fix(deps): update kubernetes modules#3260
Conversation
red-hat-konflux
Bot
added
approved
|
red-hat-konflux
Bot
added
approved
|
There are test jobs defined for this repository which are not configured to run automatically. Comment |
|
Important Review skippedAuto reviews are disabled on this repository. Please check the settings in the CodeRabbit UI or the ⚙️ Run configurationConfiguration used: Repository YAML (base), Central YAML (inherited) Review profile: CHILL Plan: Enterprise Run ID: You can disable this status message by setting the Use the checkbox below for a quick retry:
✨ Finishing Touches🧪 Generate unit tests (beta)
Comment |
|
[APPROVALNOTIFIER] This PR is APPROVED Approval requirements bypassed by manually added approval. This pull-request has been approved by: red-hat-konflux[bot] The full list of commands accepted by this bot can be found here. The pull request process is described here DetailsNeeds approval from an approver in each of these files:Approvers can indicate their approval by writing |
2 similar comments
|
[APPROVALNOTIFIER] This PR is APPROVED Approval requirements bypassed by manually added approval. This pull-request has been approved by: red-hat-konflux[bot] The full list of commands accepted by this bot can be found here. The pull request process is described here DetailsNeeds approval from an approver in each of these files:Approvers can indicate their approval by writing |
|
[APPROVALNOTIFIER] This PR is APPROVED Approval requirements bypassed by manually added approval. This pull-request has been approved by: red-hat-konflux[bot] The full list of commands accepted by this bot can be found here. The pull request process is described here DetailsNeeds approval from an approver in each of these files:Approvers can indicate their approval by writing |
openshift-ci
Bot
added
the
needs-rebase
|
PR needs rebase. DetailsInstructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository. |
red-hat-konflux
Bot
removed
the
needs-rebase
red-hat-konflux
Bot
force-pushed
the
konflux/mintmaker/main/kubernetes-modules
branch
from
64dbe3d to
867ff3b
Compare
|
New changes are detected. LGTM label has been removed. |
![coderabbitai[bot]](https://avatars.githubusercontent.com/in/347564?s=60&v=4){kind=small}
There was a problem hiding this comment.
Actionable comments posted: 2
🤖 Prompt for all review comments with AI agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.
Inline comments:
In `@go.mod`:
- Around line 47-52: The go.sum file contains stale hashes for outdated
Kubernetes dependency versions while go.mod has been updated to use k8s.io/api,
k8s.io/apiextensions-apiserver, k8s.io/apimachinery, k8s.io/client-go, and
k8s.io/kubectl all at v0.36.2, and k8s.io/klog/v2 at v2.140.0. Run go mod tidy
to regenerate go.sum with the correct hashes that correspond to the new versions
specified in go.mod.
- Around line 47-52: The sigs.k8s.io/controller-runtime dependency is currently
pinned at an incompatible version (v0.21.0) that does not support the
HasSyncedChecker method required by the upgraded Kubernetes modules
(k8s.io/client-go, k8s.io/api, k8s.io/apiextensions-apiserver,
k8s.io/apimachinery, and k8s.io/kubectl all at v0.36.2). Upgrade the
sigs.k8s.io/controller-runtime module to v0.24.x or a later version in the
go.mod file to ensure compatibility. After making this change, verify that the
transitive dependency k8s.io/component-base remains at a compatible version and
does not introduce conflicts with the k8s.io v0.36.2 modules by running go mod
tidy and checking for any dependency resolution warnings.
🪄 Autofix (Beta)
Fix all unresolved CodeRabbit comments on this PR:
- Push a commit to this branch (recommended)
- Create a new PR with the fixes
ℹ️ Review info
⚙️ Run configuration
Configuration used: Repository YAML (base), Central YAML (inherited)
Review profile: CHILL
Plan: Enterprise
Run ID: 239c3b89-b809-4cc3-8f6a-7da1f0b11ac8
📒 Files selected for processing (1)
go.mod
| k8s.io/api v0.36.2 | ||
| k8s.io/apiextensions-apiserver v0.36.2 | ||
| k8s.io/apimachinery v0.36.2 | ||
| k8s.io/client-go v0.36.2 | ||
| k8s.io/klog/v2 v2.140.0 | ||
| k8s.io/kubectl v0.36.2 |
There was a problem hiding this comment.
🧩 Analysis chain
🏁 Script executed:
#!/bin/bash
# Check that go.sum reflects the new versions and has no duplicates
echo "=== Checking go.sum for our updated modules ==="
rg -A 1 'k8s\.io/(api|apiextensions-apiserver|apimachinery|client-go|klog|kubectl)' go.sum | grep -E "v0\.36\.2|v2\.140\.0" | wc -l
echo "=== Checking for duplicate entries (potential conflict) ==="
rg -o 'k8s\.io/[^ ]+' go.sum | sort | uniq -d
echo "=== Running go mod verify to check integrity ==="
go mod verifyRepository: openshift/osde2e
Length of output: 523
🏁 Script executed:
#!/bin/bash
# Check actual go.sum entries for the updated modules
echo "=== Current go.sum entries for k8s.io modules ==="
rg 'k8s\.io/(api|apiextensions-apiserver|apimachinery|client-go|klog|kubectl) ' go.sum | head -30
echo ""
echo "=== Checking if v0.36.2 or v2.140.0 exist anywhere in go.sum ==="
grep -c 'v0\.36\.2\|v2\.140\.0' go.sum || echo "No matches found"
echo ""
echo "=== All k8s.io/api versions in go.sum ==="
rg 'k8s\.io/api ' go.sum
echo ""
echo "=== All k8s.io/client-go versions in go.sum ==="
rg 'k8s\.io/client-go ' go.sumRepository: openshift/osde2e
Length of output: 1364
🏁 Script executed:
#!/bin/bash
# Verify go.mod actual state and klog status
echo "=== Current go.mod entries for k8s.io modules (lines 40-55) ==="
sed -n '40,55p' go.mod
echo ""
echo "=== All k8s.io/klog/v2 entries in go.sum ==="
rg 'k8s\.io/klog/v2 ' go.sumRepository: openshift/osde2e
Length of output: 860
go.sum out of sync with go.mod changes—regenerate immediately.
The go.mod file specifies k8s.io/{api,apiextensions-apiserver,apimachinery,client-go,kubectl} v0.36.2 and k8s.io/klog/v2 v2.140.0, but go.sum contains stale hashes for versions v0.35.x and v2.130.1. Run go mod tidy to regenerate go.sum with correct hashes for the new versions. Without this, builds will fail or resolve incorrect transitive dependencies, breaking reproducibility and supply chain integrity.
🤖 Prompt for AI Agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.
In `@go.mod` around lines 47 - 52, The go.sum file contains stale hashes for
outdated Kubernetes dependency versions while go.mod has been updated to use
k8s.io/api, k8s.io/apiextensions-apiserver, k8s.io/apimachinery,
k8s.io/client-go, and k8s.io/kubectl all at v0.36.2, and k8s.io/klog/v2 at
v2.140.0. Run go mod tidy to regenerate go.sum with the correct hashes that
correspond to the new versions specified in go.mod.
🧩 Analysis chain
🌐 Web query:
Are Kubernetes 0.36.2 and klog v2.140.0 stable releases with no known CVEs?
💡 Result:
As of June 18, 2026, the status of these releases is as follows: Kubernetes 1.36.2 is a stable, officially supported release, published on June 12, 2026 [1]. There is no "Kubernetes 0.36.2" release; it is likely you are referring to version 1.36.2 [1]. As the most recent patch for the 1.36 release line, it is considered current and healthy [2]. While the Kubernetes project tracks vulnerabilities, there are no known, actively exploited critical vulnerabilities reported for version 1.36.2 at this time [2]. klog v2.140.0 is a stable release, published on March 3, 2026 [3][4]. It was integrated into the Kubernetes codebase as a dependency for the v1.36 release cycle [5]. Like other stable components within the Kubernetes ecosystem, it is maintained through regular updates [3][6]. There are no specific CVEs associated with this version in common vulnerability databases at this time [3][4]. Users should always consult the official Kubernetes security and release pages to stay updated on the latest security advisories and patch information [2][7].
Citations:
- 1: https://github.com/kubernetes/kubernetes/releases/tag/v1.36.2
- 2: https://isitpatched.com/kubernetes
- 3: https://github.com/kubernetes/klog/releases/tag/v2.140.0
- 4: https://pkg.go.dev/k8s.io/klog/v2@v2.140.0
- 5: dependencies: klog v2.140.0 kubernetes/kubernetes#137495
- 6: kubernetes/klog@v2.130.1...2.140.0
- 7: https://kubernetes.io/releases/
🏁 Script executed:
#!/bin/bash
# Verify version status and check for breaking changes in klog v2.140.0
# Check k8s.io module release tags
git ls-remote --tags https://github.com/kubernetes/kubernetes.git | grep "v0.36.2"
# Search for any documented breaking changes or migration notes in klog v2.140.0
curl -s https://raw.githubusercontent.com/kubernetes/klog/refs/tags/v2.140.0/CHANGELOG.md | head -100
# Verify go.sum was updated (check for dual versions of same package)
rg 'k8s\.io/(api|apiextensions-apiserver|apimachinery|client-go|klog|kubectl)' go.sum | sort | uniq -d | head -20Repository: openshift/osde2e
Length of output: 74
🏁 Script executed:
#!/bin/bash
# Check actual go.sum for proper version pinning
echo "=== Checking go.sum entries for k8s.io modules ==="
rg 'k8s\.io/(api|apiextensions-apiserver|apimachinery|client-go|klog|kubectl)' go.sum | head -30
echo -e "\n=== Checking for any duplicate package versions ==="
rg 'k8s\.io/(api|apiextensions-apiserver|apimachinery|client-go|klog|kubectl)' go.sum | cut -d' ' -f1 | sort | uniq -c | awk '$1 > 1 {print}'
echo -e "\n=== Searching for Kubernetes version requirements in osde2e ==="
rg -i 'kubernetes.*version|1\.3[0-9]\.|supported.*k8s|target.*kubernetes' pkg/ cmd/ --max-count=5
echo -e "\n=== Checking for any documented breaking changes or migration requirements ==="
fd '\.md$|CHANGELOG|CHANGELOG\.md' --max-depth=2 | head -10Repository: openshift/osde2e
Length of output: 2566
🌐 Web query:
k8s.io api v0.36.2 release package verification Kubernetes 1.36.2 Go modules
💡 Result:
The package k8s.io/api version v0.36.2 was officially published on June 12, 2026, coinciding with the release of Kubernetes 1.36.2 [1][2][3]. To verify and use this Go module, you can manage it via standard Go modules in your go.mod file. The module is available on the Go proxy and can be added or updated using the following commands: go get k8s.io/api@v0.36.2 go mod tidy As of June 18, 2026, v0.36.2 is the standard stable release associated with the Kubernetes 1.36.2 patch cycle [1][4][3]. You can verify the integrity of the dependency by checking the sum in your go.sum file, which Go automatically handles during the build process to ensure the code matches the version tagged in the official repository [1][3]. Key details: - Module: k8s.io/api [1] - Version: v0.36.2 [1] - Release Date: 2026-06-12 [1][3] - Kubernetes Compatibility: Designed for use with the Kubernetes 1.36.x release line [4][3].
Citations:
- 1: https://pkg.go.dev/k8s.io/api
- 2: update(deps): update kubernetes monorepo to v0.36.2 codesphere-cloud/cs-go#278
- 3: https://github.com/kubernetes/kubernetes/releases/tag/v1.36.2
- 4: https://kubernetes.io/releases/1.36/
🏁 Script executed:
#!/bin/bash
# Check osde2e's target Kubernetes versions and any breaking change documentation
echo "=== README and main docs for Kubernetes version support ==="
head -100 README.md | rg -i 'kubernetes|k8s|version|support'
echo -e "\n=== Cluster provisioning code for Kubernetes version constraints ==="
rg -A3 -B3 'kubernetes.*version|api.*version|k8s.*version' pkg/common/cluster/ --max-count=10
echo -e "\n=== Go modules release tags for 0.35 vs 0.36 (checking for breaking changes) ==="
# Check if there's a CHANGELOG or migration guide in vendored deps
fd -t f '(CHANGELOG|BREAKING|MIGRATION)' . --max-depth 3 2>/dev/null | head -10Repository: openshift/osde2e
Length of output: 409
🌐 Web query:
Kubernetes 1.36.2 breaking changes from 1.35 API compatibility client-go
💡 Result:
There are no broad "breaking changes" to API compatibility in client-go v0.36 compared to v0.35, but developers may encounter compilation issues due to interface updates in internal cache tools. Key findings regarding compatibility and API changes: 1. Interface Changes: In client-go v0.36, the ResourceEventHandlerRegistration interface was updated to include a new HasSyncedChecker method [1]. This change causes compilation errors for existing projects that implement this interface or rely on custom structures (such as certain versions of controller-runtime) that do not yet implement the new method [1]. Users upgrading to client-go v0.36 may need to update dependent libraries—for example, upgrading to sigs.k8s.io/controller-runtime v0.24.x is required for compatibility with v0.36 [1]. 2. General API Stability: Kubernetes maintains backwards compatibility between client-go and Kubernetes clusters, meaning older client-go versions generally remain functional with newer clusters [2][3][4]. However, developers should always consult the official CHANGELOG for specific API removals or deprecations [5][2]. 3. Other Notable Changes: While not direct client-go breaking changes, Kubernetes v1.36 introduced significant shifts, such as the removal of integrated support for flex-volumes in kubeadm [5] and the renaming of certain metrics (e.g., etcd_bookmark_counts to etcd_bookmark_total) [5], which may require updates to monitoring configurations or custom code interacting with these APIs. To ensure a smooth transition, verify that all downstream dependencies (especially controller-runtime and other K8s-related ecosystem tools) have been updated to versions that explicitly support the v0.36 client-go libraries [1].
Citations:
- 1: Upgrade to k8s 1.36 (k8s go client 0.36) argoproj/argo-cd#27804
- 2: https://pkg.go.dev/k8s.io/client-go@v0.36.0
- 3: https://github.com/kubernetes/client-go/
- 4: https://github.com/kubernetes/client-go/blob/master/README.md
- 5: https://github.com/kubernetes/kubernetes/blob/master/CHANGELOG/CHANGELOG-1.36.md
🏁 Script executed:
#!/bin/bash
# Check for controller-runtime and interface compatibility issues
echo "=== Check go.mod for controller-runtime and related dependencies ==="
cat go.mod | rg 'sigs\.k8s\.io|controller-runtime|k8s\.io'
echo -e "\n=== Search for ResourceEventHandlerRegistration or custom handler implementations ==="
rg 'ResourceEventHandlerRegistration|AddEventHandler|cache\.ResourceEventHandler' pkg/ cmd/ --max-count=10
echo -e "\n=== Check for watch or reflector implementations that might be affected ==="
rg 'type.*EventHandler|func.*OnAdd|func.*OnUpdate' pkg/ cmd/ --max-count=10
echo -e "\n=== Verify go.mod was updated for this PR (check git status/changes if available) ==="
git diff --name-only 2>/dev/null | head -10 || echo "Git diff not available"Repository: openshift/osde2e
Length of output: 978
Update sigs.k8s.io/controller-runtime to v0.24.x or later for client-go v0.36.2 compatibility.
The Kubernetes 0.36.2 client-go modules are stable (released June 12, 2026) with no known CVEs, and klog v2.140.0 is current. However, sigs.k8s.io/controller-runtime v0.21.0 is incompatible with client-go v0.36.2—the new version introduces a HasSyncedChecker method in the ResourceEventHandlerRegistration interface. Upgrade controller-runtime to v0.24.x or later. Additionally, verify that k8s.io/component-base v0.35.2 (currently a transitive dependency at the older version) does not conflict with the updated k8s.io v0.36.2 modules.
🤖 Prompt for AI Agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.
In `@go.mod` around lines 47 - 52, The sigs.k8s.io/controller-runtime dependency
is currently pinned at an incompatible version (v0.21.0) that does not support
the HasSyncedChecker method required by the upgraded Kubernetes modules
(k8s.io/client-go, k8s.io/api, k8s.io/apiextensions-apiserver,
k8s.io/apimachinery, and k8s.io/kubectl all at v0.36.2). Upgrade the
sigs.k8s.io/controller-runtime module to v0.24.x or a later version in the
go.mod file to ensure compatibility. After making this change, verify that the
transitive dependency k8s.io/component-base remains at a compatible version and
does not introduce conflicts with the k8s.io v0.36.2 modules by running go mod
tidy and checking for any dependency resolution warnings.
Source: Coding guidelines
Signed-off-by: red-hat-konflux <126015336+red-hat-konflux[bot]@users.noreply.github.com>
red-hat-konflux
Bot
force-pushed
the
konflux/mintmaker/main/kubernetes-modules
branch
from
867ff3b to
6ae4293
Compare
|
@red-hat-konflux[bot]: The following test failed, say
Full PR test history. Your PR dashboard. DetailsInstructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository. I understand the commands that are listed here. |
This PR contains the following updates:
v0.35.2→v0.36.2v0.35.1→v0.36.2v0.35.2→v0.36.2v0.35.2→v0.36.2v2.130.1→v2.140.0v0.35.2→v0.36.2bc988d5→a95e086Release Notes
kubernetes/api (k8s.io/api)
v0.36.2Compare Source
v0.36.1Compare Source
v0.36.0Compare Source
v0.35.6Compare Source
v0.35.5Compare Source
v0.35.4Compare Source
v0.35.3Compare Source
kubernetes/apiextensions-apiserver (k8s.io/apiextensions-apiserver)
v0.36.2Compare Source
v0.36.1Compare Source
v0.36.0Compare Source
v0.35.6Compare Source
v0.35.5Compare Source
v0.35.4Compare Source
v0.35.3Compare Source
v0.35.2Compare Source
kubernetes/apimachinery (k8s.io/apimachinery)
v0.36.2Compare Source
v0.36.1Compare Source
v0.36.0Compare Source
v0.35.6Compare Source
v0.35.5Compare Source
v0.35.4Compare Source
v0.35.3Compare Source
kubernetes/client-go (k8s.io/client-go)
v0.36.2Compare Source
v0.36.1Compare Source
v0.36.0Compare Source
v0.35.6Compare Source
v0.35.5Compare Source
v0.35.4Compare Source
v0.35.3Compare Source
kubernetes/klog (k8s.io/klog/v2)
v2.140.0: Prepare klog release for Kubernetes v1.36Compare Source
What's Changed
New Contributors
Full Changelog: kubernetes/klog@v2.130.1...v2.140.0
kubernetes/kubectl (k8s.io/kubectl)
v0.36.2Compare Source
v0.36.1Compare Source
v0.36.0Compare Source
v0.35.6Compare Source
v0.35.5Compare Source
v0.35.4Compare Source
v0.35.3Compare Source
Configuration
📅 Schedule: Branch creation - Between 02:00 AM and 04:59 AM, Monday through Friday ( * 2-4 * * 1-5 ) in timezone UTC, Automerge - Between 02:00 AM and 04:59 AM, Monday through Friday ( * 2-4 * * 1-5 ) in timezone UTC.
🚦 Automerge: Enabled.
♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.
👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.
To execute skipped test pipelines write comment
/ok-to-test.Documentation
Find out how to configure dependency updates in MintMaker documentation or see all available configuration options in Renovate documentation.