fix(deps): upgrade kube to 4.0.0 and k8s-openapi to 0.28.0 (#140)#141
Merged
Conversation
- Replace removed "latest" feature with explicit "v1_32" - Upgrade reqwest to 0.13 (now compatible with cynic 3.x) - Add json and query features for reqwest 0.13 - Replace k8s_openapi::serde_json re-export with direct import - Adapt jiff::Timestamp API (to_string instead of to_rfc3339) Closes #140 Supersedes #59 Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
There was a problem hiding this comment.
Pull request overview
This PR performs a coordinated Rust dependency upgrade of the Kubernetes client stack (kube + k8s-openapi) to resolve the CI failure described in #140 (previously hit by #59), along with a reqwest upgrade to align with the cynic 3.x HTTP client integration.
Changes:
- Upgrade
kubeto4.0.0andk8s-openapito0.28.0, switching from the removedlatestfeature to an explicitv1_32feature. - Update code for upstream API changes: remove the
k8s_openapi::serde_jsonre-export usage and adjust timestamp formatting to match the new timestamp type. - Upgrade
reqwestto0.13with explicitjson+queryfeatures and refresh the lockfile accordingly.
Reviewed changes
Copilot reviewed 3 out of 4 changed files in this pull request and generated 1 comment.
| File | Description |
|---|---|
src/orchestrator/portainer/docker/portainer.rs |
Switch JSON usage away from the removed k8s-openapi serde_json re-export. |
src/orchestrator/kubernetes/kubernetes.rs |
Adjust timestamp serialization to match the new timestamp implementation in updated Kubernetes types. |
Cargo.toml |
Upgrade kube, k8s-openapi, and reqwest versions/features to restore compatibility. |
Cargo.lock |
Lockfile regeneration reflecting the coordinated dependency upgrade. |
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
ncarenton
added a commit
that referenced
this pull request
Jul 3, 2026
After upgrading reqwest from 0.12 to 0.13 (PR #141), the TLS backend switched from native-tls (OpenSSL) to rustls 0.23. In minimal Docker/K8s containers, rustls-platform-verifier fails to auto-install a CryptoProvider, causing all HTTPS requests to fail silently. This adds an explicit CryptoProvider::install_default() call at the start of main() using aws_lc_rs (rustls's recommended default provider). Closes #140 Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
Coordinated upgrade of Kubernetes client crates to fix CI failure on #59.
Changes
v1_32feature (thelatestfeature was removed in 0.28)json+queryfeatures (now compatible with cynic 3.x)Code adaptations
use k8s_openapi::serde_jsonwithuse serde_json(re-export removed in 0.28)timestamp.0.to_rfc3339()withtimestamp.0.to_string()(k8s-openapi 0.28 uses jiff::Timestamp instead of chrono)Context
PR #59 (Renovate) attempted to update k8s-openapi alone, but failed because:
"latest"feature was removed in 0.28 — explicit version features are now requiredkube2.0.1 depends on k8s-openapi 0.26.x, causing incompatible duplicate versionsThis PR supersedes #59 by doing the full coordinated upgrade.
Closes #140