Skip to content

deps: bump kube from 3.1.0 to 4.0.0#285

Open
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/cargo/kube-4.0.0
Open

deps: bump kube from 3.1.0 to 4.0.0#285
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/cargo/kube-4.0.0

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Jun 22, 2026

Copy link
Copy Markdown
Contributor

Bumps kube from 3.1.0 to 4.0.0.

Release notes

Sourced from kube's releases.

4.0.0

New Major

As per the release schedule to match up with the latest Kubernetes ハル release. Lots of fixes and improvements. Thanks to everyone who contributed!

Kubernetes v1_36 support via k8s-openapi 0.28

Please upgrade k8s-openapi along with kube to avoid conflicts.

CEL Validation

A new optional crate kube-cel is being re-exported through kube::core::cel via kube-rs/kube#1954

Kubernetes CRDs support CEL validation rules via x-kubernetes-validations, and were supported from 3.0 via KubeSchema, but these rules could only be evaluated server-side by the API server.

The new crate allows evaluating these rules locally using rules matching the upstream Kubernetes CEL libraries.

While low-level, a higher-level CEL validator integrates with CustomResource via #[kube(cel)] from kube-rs/kube#2011 and can be used as;

#[derive(CustomResource, Serialize, Deserialize, Clone, KubeSchema)]
#[kube(group = "example.com", version = "v1", kind = "Foo", namespaced)]
#[kube(cel, validation = "self.spec.replicas >= 0")] // cel trigger + validation rule
struct FooSpec { replicas: i32 }
let foo = Foo::new("test", FooSpec { replicas: -1 });
foo.validate_cel()?;                     // new impl; checks creation rules
new_foo.validate_cel_update(&old_foo)?;  // new impl; checks transition rules

See examples/crd_derive_cel.rs for more details.

This is available under the kube/cel feature, courtesy of @​doxxx93.

Config

A lot of improvements to config handling;

Retry and Timeouts

Better timeout and retry handling to better deal with flaky network conditions, and busy or initializing apiservers.

Client

... (truncated)

Changelog

Sourced from kube's changelog.

4.0.0 / 2026-06-16

New Major

As per the release schedule to match up with the latest Kubernetes ハル release. Lots of fixes and improvements. Thanks to everyone who contributed!

Kubernetes v1_36 support via k8s-openapi 0.28

Please upgrade k8s-openapi along with kube to avoid conflicts.

CEL Validation

A new optional crate kube-cel is being re-exported through kube::core::cel via kube-rs/kube#1954

Kubernetes CRDs support CEL validation rules via x-kubernetes-validations, and were supported from 3.0 via KubeSchema, but these rules could only be evaluated server-side by the API server.

The new crate allows evaluating these rules locally using rules matching the upstream Kubernetes CEL libraries.

While low-level, a higher-level CEL validator integrates with CustomResource via #[kube(cel)] from kube-rs/kube#2011 and can be used as;

#[derive(CustomResource, Serialize, Deserialize, Clone, KubeSchema)]
#[kube(group = "example.com", version = "v1", kind = "Foo", namespaced)]
#[kube(cel, validation = "self.spec.replicas >= 0")] // cel trigger + validation rule
struct FooSpec { replicas: i32 }
let foo = Foo::new("test", FooSpec { replicas: -1 });
foo.validate_cel()?;                     // new impl; checks creation rules
new_foo.validate_cel_update(&old_foo)?;  // new impl; checks transition rules

See examples/crd_derive_cel.rs for more details.

This is available under the kube/cel feature, courtesy of @​doxxx93.

Config

A lot of improvements to config handling;

Retry and Timeouts

Better timeout and retry handling to better deal with flaky network conditions, and busy or initializing apiservers.

Client

... (truncated)

Commits
  • b4f0cc4 re-hook cel feature and move dev-dep pin
  • 163ade1 unhook dev-dep temporarily
  • 2a14dec release 4.0.0
  • 2310a06 feat(derive): client-side CEL validation via #[kube(cel)] / #[x_kube(cel)] (#...
  • 8d61784 Enable RetryPolicy::server_retry by default for Client (#2007)
  • a5b4f3f Box a large runtime error in ReconcilerErr (#1880)
  • 3dd76bc bump k8s-openapi to 0.28 (#2009)
  • 60ffe61 chore: group cel into the just hack feature-powerset (#2006)
  • c261d78 deps: bump kube-cel to 0.6.1 (validation surface flattened) (#2005)
  • 6c26657 refactor(runtime): rename Store::state_with/state_filtered per review feedbac...
  • Additional commits viewable in compare view

@dependabot dependabot Bot added dependencies Dependency updates rust Pull requests that update rust code labels Jun 22, 2026
@dependabot dependabot Bot force-pushed the dependabot/cargo/kube-4.0.0 branch from 393b2d2 to 3c932f9 Compare June 23, 2026 05:56
@raffaelschneider

Copy link
Copy Markdown
Contributor

Blocked on upstream gateway-api-rs — holding for now.

This bump can't merge in isolation. The dependency cluster is coupled:

  • kube 4.0 hard-requires k8s-openapi 0.28.
  • But gateway-api (our pinned git dep) — including its latest release v0.21.0 and current main — still pins kube 3.1 + k8s-openapi 0.27.

Result: the tree ends up with two copies of each crate, and the k8s-openapi 0.27 copy pulled transitively by gateway-api panics at build time:

error: failed to run custom build command for `k8s-openapi v0.27.1`
  None of the v1_* features are enabled on the k8s-openapi crate.

(Reproduced locally with kube = "4.0" + k8s-openapi = "0.28".)

The upstream migration is not done yet — it lives in two unmerged dependabot PRs on gateway-api-rs:

There is no gateway-api revision with both changes. Once upstream lands those together and cuts a release, we can bump kube, k8s-openapi, and gateway-api in one coordinated change (and update the k8s-openapi feature flag in crates/gateway/Cargo.toml). Holding this PR open until then.

@dependabot dependabot Bot force-pushed the dependabot/cargo/kube-4.0.0 branch from 3c932f9 to ff6f05e Compare June 23, 2026 09:08
Bumps [kube](https://github.com/kube-rs/kube) from 3.1.0 to 4.0.0.
- [Release notes](https://github.com/kube-rs/kube/releases)
- [Changelog](https://github.com/kube-rs/kube/blob/main/CHANGELOG.md)
- [Commits](kube-rs/kube@3.1.0...4.0.0)

---
updated-dependencies:
- dependency-name: kube
  dependency-version: 4.0.0
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot force-pushed the dependabot/cargo/kube-4.0.0 branch from ff6f05e to 909aa5d Compare June 30, 2026 19:16
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

dependencies Dependency updates rust Pull requests that update rust code

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant