build(deps): bump kubernetes from 27.2.0 to 28.1.0

[dependabot[bot]]

Bumps kubernetes from 27.2.0 to 28.1.0.

Release notes

Sourced from kubernetes's releases.

v28.1.0

Getting started:

pip install --pre --upgrade kubernetes

Or from source, download attached zip file, then

unzip client-python-v28.1.0.zip
cd client-python-v28.1.0
python setup.py install

Then follow examples in https://github.com/kubernetes-client/python/tree/release-28.0/examples

Changelog: https://github.com/kubernetes-client/python/blob/release-28.0/CHANGELOG.md

Kubernetes Python Client v28.1.0 Beta 1 Release

Getting started:

pip install --pre --upgrade kubernetes

Or from source, download attached zip file, then

unzip client-python-v28.1.0b1.zip
cd client-python-v28.1.0b1
python setup.py install

Then follow examples in https://github.com/kubernetes-client/python/tree/release-28.0/examples

Changelog: https://github.com/kubernetes-client/python/blob/release-28.0/CHANGELOG.md

Kubernetes Python Client v28.1.0 Alpha 1 Release

Getting started:

pip install --pre --upgrade kubernetes

Or from source, download attached zip file, then

unzip client-python-v28.1.0a1.zip
cd client-python-v28.1.0a1
</tr></table> 

... (truncated)

Changelog

Sourced from kubernetes's changelog.

v28.1.0

Kubernetes API Version: v1.28.2

API Change

• Fixed a bug where CEL expressions in CRD validation rules would incorrectly compute a high estimated cost for functions that return strings, lists or maps. The incorrect cost was evident when the result of a function was used in subsequent operations. (kubernetes/kubernetes#119807, @​jpbetz) [SIG API Machinery, Auth and Cloud Provider]
• Mark Job onPodConditions as optional in pod failure policy (kubernetes/kubernetes#120208, @​mimowo) [SIG API Machinery and Apps]

v28.1.0b1

Kubernetes API Version: v1.28.1

v28.1.0a1

Kubernetes API Version: v1.28.1

API Change

• A CDIDevice field is included in the Device Plugin's ContainerAllocateResponse. This field maps to the CDIDevice field in the CRI protocol. (kubernetes/kubernetes#118254, @​elezar) [SIG Node and Testing]
• ACTION_REQUIRED When an Indexed Job has a number of completions higher than 10^5 and parallelism higher than 10^4, and a big number of Indexes fail, Kubernetes might not be able to track the termination of the Job. Kubernetes now emits a warning, at Job creation, when the Job manifest exceeds both of these limits. (kubernetes/kubernetes#118420, @​alculquicondor) [SIG Apps]
• Added ServedVersions field to StorageVersion API. (kubernetes/kubernetes#118386, @​Richabanker)
• Added IP mode field to loadbalancer status ingress. (kubernetes/kubernetes#118895, @​RyanAoh)
• Added podReplacementPolicy and terminating field to job api. (kubernetes/kubernetes#119301, @​kannon92)
• Added a new namespaceParamRef field to admissionregistration.k8s.io/v1alpha1.ValidatingAdmissionPolicy. (kubernetes/kubernetes#119215, @​alexzielenski) [SIG API Machinery and Testing]
• Added a warning that TLS 1.3 ciphers are not configurable. (kubernetes/kubernetes#115399, @​3u13r) [SIG API Machinery and Node]
• Added error handling for seccomp localhost configurations that do not properly set a localhostProfile. (kubernetes/kubernetes#117020, @​cji)
• Added fields reason and fieldPath into CRD validation rules to allow users to specify reason and field path when validation failed. (kubernetes/kubernetes#118041, @​cici37) [SIG API Machinery]
• Added namespace access support to the CEL expressions of ValidatingAdmissionPolicy via a namespaceObject variable with expressions. (kubernetes/kubernetes#118267, @​cici37) [SIG API Machinery and Testing]
• Added new CRDValidationRatcheting alpha feature. During a PATCH or UPDATE Validation Ratcheting discards errors thrown by unchanged portions of the resource from most OpenAPI schema validations. (kubernetes/kubernetes#118990, @​alexzielenski)
• Added new annotation batch.kubernetes.io/cronjob-scheduled-timestamp to Job objects scheduled from CronJobs. (kubernetes/kubernetes#118137, @​helayoty)
• Added new config option delayCacheUntilActive to KubeSchedulerConfiguration that can provide a tradeoff between memory efficiency and scheduling speed when their leadership is updated in kube-scheduler (kubernetes/kubernetes#115754, @​linxiulei) [SIG API Machinery and Scheduling]
• Changed how KMS v2 encryption at rest can generate data encryption keys. When you enable the KMSv2KDF feature gate (off by default), KMS v2 uses a key derivation function to generate single use data encryption keys from a secret seed combined with some random data. This eliminates the need for a counter based nonce while avoiding nonce collision concerns associated with AES-GCM's 12 byte nonce. (kubernetes/kubernetes#118828, @​enj)
• Exposed rest.DefaultServerUrlFor function. (kubernetes/kubernetes#118055, @​timofurrer)
• Extended the Job API for alpha version of BackoffLimitPerIndex. (kubernetes/kubernetes#119294, @​mimowo)
• Graduated AdmissionWebhookMatchCondition feature to beta. (kubernetes/kubernetes#119380, @​a-hilaly)
• If using cgroups v2, then the cgroup aware OOM killer will be enabled for container cgroups via memory.oom.group . This causes processes within the cgroup to be treated as a unit and killed simultaneously in the event of an OOM kill on any process in the cgroup. (kubernetes/kubernetes#117793, @​tzneal) [SIG Apps, Node and Testing]
• In the API Priority and Fairness feature, priority levels that are exempt from limitation can now be given a nominal and a lendable concurrency and their dispatching borrows from the concurrency limits of the other priority levels. For details see https://github.com/kubernetes/enhancements/tree/master/keps/sig-api-machinery/1040-priority-and-fairness#dispatching . (kubernetes/kubernetes#118782, @​MikeSpreitzer) [SIG API Machinery]
• Indexed Job pods now have the pod completion index set as a pod label. (kubernetes/kubernetes#118883, @​danielvegamyhre) [SIG Apps]
• Kube-proxy: added --logging-format flag to support structured logging. (kubernetes/kubernetes#117800, @​cyclinder)
• NodeVolumeLimits implement the PreFilter extension point for skipping the Filter phase if the Pod doesn't use volumes with limits. (kubernetes/kubernetes#115398, @​tangwz) [SIG Scheduling]
• PersistentVolumes have a new LastPhaseTransitionTime field which holds a timestamp of when the volume last transitioned its phase. (kubernetes/kubernetes#116469, @​RomanBednar)
• Pods which set hostNetwork: true and declare ports, get the hostPort field set automatically. Previously this would happen in the PodTemplate of a Deployment, DaemonSet or other workload API. Now hostPort will only be set when an actual Pod is being created. If this presents a problem, setting the feature gate "DefaultHostNetworkHostPortsInPodTemplates" to true will revert this behavior. Please file a kubernetes bug if you need to do this. (kubernetes/kubernetes#117696, @​thockin) [SIG Apps]
• Promoted API groups ValidatingAdmissionPolicy and ValidatingAdmissionPolicyBinding to v1beta1. (kubernetes/kubernetes#118644, @​alexzielenski) [SIG API Machinery, Apps and Testing]
• Promoted the feature gate ValidtaingAdmissionPolicy to beta, and it is turned off by default. (kubernetes/kubernetes#119409, @​alexzielenski)
• Registered_metric_total, disabled_metric_total, hidden_metric_total & kubernetes_feature_enabled are promoted to BETA stability. (kubernetes/kubernetes#119264, @​logicalhan) [SIG API Machinery, Architecture, Cluster Lifecycle and Instrumentation]

... (truncated)

Commits

• 4df2bf3 Merge pull request #2126 from yliaog/automated-release-of-28.1.0-upstream-rel...
• 103e083 updated compatibility matrix and maintenance status
• 867f337 generated client change
• 07b75c5 update changelog
• 8dbeca3 update version constants for 28.1.0 release
• 8a7e24b chore: use f-string
• d77daf4 chore: move yaml files to correct folder
• d58c6c1 Bump actions/checkout from 3 to 4
• 292fb0a Merge pull request #2120 from yliaog/automated-release-of-28.1.0b1-upstream-r...
• c22bcaf updated README compatibility matrix
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)