Skip to content

🌱 Bump CAPI to v1.11 and k8s to v1.33 #5720

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 21 commits into
base: main
Choose a base branch
from
Open

🌱 Bump CAPI to v1.11 and k8s to v1.33 #5720

wants to merge 21 commits into from
+1,886 −1,850

Conversation

@clebs
Copy link

@clebs clebs commented Oct 23, 2025

What type of PR is this?
/kind support

What this PR does / why we need it:
This PR bumps CAPI to v1.11.0, and k8s to v1.33.3.

  • Update all imports to v1beta2 types except for conditions staying in v1beta1.
  • Adapt source code to work with v1beta2 and deprecated conditions.
  • Manually update conversions.

Which issue(s) this PR fixes (optional, in fixes #<issue number>(, fixes #<issue_number>, ...) format, will close the issue(s) when PR gets merged):
Fixes #5593

Replaces #5624

Special notes for your reviewer:

Checklist:

  • squashed commits
  • includes documentation
  • includes emoji in title
  • adds unit tests
  • adds or updates e2e tests

Release note:

Bump CAPI to v1.11 and k8s to v1.33

@k8s-ci-robot k8s-ci-robot added release-note Denotes a PR that will be considered when it comes time to generate release notes. kind/support Categorizes issue or PR as a support question. labels Oct 23, 2025
@k8s-ci-robot
Copy link
Contributor

k8s-ci-robot commented Oct 23, 2025

[APPROVALNOTIFIER] This PR is NOT APPROVED

This pull-request has been approved by:
Once this PR has been reviewed and has the lgtm label, please assign ankitasw for approval. For more information see the Code Review Process.

The full list of commands accepted by this bot can be found here.

Needs approval from an approver in each of these files:

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

@k8s-ci-robot k8s-ci-robot added needs-priority cncf-cla: yes Indicates the PR's author has signed the CNCF CLA. labels Oct 23, 2025
@k8s-ci-robot
Copy link
Contributor

k8s-ci-robot commented Oct 23, 2025

Welcome @clebs!

It looks like this is your first PR to kubernetes-sigs/cluster-api-provider-aws 🎉. Please refer to our pull request process documentation to help your PR have a smooth ride to approval.

You will be prompted by a bot to use commands during the review process. Do not be afraid to follow the prompts! It is okay to experiment. Here is the bot commands documentation.

You can also check if kubernetes-sigs/cluster-api-provider-aws has its own contribution guidelines.

You may want to refer to our testing guide if you run into trouble with your tests not passing.

If you are having difficulty getting your pull request seen, please follow the recommended escalation practices. Also, for tips and tricks in the contribution process you may want to read the Kubernetes contributor cheat sheet. We want to make sure your contribution gets all the attention it needs!

Thank you, and welcome to Kubernetes. 😃

@k8s-ci-robot
Copy link
Contributor

k8s-ci-robot commented Oct 23, 2025

Hi @clebs. Thanks for your PR.

I'm waiting for a github.com member to verify that this patch is reasonable to test. If it is, they should reply with /ok-to-test on its own line. Until that is done, I will not automatically test new commits in this PR, but the usual testing commands by org members will still work. Regular contributors should join the org to skip this step.

Once the patch is verified, the new status will be reflected by the ok-to-test label.

I understand the commands that are listed here.

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository.

@k8s-ci-robot k8s-ci-robot added needs-ok-to-test Indicates a PR that requires an org member to verify it is safe to test. size/XXL Denotes a PR that changes 1000+ lines, ignoring generated files. labels Oct 23, 2025
@clebs clebs mentioned this pull request Oct 23, 2025
Closed
5 tasks
@clebs
Copy link
Author

clebs commented Oct 23, 2025

@richardcase This PR here based on @bryan-cox's: #5720

Changes:

  • Rebased the PR to main
  • Fixed missing/wrong go modules
  • Updated all imports to use the new v1beta2 API, except for conditions which stay on v1beta1
  • Adapted all the code to properly use the new types
  • Add adapters to use v1beta1.Conditions with v1beta1types
  • Manually fix converters for FailureDomains

Current state:

  • Code compiles
  • Generation fails because of manual conversions required
  • Working on linting issues

@chrischdi
Copy link
Member

chrischdi commented Oct 23, 2025

/ok-to-test

@k8s-ci-robot k8s-ci-robot added ok-to-test Indicates a non-member PR verified by an org member that is safe to test. and removed needs-ok-to-test Indicates a PR that requires an org member to verify it is safe to test. labels Oct 23, 2025
chrischdi
chrischdi reviewed Oct 23, 2025
View reviewed changes
chrischdi
chrischdi reviewed Oct 23, 2025
View reviewed changes
chrischdi
chrischdi reviewed Oct 23, 2025
View reviewed changes
chrischdi
chrischdi reviewed Oct 23, 2025
View reviewed changes
chrischdi
chrischdi reviewed Oct 23, 2025
View reviewed changes
chrischdi
chrischdi reviewed Oct 23, 2025
View reviewed changes
chrischdi
chrischdi reviewed Oct 23, 2025
View reviewed changes
chrischdi
chrischdi reviewed Oct 23, 2025
View reviewed changes
raykrueger
raykrueger reviewed Oct 23, 2025
View reviewed changes
test/e2e/data/e2e_eks_conf.yaml
Copy link

@raykrueger raykrueger Oct 23, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Should we be bumping KUBERNETES_VERSION_MANAGEMENT and KUBERNETES_VERSION_UPGRADE_FROM to target 1.33 in this file?

cnmcavoy
cnmcavoy reviewed Oct 23, 2025
View reviewed changes
cnmcavoy
cnmcavoy suggested changes Oct 23, 2025
View reviewed changes
Copy link
Contributor

@cnmcavoy cnmcavoy left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

See my comment on the subnet filtering regression

@clebs clebs requested a review from chrischdi October 27, 2025 15:08
chrischdi
chrischdi reviewed Oct 27, 2025
View reviewed changes
chrischdi
chrischdi reviewed Oct 27, 2025
View reviewed changes
@clebs clebs force-pushed the bump-capi-k8s-deps branch from 4d0faa6 to e6be7ad Compare October 27, 2025 16:08
@chrischdi
Copy link
Member

chrischdi commented Oct 27, 2025

/test pull-cluster-api-provider-aws-e2e-blocking

@damdo damdo mentioned this pull request Oct 30, 2025
Draft
5 tasks
@k8s-ci-robot k8s-ci-robot added the needs-rebase Indicates a PR cannot be merged because it has merge conflicts with HEAD. label Oct 30, 2025
bryan-cox and others added 21 commits November 4, 2025 17:34
@bryan-cox @clebs
deps: upgrade Kubernetes dependencies to v0.33.4
ee6fce8 
- Update core Kubernetes dependencies from v0.32.3 to v0.33.4:
  - k8s.io/api, k8s.io/apimachinery, k8s.io/client-go
  - k8s.io/apiserver, k8s.io/cli-runtime, k8s.io/kubectl
  - k8s.io/apiextensions-apiserver, k8s.io/component-base
- Upgrade prometheus/client_golang from v1.19.1 to v1.22.0
- Update cel.dev/expr from v0.18.0 to v0.19.1
- Upgrade google/cel-go from v0.22.0 to v0.23.2
- Update golang.org/x/time from v0.8.0 to v0.9.0
- Upgrade gRPC from v1.67.3 to v1.68.1
- Update OpenTelemetry packages to v1.33.0
- Refresh k8s.io/utils and other indirect dependencies
- Update kube-openapi and structured-merge-diff versions
@bryan-cox @clebs
deps: update cluster-api to v1.11.1 and controller-runtime to v0.21.0
20af79e 
- Upgrade cluster-api from v1.10.2 to v1.11.1
- Upgrade controller-runtime from v0.20.4 to v0.21.0
- Update various golang.org/x/* packages
- Update testing dependencies (ginkgo, gomega)
- Update OpenTelemetry and other indirect dependencies
@bryan-cox @clebs
WIP no IDE errors
cdfc75a
@bryan-cox @clebs
WIP IDE Errors
c20e1a0
@clebs
Fix go dependencies
d10730b 
Signed-off-by: Borja Clemente <[email protected]>
@clebs
Update imports, code and generations to CAPI 1.11
5b8b38f 
- Update all imports to v1beta2 types except for conditions staying in
  v1beta1.
- Adapt source code to work with v1beta2 and deprecated conditions.
- Manually update conversions.

Signed-off-by: Borja Clemente <[email protected]>
@clebs
Update linting pkg alias and fix broken imports blocks
de4606d 
Signed-off-by: Borja Clemente <[email protected]>
@clebs
Remove unnecessary Paused constants
61f6fc9 
Signed-off-by: Borja Clemente <[email protected]>
@clebs
Fix import aliases
70a0d76 
Signed-off-by: Borja Clemente <[email protected]>
@clebs
Fix broken imports
0ef5f05 
Signed-off-by: Borja Clemente <[email protected]>
@clebs
Revert public APIS back to v1beta1 while internally using v1beta2
ff6aa09 
Introducing v1beta2 on public types is a breaking change so they have to
stay in v1beta1. Internally though, migration to v1beta2 is happening
(except for conditions).

Signed-off-by: Borja Clemente <[email protected]>
@clebs
Revert infrav1 conditions to v1beta1 and consolidate imports
ebef99d 
Signed-off-by: Borja Clemente <[email protected]>
@clebs
Consolidate conditions imports and fix linting
33d0ce7 
Signed-off-by: Borja Clemente <[email protected]>
@clebs
Fix regression in machine deployments without failure domain set
e5a746f 
Signed-off-by: Borja Clemente <[email protected]>
@clebs
Revert missing public APIs to v1beta1
26cc89b 
Signed-off-by: Borja Clemente <[email protected]>
@clebs
Consolidate infrav1beta1 imports into infrav1
54523b6 
Signed-off-by: Borja Clemente <[email protected]>
@clebs
Remove unused conditions constants
90943cd 
Signed-off-by: Borja Clemente <[email protected]>
@clebs
Fix setting wrong condition type
039ce26 
Signed-off-by: Borja Clemente <[email protected]>
@clebs
Cast v1beta1 conditions instead of creating a new constant
8a317a9 
Signed-off-by: Borja Clemente <[email protected]>
@clebs
Revert changed public APIs and adapt internally to v1beta2
05fdd90 
Signed-off-by: Borja Clemente <[email protected]>
@clebs
Resolve conflicts with main
7dc9647 
Signed-off-by: Borja Clemente <[email protected]>
@clebs clebs force-pushed the bump-capi-k8s-deps branch from 610720a to 7dc9647 Compare November 4, 2025 16:47
@k8s-ci-robot k8s-ci-robot removed the needs-rebase Indicates a PR cannot be merged because it has merge conflicts with HEAD. label Nov 4, 2025
@k8s-ci-robot
Copy link
Contributor

k8s-ci-robot commented Nov 4, 2025
edited
Loading

@clebs: The following tests failed, say /retest to rerun all failed tests or /retest-required to rerun all mandatory failed tests:

Test name Commit Details Required Rerun command
pull-cluster-api-provider-aws-test 7dc9647 link true /test pull-cluster-api-provider-aws-test
pull-cluster-api-provider-aws-verify 7dc9647 link true /test pull-cluster-api-provider-aws-verify
pull-cluster-api-provider-aws-e2e-blocking 7dc9647 link true /test pull-cluster-api-provider-aws-e2e-blocking

Full PR test history. Your PR dashboard. Please help us cut down on flakes by linking to an open issue when you hit one in your PR.

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository. I understand the commands that are listed here.

chrischdi
chrischdi reviewed Nov 5, 2025
View reviewed changes
Copy link
Member

@chrischdi chrischdi left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Some notes:

  • I did not fully review the unit tests
  • Using the label constants from v1beta2 can be okay (as long as the consts did not change), so these decisions are only comments, I think up to the maintainers to decide.
    • I started to add these comments but stopped later on.
  • As a follow up: all usages of v1beta1conditions should be reviewed (places where we set v1beta1 conditions on CAPI objects like MachinePool) and considered if we additionally want to set a v1beta2 condition

api/v1beta1/types.go
"k8s.io/apimachinery/pkg/util/sets"

clusterv1 "sigs.k8s.io/cluster-api/api/v1beta1"
clusterv1 "sigs.k8s.io/cluster-api/api/core/v1beta2"
Copy link
Member

@chrischdi chrischdi Nov 5, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This changes:

// Instance describes an AWS instance.
type Instance struct {
...
	// Addresses contains the AWS instance associated addresses.
	Addresses []clusterv1.MachineAddress `json:"addresses,omitempty"`
...

to use the v1beta2 struct.

The v1beta2 struct does now set "omitempty" so there's a change in marshalling behavoir.

My personal opinion on this is: keep using v1beta1 here, but up to the CAPA maintainers.

Impact of keeping v1beta1:
We'd have to convert

Copy link
Member

@chrischdi chrischdi Nov 5, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Just noticed, in CAPA v1beta2 we keep using clusterv1beta1, so we should also do the same here.

Copy link
Author

@clebs clebs Nov 5, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This must have been set back on the rebase... I went through all these on the public API.
Will do a more in depth verification.

api/v1beta1/conditions_consts.go
package v1beta1

import clusterv1 "sigs.k8s.io/cluster-api/api/v1beta1"
import clusterv1beta1 "sigs.k8s.io/cluster-api/api/core/v1beta1" //nolint:staticcheck
Copy link
Member

@chrischdi chrischdi Nov 5, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Nit: Maybe worth adding to .golangci.yml that api/v1beta1 and api/v1beta2 are allowed to use that instead of adding the nolint everywhere.

api/v1beta2/awscluster_webhook_test.go
"sigs.k8s.io/cluster-api-provider-aws/v2/util/defaulting"
clusterv1 "sigs.k8s.io/cluster-api/api/v1beta1"
clusterv1beta1 "sigs.k8s.io/cluster-api/api/core/v1beta1" //nolint:staticcheck
clusterv1 "sigs.k8s.io/cluster-api/api/core/v1beta2"
Copy link
Member

@chrischdi chrischdi Nov 5, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
clusterv1 "sigs.k8s.io/cluster-api/api/core/v1beta2"

We should be able to only use clusterv1beta1 here.

bootstrap/eks/controllers/eksconfig_controller.go
}

if cluster.Spec.ControlPlaneRef == nil || cluster.Spec.ControlPlaneRef.Kind != "AWSManagedControlPlane" {
if cluster.Spec.ControlPlaneRef.Name == "" || cluster.Spec.ControlPlaneRef.Kind != "AWSManagedControlPlane" {
Copy link
Member

@chrischdi chrischdi Nov 5, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
if cluster.Spec.ControlPlaneRef.Name == "" || cluster.Spec.ControlPlaneRef.Kind != "AWSManagedControlPlane" {
if cluster.Spec.ControlPlaneRef.IsDefined() || cluster.Spec.ControlPlaneRef.Kind != "AWSManagedControlPlane" {

bootstrap/eks/controllers/eksconfig_controller.go
}

if !cluster.Status.InfrastructureReady {
if !meta.IsStatusConditionTrue(cluster.GetConditions(), string(clusterv1beta1.InfrastructureReadyCondition)) {
Copy link
Member

@chrischdi chrischdi Nov 5, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The replacement is cluster.Status.Initialization.InfrastructureProvisioned

Suggested change
if !meta.IsStatusConditionTrue(cluster.GetConditions(), string(clusterv1beta1.InfrastructureReadyCondition)) {
if !ptr.Deref(cluster.Status.Initialization.InfrastructureProvisioned, false) {

test/e2e/data/e2e_conf.yaml
new: --metrics-bind-addr=:8080
- name: v1.10.2 # latest published release in the v1beta1 series; this is used for v1beta1 --> main clusterctl upgrades test only.
value: "https://github.com/kubernetes-sigs/cluster-api/releases/download/v1.10.2/core-components.yaml"
- name: v1.11.0 # latest published release in the v1beta1 series; this is used for v1beta1 --> main clusterctl upgrades test only.
Copy link
Member

@chrischdi chrischdi Nov 5, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
- name: v1.11.0 # latest published release in the v1beta1 series; this is used for v1beta1 --> main clusterctl upgrades test only.
- name: v1.11.1 # latest published release in the v1beta1 series; this is used for v1beta1 --> main clusterctl upgrades test only.

test/e2e/data/e2e_conf.yaml
new: --metrics-bind-addr=:8080
- name: v1.10.2 # latest published release in the v1beta1 series; this is used for v1beta1 --> main clusterctl upgrades test only.
value: "https://github.com/kubernetes-sigs/cluster-api/releases/download/v1.10.2/bootstrap-components.yaml"
- name: v1.11.0 # latest published release in the v1beta1 series; this is used for v1beta1 --> main clusterctl upgrades test only.
Copy link
Member

@chrischdi chrischdi Nov 5, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
- name: v1.11.0 # latest published release in the v1beta1 series; this is used for v1beta1 --> main clusterctl upgrades test only.
- name: v1.11.1 # latest published release in the v1beta1 series; this is used for v1beta1 --> main clusterctl upgrades test only.

test/e2e/data/e2e_conf.yaml
new: --metrics-bind-addr=:8080
- name: v1.10.2 # latest published release in the v1beta1 series; this is used for v1beta1 --> v1beta1 latest clusterctl upgrades test only.
value: "https://github.com/kubernetes-sigs/cluster-api/releases/download/v1.10.2/control-plane-components.yaml"
- name: v1.11.0 # latest published release in the v1beta1 series; this is used for v1beta1 --> v1beta1 latest clusterctl upgrades test only.
Copy link
Member

@chrischdi chrischdi Nov 5, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
- name: v1.11.0 # latest published release in the v1beta1 series; this is used for v1beta1 --> v1beta1 latest clusterctl upgrades test only.
- name: v1.11.1 # latest published release in the v1beta1 series; this is used for v1beta1 --> v1beta1 latest clusterctl upgrades test only.

Copy link
Member

@chrischdi chrischdi Nov 5, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Note: the comment does not fit here.
As this releases is the v1beta2 series.

util/paused/paused.go
func pausedCondition(scheme *runtime.Scheme, cluster *clusterv1.Cluster, obj ConditionSetter, targetConditionType string) clusterv1.Condition {
if (cluster != nil && cluster.Spec.Paused) || annotations.HasPaused(obj) {
func pausedCondition(scheme *runtime.Scheme, cluster *clusterv1.Cluster, obj ConditionSetter, targetConditionType string) clusterv1beta1.Condition {
if (cluster != nil && cluster.Spec.Paused != nil && *cluster.Spec.Paused) || annotations.HasPaused(obj) {
Copy link
Member

@chrischdi chrischdi Nov 5, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
if (cluster != nil && cluster.Spec.Paused != nil && *cluster.Spec.Paused) || annotations.HasPaused(obj) {
if (cluster != nil && ptr.Deref(cluster.Spec.Paused, false) || annotations.HasPaused(obj) {

util/paused/paused.go
if (cluster != nil && cluster.Spec.Paused != nil && *cluster.Spec.Paused) || annotations.HasPaused(obj) {
var messages []string
if cluster != nil && cluster.Spec.Paused {
if cluster != nil && cluster.Spec.Paused != nil && *cluster.Spec.Paused {
Copy link
Member

@chrischdi chrischdi Nov 5, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
if cluster != nil && cluster.Spec.Paused != nil && *cluster.Spec.Paused {
if cluster != nil && ptr.Deref(cluster.Spec.Paused, false) {

chrischdi
chrischdi reviewed Nov 5, 2025
View reviewed changes
Copy link
Member

@chrischdi chrischdi left a comment
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Some notes:

  • I did not fully review the unit tests
  • Using the label constants from v1beta2 can be okay (as long as the consts did not change), so these decisions are only comments, I think up to the maintainers to decide.
    • I started to add these comments but stopped later on.
  • As a follow up: all usages of v1beta1conditions should be reviewed (places where we set v1beta1 conditions on CAPI objects like MachinePool) and considered if we additionally want to set a v1beta2 condition
  • Also to fix fuzz tests: we now need to use randfill.Continue instead of fuzz.Continue.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@richardcase richardcase Awaiting requested review from richardcase

@serngawy serngawy Awaiting requested review from serngawy

3 more reviewers

@raykrueger raykrueger raykrueger left review comments

@chrischdi chrischdi chrischdi left review comments

@cnmcavoy cnmcavoy cnmcavoy requested changes

Reviewers whose approvals may not affect merge requirements

Assignees

No one assigned

Labels

cncf-cla: yes Indicates the PR's author has signed the CNCF CLA. kind/support Categorizes issue or PR as a support question. needs-priority ok-to-test Indicates a non-member PR verified by an org member that is safe to test. release-note Denotes a PR that will be considered when it comes time to generate release notes. size/XXL Denotes a PR that changes 1000+ lines, ignoring generated files.

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

CAPI v1.11.0 has been released and is ready for testing

6 participants

@clebs @k8s-ci-robot @chrischdi @raykrueger @cnmcavoy @bryan-cox