Bump github.com/cilium/cilium from 1.16.6 to 1.18.2 by dependabot[bot] · Pull Request #536 · derailed/popeye

dependabot · 2025-09-22T14:06:53Z

Bumps github.com/cilium/cilium from 1.16.6 to 1.18.2.

Release notes

Sourced from github.com/cilium/cilium's releases.

1.18.2

Summary of Changes

Minor Changes:

Fix validation bug where namespaced CiliumNetworkPolicies with nodeSelector in specs array were silently accepted but ignored. Now properly rejected with validation error. (Backport PR cilium/cilium#41365, Upstream PR cilium/cilium#40702, @pillai-ashwin)

lbipam: do not reallocate IPs in LB IPAM on operator restart (Backport PR cilium/cilium#41267, Upstream PR cilium/cilium#41147, @marseel)

lbipam: widening CIDR range or updating selector of CiliumLoadBalancerIPPool does no longer reassign IPs (Backport PR cilium/cilium#41267, Upstream PR cilium/cilium#41122, @marseel)

Bugfixes:

Add option to configure BGP origin attribute for LoadBalancer IPs in BGP Control Plane v2, allowing smoother migration from MetalLB integration. (Backport PR cilium/cilium#41479, Upstream PR cilium/cilium#41231, @hanapedia)

Add toleration for 'node.cloudprovider.kubernetes.io/uninitialized' to Cilium Operator (Backport PR cilium/cilium#41267, Upstream PR cilium/cilium#41098, @guettli)

bgpv2: Avoid modifying CiliumBGPPeerConfig in resource store (Backport PR cilium/cilium#41267, Upstream PR cilium/cilium#41088, @rastislavs)

bpf: add support for delinearized ARP packets (Backport PR cilium/cilium#41365, Upstream PR cilium/cilium#41233, @vsinitsyn)

ctmap/gc: continue interval time on partial GC pass. (Backport PR cilium/cilium#41591, Upstream PR cilium/cilium#41258, @tommyp1ckles)

Disable unnecessary headless service watching to reduce API server load in clusters not using the Gateway API or Ingress features. (Backport PR cilium/cilium#41479, Upstream PR cilium/cilium#40844, @moscicky)

Fix "Error while correcting L4 checksum" dropped packets for ICMP destination unreachable error packets. (Backport PR cilium/cilium#41591, Upstream PR cilium/cilium#40194, @br4243)

Fix "No mapping for NAT masquerade" flakes in the CI, make NAT LRU fallbacks more robust. (Backport PR cilium/cilium#41365, Upstream PR cilium/cilium#40971, @gentoo-root)

Fix --exclude-local-address with eBPF Host-Routing (Backport PR cilium/cilium#41365, Upstream PR cilium/cilium#41275, @antonipp)

Fix a BGP bug where the routerID specified in a CiliumBGPNodeConfigOverride was not correctly updated in RouterIDIPPool mode. (Backport PR cilium/cilium#41267, Upstream PR cilium/cilium#40340, @liyihuang)

Fix a bug that would cause NodePort requests to be sent to the wrong backends when using KPR and Clustermesh with two identical, non-global NodePort services on different clusters. (Backport PR cilium/cilium#41591, Upstream PR cilium/cilium#41337, @pchaigno)

Fix a bug where cilium-agent would report "Link not found" for an endpoint deleted during state restore after cilium-agent restart. (Backport PR cilium/cilium#41267, Upstream PR cilium/cilium#40568, @fristonio)

Fix a regression where enabling unknown Hubble metrics would crash the cilium agent (Backport PR cilium/cilium#41479, Upstream PR cilium/cilium#41368, @devodev)

Fix agent config initContainer unable to hit apiservers in apiServerURLs by passing as container arg (Backport PR cilium/cilium#41267, Upstream PR cilium/cilium#41110, @JJGadgets)

Fix bug that would cause error messages when disabling agent health checks (Backport PR cilium/cilium#41479, Upstream PR cilium/cilium#41297, @HadrienPatte)

Fix issue in Local Redirect Policies where traffic was dropped when no local pods were available to be redirected to. In these scenarios the traffic should have been processed as if the Local Redirect Policy did not exist. (Backport PR cilium/cilium#41591, Upstream PR cilium/cilium#41463, @joamaki)

Fix issue where Local Redirect Policy (LRP) services with a single named port did not create a local redirect service entry. (Backport PR cilium/cilium#41591, Upstream PR cilium/cilium#41534, @aditighag)

Fix the bug local redirect policy not doing filter based destination port (Backport PR cilium/cilium#41479, Upstream PR cilium/cilium#41411, @liyihuang)

Fixes a cosmetic bug where the cilium_bpf_map_ops_total error count was incorrectly being incremented for map cilium_lb_affinity_match. (Backport PR cilium/cilium#41479, Upstream PR cilium/cilium#41378, @squeed)

Fixes an issue in NodeManager where restored cluster nodes can be pruned before the initial node listing completes. (Backport PR cilium/cilium#41267, Upstream PR cilium/cilium#41039, @0xch4z)

Helm: Ensure consistent default labels for all ServiceMonitor resources (Backport PR cilium/cilium#41267, Upstream PR cilium/cilium#41240, @baurmatt)

iptables: Fix IPv6 SNAT for L7 proxy upstream traffic (Backport PR cilium/cilium#41249, Upstream PR cilium/cilium#41034, @gentoo-root)

loadbalancer/writer: add support for SetIsServiceHealthCheckedFunc (Backport PR cilium/cilium#41267, Upstream PR cilium/cilium#41092, @mhofstetter)

neighbor: Fix bug where neighbor discovery subsystem reports unhealthy when it is healthy (Backport PR cilium/cilium#41365, Upstream PR cilium/cilium#41186, @mhofstetter)

pkg/ipam: fix nil dereference during pool shrink operation (Backport PR cilium/cilium#41365, Upstream PR cilium/cilium#41198, @alimehrabikoshki)

policy: fix agent crash due to policy cache update-delete race (Backport PR cilium/cilium#41267, Upstream PR cilium/cilium#41079, @fristonio)

CI Changes:

.github/actions: fix boolean condition check in post-logic action (Backport PR cilium/cilium#41479, Upstream PR cilium/cilium#41395, @aanm)

.github/worfklows: copy cilium-cli binary from container (Backport PR cilium/cilium#41591, Upstream PR cilium/cilium#41524, @aanm)

.github/workflows: add proper suffix for scale-test-egw (Backport PR cilium/cilium#41591, Upstream PR cilium/cilium#41477, @aanm)

.github/workflows: add timeout to Install node local DNS step (Backport PR cilium/cilium#41267, Upstream PR cilium/cilium#41120, @aanm)

.github/workflows: separate feature json files in different dirs (Backport PR cilium/cilium#41479, Upstream PR cilium/cilium#41403, @aanm)

.github/workflows: simplify ginkgo workflow (Backport PR cilium/cilium#41479, Upstream PR cilium/cilium#41396, @aanm)

.github/workflows: simplify ginkgo workflow (Backport PR cilium/cilium#41591, Upstream PR cilium/cilium#41396, @aanm)

.github: fix upload artifacts for features.json (Backport PR cilium/cilium#41365, Upstream PR cilium/cilium#41119, @aanm)

add missing extraArgs in CI (Backport PR cilium/cilium#41365, Upstream PR cilium/cilium#41005, @aanm)

checkpatch: bump checkpatch version, and minor adaptations (Backport PR cilium/cilium#41365, Upstream PR cilium/cilium#41290, @giorio94)

ci: Re-enable go caches for privileged tests (Backport PR cilium/cilium#41267, Upstream PR cilium/cilium#41102, @rastislavs)

ci: simplify scheduled test (Backport PR cilium/cilium#41262, Upstream PR cilium/cilium#41261, @brlbil)

... (truncated)

Changelog

Sourced from github.com/cilium/cilium's changelog.

v1.18.2

Summary of Changes

Minor Changes:

Fix validation bug where namespaced CiliumNetworkPolicies with nodeSelector in specs array were silently accepted but ignored. Now properly rejected with validation error. (Backport PR cilium/cilium#41365, Upstream PR cilium/cilium#40702, @pillai-ashwin)

lbipam: do not reallocate IPs in LB IPAM on operator restart (Backport PR cilium/cilium#41267, Upstream PR cilium/cilium#41147, @marseel)

lbipam: widening CIDR range or updating selector of CiliumLoadBalancerIPPool does no longer reassign IPs (Backport PR cilium/cilium#41267, Upstream PR cilium/cilium#41122, @marseel)

Bugfixes:

Add option to configure BGP origin attribute for LoadBalancer IPs in BGP Control Plane v2, allowing smoother migration from MetalLB integration. (Backport PR cilium/cilium#41479, Upstream PR cilium/cilium#41231, @hanapedia)

Add toleration for 'node.cloudprovider.kubernetes.io/uninitialized' to Cilium Operator (Backport PR cilium/cilium#41267, Upstream PR cilium/cilium#41098, @guettli)

bgpv2: Avoid modifying CiliumBGPPeerConfig in resource store (Backport PR cilium/cilium#41267, Upstream PR cilium/cilium#41088, @rastislavs)

bpf: add support for delinearized ARP packets (Backport PR cilium/cilium#41365, Upstream PR cilium/cilium#41233, @vsinitsyn)

ctmap/gc: continue interval time on partial GC pass. (Backport PR cilium/cilium#41591, Upstream PR cilium/cilium#41258, @tommyp1ckles)

Disable unnecessary headless service watching to reduce API server load in clusters not using the Gateway API or Ingress features. (Backport PR cilium/cilium#41479, Upstream PR cilium/cilium#40844, @moscicky)

Fix "Error while correcting L4 checksum" dropped packets for ICMP destination unreachable error packets. (Backport PR cilium/cilium#41591, Upstream PR cilium/cilium#40194, @br4243)

Fix "No mapping for NAT masquerade" flakes in the CI, make NAT LRU fallbacks more robust. (Backport PR cilium/cilium#41365, Upstream PR cilium/cilium#40971, @gentoo-root)

Fix --exclude-local-address with eBPF Host-Routing (Backport PR cilium/cilium#41365, Upstream PR cilium/cilium#41275, @antonipp)

Fix a BGP bug where the routerID specified in a CiliumBGPNodeConfigOverride was not correctly updated in RouterIDIPPool mode. (Backport PR cilium/cilium#41267, Upstream PR cilium/cilium#40340, @liyihuang)

Fix a bug that would cause NodePort requests to be sent to the wrong backends when using KPR and Clustermesh with two identical, non-global NodePort services on different clusters. (Backport PR cilium/cilium#41591, Upstream PR cilium/cilium#41337, @pchaigno)

Fix a bug where cilium-agent would report "Link not found" for an endpoint deleted during state restore after cilium-agent restart. (Backport PR cilium/cilium#41267, Upstream PR cilium/cilium#40568, @fristonio)

Fix a regression where enabling unknown Hubble metrics would crash the cilium agent (Backport PR cilium/cilium#41479, Upstream PR cilium/cilium#41368, @devodev)

Fix agent config initContainer unable to hit apiservers in apiServerURLs by passing as container arg (Backport PR cilium/cilium#41267, Upstream PR cilium/cilium#41110, @JJGadgets)

Fix bug that would cause error messages when disabling agent health checks (Backport PR cilium/cilium#41479, Upstream PR cilium/cilium#41297, @HadrienPatte)

Fix issue in Local Redirect Policies where traffic was dropped when no local pods were available to be redirected to. In these scenarios the traffic should have been processed as if the Local Redirect Policy did not exist. (Backport PR cilium/cilium#41591, Upstream PR cilium/cilium#41463, @joamaki)

Fix issue where Local Redirect Policy (LRP) services with a single named port did not create a local redirect service entry. (Backport PR cilium/cilium#41591, Upstream PR cilium/cilium#41534, @aditighag)

Fix the bug local redirect policy not doing filter based destination port (Backport PR cilium/cilium#41479, Upstream PR cilium/cilium#41411, @liyihuang)

Fixes a cosmetic bug where the cilium_bpf_map_ops_total error count was incorrectly being incremented for map cilium_lb_affinity_match. (Backport PR cilium/cilium#41479, Upstream PR cilium/cilium#41378, @squeed)

Fixes an issue in NodeManager where restored cluster nodes can be pruned before the initial node listing completes. (Backport PR cilium/cilium#41267, Upstream PR cilium/cilium#41039, @0xch4z)

Helm: Ensure consistent default labels for all ServiceMonitor resources (Backport PR cilium/cilium#41267, Upstream PR cilium/cilium#41240, @baurmatt)

iptables: Fix IPv6 SNAT for L7 proxy upstream traffic (Backport PR cilium/cilium#41249, Upstream PR cilium/cilium#41034, @gentoo-root)

loadbalancer/writer: add support for SetIsServiceHealthCheckedFunc (Backport PR cilium/cilium#41267, Upstream PR cilium/cilium#41092, @mhofstetter)

neighbor: Fix bug where neighbor discovery subsystem reports unhealthy when it is healthy (Backport PR cilium/cilium#41365, Upstream PR cilium/cilium#41186, @mhofstetter)

pkg/ipam: fix nil dereference during pool shrink operation (Backport PR cilium/cilium#41365, Upstream PR cilium/cilium#41198, @alimehrabikoshki)

policy: fix agent crash due to policy cache update-delete race (Backport PR cilium/cilium#41267, Upstream PR cilium/cilium#41079, @fristonio)

CI Changes:

.github/actions: fix boolean condition check in post-logic action (Backport PR cilium/cilium#41479, Upstream PR cilium/cilium#41395, @aanm)

.github/worfklows: copy cilium-cli binary from container (Backport PR cilium/cilium#41591, Upstream PR cilium/cilium#41524, @aanm)

.github/workflows: add proper suffix for scale-test-egw (Backport PR cilium/cilium#41591, Upstream PR cilium/cilium#41477, @aanm)

.github/workflows: add timeout to Install node local DNS step (Backport PR cilium/cilium#41267, Upstream PR cilium/cilium#41120, @aanm)

.github/workflows: separate feature json files in different dirs (Backport PR cilium/cilium#41479, Upstream PR cilium/cilium#41403, @aanm)

.github/workflows: simplify ginkgo workflow (Backport PR cilium/cilium#41479, Upstream PR cilium/cilium#41396, @aanm)

.github/workflows: simplify ginkgo workflow (Backport PR cilium/cilium#41591, Upstream PR cilium/cilium#41396, @aanm)

.github: fix upload artifacts for features.json (Backport PR cilium/cilium#41365, Upstream PR cilium/cilium#41119, @aanm)

add missing extraArgs in CI (Backport PR cilium/cilium#41365, Upstream PR cilium/cilium#41005, @aanm)

checkpatch: bump checkpatch version, and minor adaptations (Backport PR cilium/cilium#41365, Upstream PR cilium/cilium#41290, @giorio94)

ci: Re-enable go caches for privileged tests (Backport PR cilium/cilium#41267, Upstream PR cilium/cilium#41102, @rastislavs)

... (truncated)

Commits

5bd307a Prepare for release v1.18.2
0eb0ed7 images: update cilium-{runtime,builder}
7f01122 chore(deps): update dependency protocolbuffers/protobuf to v32.1
008149d chore(deps): update stable lvh-images
b62a503 chore(deps): update all github action dependencies
c0503ba chore(deps): update quay.io/cilium/cilium-envoy docker tag to v1.34.7-1757592...
1bfc25a images: update cilium-{runtime,builder}
8f80b87 images: update cilium-{runtime,builder}
b930ae7 chore(deps): update docker.io/library/golang:1.24.7 docker digest to 5e9d14d
519e603 workflows/conformance-ginkgo: fix steps for stable branches
Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR
@dependabot recreate will recreate this PR, overwriting any edits that have been made to it
@dependabot merge will merge this PR after your CI passes on it
@dependabot squash and merge will squash and merge this PR after your CI passes on it
@dependabot cancel merge will cancel a previously requested merge and block automerging
@dependabot reopen will reopen this PR if it is closed
@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
@dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
@dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Bumps [github.com/cilium/cilium](https://github.com/cilium/cilium) from 1.16.6 to 1.18.2. - [Release notes](https://github.com/cilium/cilium/releases) - [Changelog](https://github.com/cilium/cilium/blob/1.18.2/CHANGELOG.md) - [Commits](cilium/cilium@1.16.6...1.18.2) --- updated-dependencies: - dependency-name: github.com/cilium/cilium dependency-version: 1.18.2 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>

dependabot · 2025-10-27T14:21:43Z

Superseded by #547.

dependabot bot added dependencies Pull requests that update a dependency file go Pull requests that update Go code labels Sep 22, 2025

dependabot bot mentioned this pull request Sep 22, 2025

Bump github.com/cilium/cilium from 1.16.6 to 1.18.1 #522

Closed

dependabot bot closed this Oct 27, 2025

dependabot bot deleted the dependabot/go_modules/github.com/cilium/cilium-1.18.2 branch October 27, 2025 14:21

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Bump github.com/cilium/cilium from 1.16.6 to 1.18.2#536

Bump github.com/cilium/cilium from 1.16.6 to 1.18.2#536
dependabot[bot] wants to merge 1 commit intomasterfrom
dependabot/go_modules/github.com/cilium/cilium-1.18.2

dependabot bot commented on behalf of github Sep 22, 2025

Uh oh!

dependabot bot commented on behalf of github Oct 27, 2025

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

0 participants

Uh oh!

Conversation

dependabot bot commented on behalf of github Sep 22, 2025

1.18.2

Summary of Changes

v1.18.2

Summary of Changes

Uh oh!

dependabot bot commented on behalf of github Oct 27, 2025

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

0 participants