Pin kubernetes<36 due to broken bearer-token auth

myakove · myakove · commit 01a258472971 · 2026-05-26T18:31:46.000+03:00
kubernetes v36.0.0 has a regression where auth_settings() no longer recognizes the 'authorization' key in api_key, silently dropping the Authorization header from all API requests. The upstream fix (PR #2585) is merged but not yet released. Pin to <36 until a patched v36.x ships. Ref: kubernetes-client/python#2582
diff --git a/pyproject.toml b/pyproject.toml
@@ -90,7 +90,7 @@ dependencies = [
   "deepdiff>=8.0.1",
   "jinja2>=3.1.4",
   "jsonschema>=4.20.0",
-  "kubernetes>=31.0.0",
+  "kubernetes>=31.0.0,<36",  # Upper bound: v36.0.0 has broken bearer-token auth (https://github.com/kubernetes-client/python/issues/2582), remove once v36.0.1+ ships with the fix
   "packaging>=24.1",
   "pyhelper-utils>=0.0.42",
   "python-benedict>=0.33.2",
