✨ Updates for Kubernetes v1.32.0

[gman0]

Summary

This PR updates dependencies to be in line with k8s v1.32.0.

Warning! Do not merge before we sort out our k8s rebase and update deps in this PR.

Related issue(s)

Fixes #3209

Release Notes

Updated dependencies to be in line with k8s v1.32.0

[kcp-ci-bot]

[APPROVALNOTIFIER] This PR is NOT APPROVED

This pull-request has been approved by:
Once this PR has been reviewed and has the lgtm label, please assign embik for approval. For more information see the Kubernetes Code Review Process.

The full list of commands accepted by this bot can be found here.

Needs approval from an approver in each of these files:

• OWNERS
• config/crds/OWNERS
• pkg/admission/OWNERS

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

[kcp-ci-bot]

Hi @gman0. Thanks for your PR.

I'm waiting for a kcp-dev member to verify that this patch is reasonable to test. If it is, they should reply with /ok-to-test on its own line. Until that is done, I will not automatically test new commits in this PR, but the usual testing commands by org members will still work. Regular contributors should join the org to skip this step.

Once the patch is verified, the new status will be reflected by the ok-to-test label.

I understand the commands that are listed here.

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository.

[mjudeikis]

looks quite clean

[mjudeikis]

It's in a draft state, we are not gonna merge :) but removing prefixes allows CI to run with a cleaner signal

[mjudeikis]

/test all

[gman0]

The following error comes up in pull-kcp-build-image, pull-kcp-verify, pull-kcp-verify-codegen, pull-kcp-test-e2e and pull-kcp-test-e2e-multiple-runs:

[1/2] STEP 14/18: RUN --mount=type=cache,target=/go/pkg/mod     go mod download
go: k8s.io/[email protected] (replaced by github.com/kcp-dev/kubernetes/staging/src/k8s.io/[email protected]): reading https://proxy.golang.org/github.com/kcp-dev/kubernetes/staging/src/k8s.io/component-helpers/@v/v0.0.0-20250212172239-c6ebc5941362.mod: 404 Not Found
	server response: not found: fetch timed out

But https://proxy.golang.org/github.com/kcp-dev/kubernetes/staging/src/k8s.io/component-helpers/@v/v0.0.0-20250212172239-c6ebc5941362.mod looks ok. Will re-run.

[gman0]

/test pull-kcp-build-image

[kcp-ci-bot]

@gman0: Cannot trigger testing until a trusted user reviews the PR and leaves an /ok-to-test message.

In response to this:

/test pull-kcp-build-image

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository.

[mjudeikis]

/ok-to-test

[gman0]

/test pull-kcp-lint

[kcp-ci-bot]

@gman0: The following tests failed, say /retest to rerun all failed tests or /retest-required to rerun all mandatory failed tests:

Test name	Commit	Details	Required	Rerun command
pull-kcp-test-e2e-shared	6d4ca80	link	true	/test pull-kcp-test-e2e-shared
pull-kcp-test-e2e-sharded	6d4ca80	link	true	/test pull-kcp-test-e2e-sharded
pull-kcp-test-e2e-multiple-runs	6d4ca80	link	true	/test pull-kcp-test-e2e-multiple-runs

Full PR test history

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. I understand the commands that are listed here.

[kcp-ci-bot]

PR needs rebase.

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository.

[sttts]

what does this mean? Why do we have our own features here and why with 1.28?

[gman0]

@sttts

Why do we have our own features here

To make them available with the rest of the features that are otherwise k8s-specific. I'm assuming this is how it was before too :D

why with 1.28

"k8s.io/apiserver/pkg/util/feature".DefaultMutableFeatureGate that we merge defaultVersionedGenericControlPlaneFeatureGates into (inside the init function) is versioned, and so we need some version.

kcp has its own versioning, k8s has its own, and this creates a bit of a problem that I indeed wasn't sure how to solve cleanly.

At the moment there seems to be only one way to determine if a specific feature is enabled or disabled by default, and that's through comparing that feature's VersionedSpec with the "emulation" version (see our featureSpecAtEmulationVersion function, and the same one in upstream). "k8s.io/apiserver/pkg/util/feature".DefaultMutableFeatureGate sets the emulation version to be DefaultKubeBinaryVersion = "1.32" in the feature gate's constructor.

To keep all features available, regardless whether they are coming from k8s or kcp, I decided to stick with k8s's versioning, and picked 1.28 specifically because that was the k8s version kcp was depending on when WorkspaceMounts was introduced. I can improve the comment to make this a bit clearer.

One thing to note is that using k8s versioning for kcp features means we cannot release a new feature without bumping k8s (minor!) version too :/ this doesn't sound correct and is something we should definitely discuss.

[sttts]

Lgtm.