diff --git a/_service b/_service
new file mode 100644
index 0000000..9645ba4
--- /dev/null
+++ b/_service
@@ -0,0 +1,23 @@
+
+
+ https://github.com/flannel-io/flannel.git
+ git
+ .git
+ @PARENT_TAG@
+ v(.*)
+ v0.26.4
+ enable
+
+
+
+ *.tar
+ gz
+
+
+ flannel
+
+
+ flannel-0.26.4.tar.gz
+
+
+
diff --git a/_servicedata b/_servicedata
new file mode 100644
index 0000000..36a3028
--- /dev/null
+++ b/_servicedata
@@ -0,0 +1,4 @@
+
+
+ https://github.com/flannel-io/flannel.git
+ c22fb8cdd05638fbc9095f05ecce5ea3a13e16c6
\ No newline at end of file
diff --git a/flannel-0.26.4.tar.gz b/flannel-0.26.4.tar.gz
new file mode 100644
index 0000000..0874f81
--- /dev/null
+++ b/flannel-0.26.4.tar.gz
@@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:e3c481099d989535ee0c76eeca94186c942fa2cb31c7df990b05d8b3e68009e7
+size 2363143
diff --git a/flannel.changes b/flannel.changes
index e7ec692..d3906f0 100644
--- a/flannel.changes
+++ b/flannel.changes
@@ -1,3 +1,129 @@
+-------------------------------------------------------------------
+Fri Feb 7 11:23:27 UTC 2025 - Priyanka Saggu
+
+- add `go-modules` for automated creation of go vendored modules tarball
+
+- bump go version: `BuildRequires: golang(API) >= 1.23`
+
+- delete unused `kube-flannel.yaml` source in the spec file, it is directly soured from the flannel source tar ball
+
+-------------------------------------------------------------------
+Fri Feb 7 11:16:55 UTC 2025 - Priyanka Saggu
+
+- Update to version 0.26.4:
+ * Moved to github container registry
+ * Bump github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/vpc
+ * Bump go.etcd.io/etcd/tests/v3 from 3.5.17 to 3.5.18
+ * fix: Fix high CPU usage when losing etcd connection and try to re-establish connection with exponential backoff
+ * Bump github.com/containernetworking/plugins from 1.6.1 to 1.6.2
+ * Bump alpine from 20240923 to 20250108 in /images
+ * Bump golang.org/x/net from 0.31.0 to 0.33.0
+ * Bump github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/vpc
+ * Bump github.com/jonboulle/clockwork from 0.4.0 to 0.5.0
+ * feat: add bool to control CNI config installation using Helm
+ * fix: add missing MY_NODE_NAME env in chart
+ * Bump k8s deps to 0.29.12
+ * Don't panic upon shutdown when running in standalone mode
+ * Bump golang.org/x/crypto from 0.29.0 to 0.31.0
+ * Bump alpine from 20240807 to 20240923 in /images
+ * Bump github.com/containernetworking/plugins from 1.6.0 to 1.6.1
+ * Bump github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/vpc
+ * Bump github.com/vishvananda/netns from 0.0.4 to 0.0.5
+ * Use the standard context library
+ * Bump github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/common
+ * Updated flannel cni image to 1.6.0
+ * Updated CNI plugins version on the README
+ * Bump sigs.k8s.io/knftables from 0.0.17 to 0.0.18
+ * Bump github.com/golang-jwt/jwt/v4 from 4.4.2 to 4.5.1
+ * Bump github.com/Microsoft/hcsshim from 0.12.8 to 0.12.9
+ * Added check to not check br_filter in case of windows
+ * Bumo golangci-lint to latest version
+ * Bump to go 1.23
+ * Added checks for br_netfilter module
+ * Try not to cleanup multiple peers behind same PublicIP
+ * fix trivy check
+ * check that the lease includes an IP address of the requested family before configuring the flannel interface
+ * Fixed IPv6 chosen in case of public-ipv6 configured
+ * add timeout to e2e test pipelines
+ * Update k8s version ine2e tests to v1.29.8
+ * Update netlink to v1.3.0
+ * Fixed values file on flannel chart
+ * Bump k8s.io/klog/v2 from 2.120.1 to 2.130.1
+ * Updated Flannel chart with Netpol containter and removed clustercidr
+ * Fix bug in hostgw-windows
+ * Fix bug in the logic polling the interface
+ * Added node-public-ip annotation
+ * Try several times to contact kube-api before failing
+ * Fixed IPv6 0 initialization
+ * wireguard backend: avoid error message if route already exists
+ * Bump github.com/avast/retry-go/v4 from 4.5.1 to 4.6.0
+ * use wait.PollUntilContextTimeout instead of deprecated wait.Poll
+ * troubleshooting.md: add `ethtool -K flannel.1 tx-checksum-ip-generic off` for NAT
+ * Added configuration for pulic-ip through node annotation
+ * extension/vxlan: remove arp commands from vxlan examples
+ * Refactor TrafficManager windows files to clarify logs
+ * Add persistent-mac option to v6 too
+ * fix comparison with previous networks in SetupAndEnsureMasqRules
+ * show content of stdout and stderr when running iptables-restore returns an error
+ * Add extra check before contacting kube-api
+ * remove unimplemented error in windows trafficmngr
+ * remove --dirty flags in git describe
+ * Added leaseAttr string method with logs on VxLan
+ * remove multiClusterCidr related-code.
+ * Implement nftables masquerading for flannel
+ * fix: ipv6 iptables rules were created even when IPv6 was disabled
+ * Add tolerations to the flannel chart
+ * Added additional check for n.spec.podCIDRs
+ * Remove net-tools since it's an old package that we are not using
+ * fix iptables_windows.go
+ * Clean-up Makefile and use docker buildx locally
+ * Use manual test to ensure iptables-* binaries are present
+ * Bump github.com/containerd/containerd from 1.6.23 to 1.6.26
+ * Bump github.com/joho/godotenv
+ * SubnetManager should use the main context
+ * Simplify TrafficManager interface
+ * refactor iptables package to prepare for nftables-based implementation
+
+- flannel v0.26.4, includes `golang.org/x/net/http2` at v0.34.0, which fixes bsc#1236522 (CVE-2023-45288)
+
+-------------------------------------------------------------------
+Fri Apr 19 17:51:42 UTC 2024 - Jeff Mahoney
+
+- Remove dependency on net-tools-deprecated. It's not actually used.
+
+-------------------------------------------------------------------
+Wed Jan 31 13:05:53 UTC 2024 - Priyanka Saggu
+
+- sync `kube-flannel.yaml` manifest with upstream release, v0.24.2 (bsc#1218694)
+- refactor, clean spec file. Include following change:
+ * bump go version build requirements: `BuildRequires: golang(API) >= 1.20`
+ * include go modules dependencies as vendor tar - vendor.tar.gz, update following %prep, %build, %install sections accordingly
+
+-------------------------------------------------------------------
+Wed Jan 31 07:20:42 UTC 2024 - priyanka.saggu@suse.com
+
+- Update to version 0.24.2:
+ * Prepare for v0.24.2 release
+ * Increase the time out for interface checking in windows
+ * Prepare for v0.24.1 release
+ * Provide support to select the interface in Windows
+ * Improve the log from powershell
+ * Wait all the jobs to finish before deploy the github-page
+ * remove remaining references to mips64le
+ * add multi-arch dockerfile
+ * add missing riscv64 in docker manifest create step
+ * prepare for v0.24.0 release
+ * Bump golang.org/x/crypto from 0.15.0 to 0.17.0
+ * Add the VNI to the error message in Windows
+ * chart: add possibility for defining image pull secrets in daemonset
+ * Remove multiclustercidr logic from code
+ * Update opentelemetry dependencies
+ * Bump go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc
+ * Add riscv64 arch in GH actions
+ * vxlan vni should not be type uint16
+ * Quote wireguard psk in helm chart
+ * add riscv64 support
+
-------------------------------------------------------------------
Fri Jul 23 08:54:45 UTC 2021 - Alexandre Vicenzi
diff --git a/flannel.obsinfo b/flannel.obsinfo
new file mode 100644
index 0000000..9a3c79c
--- /dev/null
+++ b/flannel.obsinfo
@@ -0,0 +1,4 @@
+name: flannel
+version: 0.26.4
+mtime: 1738660448
+commit: c22fb8cdd05638fbc9095f05ecce5ea3a13e16c6
diff --git a/flannel.spec b/flannel.spec
index f615e20..407722e 100644
--- a/flannel.spec
+++ b/flannel.spec
@@ -24,20 +24,18 @@
%define flannel_container_path registry.opensuse.org/kubic/flannel
Name: flannel
-Version: 0.14.0
+Version: 0.26.4
Release: 0
Summary: An etcd backed network fabric for containers
License: Apache-2.0
Group: System/Management
Url: https://github.com/flannel-io/flannel
-Source: https://github.com/flannel-io/flannel/archive/v%{version}.tar.gz
-Source1: kube-flannel.yaml
+Source0: flannel-%{version}.tar.gz
+Source1: vendor.tar.gz
Requires: iproute2
-# arp is used:
-Requires: net-tools-deprecated
Requires: iptables
BuildRequires: golang-packaging
-BuildRequires: golang(API) >= 1.16
+BuildRequires: golang(API) >= 1.23
BuildRoot: %{_tmppath}/%{name}-%{version}-build
ExcludeArch: s390
%{go_nostrip}
@@ -70,34 +68,28 @@ unique, routable IP address inside the cluster. The advantage of this model is t
reduces the complexity of doing port mapping.
%prep
-%setup -q
+%setup -q -a1 -n flannel-%{version}
%build
-gofmt -w -r "x -> \"%{version}\"" version/version.go
-%{goprep} github.com/flannel-io/flannel
-# go1.16+ default is GO111MODULE=on set to auto temporarily
-# until using an upstream version with go.mod
-export GO111MODULE=auto
-%{gobuild}
+%define project github.com/flannel-io/flannel
+CGO_ENABLED=1 go build -mod=vendor -v -buildmode=pie -o dist/flanneld \
+ -ldflags '-s -w -X github.com/flannel-io/flannel/pkg/version.Version=v%{version}'
%install
-%{goinstall}
rm -rf %{buildroot}/%{_libdir}/go/contrib
+# move the binary
+install -D -m 0755 dist/flanneld %{buildroot}%{_sbindir}/flanneld
+
# Install provided yaml file to download and run the flannel container
mkdir -p %{buildroot}%{_datadir}/k8s-yaml/flannel
-#install -m 0644 Documentation/kube-flannel.yml %{buildroot}%{_datadir}/k8s-yaml/flannel/kube-flannel.yaml
-install -m 0644 %{SOURCE1} %{buildroot}%{_datadir}/k8s-yaml/flannel/kube-flannel.yaml
-sed -i -e 's|image: quay.io/coreos/flannel:.*|image: %{flannel_container_path}:%{version}|g' %{buildroot}%{_datadir}/k8s-yaml/flannel/kube-flannel.yaml
+install -m 0644 Documentation/kube-flannel.yml %{buildroot}%{_datadir}/k8s-yaml/flannel/kube-flannel.yaml
+sed -i -e 's|image: docker.io/flannel/flannel:.*|image: %{flannel_container_path}:%{version}|g' %{buildroot}%{_datadir}/k8s-yaml/flannel/kube-flannel.yaml
sed -i -e 's|/opt/bin/flanneld|/usr/sbin/flanneld|g' %{buildroot}%{_datadir}/k8s-yaml/flannel/kube-flannel.yaml
-# Move
-mkdir -p %{buildroot}%{_sbindir}
-mv %{buildroot}%{_bindir}/flannel %{buildroot}%{_sbindir}/flanneld
-
%files
%defattr(-,root,root)
-%doc README.md DCO NOTICE
+%doc README.md DCO
%license LICENSE
%{_sbindir}/flanneld
diff --git a/kube-flannel.yaml b/kube-flannel.yaml
deleted file mode 100644
index 0feba26..0000000
--- a/kube-flannel.yaml
+++ /dev/null
@@ -1,223 +0,0 @@
----
-apiVersion: policy/v1beta1
-kind: PodSecurityPolicy
-metadata:
- name: psp.flannel.unprivileged
- annotations:
- seccomp.security.alpha.kubernetes.io/allowedProfileNames: docker/default
- seccomp.security.alpha.kubernetes.io/defaultProfileName: docker/default
- apparmor.security.beta.kubernetes.io/allowedProfileNames: runtime/default
- apparmor.security.beta.kubernetes.io/defaultProfileName: runtime/default
-spec:
- privileged: false
- volumes:
- - configMap
- - secret
- - emptyDir
- - hostPath
- allowedHostPaths:
- - pathPrefix: "/etc/cni/net.d"
- - pathPrefix: "/etc/kube-flannel"
- - pathPrefix: "/run/flannel"
- readOnlyRootFilesystem: false
- # Users and groups
- runAsUser:
- rule: RunAsAny
- supplementalGroups:
- rule: RunAsAny
- fsGroup:
- rule: RunAsAny
- # Privilege Escalation
- allowPrivilegeEscalation: false
- defaultAllowPrivilegeEscalation: false
- # Capabilities
- allowedCapabilities: ['NET_ADMIN', 'NET_RAW']
- defaultAddCapabilities: []
- requiredDropCapabilities: []
- # Host namespaces
- hostPID: false
- hostIPC: false
- hostNetwork: true
- hostPorts:
- - min: 0
- max: 65535
- # SELinux
- seLinux:
- # SELinux is unused in CaaSP
- rule: 'RunAsAny'
----
-kind: ClusterRole
-apiVersion: rbac.authorization.k8s.io/v1
-metadata:
- name: flannel
-rules:
-- apiGroups: ['extensions']
- resources: ['podsecuritypolicies']
- verbs: ['use']
- resourceNames: ['psp.flannel.unprivileged']
-- apiGroups:
- - ""
- resources:
- - pods
- verbs:
- - get
-- apiGroups:
- - ""
- resources:
- - nodes
- verbs:
- - list
- - watch
-- apiGroups:
- - ""
- resources:
- - nodes/status
- verbs:
- - patch
----
-kind: ClusterRoleBinding
-apiVersion: rbac.authorization.k8s.io/v1
-metadata:
- name: flannel
-roleRef:
- apiGroup: rbac.authorization.k8s.io
- kind: ClusterRole
- name: flannel
-subjects:
-- kind: ServiceAccount
- name: flannel
- namespace: kube-system
----
-apiVersion: v1
-kind: ServiceAccount
-metadata:
- name: flannel
- namespace: kube-system
----
-kind: ConfigMap
-apiVersion: v1
-metadata:
- name: kube-flannel-cfg
- namespace: kube-system
- labels:
- tier: node
- app: flannel
-data:
- cni-conf.json: |
- {
- "name": "cbr0",
- "cniVersion": "0.3.1",
- "plugins": [
- {
- "type": "flannel",
- "delegate": {
- "hairpinMode": true,
- "isDefaultGateway": true
- }
- },
- {
- "type": "portmap",
- "capabilities": {
- "portMappings": true
- }
- }
- ]
- }
- net-conf.json: |
- {
- "Network": "10.244.0.0/16",
- "Backend": {
- "Type": "vxlan"
- }
- }
----
-apiVersion: apps/v1
-kind: DaemonSet
-metadata:
- name: kube-flannel-ds
- namespace: kube-system
- labels:
- tier: node
- app: flannel
-spec:
- selector:
- matchLabels:
- app: flannel
- template:
- metadata:
- labels:
- tier: node
- app: flannel
- spec:
- affinity:
- nodeAffinity:
- requiredDuringSchedulingIgnoredDuringExecution:
- nodeSelectorTerms:
- - matchExpressions:
- - key: kubernetes.io/os
- operator: In
- values:
- - linux
- hostNetwork: true
- priorityClassName: system-node-critical
- tolerations:
- - operator: Exists
- effect: NoSchedule
- serviceAccountName: flannel
- initContainers:
- - name: install-cni
- image: quay.io/coreos/flannel:v0.14.0
- command:
- - cp
- args:
- - -f
- - /etc/kube-flannel/cni-conf.json
- - /etc/cni/net.d/10-flannel.conflist
- volumeMounts:
- - name: cni
- mountPath: /etc/cni/net.d
- - name: flannel-cfg
- mountPath: /etc/kube-flannel/
- containers:
- - name: kube-flannel
- image: quay.io/coreos/flannel:v0.14.0
- command:
- - /opt/bin/flanneld
- args:
- - --ip-masq
- - --kube-subnet-mgr
- resources:
- requests:
- cpu: "100m"
- memory: "50Mi"
- limits:
- cpu: "100m"
- memory: "50Mi"
- securityContext:
- privileged: false
- capabilities:
- add: ["NET_ADMIN", "NET_RAW"]
- env:
- - name: POD_NAME
- valueFrom:
- fieldRef:
- fieldPath: metadata.name
- - name: POD_NAMESPACE
- valueFrom:
- fieldRef:
- fieldPath: metadata.namespace
- volumeMounts:
- - name: run
- mountPath: /run/flannel
- - name: flannel-cfg
- mountPath: /etc/kube-flannel/
- volumes:
- - name: run
- hostPath:
- path: /run/flannel
- - name: cni
- hostPath:
- path: /etc/cni/net.d
- - name: flannel-cfg
- configMap:
- name: kube-flannel-cfg
diff --git a/v0.14.0.tar.gz b/v0.14.0.tar.gz
deleted file mode 100644
index 75e03b5..0000000
--- a/v0.14.0.tar.gz
+++ /dev/null
@@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:e17164db3b158d13ce5e40bb7b233790cb186762d929fa4f626baf586d4d63ca
-size 8324790
diff --git a/vendor.tar.gz b/vendor.tar.gz
new file mode 100644
index 0000000..4c368fd
--- /dev/null
+++ b/vendor.tar.gz
@@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:d5d3f4574dcd086d9b5930280ff3e70c924a0bdd37139447ec7d3bceb031c05d
+size 9041479