Bump NVIDIA/holodeck from 0.2.18 to 0.3.0

[dependabot]

Bumps NVIDIA/holodeck from 0.2.18 to 0.3.0.

Release notes

Sourced from NVIDIA/holodeck's releases.

v0.3.0

Holodeck v0.3.0

A major release with production-grade cluster networking, custom templates, RPM distribution support, ARM64 improvements, and comprehensive CI/CD enhancements.

Highlights

• Production-Grade Cluster Networking — Private subnets, NAT gateways, separate security groups, SSM transport, and NLB support for HA clusters (#720–#728)
• Custom Templates — User-defined provisioning templates with full lifecycle phase support (#701–#706)
• RPM Support — First-class support for Rocky Linux 9, Amazon Linux 2023, and Fedora 42 across all runtime stacks (#676–#681)
• ARM64 Support — Automatic architecture inference from instance type, cross-validation, and runtime arch detection (#661–#669)
• Multi-Source Installation — Install NVIDIA drivers and container runtimes from package, runfile, or git sources (#635–#637)
• E2E Test Tiering — Smoke tests (pre-merge) and full suite (post-merge) for faster CI feedback (#740)
• Coverage Threshold Gate — 40% minimum unit test coverage enforced in CI (#754)

Bug Fixes

• Fixed node name newline injection in cluster mode (#757)
• Fixed NAT Gateway race condition (#735)
• Fixed API server verification before NLB switch (#721)
• Numerous SSH, security, and AWS provider fixes

See the full CHANGELOG for all changes.

Changelog

Sourced from NVIDIA/holodeck's changelog.

[v0.3.0] - 2026-03-30

Features

Production-Grade Cluster Networking (#720–#728)

A complete overhaul of multi-node cluster networking for production workloads:

• Add cluster networking cache constants and struct fields (#720, @​ArangoGutierrez)
• Add public subnet for cluster mode (#723, @​ArangoGutierrez)
• Add Transport abstraction for SSH connections (#724, @​ArangoGutierrez)
• Separate control-plane and worker security groups (#725, @​ArangoGutierrez)
• Cleanup dual security groups on cluster delete (#726, @​ArangoGutierrez)
• Wire SSM transport for private-subnet cluster nodes (#727, @​ArangoGutierrez)
• Wire cluster networking — private subnets, NAT, hostForNode, real tests (#728, @​ArangoGutierrez)
• Add ELBv2/NLB support for HA clusters (#614, @​ArangoGutierrez)

Custom Templates (#701–#706)

User-defined provisioning templates with full lifecycle phase support:

• Add CustomTemplate type and TemplatePhase enum to API (#701, @​ArangoGutierrez)
• Implement custom template loader and executor (#702, @​ArangoGutierrez)
• Add custom template input validation (#703, @​ArangoGutierrez)
• Integrate custom templates into dependency resolver (#706, @​ArangoGutierrez)

RPM Support (#676–#681, #693)

First-class support for RPM-based Linux distributions including Rocky Linux 9, Amazon Linux 2023, and Fedora 42 across all runtime stacks (Docker, containerd, CRI-O):

• Add RPM support to Docker template (#677, @​ArangoGutierrez)
• Add RPM support to NVIDIA driver template (#676, @​ArangoGutierrez)
• Add RPM support to Kubernetes templates (#678, @​ArangoGutierrez)
• Add RPM support to kernel template (#681, @​ArangoGutierrez)
• Add RPM support to CRI-O template (#680, @​ArangoGutierrez)
• Add RPM support to container-toolkit package template (#679, @​ArangoGutierrez)
• Add RPM docs, e2e validation, and Fedora 42 support (#693, @​ArangoGutierrez)
• Add DNF/YUM package manager support to provisioner

ARM64 Support

• Add AMI architecture detection and cross-validation (#664, @​ArangoGutierrez)
• Infer AMI architecture from instance type for ARM64 support (#669, @​ArangoGutierrez)
• Propagate image architecture in cluster mode (#661, @​ArangoGutierrez)
• Add ARM64 GPU end-to-end test on merge to main (#670, @​ArangoGutierrez)
• Detect Kubernetes arch at runtime instead of defaulting to amd64 (#663, @​ArangoGutierrez)
• Use runtime arch for NVIDIA CUDA repository URL (#662, @​ArangoGutierrez)
• Make architecture field case-insensitive for backward compatibility

Multi-Node Kubernetes Cluster Support (#562, #660)

... (truncated)

Commits

• df97ea3 release: bump version to v0.3.0 (#755)
• 177a186 fix: use grep -w for exact IP matching in cluster node configuration (#757)
• 2f61797 ci: add coverage threshold gate (40% minimum) (#754)
• f3b6498 test: add custom templates E2E test (#753)
• 779c6cc chore(deps): Bump github.com/aws/aws-sdk-go-v2/service/elasticloadbalancingv2...
• 603fe98 chore(deps): Bump github.com/aws/aws-sdk-go-v2/config (#744)
• b69ee1f build: expand test coverage scope to cmd/, api/, and internal/ packages (#750)
• 692dc6c docs: add GitHub Action usage guide (#752)
• e301800 docs: add E2E test tier documentation to contributing guide (#751)
• bf8b960 chore(deps): Bump github.com/aws/aws-sdk-go-v2/service/ssm (#745)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[copy-pr-bot]

This pull request requires additional validation before any workflows can run on NVIDIA's runners.

Pull request vetters can view their responsibilities here.

Contributors can view more details about this message here.