fix(deps): update go-modules controller-runtime and k8s by red-hat-konflux[bot] · Pull Request #869 · konflux-ci/multi-platform-controller

red-hat-konflux · 2026-04-14T15:29:26Z

ℹ️ Note

This PR body was truncated due to platform limits.

This PR contains the following updates:

Package	Change	Type	Update
k8s.io/api	`v0.33.4` → `v0.36.0`	require	minor
k8s.io/apimachinery	`v0.33.4` → `v0.36.0`	require	minor
k8s.io/client-go	`v0.33.4` → `v0.36.0`	require	minor
k8s.io/utils	`bc988d5` → `ff6756f`	require	digest
sigs.k8s.io/controller-runtime	`v0.19.4` → `v0.24.0`	require	minor

Warning

Some dependencies could not be looked up. Check the warning logs for more information.

Release Notes

kubernetes/api (k8s.io/api)

kubernetes/apimachinery (k8s.io/apimachinery)

`v0.36.0`

Compare Source

`v0.35.4`

Compare Source

`v0.35.3`

Compare Source

`v0.35.2`

Compare Source

`v0.35.1`

Compare Source

`v0.35.0`

Compare Source

`v0.34.7`

Compare Source

`v0.34.6`

Compare Source

`v0.34.5`

Compare Source

`v0.34.4`

Compare Source

`v0.34.3`

Compare Source

`v0.34.2`

Compare Source

`v0.34.1`

Compare Source

`v0.34.0`

Compare Source

`v0.33.11`

Compare Source

`v0.33.10`

Compare Source

`v0.33.9`

Compare Source

`v0.33.8`

Compare Source

`v0.33.7`

Compare Source

`v0.33.6`

Compare Source

`v0.33.5`

Compare Source

kubernetes/client-go (k8s.io/client-go)

`v0.36.0`

Compare Source

`v0.35.4`

Compare Source

`v0.35.3`

Compare Source

`v0.35.2`

Compare Source

`v0.35.1`

Compare Source

`v0.35.0`

Compare Source

`v0.34.7`

Compare Source

`v0.34.6`

Compare Source

`v0.34.5`

Compare Source

`v0.34.4`

Compare Source

`v0.34.3`

Compare Source

`v0.34.2`

Compare Source

`v0.34.1`

Compare Source

`v0.34.0`

Compare Source

`v0.33.11`

Compare Source

`v0.33.10`

Compare Source

`v0.33.9`

Compare Source

`v0.33.8`

Compare Source

`v0.33.7`

Compare Source

`v0.33.6`

Compare Source

`v0.33.5`

Compare Source

kubernetes-sigs/controller-runtime (sigs.k8s.io/controller-runtime)

`v0.24.0`

Compare Source

⚠️ Breaking Changes

Dependencies: Update to k8s.io/* v1.36 (#3506 #3462 #3486 #3450)

🐛 Bug Fixes

Cache: Fix IndexField blocking until informer is synced (#3445)
Cache: Wait for cache sync when ReaderFailOnMissingInformer is true (#3425)
Client: Update typed ApplyConfigurations with server response (#3475)
Fakeclient: Fix SSA status patch resource version check (#3443)
Fakeclient: Fix panic when using CRs with embedded pointer structs (#3431)
Fakeclient: Fix status apply if existing object has managedFields set (#3430)
Fakeclient: Retry GenerateName on AlreadyExists collisions (#3498)
HTTP servers: Wire up base context into http servers (#3452)

🌱 Others

Builder/Webhooks: Remove deprecated custom path function (#3465)
Cache: Test cache reader waits for cache sync (#3434)
Certwatcher: Deflake certwatcher tests (#3457)
Dependencies: Use forked version of btree (#3449)
Envtest: Ensure envtest stops the whole process group (#3447)
Logging: Add missing space in zap-log-level flag description (#3492)
Misc: Adopt new(x) over ptr.To(x) and re-enable newexpr lint (#3489)
Owners: Cleanup (#3453)
Recorder: Add logger into context for structured logging (#3454)
Recorder: Switch to StartLogging for event debug logs (#3451)
Scheme: Deprecate the scheme builder (#3461)
Source/Kind: Improve logging for dynamic type kind source (#3494)
Webhooks: Reduce memory usage of default webhooks (#3463 #3468)

🌱 CI & linters

Chore: Update golangci-lint version to v2.8.0 (#3448)
Chore: Update golangci-lint version to v2.10.1 (#3470)
Chore: Update golangci-lint version to v2.11.3 (#3482)
Migrate away from custom GitHub action approval workflow (#3491)
Release: Auto-create git tags for the tools/setup-envtest submodule (#3476)

📖 Additionally, there has been 1 contribution to our documentation. (#3477)

Dependencies

Added

github.com/cenkalti/backoff/v5: v5.0.3
gonum.org/v1/gonum: v0.16.0
k8s.io/streaming: v0.36.0

Changed

cel.dev/expr: v0.24.0 → v0.25.1
cloud.google.com/go/compute/metadata: v0.6.0 → v0.9.0
github.com/GoogleCloudPlatform/opentelemetry-operations-go/detectors/gcp: v1.26.0 → v1.30.0
github.com/alecthomas/units: b94a6e3 → 0f3dac3
github.com/cncf/xds/go: 2f00578 → ee656c7
github.com/coreos/go-oidc: v2.3.0+incompatible → v2.5.0+incompatible
github.com/coreos/go-systemd/v22: v22.5.0 → v22.7.0
github.com/davecgh/go-spew: v1.1.1 → d8f796a
github.com/emicklei/go-restful/v3: v3.12.2 → v3.13.0
github.com/envoyproxy/go-control-plane/envoy: v1.32.4 → v1.36.0
github.com/envoyproxy/go-control-plane: v0.13.4 → v0.14.0
github.com/envoyproxy/protoc-gen-validate: v1.2.1 → v1.3.0
github.com/go-jose/go-jose/v4: v4.0.4 → v4.1.3
github.com/golang-jwt/jwt/v5: v5.2.2 → v5.3.0
github.com/golang/glog: v1.2.4 → v1.2.5
github.com/grpc-ecosystem/go-grpc-middleware/providers/prometheus: v1.0.1 → v1.1.0
github.com/grpc-ecosystem/go-grpc-middleware/v2: v2.3.0 → v2.3.3
github.com/grpc-ecosystem/grpc-gateway/v2: v2.26.3 → v2.27.7
github.com/moby/spdystream: v0.5.0 → v0.5.1
github.com/onsi/ginkgo/v2: v2.27.2 → v2.27.4
github.com/onsi/gomega: v1.38.2 → v1.39.0
github.com/pmezard/go-difflib: v1.0.0 → 5d4384e
github.com/prometheus/common: v0.66.1 → v0.67.5
github.com/prometheus/procfs: v0.16.1 → v0.19.2
github.com/spf13/cobra: v1.10.0 → v1.10.2
github.com/spiffe/go-spiffe/v2: v2.5.0 → v2.6.0
go.etcd.io/etcd/api/v3: v3.6.5 → v3.6.8
go.etcd.io/etcd/client/pkg/v3: v3.6.5 → v3.6.8
go.etcd.io/etcd/client/v3: v3.6.5 → v3.6.8
go.etcd.io/etcd/pkg/v3: v3.6.5 → v3.6.8
go.etcd.io/etcd/server/v3: v3.6.5 → v3.6.8
go.opentelemetry.io/auto/sdk: v1.1.0 → v1.2.1
go.opentelemetry.io/contrib/detectors/gcp: v1.34.0 → v1.39.0
go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc: v0.60.0 → v0.65.0
go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp: v0.61.0 → v0.65.0
go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracegrpc: v1.34.0 → v1.40.0
go.opentelemetry.io/otel/exporters/otlp/otlptrace: v1.34.0 → v1.40.0
go.opentelemetry.io/otel/metric: v1.36.0 → v1.41.0
go.opentelemetry.io/otel/sdk/metric: v1.36.0 → v1.40.0
go.opentelemetry.io/otel/sdk: v1.36.0 → v1.40.0
go.opentelemetry.io/otel/trace: v1.36.0 → v1.41.0
go.opentelemetry.io/otel: v1.36.0 → v1.41.0
go.opentelemetry.io/proto/otlp: v1.5.0 → v1.9.0
go.uber.org/zap: v1.27.0 → v1.27.1
golang.org/x/crypto: v0.45.0 → v0.47.0
golang.org/x/exp: 8a7402a → 944ab1f
golang.org/x/mod: v0.29.0 → v0.32.0
golang.org/x/net: v0.47.0 → v0.49.0
golang.org/x/oauth2: v0.30.0 → v0.34.0
golang.org/x/sync: v0.18.0 → v0.19.0
golang.org/x/sys: v0.38.0 → v0.40.0
golang.org/x/telemetry: 078029d → bd525da
golang.org/x/term: v0.37.0 → v0.39.0
golang.org/x/text: v0.31.0 → v0.33.0
golang.org/x/time: v0.9.0 → v0.14.0
golang.org/x/tools/go/expect: v0.1.0-deprecated → v0.1.1-deprecated
golang.org/x/tools: v0.38.0 → v0.41.0
google.golang.org/genproto/googleapis/api: a0af3ef → 8636f87
google.golang.org/genproto/googleapis/rpc: 200df99 → 8636f87
google.golang.org/grpc: v1.72.2 → v1.79.3
google.golang.org/protobuf: v1.36.8 → f2248ac
k8s.io/api: v0.35.0 → v0.36.0
k8s.io/apiextensions-apiserver: v0.35.0 → v0.36.0
k8s.io/apimachinery: v0.35.0 → v0.36.0
k8s.io/apiserver: v0.35.0 → v0.36.0
k8s.io/client-go: v0.35.0 → v0.36.0
k8s.io/code-generator: v0.35.0 → v0.36.0
k8s.io/component-base: v0.35.0 → v0.36.0
k8s.io/klog/v2: v2.130.1 → v2.140.0
k8s.io/kms: v0.35.0 → v0.36.0
k8s.io/kube-openapi: 589584f → 43fb72c
k8s.io/utils: bc988d5 → b8788ab
sigs.k8s.io/apiserver-network-proxy/konnectivity-client: v0.31.2 → v0.34.0
sigs.k8s.io/structured-merge-diff/v6: v6.3.0 → v6.3.2

Removed

github.com/cenkalti/backoff/v4: v4.3.0
github.com/gregjones/httpcache: 901d907
github.com/grpc-ecosystem/go-grpc-prometheus: v1.2.0
github.com/zeebo/errs: v1.4.0
golang.org/x/xerrors: 9bdfabe

Thanks to all our contributors! 😊

`v0.23.3`

Compare Source

What's Changed

🐛 Ensure DefaulterRemoveUnknownOrOmitableFields is still working even if objects are equal by @k8s-infra-cherrypick-robot in #3469

Full Changelog: kubernetes-sigs/controller-runtime@v0.23.2...v0.23.3

`v0.23.2`

Compare Source

What's Changed

🐛 Fix fake client's SSA status patch resource version check by @k8s-infra-cherrypick-robot in #3446
✨ Reduce memory usage of default webhooks by @k8s-infra-cherrypick-robot in #3467

Full Changelog: kubernetes-sigs/controller-runtime@v0.23.1...v0.23.2

`v0.23.1`

Compare Source

What's Changed

🐛 Cache reader: Wait for cache sync when ReaderFailOnMissingInformer is true by @k8s-infra-cherrypick-robot in #3433
🐛 Fix panic when using CRs with embedded pointer structs by @k8s-infra-cherrypick-robot in #3436
🌱 Test cache reader waits for cache sync by @k8s-infra-cherrypick-robot in #3438
🐛 Fakeclient: Fix status apply if existing object has managedFields set by @k8s-infra-cherrypick-robot in #3437

Full Changelog: kubernetes-sigs/controller-runtime@v0.23.0...v0.23.1

`v0.23.0`

Compare Source

🔆 Highlights

Client: Add subresource Apply support by @alvaroaleman in #3321
Conversion: Enable implementation of conversion outside of API packages by @sbueringer in #3335
Priorityqueue: Various improvements, bug fixes and now enabled per default
Webhooks: Generic Validator and Defaulter by @alvaroaleman in #3360

⚠️ Breaking changes

Dependencies: Update to k8s.io/* v1.35 by @alvaroaleman @dongjiang1989 @kannon92 (#3316, #3349, #3386, #3391, #3401)
Client: Add subresource Apply support by @alvaroaleman in #3321
Events: Migration to the new events API by @clebs in #3262
- Using the new GetEventRecorderFor requires updating your rbac for events to use the events.k8s.io apiGroup rather than the `` (core) apiGroup
Fakeclient: Set ResourceVersion for SSA Create by @alvaroaleman in #3311
Webhooks: Generic Validator and Defaulter by @alvaroaleman in #3360
- Existing code of the form builder.WebhookManagedBy(mgr).For(&corev1.Deployment{}) has to be changed to builder.WebhookManagedBy(mgr, &appsv1.Deployment{})
- Existing webhook implementations have to be changed to take the concrete object rather than runtime.Object, for example from ValidateCreate(ctx context.Context, obj runtime.Object) (admission.Warnings, error) to ValidateCreate(ctx context.Context, obj *appsv1.Deployment) (admission.Warnings, error)

✨ Features

Cache: Allow fine-granular SyncPeriod configuration by @sbueringer in #3376
Client: Add FieldOwner option to client.Options by @aerfio in #3389
Client: Add FieldValidation option to client.Options by @aerfio in #3393
Conversion: Enable implementation of conversion outside of API packages by @sbueringer in #3335
Metrics: Add controller_runtime_reconcile_timeouts_total metric to track ReconciliationTimeout timeouts by @godwinpang in #3382
Priorityqueue: Add optional Priority field to reconcile.Result by @sbueringer in #3333
Priorityqueue: Enable per default by @sbueringer in #3332
Priorityqueue: Use a buffer to optimize priority queue AddWithOpts performance by @zach593 in #3415
Source/Kind: Delay reconciliation until handlers sync by @GonzaloLuminary in #3406
Webhooks: Add WithContextFunc to WebhookBuilder by @dmvolod in #3324

🐛 Bugfixes

Client: Allow SSA after normal resource creation by @filipcirtog in #3346
Client: Fix List in namespaced client to list objects that are cluster scoped by @troy0820 in #3351 #3353
Envtest: Respect pre-configured binary paths in ControlPlane by @mzhaom in #3372
Fakeclient: Fix a number of bugs when updating through apply by @alvaroaleman in #3319
FakeClient: Fix Apply with Unstructured ApplyConfiguration and resourceVersion unset by @sbueringer in #3403
Fakeclient: Fix SSA after List with non-list kind by @sbueringer in #3364
Fakeclient: Panic when trying to build more than one instance of fake.ClientBuilder by @troy0820 in #3314
Leaderelection: Copy all parent context values to leader elector's context by @msudheendra-cflt in #3327
Metrics: Adding missing exponential buckets on webhook native histogram by @brito-rafa in #3411
Priorityqueue: Do FIFO ordering within priorities and not across by @zach593 in #3408
Priorityqueue: Don't block on Get when queue is shutdown (2nd try) by @sbueringer in #3337
Priorityqueue: Ensure priority queue always returns high-priority items first by @moritzmoe in #3330
Priorityqueue: Fix TestWhenAddingMultipleItemsWithRatelimitTrueTheyDontAffectEachOther by @zach593 in #3395
Priorityqueue: Limit depthWithPriorityMetric cardinality to 25 by @alvaroaleman #3419
Priorityqueue: Properly sync the waiter manipulation by @fossedihelm in #3368
setup-envtest: Select the newest Kubernetes by default by @cbandy in #3380
testing/addr: Prevent possible leak by avoiding defer in loop by @s-z-z in #3367

🌱 Other

Dependencies: Update controller-tools to 0.20.0 and fix lint by @dongjiang1989 in #3405
Linter: Add depguard golangci-linter for forbid sort pkg by @dongjiang1989 in #3374
Linter: Modernize finalizer utils by @tbavelier in #3329
Linter: Update golangci-lint version and modernize lint by @dongjiang1989 in #3384
Linter: Update golangci-lint version to v2.4.0 by @dongjiang1989 in #3318
Linter: Update golangci-lint version to v2.5.0 by @dongjiang1989 in #3323
Linter: Update golangci-lint version to v2.7.2 by @dongjiang1989 in #3399
Manager: Deflake should execute the Warmup function test when Warmup group is started by @alvaroaleman in #3356
Misc: Add CreateOrPatch function in alias.go by @tisonkun in #3375
Misc: Change sort to slices package by @dongjiang1989 in #3370
Misc: Fix typo in unit test name by @s-z-z in #3304
Misc: Revert deprecation of client.Apply by @sbueringer in #3307
Priorityqueue: Add and use newQueueWithTimeForwarder by @alvaroaleman in #3336
Priorityqueue: Add some more tests to the priorityqueue by @alvaroaleman in #3387
Priorityqueue: Use separate b-trees for ready and non-ready items by @alvaroaleman in #3416
Priorityqueue: Use synctest by @alvaroaleman in #3350

📖 Documentation

Add a design for supporting warm replicas by @godwinpang in #3121
Remove latest from setupenvtest docs by @troy0820 in #3359
pkg/client/config: Remove outdated doc comments by @haoqixu in #3306
Update client.Apply example by @aerfio in #3390
Update README.md's compatibility matrix for v0.22.x. by @renormalize in #3392

Dependencies

Added

github.com/Masterminds/semver/v3: v3.4.0
github.com/gkampitakis/ciinfo: v0.3.2
github.com/gkampitakis/go-diff: v1.3.2
github.com/gkampitakis/go-snaps: v0.5.15
github.com/goccy/go-yaml: v1.18.0
github.com/joshdk/go-junit: v1.0.0
github.com/maruel/natural: v1.1.1
github.com/mfridman/tparse: v0.18.0
github.com/tidwall/gjson: v1.18.0
github.com/tidwall/match: v1.1.1
github.com/tidwall/pretty: v1.2.1
github.com/tidwall/sjson: v1.2.5
go.uber.org/automaxprocs: v1.6.0
golang.org/x/tools/go/expect: v0.1.0-deprecated
golang.org/x/tools/go/packages/packagestest: v0.1.1-deprecated

Changed

github.com/go-logr/logr: v1.4.2 → v1.4.3
github.com/google/pprof: d1b30fe → 27863c8
github.com/onsi/ginkgo/v2: v2.22.0 → v2.27.2
github.com/onsi/gomega: v1.36.1 → v1.38.2
github.com/prometheus/client_golang: v1.22.0 → v1.23.2
github.com/prometheus/client_model: v0.6.1 → v0.6.2
github.com/prometheus/common: v0.62.0 → v0.66.1
github.com/prometheus/procfs: v0.15.1 → v0.16.1
github.com/rogpeppe/go-internal: v1.13.1 → v1.14.1
github.com/spf13/cobra: v1.9.1 → v1.10.0
github.com/spf13/pflag: v1.0.6 → v1.0.9
github.com/stretchr/testify: v1.10.0 → v1.11.1
go.etcd.io/bbolt: v1.4.2 → v1.4.3
go.etcd.io/etcd/api/v3: v3.6.4 → v3.6.5
go.etcd.io/etcd/client/pkg/v3: v3.6.4 → v3.6.5
go.etcd.io/etcd/client/v3: v3.6.4 → v3.6.5
go.etcd.io/etcd/pkg/v3: v3.6.4 → v3.6.5
go.etcd.io/etcd/server/v3: v3.6.4 → v3.6.5
go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp: v0.58.0 → v0.61.0
go.opentelemetry.io/otel/metric: v1.35.0 → v1.36.0
go.opentelemetry.io/otel/sdk/metric: v1.34.0 → v1.36.0
go.opentelemetry.io/otel/sdk: v1.34.0 → v1.36.0
go.opentelemetry.io/otel/trace: v1.35.0 → v1.36.0
go.opentelemetry.io/otel: v1.35.0 → v1.36.0
go.yaml.in/yaml/v2: v2.4.2 → v2.4.3
golang.org/x/crypto: v0.36.0 → v0.45.0
golang.org/x/mod: v0.21.0 → v0.29.0
golang.org/x/net: v0.38.0 → v0.47.0
golang.org/x/oauth2: v0.27.0 → v0.30.0
golang.org/x/sync: v0.12.0 → v0.18.0
golang.org/x/sys: v0.31.0 → v0.38.0
golang.org/x/telemetry: bda5523 → 078029d
golang.org/x/term: v0.30.0 → v0.37.0
golang.org/x/text: v0.23.0 → v0.31.0
golang.org/x/tools: v0.26.0 → v0.38.0
golang.org/x/xerrors: 5ec99f8 → 9bdfabe
google.golang.org/genproto/googleapis/rpc: a0af3ef → 200df99
google.golang.org/grpc: v1.72.1 → v1.72.2
google.golang.org/protobuf: v1.36.5 → v1.36.8
gopkg.in/evanphx/json-patch.v4: v4.12.0 → v4.13.0
k8s.io/api: v0.34.0 → v0.35.0
k8s.io/apiextensions-apiserver: v0.34.0 → v0.35.0
k8s.io/apimachinery: v0.34.0 → v0.35.0
k8s.io/apiserver: v0.34.0 → v0.35.0
k8s.io/client-go: v0.34.0 → v0.35.0
k8s.io/code-generator: v0.34.0 → v0.35.0
k8s.io/component-base: v0.34.0 → v0.35.0
k8s.io/gengo/v2: 85fd79d → ec3ebc5
k8s.io/kms: v0.34.0 → v0.35.0
k8s.io/kube-openapi: f3f2b99 → 589584f
k8s.io/utils: 4c0f3b2 → bc988d5
sigs.k8s.io/json: cfa47c3 → 2d32026

Removed

github.com/kisielk/errcheck: v1.5.0
github.com/kisielk/gotool: v1.0.0
gopkg.in/yaml.v2: v2.4.0

New Contributors

@haoqixu made their first contribution in #3306
@msudheendra-cflt made their first contribution in #3327
@tbavelier made their first contribution in #3329
@moritzmoe made their first contribution in #3330
@filipcirtog made their first contribution in #3346
@fossedihelm made their first contribution in #3368
@mzhaom made their first contribution in #3372
@tisonkun made their first contribution in #3375
@renormalize made their first contribution in #3392
@brito-rafa made their first contribution in #3411
@GonzaloLuminary made their first contribution in #3406

Full Changelog: kubernetes-sigs/controller-runtime@v0.22.0...v0.23.0

Thanks to all our contributors! 😊

`v0.22.5`

Compare Source

What's Changed

🌱 Bump k8s.io/* to v0.34.3 by @sbueringer in #3420

Full Changelog: kubernetes-sigs/controller-runtime@v0.22.4...v0.22.5

`v0.22.4`

Compare Source

What's Changed

✨ cache: Allow fine-granular SyncPeriod configuration by @k8s-infra-cherrypick-robot in #3378
🐛 Update List in namespaced client to list objects that are cluster scoped by @k8s-infra-cherrypick-robot in #3352 #3357
🐛 priority queue: properly sync the waiter manipulation by @alvaroaleman in #3371
🐛 envtest: respect pre-configured binary paths in ControlPlane by @k8s-infra-cherrypick-robot in #3377

Full Changelog: kubernetes-sigs/controller-runtime@v0.22.3...v0.22.4

`v0.22.3`

Compare Source

What's Changed

[release-0.22] 🐛 Allow SSA after normal resource creation by @k8s-infra-cherrypick-robot in #3348

Full Changelog: kubernetes-sigs/controller-runtime@v0.22.2...v0.22.3

`v0.22.2`

Compare Source

What's Changed

🐛 Panic when trying to build more than one instance of fake.ClientBuilder by @k8s-infra-cherrypick-robot in #3315
🌱 Bump to k8s.io/* v0.34.1 by @k8s-infra-cherrypick-robot in #3317
🐛 Don't block on Get when queue is shutdown (2nd try) by @k8s-infra-cherrypick-robot in #3338
🐛 Fix a bug where the priorityqueue would sometimes not return high-priority items first by @k8s-infra-cherrypick-robot in #3340

Full Changelog: kubernetes-sigs/controller-runtime@v0.22.1...v0.22.2

`v0.22.1`

Compare Source

What's Changed

🌱 Revert deprecation of client.Apply by @k8s-infra-cherrypick-robot in #3308

Full Changelog: kubernetes-sigs/controller-runtime@v0.22.0...v0.22.1

`v0.22.0`

Compare Source

🔆 Highlights

Client: Native support for Server-Side Apply (SSA) (#3253, #2981)
Update to k8s.io/* v1.34 dependencies (#3231, #3236, #3246, #3259, #3270, #3300)
Controller: Implement warmup support for controllers (#3192)
Priorityqueue: various improvements ([#3289](https://redirect.github.com/kubernetes-sigs/controller-runtime/issues

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.

If you want to rebase/retry this PR, check this box

To execute skipped test pipelines write comment /ok-to-test.

Documentation

Find out how to configure dependency updates in MintMaker documentation or see all available configuration options in Renovate documentation.

snyk-io · 2026-04-14T15:59:32Z

✅ Snyk checks have passed. No issues have been found so far.

Status	Scan Engine	Critical	High	Medium	Low	Total (0)
✅	Open Source Security	0	0	0	0	0 issues
✅	Licenses	0	0	0	0	0 issues
✅	Code Security	0	0	0	0	0 issues

💻 Catch issues earlier using the plugins for VS Code, JetBrains IDEs, Visual Studio, and Eclipse.

red-hat-konflux · 2026-04-14T20:06:45Z

ℹ️ Artifact update notice

File name: go.mod

In order to perform the update(s) described in the table above, Renovate ran the go get command, which resulted in the following additional change(s):

21 additional dependencies were updated
The go directive was updated for compatibility reasons

Details:

Package	Change
`go`	`1.24.0` -> `1.26.0`
`github.com/prometheus/client_golang`	`v1.22.0` -> `v1.23.2`
`github.com/spf13/cobra`	`v1.8.1` -> `v1.10.2`
`k8s.io/apiextensions-apiserver`	`v0.33.4` -> `v0.36.0`
`k8s.io/code-generator`	`v0.33.4` -> `v0.36.0`
`k8s.io/klog/v2`	`v2.130.1` -> `v2.140.0`
`sigs.k8s.io/yaml`	`v1.4.0` -> `v1.6.0`
`github.com/fxamacker/cbor/v2`	`v2.7.0` -> `v2.9.0`
`github.com/google/cel-go`	`v0.24.1` -> `v0.26.0`
`github.com/google/gnostic-models`	`v0.6.9` -> `v0.7.0`
`github.com/modern-go/reflect2`	`v1.0.2` -> `v1.0.3-0.20250322232337-35a7c28c31ee`
`github.com/prometheus/common`	`v0.62.0` -> `v0.67.5`
`github.com/prometheus/procfs`	`v0.15.1` -> `v0.19.2`
`go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp`	`v0.58.0` -> `v0.65.0`
`golang.org/x/exp`	`v0.0.0-20251002181428-27f1f14c8bb9` -> `v0.0.0-20251219203646-944ab1f22d93`
`golang.org/x/time`	`v0.10.0` -> `v0.14.0`
`google.golang.org/grpc`	`v1.79.1` -> `v1.79.3`
`google.golang.org/protobuf`	`v1.36.11` -> `v1.36.12-0.20260120151049-f2248ac996af`
`gopkg.in/evanphx/json-patch.v4`	`v4.12.0` -> `v4.13.0`
`k8s.io/apiserver`	`v0.33.4` -> `v0.36.0`
`k8s.io/component-base`	`v0.33.4` -> `v0.36.0`
`k8s.io/kube-openapi`	`v0.0.0-20250318190949-c8a335a9a2ff` -> `v0.0.0-20260317180543-43fb72c5454a`

codecov-commenter · 2026-04-14T20:17:58Z

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 54.23%. Comparing base (d3777e9) to head (bafeb9f).

Additional details and impacted files

@@            Coverage Diff             @@
##             main     #869      +/-   ##
==========================================
- Coverage   58.34%   54.23%   -4.11%     
==========================================
  Files          25       25              
  Lines        2775     2775              
==========================================
- Hits         1619     1505     -114     
- Misses        992     1122     +130     
+ Partials      164      148      -16

Flag	Coverage Δ
e2e-tests	`5.08% <ø> (-25.63%)`	⬇️
unit-tests	`51.76% <ø> (ø)`

Flags with carried forward coverage won't be shown. Click here to find out more.

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:

❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.

github-actions · 2026-05-09T14:00:00Z

AI Dependency Impact Analysis

Previous analysis

Risk Level: MEDIUM

Summary of Dependency Changes

This PR updates several Kubernetes-related dependencies, including k8s.io/api, k8s.io/apimachinery, k8s.io/client-go, and sigs.k8s.io/controller-runtime. The k8s dependencies are bumped from v0.33.4 to v0.36.0, and controller-runtime is updated from v0.19.4 to v0.24.0. The controller-runtime update includes breaking changes due to its dependency on k8s.io/* v1.36.

Affected Code

No Direct Imports: k8s.io/api, k8s.io/apimachinery, k8s.io/client-go, and sigs.k8s.io/controller-runtime have no direct imports.

Breaking Change Assessment

While this is a minor version bump for the overall PR, the update to sigs.k8s.io/controller-runtime from v0.19.4 to v0.24.0 includes breaking changes. Specifically, it upgrades to k8s.io/* v1.36, which may introduce incompatibilities. Further, if the codebase uses webhooks, the signature for validate/default methods must change to accept concrete objects instead of runtime objects. The breaking changes associated with the k8s.io/* v1.36 update itself require manual inspection of the code to assess the risk.

Security Assessment

No security advisories or govulncheck results are provided, so this cannot be assessed.

Recommended Action

Review specific areas: Medium risk, reviewer should check all areas where controller-runtime is used, especially webhook implementations, to ensure compatibility with the new Kubernetes API version and webhook signatures. Specific attention should be paid to the controller logic to ensure that there are no dependency conflicts.

Risk Level: MEDIUM

Summary of Dependency Changes

This PR updates several Kubernetes dependencies (api, apimachinery, client-go) from v0.33.4 to v0.36.0 and controller-runtime from v0.19.4 to v0.24.0. The controller-runtime update includes breaking changes due to the k8s.io/* dependency updates. Additionally, the update includes various bug fixes, features, and performance improvements in the controller-runtime.

Affected Code

k8s.io/api, k8s.io/apimachinery, k8s.io/client-go: These are fundamental Kubernetes libraries, and since no direct imports are available, it's assumed our code interacts with these indirectly through controller-runtime.
sigs.k8s.io/controller-runtime: This is a core dependency. Our code uses it for building controllers, handling events, and interacting with the Kubernetes API.

Breaking Change Assessment

The controller-runtime v0.24.0 release notes indicate breaking changes due to the update to k8s.io/* v1.36. Specifically, if our code uses webhook builder, the WebhookManagedBy and ValidateCreate signatures have changed. This warrants further review, as these may require code modification.

Security Assessment

No security advisories or govulncheck data were included in the context, so no assessment could be made about potential vulnerabilities.

Recommended Action

Review specific areas: Due to the potential breaking changes in controller-runtime webhooks and the k8s.io/* version bumps, the reviewer should carefully examine the webhook configurations and any code that utilizes the Kubernetes API to ensure compatibility. Specifically, verify that any webhook implementations are using the concrete object rather than runtime.Object. Also, check if the RBAC for events is using the events.k8s.io apiGroup, if GetEventRecorderFor is used.

Risk Level: MEDIUM

Summary of Dependency Changes

This PR updates several Kubernetes dependencies (k8s.io/api, k8s.io/apimachinery, k8s.io/client-go) from v0.33.4 to v0.36.0 and sigs.k8s.io/controller-runtime from v0.19.4 to v0.24.0, along with k8s.io/utils to a new digest. The controller-runtime update includes breaking changes due to updated Kubernetes dependencies.

Affected Code

No direct imports found for k8s.io/api, k8s.io/apimachinery, k8s.io/client-go or k8s.io/utils.
The codebase likely uses controller-runtime for building controllers, defining CRDs, and interacting with the Kubernetes API. Due to no direct imports, the impact can not be determined.

Breaking Change Assessment

The controller-runtime v0.24.0 release notes indicate a breaking change due to updating to k8s.io/* v1.36. Since these are minor version bumps, semantic versioning suggests breaking changes should be minimal and likely fixable.

Security Assessment

No security advisories or govulncheck results are included in the context.

Recommended Action

Review specific areas: Medium risk, reviewer should check the codebase for compatibility issues arising from the Kubernetes API updates in controller-runtime and ensure the application is compatible with the updated Kubernetes API version. Focus on areas utilizing controller-runtime's client, cache, or webhook features.

Risk Level: MEDIUM

Summary of Dependency Changes

This PR updates k8s.io/api, k8s.io/client-go, and sigs.k8s.io/controller-runtime to newer minor versions. The controller-runtime update includes breaking changes related to the Kubernetes API version, event API, SSA, and webhooks. The k8s.io/utils also updates from a digest update.

Affected Code

Since no code snippets are provided, it's not possible to determine how the codebase uses these dependencies. Without specific code usage, an analysis can only be made based on the risk hints provided. No direct imports exist.

Breaking Change Assessment

The controller-runtime update from v0.19.4 to v0.24.0 introduces several breaking changes. Notably, the update to k8s.io/* v1.36. The change in events API may require RBAC update. A change in the webhooks implementation also requires changes to the existing webhooks.

Security Assessment

No security advisories or govulncheck data provided.

Recommended Action

Needs careful review: The update to controller-runtime includes breaking changes that affect Kubernetes API version and webhook implementations. A careful review is needed to ensure that our controllers and webhooks are compatible with the new version.

Risk Level: MEDIUM

Summary of Dependency Changes

This PR updates several Kubernetes dependencies (k8s.io/api, k8s.io/apimachinery, k8s.io/client-go) from v0.33.4 to v0.36.0 and sigs.k8s.io/controller-runtime from v0.19.4 to v0.24.0. The controller-runtime update includes breaking changes related to the required Kubernetes dependencies and webhook implementations. k8s.io/utils has a digest update.

Affected Code

Since no source code snippets were provided, I can only state that the impact assessment is based solely on the dependency information. The codebase presumably uses types and functions from k8s.io/api, k8s.io/apimachinery, and k8s.io/client-go for interacting with the Kubernetes API. The codebase also likely utilizes the controller-runtime library for building Kubernetes controllers and webhooks.

Breaking Change Assessment

The update to controller-runtime v0.24.0 introduces breaking changes. Most notably, it depends on k8s.io/* v1.36. The webhook builder API has also changed, requiring updates to webhook implementations to accept concrete types instead of runtime.Object. Without codebase examples, it's impossible to know if these affect us directly, but since these are potentially very impactful to the code, we should assume it affects us.

Security Assessment

No security advisories or govulncheck data were provided.

Recommended Action

Review specific areas: Due to the breaking changes in controller-runtime related to webhooks and core Kubernetes dependencies, a reviewer should carefully examine the following:

Webhook implementations to ensure they are compatible with the updated API.
Controller implementations for compatibility with updated Kubernetes types.
RBAC configurations related to event recording (due to potential API group changes for events).

github-actions

Risk Level: MEDIUM

Summary of Dependency Changes

This PR updates several Kubernetes-related dependencies, including k8s.io/api, k8s.io/apimachinery, k8s.io/client-go, and sigs.k8s.io/controller-runtime. The k8s dependencies are bumped from v0.33.4 to v0.36.0, and controller-runtime is updated from v0.19.4 to v0.24.0. The controller-runtime update includes breaking changes due to its dependency on k8s.io/* v1.36.

Affected Code

No Direct Imports: k8s.io/api, k8s.io/apimachinery, k8s.io/client-go, and sigs.k8s.io/controller-runtime have no direct imports.

Breaking Change Assessment

While this is a minor version bump for the overall PR, the update to sigs.k8s.io/controller-runtime from v0.19.4 to v0.24.0 includes breaking changes. Specifically, it upgrades to k8s.io/* v1.36, which may introduce incompatibilities. Further, if the codebase uses webhooks, the signature for validate/default methods must change to accept concrete objects instead of runtime objects. The breaking changes associated with the k8s.io/* v1.36 update itself require manual inspection of the code to assess the risk.

Security Assessment

No security advisories or govulncheck results are provided, so this cannot be assessed.

Recommended Action

Review specific areas: Medium risk, reviewer should check all areas where controller-runtime is used, especially webhook implementations, to ensure compatibility with the new Kubernetes API version and webhook signatures. Specific attention should be paid to the controller logic to ensure that there are no dependency conflicts.

github-actions

Risk Level: MEDIUM

Summary of Dependency Changes

This PR updates several Kubernetes dependencies (api, apimachinery, client-go) from v0.33.4 to v0.36.0 and controller-runtime from v0.19.4 to v0.24.0. The controller-runtime update includes breaking changes due to the k8s.io/* dependency updates. Additionally, the update includes various bug fixes, features, and performance improvements in the controller-runtime.

Affected Code

k8s.io/api, k8s.io/apimachinery, k8s.io/client-go: These are fundamental Kubernetes libraries, and since no direct imports are available, it's assumed our code interacts with these indirectly through controller-runtime.
sigs.k8s.io/controller-runtime: This is a core dependency. Our code uses it for building controllers, handling events, and interacting with the Kubernetes API.

Breaking Change Assessment

The controller-runtime v0.24.0 release notes indicate breaking changes due to the update to k8s.io/* v1.36. Specifically, if our code uses webhook builder, the WebhookManagedBy and ValidateCreate signatures have changed. This warrants further review, as these may require code modification.

Security Assessment

No security advisories or govulncheck data were included in the context, so no assessment could be made about potential vulnerabilities.

Recommended Action

Review specific areas: Due to the potential breaking changes in controller-runtime webhooks and the k8s.io/* version bumps, the reviewer should carefully examine the webhook configurations and any code that utilizes the Kubernetes API to ensure compatibility. Specifically, verify that any webhook implementations are using the concrete object rather than runtime.Object. Also, check if the RBAC for events is using the events.k8s.io apiGroup, if GetEventRecorderFor is used.

github-actions

Risk Level: MEDIUM

Summary of Dependency Changes

This PR updates several Kubernetes dependencies (k8s.io/api, k8s.io/apimachinery, k8s.io/client-go) from v0.33.4 to v0.36.0 and sigs.k8s.io/controller-runtime from v0.19.4 to v0.24.0, along with k8s.io/utils to a new digest. The controller-runtime update includes breaking changes due to updated Kubernetes dependencies.

Affected Code

No direct imports found for k8s.io/api, k8s.io/apimachinery, k8s.io/client-go or k8s.io/utils.
The codebase likely uses controller-runtime for building controllers, defining CRDs, and interacting with the Kubernetes API. Due to no direct imports, the impact can not be determined.

Breaking Change Assessment

The controller-runtime v0.24.0 release notes indicate a breaking change due to updating to k8s.io/* v1.36. Since these are minor version bumps, semantic versioning suggests breaking changes should be minimal and likely fixable.

Security Assessment

No security advisories or govulncheck results are included in the context.

Recommended Action

Review specific areas: Medium risk, reviewer should check the codebase for compatibility issues arising from the Kubernetes API updates in controller-runtime and ensure the application is compatible with the updated Kubernetes API version. Focus on areas utilizing controller-runtime's client, cache, or webhook features.

github-actions

Risk Level: MEDIUM

Summary of Dependency Changes

This PR updates k8s.io/api, k8s.io/client-go, and sigs.k8s.io/controller-runtime to newer minor versions. The controller-runtime update includes breaking changes related to the Kubernetes API version, event API, SSA, and webhooks. The k8s.io/utils also updates from a digest update.

Affected Code

Since no code snippets are provided, it's not possible to determine how the codebase uses these dependencies. Without specific code usage, an analysis can only be made based on the risk hints provided. No direct imports exist.

Breaking Change Assessment

The controller-runtime update from v0.19.4 to v0.24.0 introduces several breaking changes. Notably, the update to k8s.io/* v1.36. The change in events API may require RBAC update. A change in the webhooks implementation also requires changes to the existing webhooks.

Security Assessment

No security advisories or govulncheck data provided.

Recommended Action

Needs careful review: The update to controller-runtime includes breaking changes that affect Kubernetes API version and webhook implementations. A careful review is needed to ensure that our controllers and webhooks are compatible with the new version.

Signed-off-by: red-hat-konflux <126015336+red-hat-konflux[bot]@users.noreply.github.com>

github-actions

Risk Level: MEDIUM

Summary of Dependency Changes

This PR updates several Kubernetes dependencies (k8s.io/api, k8s.io/apimachinery, k8s.io/client-go) from v0.33.4 to v0.36.0 and sigs.k8s.io/controller-runtime from v0.19.4 to v0.24.0. The controller-runtime update includes breaking changes related to the required Kubernetes dependencies and webhook implementations. k8s.io/utils has a digest update.

Affected Code

Since no source code snippets were provided, I can only state that the impact assessment is based solely on the dependency information. The codebase presumably uses types and functions from k8s.io/api, k8s.io/apimachinery, and k8s.io/client-go for interacting with the Kubernetes API. The codebase also likely utilizes the controller-runtime library for building Kubernetes controllers and webhooks.

Breaking Change Assessment

The update to controller-runtime v0.24.0 introduces breaking changes. Most notably, it depends on k8s.io/* v1.36. The webhook builder API has also changed, requiring updates to webhook implementations to accept concrete types instead of runtime.Object. Without codebase examples, it's impossible to know if these affect us directly, but since these are potentially very impactful to the code, we should assume it affects us.

Security Assessment

No security advisories or govulncheck data were provided.

Recommended Action

Review specific areas: Due to the breaking changes in controller-runtime related to webhooks and core Kubernetes dependencies, a reviewer should carefully examine the following:

Webhook implementations to ensure they are compatible with the updated API.
Controller implementations for compatibility with updated Kubernetes types.
RBAC configurations related to event recording (due to potential API group changes for events).

oswcab · 2026-05-12T15:15:47Z

Requires go 1.26.x so incompatible with the current UBI images which, to this date, only provide 1.25.x

oswcab · 2026-05-12T15:16:09Z

Requires go 1.26.x so incompatible with the current UBI images which, to this date, only provide 1.25.x

red-hat-konflux Bot force-pushed the konflux/mintmaker/main/go-modules-controller-runtime-and-k8s branch from c8ab15c to bafeb9f Compare April 14, 2026 20:06

red-hat-konflux Bot force-pushed the konflux/mintmaker/main/go-modules-controller-runtime-and-k8s branch 4 times, most recently from b51aa19 to e68fb40 Compare April 20, 2026 21:52

red-hat-konflux Bot force-pushed the konflux/mintmaker/main/go-modules-controller-runtime-and-k8s branch 6 times, most recently from 6e70e93 to e0ed773 Compare April 29, 2026 09:57

red-hat-konflux Bot force-pushed the konflux/mintmaker/main/go-modules-controller-runtime-and-k8s branch 3 times, most recently from 3a829c9 to bc59b5a Compare May 4, 2026 15:45

red-hat-konflux Bot force-pushed the konflux/mintmaker/main/go-modules-controller-runtime-and-k8s branch 2 times, most recently from 3c4b5f4 to 3f5e9b5 Compare May 9, 2026 13:59

github-actions Bot added semver/minor Semver minor version bump approved Auto-approved dependency update lgtm Auto-approved dependency update labels May 9, 2026

github-actions Bot added the risk/medium AI-assessed medium risk dependency update label May 9, 2026

github-actions Bot reviewed May 9, 2026

View reviewed changes

red-hat-konflux Bot force-pushed the konflux/mintmaker/main/go-modules-controller-runtime-and-k8s branch from 3f5e9b5 to 9072a24 Compare May 9, 2026 17:45

github-actions Bot added risk/medium AI-assessed medium risk dependency update and removed risk/medium AI-assessed medium risk dependency update labels May 9, 2026

github-actions Bot reviewed May 9, 2026

View reviewed changes

red-hat-konflux Bot force-pushed the konflux/mintmaker/main/go-modules-controller-runtime-and-k8s branch from 9072a24 to 1d6fd39 Compare May 10, 2026 06:08

github-actions Bot added risk/medium AI-assessed medium risk dependency update and removed risk/medium AI-assessed medium risk dependency update labels May 10, 2026

github-actions Bot reviewed May 10, 2026

View reviewed changes

red-hat-konflux Bot force-pushed the konflux/mintmaker/main/go-modules-controller-runtime-and-k8s branch from 1d6fd39 to 5f5b3be Compare May 11, 2026 16:01

github-actions Bot added risk/medium AI-assessed medium risk dependency update and removed risk/medium AI-assessed medium risk dependency update labels May 11, 2026

github-actions Bot reviewed May 11, 2026

View reviewed changes

fix(deps): update go-modules controller-runtime and k8s

3c8c571

Signed-off-by: red-hat-konflux <126015336+red-hat-konflux[bot]@users.noreply.github.com>

red-hat-konflux Bot force-pushed the konflux/mintmaker/main/go-modules-controller-runtime-and-k8s branch from 5f5b3be to 3c8c571 Compare May 11, 2026 20:48

github-actions Bot added risk/medium AI-assessed medium risk dependency update and removed risk/medium AI-assessed medium risk dependency update labels May 11, 2026

github-actions Bot reviewed May 11, 2026

View reviewed changes

oswcab closed this May 12, 2026

Conversation

red-hat-konflux Bot commented Apr 14, 2026 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Release Notes

⚠️ Breaking Changes

🐛 Bug Fixes

🌱 Others

🌱 CI & linters

Dependencies

Added

Changed

Removed

What's Changed

What's Changed

What's Changed

🔆 Highlights

⚠️ Breaking changes

✨ Features

🐛 Bugfixes

🌱 Other

📖 Documentation

Dependencies

Added

Changed

Removed

New Contributors

What's Changed

What's Changed

What's Changed

What's Changed

What's Changed

🔆 Highlights

Configuration

Documentation

Uh oh!

snyk-io Bot commented Apr 14, 2026 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

✅ Snyk checks have passed. No issues have been found so far.

Uh oh!

red-hat-konflux Bot commented Apr 14, 2026 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

ℹ️ Artifact update notice

File name: go.mod

Uh oh!

codecov-commenter commented Apr 14, 2026 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Codecov Report

Uh oh!

github-actions Bot commented May 9, 2026 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

AI Dependency Impact Analysis

Risk Level: MEDIUM

Summary of Dependency Changes

Affected Code

Breaking Change Assessment

Security Assessment

Recommended Action

Risk Level: MEDIUM

Summary of Dependency Changes

Affected Code

Breaking Change Assessment

Security Assessment

Recommended Action

Risk Level: MEDIUM

Summary of Dependency Changes

Affected Code

Breaking Change Assessment

Security Assessment

Recommended Action

red-hat-konflux Bot commented Apr 14, 2026 •

edited

Loading

snyk-io Bot commented Apr 14, 2026 •

edited

Loading

red-hat-konflux Bot commented Apr 14, 2026 •

edited

Loading

codecov-commenter commented Apr 14, 2026 •

edited

Loading

github-actions Bot commented May 9, 2026 •

edited

Loading