Meta Issue for k8s 1.29 bump

[Neo2308]

Meta Issue for k8s 1.29 bump

In order to bump Operator SDK to support Kubernetes 1.29 there are a few dependencies we rely on making the bump first.
This issue is meant to help track all dependencies and the status of their bumps.

Order of dependency bumps

Step 1: upgrade controller-runtime, controller-tools, helm, and operator-framework/operator-manifest-tools(can be done in parallel)

• sigs.k8s.io/controller-runtime (Request for v0.17.0 kubernetes-sigs/controller-runtime#2640)
• sigs.k8s.io/controller-tools (⚠️ Bump k8s deps to v0.29.0 kubernetes-sigs/controller-tools#872)
• operator-framework/operator-manifest-tools(chore(deps): bump k8s.io/apimachinery from 0.28.1 to 0.29.3 operator-manifest-tools#51)

Step 2: upgrade operator-framework/api and sigs.k8s.io/kubebuilder-declarative-pattern (can be done immediately after controller-runtime)

• operator-framework/api (Update modules to support k8s v0.29.2 api#319)
• sigs.k8s.io/kubebuilder-declarative-pattern

Step 3.1: upgrade operator-framework/operator-registry and operator-framework/operator-lib (can be done immediately after operator-framework/api)

• operator-framework/operator-registry
• operator-framework/operator-lib (Update golang & k8s dependencies operator-lib#167)

Step 3.2: upgrade kubebuilder (blocked until kubebuilder-declarative-pattern is bumped)

• sigs.k8s.io/kubebuilder/v3 (✨ (go/v4): upgrade to Support k8s 1.29 kubernetes-sigs/kubebuilder#3749)

Step 4: upgrade operator-framework plugins

• operator-framework/ansible-operator-plugins (Update k8s dependencies ansible-operator-plugins#67)
• operator-framework/helm-operator-plugins (🌱 Bump dependencies helm-operator-plugins#303)
• operator-framework/java-operator-plugins (Bump to go 1.21 & k8s 1.29 java-operator-plugins#144)

Step 5: upgrade operator-framework/operator-sdk dependencies

• Bump Ginkgo/v2 and Kubebuilder 1.29 (Bump k8s to 1.29 versions #6736)
• Bump SDK to use k8s 1.29 (Bump k8s to 1.29 versions #6736)

[varshaprasad96]

Keeping this open for the community. Please feel free to pick up any other issues. Any contribution would be appreciated :)

[acornett21]

We need to add the ansible plugin to the list as well.

[Neo2308]

@varshaprasad96 can you confirm that we no longer need to track the update in sigs.k8s.io/kubebuilder-declarative-pattern for these meta issues since kubernetes-sigs/kubebuilder#3395 is done?

(Removed the Bump envtest to 1.29 based on comments in #6554)

[liram-vardi]

Can also helm be upgraded as part of this issue?
In order to solve the following security violability:
GHSA-r53h-jv2g-vpx6

Thanks!

[danepowell]

The CVE for the above vulnerability is CVE-2024-26147 (I was having trouble searching for this issue based on the CVE)

[acornett21]

@Neo2308 I'll try to cut a release of the ansilbe-plugin on monday, since the rest of this week is a holiday.