Skip to content

fix(deps): upgrade kube to 4.0.0 and k8s-openapi to 0.28.0 (#140)#141

Merged
ncarenton merged 1 commit into
masterfrom
fix/upgrade-kube-k8s-openapi
Jul 2, 2026
Merged

fix(deps): upgrade kube to 4.0.0 and k8s-openapi to 0.28.0 (#140)#141
ncarenton merged 1 commit into
masterfrom
fix/upgrade-kube-k8s-openapi

Conversation

@ncarenton

Copy link
Copy Markdown
Member

Summary

Coordinated upgrade of Kubernetes client crates to fix CI failure on #59.

Changes

  • k8s-openapi: 0.26.1 → 0.28.0 with explicit v1_32 feature (the latest feature was removed in 0.28)
  • kube: 2.0.1 → 4.0.0 (required for k8s-openapi 0.28 compatibility)
  • reqwest: 0.12.28 → 0.13 with json + query features (now compatible with cynic 3.x)

Code adaptations

  • Replace use k8s_openapi::serde_json with use serde_json (re-export removed in 0.28)
  • Replace timestamp.0.to_rfc3339() with timestamp.0.to_string() (k8s-openapi 0.28 uses jiff::Timestamp instead of chrono)

Context

PR #59 (Renovate) attempted to update k8s-openapi alone, but failed because:

  1. The "latest" feature was removed in 0.28 — explicit version features are now required
  2. kube 2.0.1 depends on k8s-openapi 0.26.x, causing incompatible duplicate versions

This PR supersedes #59 by doing the full coordinated upgrade.

Closes #140

- Replace removed "latest" feature with explicit "v1_32"
- Upgrade reqwest to 0.13 (now compatible with cynic 3.x)
- Add json and query features for reqwest 0.13
- Replace k8s_openapi::serde_json re-export with direct import
- Adapt jiff::Timestamp API (to_string instead of to_rfc3339)

Closes #140
Supersedes #59

Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
Copilot AI review requested due to automatic review settings July 2, 2026 13:19
@Filigran-Automation Filigran-Automation changed the title fix(deps): upgrade kube to 4.0.0 and k8s-openapi to 0.28.0 fix(deps): upgrade kube to 4.0.0 and k8s-openapi to 0.28.0 (#140) Jul 2, 2026
@Filigran-Automation Filigran-Automation added the filigran team Item from the Filigran team. label Jul 2, 2026

Copilot AI left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

This PR performs a coordinated Rust dependency upgrade of the Kubernetes client stack (kube + k8s-openapi) to resolve the CI failure described in #140 (previously hit by #59), along with a reqwest upgrade to align with the cynic 3.x HTTP client integration.

Changes:

  • Upgrade kube to 4.0.0 and k8s-openapi to 0.28.0, switching from the removed latest feature to an explicit v1_32 feature.
  • Update code for upstream API changes: remove the k8s_openapi::serde_json re-export usage and adjust timestamp formatting to match the new timestamp type.
  • Upgrade reqwest to 0.13 with explicit json + query features and refresh the lockfile accordingly.

Reviewed changes

Copilot reviewed 3 out of 4 changed files in this pull request and generated 1 comment.

File Description
src/orchestrator/portainer/docker/portainer.rs Switch JSON usage away from the removed k8s-openapi serde_json re-export.
src/orchestrator/kubernetes/kubernetes.rs Adjust timestamp serialization to match the new timestamp implementation in updated Kubernetes types.
Cargo.toml Upgrade kube, k8s-openapi, and reqwest versions/features to restore compatibility.
Cargo.lock Lockfile regeneration reflecting the coordinated dependency upgrade.

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

Comment thread Cargo.toml
@ncarenton ncarenton requested review from Kakudou, mariot and throuxel July 2, 2026 13:31

@mariot mariot left a comment

Copy link
Copy Markdown
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

nice! it works on local

@ncarenton ncarenton merged commit f7cc7d4 into master Jul 2, 2026
7 of 8 checks passed
@ncarenton ncarenton deleted the fix/upgrade-kube-k8s-openapi branch July 2, 2026 15:41
ncarenton added a commit that referenced this pull request Jul 3, 2026
After upgrading reqwest from 0.12 to 0.13 (PR #141), the TLS backend
switched from native-tls (OpenSSL) to rustls 0.23. In minimal Docker/K8s
containers, rustls-platform-verifier fails to auto-install a CryptoProvider,
causing all HTTPS requests to fail silently.

This adds an explicit CryptoProvider::install_default() call at the start
of main() using aws_lc_rs (rustls's recommended default provider).

Closes #140

Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

filigran team Item from the Filigran team.

Projects

None yet

Development

Successfully merging this pull request may close these issues.

fix(deps): upgrade kube and k8s-openapi together for compatibility

4 participants