ -d@${SOURCE_DATE_EPOCH}} "+%Y-%m-%dT%H:%M:%SZ") + -X github.com/kumahq/kuma/pkg/version.Envoy=$(cat ./mk/dev.mk | grep "ENVOY_VERSION ?= " | sed "s/ENVOY_VERSION ?= //g") + test: + pipeline: + - name: Test kuma data plane + runs: | + kuma-dp help + kuma-dp version | grep ${{package.version}} + + - name: kuma-cni-${{vars.major-minor-version}} + description: Kuma CNI plugin + dependencies: + provides: + - kuma-cni=${{package.full-version}} + pipeline: + - uses: go/build + with: + packages: ./app/cni/cmd/kuma-cni + output: kuma-cni + ldflags: | + -X github.com/kumahq/kuma/pkg/version.version=${{package.version}} + -X github.com/kumahq/kuma/pkg/version.gitTag=$(git name-rev --tags --name-only $(git rev-parse HEAD)) + -X github.com/kumahq/kuma/pkg/version.gitCommit=$(git rev-parse HEAD) + -X github.com/kumahq/kuma/pkg/version.buildDate=$(date ${SOURCE_DATE_EPOCH:+ -d@${SOURCE_DATE_EPOCH}} "+%Y-%m-%dT%H:%M:%SZ") + -X github.com/kumahq/kuma/pkg/version.Envoy=$(cat ./mk/dev.mk | grep "ENVOY_VERSION ?= " | sed "s/ENVOY_VERSION ?= //g") + test: + pipeline: + - name: Test kuma cni + runs: | + kuma-cni help + kuma-cni version + + - name: kuma-install-cni-${{vars.major-minor-version}} + description: Kuma CNI installer + dependencies: + provides: + - kuma-install-cni=${{package.full-version}} + pipeline: + - uses: go/build + with: + packages: ./app/cni/cmd/install + output: install-cni + ldflags: | + -X github.com/kumahq/kuma/pkg/version.version=${{package.version}} + -X github.com/kumahq/kuma/pkg/version.gitTag=$(git name-rev --tags --name-only $(git rev-parse HEAD)) + -X github.com/kumahq/kuma/pkg/version.gitCommit=$(git rev-parse HEAD) + -X github.com/kumahq/kuma/pkg/version.buildDate=$(date ${SOURCE_DATE_EPOCH:+ -d@${SOURCE_DATE_EPOCH}} "+%Y-%m-%dT%H:%M:%SZ") + -X github.com/kumahq/kuma/pkg/version.Envoy=$(cat ./mk/dev.mk | grep "ENVOY_VERSION ?= " | sed "s/ENVOY_VERSION ?= //g") + test: + pipeline: + - uses: test/virtualpackage + with: + virtual-pkg-name: kuma-install-cni + real-pkg-name: ${{subpkg.name}} + + - name: kuma-cni-compat-${{vars.major-minor-version}} + description: Kuma CNI compat + dependencies: + provides: + - kuma-cni-compat=${{package.full-version}} + pipeline: + - runs: | + mkdir -p ${{targets.contextdir}}/opt/cni/bin + ln -sf /usr/bin/kuma-cni ${{targets.contextdir}}/opt/cni/bin/kuma-cni + ln -sf /usr/bin/install-cni ${{targets.contextdir}}/install-cni + test: + environment: + contents: + packages: + - kuma-cni + - kuma-install-cni + pipeline: + - name: Test kuma cni compat + runs: | + test -x /install-cni + test -x /opt/cni/bin/kuma-cni + /opt/cni/bin/kuma-cni help + /opt/cni/bin/kuma-cni version + +update: + enabled: true + github: + identifier: kumahq/kuma + tag-filter: "2.13" + use-tag: true + +# Based on package size if was determined that this origin package is empty apart from its own SBOM and this test was added to confirm it is empty and will fail if the package is not longer empty (contains more than an SBOM) +test: + pipeline: + - uses: test/emptypackage From 5cc85806b8175030f8611fed5ac13945b5a3d399 Mon Sep 17 00:00:00 2001 From: "octo-sts[bot]" <157150467+octo-sts@users.noreply.github.com> Date: Mon, 29 Dec 2025 07:32:28 +0000 Subject: [PATCH 2/4] kuma-2.13: updated patch directory --- kuma-2.13/remove_envoy_version_check.patch | 51 ++++++++++++++++++++++ 1 file changed, 51 insertions(+) create mode 100644 kuma-2.13/remove_envoy_version_check.patch diff --git a/kuma-2.13/remove_envoy_version_check.patch b/kuma-2.13/remove_envoy_version_check.patch new file mode 100644 index 00000000000..bf3e07e4790 --- /dev/null +++ b/kuma-2.13/remove_envoy_version_check.patch @@ -0,0 +1,51 @@ +diff --git a/app/kuma-dp/pkg/dataplane/envoy/compatibility.go b/app/kuma-dp/pkg/dataplane/envoy/compatibility.go +index 9bd891d70..861df2c4f 100644 +--- a/app/kuma-dp/pkg/dataplane/envoy/compatibility.go ++++ b/app/kuma-dp/pkg/dataplane/envoy/compatibility.go +@@ -1,27 +1,32 @@ + package envoy + ++/* + import ( + "github.com/Masterminds/semver/v3" + "github.com/pkg/errors" + ) ++*/ + + // VersionCompatible returns true if the given version of + // envoy is compatible with this DP, false otherwise, expectedVersion is in Masterminds/semver/v3 format. + func VersionCompatible(expectedVersion string, envoyVersion string) (bool, error) { +- if expectedVersion == envoyVersion { +- return true, nil +- } +- expectedVersion = "~" + expectedVersion +- ver, err := semver.NewVersion(envoyVersion) +- if err != nil { +- return false, errors.Wrapf(err, "unable to parse envoy version %s", envoyVersion) +- } ++ /* ++ if expectedVersion == envoyVersion { ++ return true, nil ++ } ++ expectedVersion = "~" + expectedVersion ++ ver, err := semver.NewVersion(envoyVersion) ++ if err != nil { ++ return false, errors.Wrapf(err, "unable to parse envoy version %s", envoyVersion) ++ } + +- constraint, err := semver.NewConstraint(expectedVersion) +- if err != nil { +- // Programmer error +- return false, errors.Wrapf(err, "Invalid envoy compatibility constraint %s", expectedVersion) +- } ++ constraint, err := semver.NewConstraint(expectedVersion) ++ if err != nil { ++ // Programmer error ++ return false, errors.Wrapf(err, "Invalid envoy compatibility constraint %s", expectedVersion) ++ } + +- return constraint.Check(ver), nil ++ return constraint.Check(ver), nil ++ */ ++ return true, nil + } From 0f51c27fb51a03557a6a486867fd4048e0209221 Mon Sep 17 00:00:00 2001 From: Amber Arcadia Date: Mon, 5 Jan 2026 19:35:44 -0500 Subject: [PATCH 3/4] Fixed version and update config --- kuma-2.13.yaml | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/kuma-2.13.yaml b/kuma-2.13.yaml index b95493a56ca..e1c869fc402 100644 --- a/kuma-2.13.yaml +++ b/kuma-2.13.yaml @@ -1,6 +1,6 @@ package: name: kuma-2.13 - version: "v2.13.0" + version: "2.13.0" epoch: 0 # GHSA-jv3w-x3r3-g6rm description: A multi-zone service mesh for containers, Kubernetes and VMs. copyright: @@ -19,7 +19,7 @@ pipeline: - uses: git-checkout with: repository: https://github.com/kumahq/kuma - tag: ${{package.version}} + tag: v${{package.version}} expected-commit: 99bb946e09bcdf7f7e6c1275c8bf14206db77274 - uses: patch @@ -172,6 +172,7 @@ update: identifier: kumahq/kuma tag-filter: "2.13" use-tag: true + strip-prefix: v # Based on package size if was determined that this origin package is empty apart from its own SBOM and this test was added to confirm it is empty and will fail if the package is not longer empty (contains more than an SBOM) test: From aa965da1ff355c2acac940bfd14f14f335a78af0 Mon Sep 17 00:00:00 2001 From: Amber Arcadia Date: Mon, 5 Jan 2026 20:53:23 -0500 Subject: [PATCH 4/4] Updated to go mod v2 and improved tests --- kuma-2.13.yaml | 68 +++++++++++++++++++++++++++++--------------------- 1 file changed, 39 insertions(+), 29 deletions(-) diff --git a/kuma-2.13.yaml b/kuma-2.13.yaml index e1c869fc402..04625a5c939 100644 --- a/kuma-2.13.yaml +++ b/kuma-2.13.yaml @@ -38,17 +38,24 @@ subpackages: packages: ./app/kumactl output: kumactl ldflags: | - -X github.com/kumahq/kuma/pkg/version.version=${{package.version}} - -X github.com/kumahq/kuma/pkg/version.gitTag=$(git name-rev --tags --name-only $(git rev-parse HEAD)) - -X github.com/kumahq/kuma/pkg/version.gitCommit=$(git rev-parse HEAD) - -X github.com/kumahq/kuma/pkg/version.buildDate=$(date ${SOURCE_DATE_EPOCH:+ -d@${SOURCE_DATE_EPOCH}} "+%Y-%m-%dT%H:%M:%SZ") - -X github.com/kumahq/kuma/pkg/version.Envoy=$(cat ./mk/dev.mk | grep "ENVOY_VERSION ?= " | sed "s/ENVOY_VERSION ?= //g") + -X github.com/kumahq/kuma/v2/pkg/version.version=${{package.version}} + -X github.com/kumahq/kuma/v2/pkg/version.gitTag=$(git name-rev --tags --name-only $(git rev-parse HEAD)) + -X github.com/kumahq/kuma/v2/pkg/version.gitCommit=$(git rev-parse HEAD) + -X github.com/kumahq/kuma/v2/pkg/version.buildDate=$(date ${SOURCE_DATE_EPOCH:+ -d@${SOURCE_DATE_EPOCH}} "+%Y-%m-%dT%H:%M:%SZ") + -X github.com/kumahq/kuma/v2/pkg/version.Envoy=$(cat ./mk/dev.mk | grep "ENVOY_VERSION ?= " | sed "s/ENVOY_VERSION ?= //g") test: pipeline: - name: Test kumactl runs: | kumactl help - kumactl version | grep ${{package.version}} + kumactl version + kumactl version 2>&1 | grep "${{package.version}}" + kumactl version --detailed + kumactl version --detailed 2>&1 | grep -q "Version:.*${{package.version}}" + kumactl version --detailed 2>&1 | grep -q "Product:.*Kuma" + kumactl version --detailed 2>&1 | grep -q "Git Tag:.*v${{package.version}}" + kumactl version --detailed 2>&1 | grep -q "Git Commit:.*[0-9a-f]\{40\}" + kumactl version --detailed 2>&1 | grep -q "Build Date:.*[0-9]\{4\}-[0-9]\{2\}-[0-9]\{2\}" - name: kuma-cp-${{vars.major-minor-version}} description: Kuma control plane @@ -61,17 +68,18 @@ subpackages: packages: ./app/kuma-cp output: kuma-cp ldflags: | - -X github.com/kumahq/kuma/pkg/version.version=${{package.version}} - -X github.com/kumahq/kuma/pkg/version.gitTag=$(git name-rev --tags --name-only $(git rev-parse HEAD)) - -X github.com/kumahq/kuma/pkg/version.gitCommit=$(git rev-parse HEAD) - -X github.com/kumahq/kuma/pkg/version.buildDate=$(date ${SOURCE_DATE_EPOCH:+ -d@${SOURCE_DATE_EPOCH}} "+%Y-%m-%dT%H:%M:%SZ") - -X github.com/kumahq/kuma/pkg/version.Envoy=$(cat ./mk/dev.mk | grep "ENVOY_VERSION ?= " | sed "s/ENVOY_VERSION ?= //g") + -X github.com/kumahq/kuma/v2/pkg/version.version=${{package.version}} + -X github.com/kumahq/kuma/v2/pkg/version.gitTag=$(git name-rev --tags --name-only $(git rev-parse HEAD)) + -X github.com/kumahq/kuma/v2/pkg/version.gitCommit=$(git rev-parse HEAD) + -X github.com/kumahq/kuma/v2/pkg/version.buildDate=$(date ${SOURCE_DATE_EPOCH:+ -d@${SOURCE_DATE_EPOCH}} "+%Y-%m-%dT%H:%M:%SZ") + -X github.com/kumahq/kuma/v2/pkg/version.Envoy=$(cat ./mk/dev.mk | grep "ENVOY_VERSION ?= " | sed "s/ENVOY_VERSION ?= //g") test: pipeline: - name: Test kuma control plane runs: | kuma-cp help - kuma-cp version | grep ${{package.version}} + kuma-cp version + kuma-cp version 2>&1 | grep "${{package.version}}" - name: kuma-dp-${{vars.major-minor-version}} description: Kuma data plane @@ -84,17 +92,18 @@ subpackages: packages: ./app/kuma-dp output: kuma-dp ldflags: | - -X github.com/kumahq/kuma/pkg/version.version=${{package.version}} - -X github.com/kumahq/kuma/pkg/version.gitTag=$(git name-rev --tags --name-only $(git rev-parse HEAD)) - -X github.com/kumahq/kuma/pkg/version.gitCommit=$(git rev-parse HEAD) - -X github.com/kumahq/kuma/pkg/version.buildDate=$(date ${SOURCE_DATE_EPOCH:+ -d@${SOURCE_DATE_EPOCH}} "+%Y-%m-%dT%H:%M:%SZ") - -X github.com/kumahq/kuma/pkg/version.Envoy=$(cat ./mk/dev.mk | grep "ENVOY_VERSION ?= " | sed "s/ENVOY_VERSION ?= //g") + -X github.com/kumahq/kuma/v2/pkg/version.version=${{package.version}} + -X github.com/kumahq/kuma/v2/pkg/version.gitTag=$(git name-rev --tags --name-only $(git rev-parse HEAD)) + -X github.com/kumahq/kuma/v2/pkg/version.gitCommit=$(git rev-parse HEAD) + -X github.com/kumahq/kuma/v2/pkg/version.buildDate=$(date ${SOURCE_DATE_EPOCH:+ -d@${SOURCE_DATE_EPOCH}} "+%Y-%m-%dT%H:%M:%SZ") + -X github.com/kumahq/kuma/v2/pkg/version.Envoy=$(cat ./mk/dev.mk | grep "ENVOY_VERSION ?= " | sed "s/ENVOY_VERSION ?= //g") test: pipeline: - name: Test kuma data plane runs: | kuma-dp help - kuma-dp version | grep ${{package.version}} + kuma-dp version + kuma-dp version 2>&1 | grep "${{package.version}}" - name: kuma-cni-${{vars.major-minor-version}} description: Kuma CNI plugin @@ -107,17 +116,18 @@ subpackages: packages: ./app/cni/cmd/kuma-cni output: kuma-cni ldflags: | - -X github.com/kumahq/kuma/pkg/version.version=${{package.version}} - -X github.com/kumahq/kuma/pkg/version.gitTag=$(git name-rev --tags --name-only $(git rev-parse HEAD)) - -X github.com/kumahq/kuma/pkg/version.gitCommit=$(git rev-parse HEAD) - -X github.com/kumahq/kuma/pkg/version.buildDate=$(date ${SOURCE_DATE_EPOCH:+ -d@${SOURCE_DATE_EPOCH}} "+%Y-%m-%dT%H:%M:%SZ") - -X github.com/kumahq/kuma/pkg/version.Envoy=$(cat ./mk/dev.mk | grep "ENVOY_VERSION ?= " | sed "s/ENVOY_VERSION ?= //g") + -X github.com/kumahq/kuma/v2/pkg/version.version=${{package.version}} + -X github.com/kumahq/kuma/v2/pkg/version.gitTag=$(git name-rev --tags --name-only $(git rev-parse HEAD)) + -X github.com/kumahq/kuma/v2/pkg/version.gitCommit=$(git rev-parse HEAD) + -X github.com/kumahq/kuma/v2/pkg/version.buildDate=$(date ${SOURCE_DATE_EPOCH:+ -d@${SOURCE_DATE_EPOCH}} "+%Y-%m-%dT%H:%M:%SZ") + -X github.com/kumahq/kuma/v2/pkg/version.Envoy=$(cat ./mk/dev.mk | grep "ENVOY_VERSION ?= " | sed "s/ENVOY_VERSION ?= //g") test: pipeline: - name: Test kuma cni runs: | kuma-cni help kuma-cni version + kuma-cni version 2>&1 | grep -q "${{package.version}}" - name: kuma-install-cni-${{vars.major-minor-version}} description: Kuma CNI installer @@ -130,11 +140,11 @@ subpackages: packages: ./app/cni/cmd/install output: install-cni ldflags: | - -X github.com/kumahq/kuma/pkg/version.version=${{package.version}} - -X github.com/kumahq/kuma/pkg/version.gitTag=$(git name-rev --tags --name-only $(git rev-parse HEAD)) - -X github.com/kumahq/kuma/pkg/version.gitCommit=$(git rev-parse HEAD) - -X github.com/kumahq/kuma/pkg/version.buildDate=$(date ${SOURCE_DATE_EPOCH:+ -d@${SOURCE_DATE_EPOCH}} "+%Y-%m-%dT%H:%M:%SZ") - -X github.com/kumahq/kuma/pkg/version.Envoy=$(cat ./mk/dev.mk | grep "ENVOY_VERSION ?= " | sed "s/ENVOY_VERSION ?= //g") + -X github.com/kumahq/kuma/v2/pkg/version.version=${{package.version}} + -X github.com/kumahq/kuma/v2/pkg/version.gitTag=$(git name-rev --tags --name-only $(git rev-parse HEAD)) + -X github.com/kumahq/kuma/v2/pkg/version.gitCommit=$(git rev-parse HEAD) + -X github.com/kumahq/kuma/v2/pkg/version.buildDate=$(date ${SOURCE_DATE_EPOCH:+ -d@${SOURCE_DATE_EPOCH}} "+%Y-%m-%dT%H:%M:%SZ") + -X github.com/kumahq/kuma/v2/pkg/version.Envoy=$(cat ./mk/dev.mk | grep "ENVOY_VERSION ?= " | sed "s/ENVOY_VERSION ?= //g") test: pipeline: - uses: test/virtualpackage @@ -170,7 +180,7 @@ update: enabled: true github: identifier: kumahq/kuma - tag-filter: "2.13" + tag-filter: "v2.13" use-tag: true strip-prefix: v