🌱 Update Update Golang Dependencies group (minor)

[cluster-stack-bot]

This PR contains the following updates:

Package	Change	Age	Adoption	Passing	Confidence
github.com/onsi/ginkgo/v2	v2.25.3 -> v2.27.3
golang.org/x/mod	v0.28.0 -> v0.31.0
golang.org/x/oauth2	v0.31.0 -> v0.34.0
sigs.k8s.io/kind	v0.30.0 -> v0.31.0

---

Warning

Some dependencies could not be looked up. Check the Dependency Dashboard for more information.

---

Release Notes

onsi/ginkgo (github.com/onsi/ginkgo/v2)

v2.27.3

Compare Source

2.27.3

Fixes

report exit result in case of failure [1c9f356]
fix data race [ece19c8]

v2.27.2

Compare Source

2.27.2

Fixes

• inline automaxprocs to simplify dependencies; this will be removed when Go 1.26 comes out [a69113a]

Maintenance

• Fix syntax errors and typo [a99c6e0]
• Fix paragraph position error [f993df5]

v2.27.1

Compare Source

2.27.1

Fixes

• Fix Ginkgo Reporter slice-bounds panic [606c1cb]
• Bug Fix: Add GinkoTBWrapper.Attr() and GinkoTBWrapper.Output() [a6463b3]

v2.27.0

Compare Source

2.27.0

Features

Transforming Nodes during Tree Construction

This release adds support for NodeArgsTransformers that can be registered with AddTreeConstructionNodeArgsTransformer.

These are called during the tree construction phase as nodes are constructed and can modify the node strings and decorators. This enables frameworks built on top of Ginkgo to modify Ginkgo nodes and enforce conventions.

Learn more here.

Spec Prioritization

A new SpecPriority(int) decorator has been added. Ginkgo will honor priority when ordering specs, ensuring that higher priority specs start running before lower priority specs

Learn more here.

Maintenance

• Bump rexml from 3.4.0 to 3.4.2 in /docs (#​1595) [1333dae]
• Bump github.com/gkampitakis/go-snaps from 0.5.14 to 0.5.15 (#​1600) [17ae63e]

v2.26.0

Compare Source

2.26.0

Features

Ginkgo can now generate json-formatted reports that are compatible with the go test json format. Use ginkgo --gojson-report=report.go.json. This is not intended to be a replacement for Ginkgo's native json format which is more information rich and better models Ginkgo's test structure semantics.

kubernetes-sigs/kind (sigs.k8s.io/kind)

v0.31.0

Compare Source

This release contains dependency updates and defaults to Kubernetes 1.35.0.

Please take note of the breaking changes from Kubernetes 1.35, and how to prepare for future changes to move off of the deprecated kubeam v1beta3 in favor of v1beta4. We will include updated reminders for both again in subsequent releases.

Breaking Changes

The default node image is now kindest/node:v1.35.0@​sha256:452d707d4862f52530247495d180205e029056831160e22870e37e3f6c1ac31f

Kubernetes 1.35+ Cgroup v1

Kubernetes will be removing cgroup v1 support, and therefore kind node images at those versions will also be dropping support.

You can read more about this change in the Kubernetes release blog: https://kubernetes.io/blog/2025/12/17/kubernetes-v1-35-release/#removal-of-cgroup-v1-support

If you must use kind on cgroup v1, we recommend using an older Kubernetes release for the immediate future, but we also strongly recommend migrating to cgroup v2.

In the near future as Kubernetes support dwindles, KIND will also clean up cgroup v1 workarounds and drop support in future kind releases and images, regardless of Kubernetes version.

Most stable linux distros should be on cgroupv2 out of the box.

This is a reminder to use pinned images by digest, see the note below about images for this release.

Kubeadm Config *Future* Breaking Change

WARNING: Future kind releases will adopt kubeadm v1beta4 configuration, kubeadm v1beta4 has a breaking change to extraArgs: https://kubernetes.io/blog/2024/08/23/kubernetes-1-31-kubeadm-v1beta4/.

If you use the kubeadmConfigPatches feature then you may need to prepare for this change.
We recommend that you use versioned config patches that explicitly match the version required.

KIND uses kubeadm v1beta3 for Kubernetes 1.23+, and will likely use v1beta4 for Kubernetes 1.36+
The exact version is TBD pending work to fix this but expected to be 1.36.
It will definitely be an as-of-yet-unreleased Kubernetes version to avoid surprises, and it will not be on a patch-release boundary.

KIND may still work with older Kubernetes versions at v1beta2, but we no longer test or actively support these as Kubernetes only supports 1.32+ currently: https://kubernetes.io/releases/

You likely only need v1beta3 + v1beta4 patches, you can take your existing patches that work with v1beta3, explicitly set apiVersion: kubeadm.k8s.io/v1beta3 in the patch at the top level, and make another copy for v1beta4. The v1beta4 patch will need to move extraArgs from a map to a list, for examples see: https://kubernetes.io/docs/reference/config-api/kubeadm-config.v1beta4/

For a concrete example of kind config with kubeadm config patch targeting both v1beta3 and v1beta4, consider this simple kind config that sets verbosity of the apiserver logs:

kind: Cluster
apiVersion: kind.x-k8s.io/v1alpha4
kubeadmConfigPatches:

# patch for v1beta3 (1.23 ...)
- |
  kind: ClusterConfiguration
  apiVersion: kubeadm.k8s.io/v1beta3
  apiServer:
    extraArgs:
      "v": "4"

# patch for v1beta4 (future)
- |
  kind: ClusterConfiguration
  apiVersion: kubeadm.k8s.io/v1beta4
  apiServer:
    extraArgs:
      - name: "v"
        value: "4"

If you only need to target a particular release, you can use one version.

If you only need to target fields that did not change between kubeadm beta versions, you can use a versionless patch, which may be more convenient, but we cannot guarantee there will be no future kubeadm config breaking changes.

New Features

• Assorted unspecified dependency updates

Images pre-built for this release:

• v1.35.0: kindest/node:v1.35.0@​sha256:452d707d4862f52530247495d180205e029056831160e22870e37e3f6c1ac31f
• v1.34.3: kindest/node:v1.34.3@​sha256:08497ee19eace7b4b5348db5c6a1591d7752b164530a36f855cb0f2bdcbadd48
• v1.33.7: kindest/node:v1.33.7@​sha256:d26ef333bdb2cbe9862a0f7c3803ecc7b4303d8cea8e814b481b09949d353040
• v1.32.11: kindest/node:v1.32.11@​sha256:5fc52d52a7b9574015299724bd68f183702956aa4a2116ae75a63cb574b35af8
• v1.31.14: kindest/node:v1.31.14@​sha256:6f86cf509dbb42767b6e79debc3f2c32e4ee01386f0489b3b2be24b0a55aac2b

NOTE: You must use the @sha256 digest to guarantee an image built for this release, until such a time as we switch to a different tagging scheme. Even then we will highly encourage digest pinning for security and reproducibility reasons.

See also:

• https://kind.sigs.k8s.io/docs/user/quick-start/#creating-a-cluster
• https://kind.sigs.k8s.io/docs/user/quick-start/#building-images

NOTE: These node images support amd64 and arm64, both of our supported platforms. You must use the same platform as your host, for more context see #​2718

Fixes

• Detect additional edge case with ipv6 support on the host
• Make development / release scripts GOTOOLCHAIN aware

Contributors

Committers for this release:

• @​AkihiroSuda
• @​adambkaplan
• @​afbjorklund
• @​aoxn
• @​BenTheElder
• @​dependabot[bot]
• @​k8s-ci-robot
• @​kalexmills
• @​kishen-v
• @​mikejoh
• @​rayowang
• @​shahar1
• @​stmcginnis

---

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.

---

• If you want to rebase/retry this PR, check this box

[cluster-stack-bot]

ℹ Artifact update notice

File name: go.mod

In order to perform the update(s) described in the table above, Renovate ran the go get command, which resulted in the following additional change(s):

• 7 additional dependencies were updated

Details:

Package	Change
golang.org/x/sync	v0.16.0 -> v0.18.0
golang.org/x/crypto	v0.41.0 -> v0.44.0
golang.org/x/net	v0.43.0 -> v0.47.0
golang.org/x/sys	v0.35.0 -> v0.38.0
golang.org/x/term	v0.34.0 -> v0.37.0
golang.org/x/text	v0.28.0 -> v0.31.0
golang.org/x/tools	v0.36.0 -> v0.39.0

[cluster-stack-bot]

⚠️ Artifact update problem

Renovate failed to update an artifact related to this branch. You probably do not want to merge this PR as-is.

♻ Renovate will retry this branch, including artifacts, only when one of the following happens:

• any of the package files in this branch needs updating, or
• the branch becomes conflicted, or
• you click the rebase/retry checkbox if found above, or
• you rename this PR's title to start with "rebase!" to trigger it manually

The artifact failure details are included below:

File name: undefined

Command failed: BUILD_IMAGE_TOKEN=**redacted** BUILD_IMAGE_USER=kranurag7 CI=true ./hack/upgrade-builder-image.sh
+ set -o errexit
+ set -o nounset
+ set -o pipefail
+++ dirname ./hack/upgrade-builder-image.sh
++ realpath ./hack/..
+ REPO_ROOT=/tmp/renovate/repos/github/SovereignCloudStack/cluster-stack-operator
+ cd /tmp/renovate/repos/github/SovereignCloudStack/cluster-stack-operator
+ source /tmp/renovate/repos/github/SovereignCloudStack/cluster-stack-operator/hack/semver-upgrade.sh
++ set -o errexit
++ set -o nounset
++ set -o pipefail
++ set -x
+ '[' true = true ']'
+ echo **redacted**
+ docker login ghcr.io -u kranurag7 --password-stdin
++ git fetch --quiet origin main
++ git show origin/main:.builder-image-version.txt
+ export VERSION=1.1.34
+ VERSION=1.1.34
++ semver_upgrade patch 1.1.34
++ IFS=.
++ read -r version minor patch
++ case "$1" in
++ tag=1.1.35
++ echo 1.1.35
+ export NEW_VERSION=1.1.35
+ NEW_VERSION=1.1.35
+ echo 1.1.35
+ echo 'Wrote new version 1.1.35 to .builder-image-version.txt'
+ docker manifest inspect ghcr.io/sovereigncloudstack/cso-builder:1.1.34
+ echo 0
+ sed -i -e '/^BUILDER_IMAGE_VERSION /s/:=.*$/:= 1.1.35/' Makefile
+ for FILE in ${REPO_ROOT}/.github/workflows/*
+ grep 'image: ghcr.io/sovereigncloudstack/cso-builder' /tmp/renovate/repos/github/SovereignCloudStack/cluster-stack-operator/.github/workflows/build.yml
+ for FILE in ${REPO_ROOT}/.github/workflows/*
+ grep 'image: ghcr.io/sovereigncloudstack/cso-builder' /tmp/renovate/repos/github/SovereignCloudStack/cluster-stack-operator/.github/workflows/kubebuilder-markers-checker.yml
+ for FILE in ${REPO_ROOT}/.github/workflows/*
+ grep 'image: ghcr.io/sovereigncloudstack/cso-builder' /tmp/renovate/repos/github/SovereignCloudStack/cluster-stack-operator/.github/workflows/pr-lint.yml
+ sed -i -e '/image: ghcr\.io\/sovereigncloudstack\/cso-builder:/s/:.*$/: ghcr\.io\/sovereigncloudstack\/cso-builder:1.1.35/' /tmp/renovate/repos/github/SovereignCloudStack/cluster-stack-operator/.github/workflows/pr-lint.yml
+ for FILE in ${REPO_ROOT}/.github/workflows/*
+ grep 'image: ghcr.io/sovereigncloudstack/cso-builder' /tmp/renovate/repos/github/SovereignCloudStack/cluster-stack-operator/.github/workflows/pr-verify.yml
+ for FILE in ${REPO_ROOT}/.github/workflows/*
+ grep 'image: ghcr.io/sovereigncloudstack/cso-builder' /tmp/renovate/repos/github/SovereignCloudStack/cluster-stack-operator/.github/workflows/release.yml
+ for FILE in ${REPO_ROOT}/.github/workflows/*
+ grep 'image: ghcr.io/sovereigncloudstack/cso-builder' /tmp/renovate/repos/github/SovereignCloudStack/cluster-stack-operator/.github/workflows/schedule-cache-cleaner-cso-image.yml
+ for FILE in ${REPO_ROOT}/.github/workflows/*
+ grep 'image: ghcr.io/sovereigncloudstack/cso-builder' /tmp/renovate/repos/github/SovereignCloudStack/cluster-stack-operator/.github/workflows/schedule-scan-image.yml
+ sed -i -e '/image: ghcr\.io\/sovereigncloudstack\/cso-builder:/s/:.*$/: ghcr\.io\/sovereigncloudstack\/cso-builder:1.1.35/' /tmp/renovate/repos/github/SovereignCloudStack/cluster-stack-operator/.github/workflows/schedule-scan-image.yml
+ for FILE in ${REPO_ROOT}/.github/workflows/*
+ grep 'image: ghcr.io/sovereigncloudstack/cso-builder' /tmp/renovate/repos/github/SovereignCloudStack/cluster-stack-operator/.github/workflows/schedule-update-bot.yaml
+ for FILE in ${REPO_ROOT}/.github/workflows/*
+ grep 'image: ghcr.io/sovereigncloudstack/cso-builder' /tmp/renovate/repos/github/SovereignCloudStack/cluster-stack-operator/.github/workflows/test.yml
+ docker build -t ghcr.io/sovereigncloudstack/cso-builder:1.1.35 ./images/builder
DEPRECATED: The legacy builder is deprecated and will be removed in a future release.
            Install the buildx component to build images with BuildKit:
            https://docs.docker.com/go/buildx/

+ docker push ghcr.io/sovereigncloudstack/cso-builder:1.1.35
Head "https://ghcr.io/v2/sovereigncloudstack/cso-builder/blobs/sha256:a0889577674e598c576cd40971daef97959635d25b6e9f9d4727d453345414bc": dial tcp 140.82.116.34:443: i/o timeout