Skip to content

Update Rust dependencies#802

Merged
jpculp merged 6 commits into
bottlerocket-os:developfrom
jpculp:20260216-deps
Feb 20, 2026
Merged

Update Rust dependencies#802
jpculp merged 6 commits into
bottlerocket-os:developfrom
jpculp:20260216-deps

Conversation

@jpculp

@jpculp jpculp commented Feb 17, 2026

Copy link
Copy Markdown
Member

Description of changes:

Updated various Rust dependencies including:

  • opentelemetry from 0.29 to 0.31.
  • kube from 0.88 to 2.
  • tokio from 1.46 to 1.47 LTS.
  • bottlerocket-sdk from 0.65.0 to 0.70.0.

Also removed unused webpki.

Testing done:

  • Updated k8s 1.29 cluster. (oldest supported)
  • Updated k8s 1.35 cluster. (latest)

Terms of contribution:

By submitting this pull request, I agree that this contribution is dual-licensed under the terms of both the Apache License, version 2.0, and the MIT license.

Signed-off-by: Patrick J.P. Culp <jpculp@amazon.com>
@jpculp jpculp requested review from cbgbt, mgsharm and ytsssun February 17, 2026 01:19
Comment thread Cargo.toml
# k8s-openapi must match the version required by kube and enable a k8s version feature
k8s-openapi = { version = "0.21", default-features = false, features = ["v1_24"] }
kube = { version = "0.88", default-features = false, features = [ "derive", "runtime", "rustls-tls" ] }
k8s-openapi = { version = "0.26", default-features = false, features = ["v1_30"] }

Copy link
Copy Markdown
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Although this is set to v1_30 (the oldest supported by k8s-openapi@0.26) I didn't have any issues updating a k8s 1.29 cluster.

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Kubernetes has a +/- 1 support story for the API, so 1.30 should work for 1.29.

We use very stable elements of the k8s API - theoretically very new versions of k8s could make changes that we don't support, but it is unlikely.

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The https://kubernetes.io/releases/version-skew-policy/ says slightly different - the controller/client should not be newer than the api-server. So technically there is no guaranteed compatibility between controllers under version 1.30 and api-server under 1.29.

Is it possible to pin it to 1_29 until we drop the 1.29 variants?

Copy link
Copy Markdown
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I don't think that's necessary since we've confirmed the ability to update on a 1.29 cluster. Extended support does drop soon, but I don't think we should hold these updates back when we've validated the operator functionality.

@jpculp

jpculp commented Feb 17, 2026

Copy link
Copy Markdown
Member Author

Addressed clippy warning.

Signed-off-by: Patrick J.P. Culp <jpculp@amazon.com>
Signed-off-by: Patrick J.P. Culp <jpculp@amazon.com>
@jpculp

jpculp commented Feb 17, 2026

Copy link
Copy Markdown
Member Author

Updated CRDs.

Updated cargo dependencies with minimal tweaks to reduce multiple versions.

Signed-off-by: Patrick J.P. Culp <jpculp@amazon.com>
Signed-off-by: Patrick J.P. Culp <jpculp@amazon.com>
@jpculp

jpculp commented Feb 17, 2026

Copy link
Copy Markdown
Member Author

Bump actix-web.

Comment thread Cargo.toml
Comment on lines -45 to 46
opentelemetry-instrumentation-actix-web = { version = "0.22", features = ["metrics"] }
opentelemetry-instrumentation-actix-web = { version = "0.23", features = ["metrics"] }

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

May be worth querying the metric endpoint to see that they are properly exposed.

Copy link
Copy Markdown
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

It looks like prometheus metrics are being properly exposed.

Comment on lines -278 to +282
pod_store.apply_watcher_event(&Event::Restarted(pods));
pod_store.apply_watcher_event(&Event::Init);
for pod in pods {
pod_store.apply_watcher_event(&Event::InitApply(pod));
}
pod_store.apply_watcher_event(&Event::InitDone);

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Do you know what the context on this change is?

Copy link
Copy Markdown
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

There was an API change in the kube-runtime reflector store. Basically Event::Restarted was broken up into three phases.

Comment thread Cargo.toml
# k8s-openapi must match the version required by kube and enable a k8s version feature
k8s-openapi = { version = "0.21", default-features = false, features = ["v1_24"] }
kube = { version = "0.88", default-features = false, features = [ "derive", "runtime", "rustls-tls" ] }
k8s-openapi = { version = "0.26", default-features = false, features = ["v1_30"] }

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Kubernetes has a +/- 1 support story for the API, so 1.30 should work for 1.29.

We use very stable elements of the k8s API - theoretically very new versions of k8s could make changes that we don't support, but it is unlikely.

Comment thread apiserver/Cargo.toml
opentelemetry-instrumentation-actix-web = { workspace = true }
rustls = { workspace = true }
rustls-pemfile = { workspace = true }
webpki = { workspace = true }

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

What prompts this removal? Is it just marked as unused?

Copy link
Copy Markdown
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Just unused. We could leave it but it adds an unnecessary dependency and we have to keep clarify.toml and deny.toml up to date to accommodate it.

@jpculp jpculp requested a review from cbgbt February 17, 2026 23:59
Comment thread apiserver/src/main.rs
@@ -153,7 +153,7 @@ pub mod apiserver_error {

#[snafu(display("Error creating prometheus registry: '{}'", source))]
PrometheusRegsitry {

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Nit: we have some pre-existing typo...

Suggested change
PrometheusRegsitry {
PrometheusRegistry {

Copy link
Copy Markdown
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Since this is an already big change I'd like to save this for a separate PR.

Comment thread controller/src/main.rs
@@ -190,7 +190,7 @@ pub mod controller_error {

#[snafu(display("Error creating prometheus registry: '{}'", source))]
PrometheusRegsitry {

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Nit: we have pre-existing typo

Suggested change
PrometheusRegsitry {
PrometheusRegistry {

Comment thread Cargo.toml
k8s-openapi = { version = "0.21", default-features = false, features = ["v1_24"] }
kube = { version = "0.88", default-features = false, features = [ "derive", "runtime", "rustls-tls" ] }
k8s-openapi = { version = "0.26", default-features = false, features = ["v1_30"] }
kube = { version = "2", default-features = false, features = [ "derive", "runtime", "rustls-tls" ] }

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

kube crate has a 3.0 now. Any concern if we further bump to that?

Copy link
Copy Markdown
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

We want to maintain compatibility with v1_30. Jumping to kube@3.0 only guarantees API compatibility with a minimum of v1_31.

@jpculp jpculp merged commit c8d9be9 into bottlerocket-os:develop Feb 20, 2026
2 checks passed
@jpculp jpculp deleted the 20260216-deps branch February 20, 2026 23:21
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

4 participants