Skip to content

OCPBUGS-77562, STOR-2758: Rebase to upstream v4.11.0 for OCP 4.22#94

Merged
openshift-merge-bot[bot] merged 29 commits intoopenshift:masterfrom
dfajmon:rebase-v4.11.0
Mar 11, 2026
Merged

OCPBUGS-77562, STOR-2758: Rebase to upstream v4.11.0 for OCP 4.22#94
openshift-merge-bot[bot] merged 29 commits intoopenshift:masterfrom
dfajmon:rebase-v4.11.0

Conversation

@dfajmon
Copy link

@dfajmon dfajmon commented Mar 9, 2026

Issue link
https://issues.redhat.com/browse/STOR-2758

Diff to upstream v4.11.0
kubernetes-csi/external-attacher@v4.11.0...dfajmon:rebase-v4.11.0

Notes for reviewers

Summary of changes

Notable Bug Fixes

  • Fixed log spam "VolumeAttachment attached status and actual state do not match. Adding back to VolumeAttachment queue for forced reprocessing" for VolumeAttachments of unrelated CSI drivers (#682)
  • Fixed the module path to include /v4 (#696)

CVE Fixes

CVE-2025-68121

Upstream changelogs

Full changelog

kubernetes-csi/external-attacher@v4.10.0...v4.11.0

Last rebase

#89

@openshift/storage

jsafrane and others added 29 commits September 23, 2025 13:29
@jsafrane
Skip VolumeAttachments of other drivers
bbf0de8 
During periodic re-sync in ReconcileVA, skip VolumeAttachments of
unrelated CSI drivers. The VolumeAttachments will be skipped anyway in
syncVA().

This only prevents log spam and saves some CPU.
@k8s-ci-robot
Merge pull request kubernetes-csi#682 from jsafrane/skip-unknown-vas
3a057e7 
Skip VolumeAttachments of other drivers
@dependabot
Bump github.com/mailru/easyjson from 0.9.0 to 0.9.1
b8faf3b 
Bumps [github.com/mailru/easyjson](https://github.com/mailru/easyjson) from 0.9.0 to 0.9.1.
- [Release notes](https://github.com/mailru/easyjson/releases)
- [Commits](mailru/easyjson@v0.9...v0.9.1)

---
updated-dependencies:
- dependency-name: github.com/mailru/easyjson
  dependency-version: 0.9.1
  dependency-type: indirect
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
@k8s-ci-robot
Merge pull request kubernetes-csi#683 from kubernetes-csi/dependabot/…
6aed39e 
…go_modules/github.com/mailru/easyjson-0.9.1

Bump github.com/mailru/easyjson from 0.9.0 to 0.9.1
@carlory
cleanup csi.volume.kubernetes.io/nodeid
ae06095 
Signed-off-by: carlory <baofa.fan@daocloud.io>
@k8s-ci-robot
Merge pull request kubernetes-csi#691 from carlory/rm-annotaion
9dc713f 
cleanup csi.volume.kubernetes.io/nodeid
@dfajmon
Merge commit '8174d1450bb91211f3c3d684dda6aaf0a978bd2b' into k8s-1.35…
d7be7eb 
….0-bump
@dfajmon
Squashed 'release-tools/' changes from 5f38a907597..707a99ecae0
8174d14 
707a99ecae0 Merge pull request kubernetes-csi#291 from dfajmon/logcheck
a9d2b0fb3b0 Bump logcheck to v0.10.0
d6846630bd1 Merge pull request kubernetes-csi#290 from dfajmon/go-1.25.5
55e527c4947 Bump golang to 1.25.5
b12e407cc95 Merge pull request kubernetes-csi#289 from nixpanic/k8s-v1.34
bbe5e547e2d Use Kubernetes v1.34 and Kind v0.30 by default
4e9eb2c9ee5 Merge pull request kubernetes-csi#288 from gnufied/add-gnufied-for-csi-approver
064e260d995 Add myself as csi approver
c852fa797fe Merge pull request kubernetes-csi#287 from andyzhangx/patch-7
bce16c103a9 fix: upgrade to go1.24.11 to fix CVE-2025-61727
8d1258cce80 Merge pull request kubernetes-csi#286 from kubernetes-csi/dependabot/github_actions/actions/checkout-6
91e35981a64 Bump actions/checkout from 5 to 6
294138155cf Merge pull request kubernetes-csi#285 from andyzhangx/patch-6
fa8b339e900 fix: upgrade to go1.24.9 to fix CVEs
74502e544bc Merge pull request kubernetes-csi#278 from liangyuanpeng/migrate_k8s_testimages
53344305509 Merge pull request kubernetes-csi#281 from kubernetes-csi/dependabot/github_actions/actions/checkout-5
458ce146ff7 Bump actions/checkout from 4 to 5
5ec1a52b84d use gcr.io/k8s-staging-test-infra instead of gcr.io/k8s-testimages

git-subtree-dir: release-tools
git-subtree-split: 707a99ecae026a8faa36d60aa9ea88505b5865df
@dfajmon
Bump k8s dependencies to v1.35.0
a442a3f
@k8s-ci-robot
Merge pull request kubernetes-csi#693 from dfajmon/k8s-1.35.0-bump
82cd90a 
Update csi-release-tools & Bump k8s dependencies to v1.35.0
@dependabot
Bump the k8s-dependencies group across 1 directory with 3 updates
db2b39a 
Bumps the k8s-dependencies group with 3 updates in the / directory: [github.com/kubernetes-csi/csi-test/v5](https://github.com/kubernetes-csi/csi-test), [sigs.k8s.io/apiserver-network-proxy/konnectivity-client](https://github.com/kubernetes-sigs/apiserver-network-proxy) and [sigs.k8s.io/structured-merge-diff/v6](https://github.com/kubernetes-sigs/structured-merge-diff).


Updates `github.com/kubernetes-csi/csi-test/v5` from 5.3.1 to 5.4.0
- [Release notes](https://github.com/kubernetes-csi/csi-test/releases)
- [Commits](kubernetes-csi/csi-test@v5.3.1...v5.4.0)

Updates `sigs.k8s.io/apiserver-network-proxy/konnectivity-client` from 0.33.0 to 0.34.0
- [Release notes](https://github.com/kubernetes-sigs/apiserver-network-proxy/releases)
- [Changelog](https://github.com/kubernetes-sigs/apiserver-network-proxy/blob/master/RELEASE.md)
- [Commits](kubernetes-sigs/apiserver-network-proxy@v0.33.0...v0.34.0)

Updates `sigs.k8s.io/structured-merge-diff/v6` from 6.3.0 to 6.3.1
- [Release notes](https://github.com/kubernetes-sigs/structured-merge-diff/releases)
- [Changelog](https://github.com/kubernetes-sigs/structured-merge-diff/blob/master/RELEASE.md)
- [Commits](kubernetes-sigs/structured-merge-diff@v6.3.0...v6.3.1)

---
updated-dependencies:
- dependency-name: github.com/kubernetes-csi/csi-test/v5
  dependency-version: 5.4.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: k8s-dependencies
- dependency-name: sigs.k8s.io/apiserver-network-proxy/konnectivity-client
  dependency-version: 0.34.0
  dependency-type: indirect
  update-type: version-update:semver-minor
  dependency-group: k8s-dependencies
- dependency-name: sigs.k8s.io/structured-merge-diff/v6
  dependency-version: 6.3.1
  dependency-type: indirect
  update-type: version-update:semver-patch
  dependency-group: k8s-dependencies
...

Signed-off-by: dependabot[bot] <support@github.com>
@k8s-ci-robot
Merge pull request kubernetes-csi#694 from kubernetes-csi/dependabot/…
02cfc0f 
…go_modules/k8s-dependencies-a3a04027e6

Bump the k8s-dependencies group across 1 directory with 3 updates
@jsafrane
Update the module import path to include /v4
3dd1d33 
To respect go versioning and have the module import-able.
@k8s-ci-robot
Merge pull request kubernetes-csi#696 from jsafrane/module-v4
b270933 
Update the module import path to include /v4
@DerekFrank
refactor: use common sidecar flags functionality
195ba0a
@dependabot
Bump github.com/kubernetes-csi/csi-lib-utils
5c46f42 
Bumps the k8s-dependencies group with 1 update: [github.com/kubernetes-csi/csi-lib-utils](https://github.com/kubernetes-csi/csi-lib-utils).


Updates `github.com/kubernetes-csi/csi-lib-utils` from 0.23.1 to 0.23.2
- [Release notes](https://github.com/kubernetes-csi/csi-lib-utils/releases)
- [Commits](kubernetes-csi/csi-lib-utils@v0.23.1...v0.23.2)

---
updated-dependencies:
- dependency-name: github.com/kubernetes-csi/csi-lib-utils
  dependency-version: 0.23.2
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: k8s-dependencies
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot
Bump github.com/stoewer/go-strcase from 1.3.0 to 1.3.1
a827230 
Bumps [github.com/stoewer/go-strcase](https://github.com/stoewer/go-strcase) from 1.3.0 to 1.3.1.
- [Release notes](https://github.com/stoewer/go-strcase/releases)
- [Commits](stoewer/go-strcase@v1.3.0...v1.3.1)

---
updated-dependencies:
- dependency-name: github.com/stoewer/go-strcase
  dependency-version: 1.3.1
  dependency-type: indirect
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
@k8s-ci-robot
Merge pull request kubernetes-csi#699 from kubernetes-csi/dependabot/…
d840d4d 
…go_modules/k8s-dependencies-1ce085a5b7

Bump github.com/kubernetes-csi/csi-lib-utils from 0.23.1 to 0.23.2 in the k8s-dependencies group
@k8s-ci-robot
Merge pull request kubernetes-csi#684 from DerekFrank/use-central-flags
ad4a2b4 
refactor: use common sidecar flags functionality
@jsafrane
Squashed 'release-tools/' changes from 707a99ec..1e81e752
4f75e97 
1e81e752 Merge pull request kubernetes-csi#293 from andyzhangx/patch-9
4dc18505 fix: upgrade to go1.25.7 to fix CVE-2025-61727
b60b9a50 Merge pull request kubernetes-csi#292 from andyzhangx/patch-8
0e4e2ed0 Update Go version from 1.25.5 to 1.25.6 to fix CVE

git-subtree-dir: release-tools
git-subtree-split: 1e81e752e87e027311be882279eac9e292705aa5
@jsafrane
Merge commit '4f75e97e57547b1ca6227dbffe1db4c794646f2b' into go-1.25.7
04d8753
@k8s-ci-robot
Merge pull request kubernetes-csi#701 from jsafrane/go-1.25.7
90cf0c5 
Bump csi-release-tools to bring go 1.25.7
@dependabot
Bump sigs.k8s.io/structured-merge-diff/v6 in the k8s-dependencies group
621b027 
Bumps the k8s-dependencies group with 1 update: [sigs.k8s.io/structured-merge-diff/v6](https://github.com/kubernetes-sigs/structured-merge-diff).


Updates `sigs.k8s.io/structured-merge-diff/v6` from 6.3.1 to 6.3.2
- [Release notes](https://github.com/kubernetes-sigs/structured-merge-diff/releases)
- [Changelog](https://github.com/kubernetes-sigs/structured-merge-diff/blob/master/RELEASE.md)
- [Commits](kubernetes-sigs/structured-merge-diff@v6.3.1...v6.3.2)

---
updated-dependencies:
- dependency-name: sigs.k8s.io/structured-merge-diff/v6
  dependency-version: 6.3.2
  dependency-type: indirect
  update-type: version-update:semver-patch
  dependency-group: k8s-dependencies
...

Signed-off-by: dependabot[bot] <support@github.com>
@k8s-ci-robot
Merge pull request kubernetes-csi#700 from kubernetes-csi/dependabot/…
b73efa9 
…go_modules/github.com/stoewer/go-strcase-1.3.1

Bump github.com/stoewer/go-strcase from 1.3.0 to 1.3.1
@k8s-ci-robot
Merge pull request kubernetes-csi#702 from kubernetes-csi/dependabot/…
d4586f8 
…go_modules/k8s-dependencies-fdea40109e

Bump sigs.k8s.io/structured-merge-diff/v6 from 6.3.1 to 6.3.2 in the k8s-dependencies group
@jsafrane
Add changelog for v4.11
3098179
@k8s-ci-robot
Merge pull request kubernetes-csi#703 from jsafrane/changelog-4.11
cc32e8c 
Add changelog for v4.11
@dfajmon
Merge remote-tracking branch 'openshift/master' into rebase-v4.11.0
08cf4c4
@jsafrane @dfajmon
UPSTREAM: <carry>: Add OpenShift files
e216667
@openshift-ci-robot openshift-ci-robot added the jira/valid-reference Indicates that this PR references a valid Jira ticket of any type. label Mar 9, 2026
@openshift-ci-robot openshift-ci-robot added the jira/valid-bug Indicates that a referenced Jira bug is valid for the branch this PR is targeting. label Mar 9, 2026
@openshift-ci-robot
Copy link

openshift-ci-robot commented Mar 9, 2026
edited by openshift-ci bot
Loading

@dfajmon: This pull request references Jira Issue OCPBUGS-77562, which is valid.

3 validation(s) were run on this bug
  • bug is open, matching expected state (open)
  • bug target version (4.22.0) matches configured target version for branch (4.22.0)
  • bug is in the state POST, which is one of the valid states (NEW, ASSIGNED, POST)

No GitHub users were found matching the public email listed for the QA contact in Jira (wduan@redhat.com), skipping review request.

The bug has been updated to refer to the pull request using the external bug tracker.

This pull request references STOR-2758 which is a valid jira issue.

Details

In response to this:

Issue link
https://issues.redhat.com/browse/STOR-2758

Diff to upstream v4.11.0
kubernetes-csi/external-attacher@v4.11.0...dfajmon:rebase-v4.11.0

Notes for reviewers

Summary of changes

Notable Bug Fixes

  • Fixed log spam "VolumeAttachment attached status and actual state do not match. Adding back to VolumeAttachment queue for forced reprocessing" for VolumeAttachments of unrelated CSI drivers (#682)
  • Fixed the module path to include /v4 (#696)

CVE Fixes

CVE-2025-68121

Upstream changelogs

Full changelog

kubernetes-csi/external-attacher@v4.10.0...v4.11.0

Last rebase

#89

@openshift/storage

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the openshift-eng/jira-lifecycle-plugin repository.

@openshift-ci openshift-ci bot requested review from jsafrane and mpatlasov March 9, 2026 10:05
@openshift-ci
Copy link

openshift-ci bot commented Mar 9, 2026

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: dfajmon

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Details Needs approval from an approver in each of these files:

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

@openshift-ci openshift-ci bot added the approved Indicates a PR has been approved by an approver from all required OWNERS files. label Mar 9, 2026
@dfajmon dfajmon mentioned this pull request Mar 9, 2026
Closed
@openshift-ci
Copy link

openshift-ci bot commented Mar 9, 2026

@dfajmon: all tests passed!

Full PR test history. Your PR dashboard.

Details

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository. I understand the commands that are listed here.

@jsafrane
Copy link

jsafrane commented Mar 10, 2026

/lgtm

@openshift-ci openshift-ci bot added the lgtm Indicates that a PR is ready to be merged. label Mar 10, 2026
@duanwei33
Copy link

duanwei33 commented Mar 11, 2026

CI results look good, which should be sufficient for merging from QE side.
/verified by @duanwei33

@openshift-ci-robot openshift-ci-robot added the verified Signifies that the PR passed pre-merge verification criteria label Mar 11, 2026
@openshift-ci-robot
Copy link

openshift-ci-robot commented Mar 11, 2026

@duanwei33: This PR has been marked as verified by @duanwei33.

Details

In response to this:

CI results look good, which should be sufficient for merging from QE side.
/verified by @duanwei33

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the openshift-eng/jira-lifecycle-plugin repository.

@openshift-merge-bot openshift-merge-bot bot merged commit 98b1f4a into openshift:master Mar 11, 2026
12 checks passed
@openshift-ci-robot
Copy link

openshift-ci-robot commented Mar 11, 2026

@dfajmon: Jira Issue Verification Checks: Jira Issue OCPBUGS-77562
✔️ This pull request was pre-merge verified.
✔️ All associated pull requests have merged.
✔️ All associated, merged pull requests were pre-merge verified.

Jira Issue OCPBUGS-77562 has been moved to the MODIFIED state and will move to the VERIFIED state when the change is available in an accepted nightly payload. 🕓

Details

In response to this:

Issue link
https://issues.redhat.com/browse/STOR-2758

Diff to upstream v4.11.0
kubernetes-csi/external-attacher@v4.11.0...dfajmon:rebase-v4.11.0

Notes for reviewers

Summary of changes

Notable Bug Fixes

  • Fixed log spam "VolumeAttachment attached status and actual state do not match. Adding back to VolumeAttachment queue for forced reprocessing" for VolumeAttachments of unrelated CSI drivers (#682)
  • Fixed the module path to include /v4 (#696)

CVE Fixes

CVE-2025-68121

Upstream changelogs

Full changelog

kubernetes-csi/external-attacher@v4.10.0...v4.11.0

Last rebase

#89

@openshift/storage

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the openshift-eng/jira-lifecycle-plugin repository.

@jsafrane jsafrane mentioned this pull request Mar 11, 2026
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@jsafrane jsafrane Awaiting requested review from jsafrane

@mpatlasov mpatlasov Awaiting requested review from mpatlasov

Assignees

@jsafrane jsafrane

@chao007 chao007

@duanwei33 duanwei33

@Phaow Phaow

@radeore radeore

Labels

approved Indicates a PR has been approved by an approver from all required OWNERS files. jira/valid-bug Indicates that a referenced Jira bug is valid for the branch this PR is targeting. jira/valid-reference Indicates that this PR references a valid Jira ticket of any type. lgtm Indicates that a PR is ready to be merged. verified Signifies that the PR passed pre-merge verification criteria

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

10 participants

@dfajmon @openshift-ci-robot @jsafrane @duanwei33 @chao007 @Phaow @radeore @k8s-ci-robot @carlory @DerekFrank