NO-ISSUE: Update module github.com/coreos/ignition/v2 to v2.24.0

[red-hat-konflux]

This PR contains the following updates:

Package	Change	Age	Confidence
github.com/coreos/ignition/v2	v2.14.0 -> v2.24.0

---

Release Notes

coreos/ignition (github.com/coreos/ignition/v2)

v2.24.0

Compare Source

Features

• Add support for nocloud config fetching in kubevirt

Bug fixes

• Fix occasional cex.key file removal
• Fix multipath partitioning: ignore DM holders when no partitions are mounted

v2.23.0

Compare Source

Features

• Support UpCloud

Changes

• Switch to aws-sdk-go-v2 for S3 fetches and EC2 interactions

Bug fixes

• Fix fetch-offline for Oracle Cloud Infrastructure

v2.22.0

Compare Source

Starting with this release, ignition-validate binaries are signed with the
Fedora 42 key.

Features

• Support Oracle Cloud Infrastructure

Changes

• Rename ignition.cfg -> 05_ignition.cfg
• Support setting setuid/setgid/sticky mode bits (3.6.0-exp)
• Warn if setuid/setgid/sticky mode bits specified (3.4.0 - 3.5.0)
• Add initial TMT tests and a new workflow to execute tests on PRs

Bug fixes

v2.21.0

Compare Source

Starting with this release, ignition-validate binaries are signed with the Fedora 41 key.

Features

• Add Azure blob support for fetching ignition configs
• Add a check for ignition config in vendor-data (proxmoxve)

Bug fixes

• Add pkey_cca kernel module to detect CEX domain for LUKS encryption

v2.20.0

Compare Source

Features

• Support partitioning disk with mounted partitions
• Support Proxmox VE
• Support gzipped Akamai user_data

Changes

• The Dracut module now installs partx
• Mark the 3.5.0 config spec as stable
• No longer accept configs with version 3.5.0-experimental
• Create new 3.6.0-experimental config spec from 3.5.0

Bug fixes

• Fix network race when phoning home on Equinix Metal
• Fix Akamai Ignition base64 decoding on padded payloads
• Fix Makefile GOARCH for loongarch64 (#​1942)

v2.19.0

Compare Source

Features

• Support Akamai Connected Cloud (Linode)
• Support LUKS encryption using IBM CEX secure keys

v2.18.0

Compare Source

Ignition 2.18.0

Breaking changes

• Only include dracut module in initramfs if requested (see distributor notes
  for details)

Features

• Support Scaleway

Changes

• Require Go 1.20+

v2.17.0

Compare Source

Starting with this release, ignition-validate binaries are signed with the
Fedora 39 key.

Features

• Support the native Apple Hypervisor
• Support Hetzner Cloud
• A GRUB configuration suitable for use with https://github.com/coreos/bootupd
  can now be installed; use make install-grub-for-bootupd to install it

Changes

• Require Go 1.19+

Bug fixes

• Prevent races with udev after disk editing
• Don't fail to wipe partition table if it's corrupted

v2.16.2

Compare Source

Bug fixes

• Fix Dracut module installation on arches other than x86 and aarch64

v2.16.1

Compare Source

Starting with this release, ignition-validate binaries are signed with the Fedora 38 key.

Ignition v2.16.0 included a build regression on 32-bit machines and was not released. These notes include all changes since v2.15.0.

Features

• Support Hyper-V platform
• Automatically generate spec docs

Changes

• Clarify spec terminology for contents of CA bundles, files, and key files
• Improve rendering of spec docs on docs site

Bug fixes

• Fix failure disabling nonexistent unit with systemd ≥ 252
• Don't relabel a mount point that already exists
• Document that hash fields describe decompressed data
• Clarify documentation of passwordHash fields
• Correctly document Tang advertisement field as optional

Test changes

• Support and require xfsprogs ≥ 5.19 in blackbox tests

v2.16.0

Compare Source

v2.15.0

Compare Source

Starting with this release, ignition-validate binaries are signed with the Fedora 37 key.

Features

• Support offline Tang provisioning via pre-shared advertisement (3.4.0)
• Allow enabling discard passthrough on LUKS devices (3.4.0)
• Allow specifying arbitrary LUKS open options (3.4.0)
• Ship aarch64 macOS ignition-validate binary in GitHub release artifacts

Changes

• Mark the 3.4.0 config spec as stable
• No longer accept configs with version 3.4.0-experimental
• Create new 3.5.0-experimental config spec from 3.4.0
• Fail if files/links/dirs conflict with systemd units or dropins
• Warn if template for enabled systemd instance unit has no Install section
• Warn if filesystem overwrites partitioned disk
• Warn if wipeTable overwrites a filesystem that would otherwise be reused
• Warn if user/group specified for hard link
• Install ignition-apply in /usr/libexec
• Allow distros to add Ignition command-line arguments from a unit drop-in
• Convert NEWS to Markdown and move to docs site
• Require Go 1.18+

Bug fixes

• Don't overwrite LUKS1 volume when storage.luks.wipeVolume is false
• Request network when custom Clevis config has needsNetwork set
• Fix creating LUKS volume with custom Clevis config that uses TPM2
• Avoid logging spurious error when a LUKS volume wasn't previously formatted
• Fix version string in ignition-validate release container
• Fix reproducibility of systemd preset file in ignition-apply output
• Document that user/group fields aren't applied to hard links
• Clarify spec docs for files/directories/links group fields

---

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

---

• If you want to rebase/retry this PR, check this box

---

To execute skipped test pipelines write comment /ok-to-test.

This PR has been generated by MintMaker (powered by Renovate Bot).

[red-hat-konflux]

ℹ Artifact update notice

File name: go.mod

In order to perform the update(s) described in the table above, Renovate ran the go get command, which resulted in the following additional change(s):

• 14 additional dependencies were updated
• The go directive was updated for compatibility reasons

Details:

Package	Change
go	1.20 -> 1.24.0
github.com/cespare/xxhash/v2	v2.2.0 -> v2.3.0
github.com/coreos/go-systemd/v22	v22.5.0 -> v22.6.0
github.com/coreos/vcontext	v0.0.0-20211021162308-f1dbbca7bef4 -> v0.0.0-20230201181013-d72178a18687
github.com/davecgh/go-spew	v1.1.1 -> v1.1.2-0.20180830191138-d8f796af33cc
github.com/go-logr/logr	v1.2.4 -> v1.4.3
github.com/google/go-cmp	v0.6.0 -> v0.7.0
github.com/spf13/pflag	v1.0.6-0.20210604193023-d5e0c0615ace -> v1.0.10
golang.org/x/net	v0.33.0 -> v0.46.0
golang.org/x/oauth2	v0.28.0 -> v0.32.0
golang.org/x/sys	v0.28.0 -> v0.37.0
golang.org/x/term	v0.27.0 -> v0.36.0
golang.org/x/text	v0.21.0 -> v0.30.0
golang.org/x/time	v0.3.0 -> v0.13.0
google.golang.org/protobuf	v1.31.0 -> v1.36.10

[openshift-ci-robot]

@red-hat-konflux[bot]: This pull request explicitly references no jira issue.

In response to this:

This PR contains the following updates:

Package	Change	Age	Confidence
github.com/coreos/ignition/v2	v2.14.0 -> v2.24.0

---

Release Notes

coreos/ignition (github.com/coreos/ignition/v2)

v2.23.0

Compare Source

Features

• Support UpCloud

Changes

• Switch to aws-sdk-go-v2 for S3 fetches and EC2 interactions

Bug fixes

• Fix fetch-offline for Oracle Cloud Infrastructure

v2.22.0

Compare Source

Starting with this release, ignition-validate binaries are signed with the
Fedora 42 key.

Features

• Support Oracle Cloud Infrastructure

Changes

• Rename ignition.cfg -> 05_ignition.cfg
• Support setting setuid/setgid/sticky mode bits (3.6.0-exp)
• Warn if setuid/setgid/sticky mode bits specified (3.4.0 - 3.5.0)
• Add initial TMT tests and a new workflow to execute tests on PRs

Bug fixes

v2.21.0

Compare Source

Starting with this release, ignition-validate binaries are signed with the Fedora 41 key.

Features

• Add Azure blob support for fetching ignition configs
• Add a check for ignition config in vendor-data (proxmoxve)

Bug fixes

• Add pkey_cca kernel module to detect CEX domain for LUKS encryption

v2.20.0

Compare Source

Features

• Support partitioning disk with mounted partitions
• Support Proxmox VE
• Support gzipped Akamai user_data

Changes

• The Dracut module now installs partx
• Mark the 3.5.0 config spec as stable
• No longer accept configs with version 3.5.0-experimental
• Create new 3.6.0-experimental config spec from 3.5.0

Bug fixes

• Fix network race when phoning home on Equinix Metal
• Fix Akamai Ignition base64 decoding on padded payloads
• Fix Makefile GOARCH for loongarch64 (#​1942)

v2.19.0

Compare Source

Features

• Support Akamai Connected Cloud (Linode)
• Support LUKS encryption using IBM CEX secure keys

v2.18.0

Compare Source

Ignition 2.18.0

Breaking changes

• Only include dracut module in initramfs if requested (see distributor notes
  for details)

Features

• Support Scaleway

Changes

• Require Go 1.20+

v2.17.0

Compare Source

Starting with this release, ignition-validate binaries are signed with the
Fedora 39 key.

Features

• Support the native Apple Hypervisor
• Support Hetzner Cloud
• A GRUB configuration suitable for use with https://github.com/coreos/bootupd
  can now be installed; use make install-grub-for-bootupd to install it

Changes

• Require Go 1.19+

Bug fixes

• Prevent races with udev after disk editing
• Don't fail to wipe partition table if it's corrupted

v2.16.2

Compare Source

Bug fixes

• Fix Dracut module installation on arches other than x86 and aarch64

v2.16.1

Compare Source

Starting with this release, ignition-validate binaries are signed with the Fedora 38 key.

Ignition v2.16.0 included a build regression on 32-bit machines and was not released. These notes include all changes since v2.15.0.

Features

• Support Hyper-V platform
• Automatically generate spec docs

Changes

• Clarify spec terminology for contents of CA bundles, files, and key files
• Improve rendering of spec docs on docs site

Bug fixes

• Fix failure disabling nonexistent unit with systemd ≥ 252
• Don't relabel a mount point that already exists
• Document that hash fields describe decompressed data
• Clarify documentation of passwordHash fields
• Correctly document Tang advertisement field as optional

Test changes

• Support and require xfsprogs ≥ 5.19 in blackbox tests

v2.16.0

Compare Source

v2.15.0

Compare Source

Starting with this release, ignition-validate binaries are signed with the Fedora 37 key.

Features

• Support offline Tang provisioning via pre-shared advertisement (3.4.0)
• Allow enabling discard passthrough on LUKS devices (3.4.0)
• Allow specifying arbitrary LUKS open options (3.4.0)
• Ship aarch64 macOS ignition-validate binary in GitHub release artifacts

Changes

• Mark the 3.4.0 config spec as stable
• No longer accept configs with version 3.4.0-experimental
• Create new 3.5.0-experimental config spec from 3.4.0
• Fail if files/links/dirs conflict with systemd units or dropins
• Warn if template for enabled systemd instance unit has no Install section
• Warn if filesystem overwrites partitioned disk
• Warn if wipeTable overwrites a filesystem that would otherwise be reused
• Warn if user/group specified for hard link
• Install ignition-apply in /usr/libexec
• Allow distros to add Ignition command-line arguments from a unit drop-in
• Convert NEWS to Markdown and move to docs site
• Require Go 1.18+

Bug fixes

• Don't overwrite LUKS1 volume when storage.luks.wipeVolume is false
• Request network when custom Clevis config has needsNetwork set
• Fix creating LUKS volume with custom Clevis config that uses TPM2
• Avoid logging spurious error when a LUKS volume wasn't previously formatted
• Fix version string in ignition-validate release container
• Fix reproducibility of systemd preset file in ignition-apply output
• Document that user/group fields aren't applied to hard links
• Clarify spec docs for files/directories/links group fields

---

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

---

• If you want to rebase/retry this PR, check this box

---

To execute skipped test pipelines write comment /ok-to-test.

This PR has been generated by MintMaker (powered by Renovate Bot).

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the openshift-eng/jira-lifecycle-plugin repository.

[openshift-ci]

[APPROVALNOTIFIER] This PR is NOT APPROVED

This pull-request has been approved by: red-hat-konflux[bot]
Once this PR has been reviewed and has the lgtm label, please assign avishayt for approval. For more information see the Code Review Process.

The full list of commands accepted by this bot can be found here.

Needs approval from an approver in each of these files:

• OWNERS

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

[openshift-ci]

Hi @red-hat-konflux[bot]. Thanks for your PR.

I'm waiting for a github.com member to verify that this patch is reasonable to test. If it is, they should reply with /ok-to-test on its own line. Until that is done, I will not automatically test new commits in this PR, but the usual testing commands by org members will still work. Regular contributors should join the org to skip this step.

Once the patch is verified, the new status will be reflected by the ok-to-test label.

I understand the commands that are listed here.

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository.