Update kubernetes-asyncio requirement from <32 to <33 in /safir

[dependabot]

Updates the requirements on kubernetes-asyncio to permit the latest version.

Changelog

Sourced from kubernetes-asyncio's changelog.

v32.0.0

Breaking changes:

• fix rest api aiohttp timeout (#337, @​soamicharan)

  This fix may affect you if you don't configure timeout for watch/stream. Previously it was treated as 5 min, now it's forever.

API Change

• ACTION REQUIRED for custom scheduler plugin developers: PodEligibleToPreemptOthers in the preemption interface now includes ctx in the parameters. Please update your plugins' implementation accordingly. (#126465, @​googs1025) [SIG Scheduling]

• Changed NodeToStatusMap from a map to a struct and exposed methods to access the entries. Added absentNodesStatus, which informs the status of nodes that are absent in the map. For developers of out-of-tree PostFilter plugins, ensure to update the usage of NodeToStatusMap. Additionally, NodeToStatusMap should eventually be renamed to NodeToStatusReader. (#126022, @​macsko) [SIG Node, Scheduling, and Testing]

• A new /resize subresource was added to request pod resource resizing. Update your k8s client code to utilize the /resize subresource for Pod resizing operations. (#128266, @​AnishShah) [SIG API Machinery, Apps, Node and Testing]

• A new feature that allows unsafe deletion of corrupt resources has been added, it is disabled by default, and it can be enabled by setting the option --feature-gates=AllowUnsafeMalformedObjectDeletion=true. It comes with an API change, a new delete option ignoreStoreReadErrorWithClusterBreakingPotential has been introduced, it is not set by default, this maintains backward compatibility. In order to perform an unsafe deletion of a corrupt resource, the user must enable the option for the delete request. A resource is considered corrupt if it can not be successfully retrieved from the storage due to a) transformation error e.g. decryption failure, or b) the object failed to decode. Normal deletion flow is attempted first, and if it fails with a corrupt resource error then it triggers unsafe delete. In addition, when this feature is enabled, the 'details' field of 'Status' from the LIST response includes information that identifies the corrupt object(s). NOTE: unsafe deletion ignores finalizer constraints, and skips precondition checks. WARNING: this may break the workload associated with the resource being unsafe-deleted, if it relies on the normal deletion flow, so cluster breaking consequences apply. (#127513, @​tkashem) [SIG API Machinery, Etcd, Node and Testing]

• Added singleProcessOOMKill flag to the kubelet configuration. Setting that to true enable single process OOM killing in cgroups v2. In this mode, if a single process is OOM killed within a container, the remaining processes will not be OOM killed. (#126096, @​utam0k) [SIG API Machinery, Node, Testing and Windows]

• Added a /flagz endpoint for kube-apiserver endpoint. (#127581, @​richabanker) [SIG API Machinery, Architecture, Auth and Instrumentation]

• Added a Stream field to PodLogOptions, which allows clients to request certain log stream (stdout or stderr) of the container. Please also note that the combination of a specific Stream and TailLines is not supported. (#127360, @​knight42) [SIG API Machinery, Apps, Architecture, Node, Release and Testing]

• Added alpha support for asynchronous Pod preemption. When the SchedulerAsyncPreemption feature gate is enabled, the scheduler now runs API calls to trigger preemptions asynchronously for better performance. (#128170, @​sanposhiho) [SIG Scheduling and Testing]

• Added driver-owned fields in ResourceClaim.Status to report device status data for each allocated device. (#128240, @​LionelJouin) [SIG API Machinery, Network, Node and Testing]

• Added enforcement of an upper cost bound for DRA evaluations of CEL. The API server and scheduler now enforce an upper bound on the cost and runtime steps required for evaluating a CEL expression. (#128101, @​pohly) [SIG API Machinery and Node]

• Added the ability to change the maximum backoff delay accrued between container restarts for a node for containers in CrashLoopBackOff. To set this for a node, turn on the feature gate KubeletCrashLoopBackoffMax and set the CrashLoopBackOff.MaxContainerRestartPeriod field between "1s" and "300s" in your kubelet config file. (#128374, @​lauralorenz) [SIG API Machinery and Node]

• Allow for Pod search domains to be a single dot . or contain an underscore _ (#127167, @​adrianmoisey) [SIG Apps, Network and Testing]

• Annotation batch.kubernetes.io/cronjob-scheduled-timestamp added to Job objects scheduled from CronJobs is promoted to stable. (#128336, @​soltysh)

• Apply fsGroup policy for ReadWriteOncePod volumes. (#128244, @​gnufied) [SIG Storage and Testing]

• Changed the Pod API to support resources at spec level for pod-level resources. (#128407, @​ndixita) [SIG API Machinery, Apps, CLI, Cluster Lifecycle, Node, Release, Scheduling and Testing]

• ContainerStatus.AllocatedResources is now guarded by a separate feature gate, InPlacePodVerticalSaclingAllocatedStatus (#128377, @​tallclair) [SIG API Machinery, CLI, Node, Scheduling and Testing]

• Coordination.v1alpha1 API is dropped and replaced with coordination.v1alpha2. Old coordination.v1alpha1 types must be deleted before upgrade (#127857, @​Jefftree) [SIG API Machinery, Etcd, Scheduling and Testing]

• DRA: Restricted the length of opaque device configuration parameters. At admission time, Kubernetes enforces a 10KiB size limit. (#128601, @​pohly) [SIG API Machinery, Apps, Auth, Etcd, Node, Scheduling and Testing]

• DRA: scheduling pods is up to 16x faster, depending on the scenario. Scheduling throughput depends a lot on cluster utilization. It is higher for lightly loaded clusters with free resources and gets lower when the cluster utilization increases. (#127277, @​pohly) [SIG API Machinery, Apps, Architecture, Auth, Etcd, Instrumentation, Node, Scheduling and Testing]

• DRA: the DeviceRequestAllocationResult struct now has an "AdminAccess" field which should be used instead of the corresponding field in the DeviceRequest field when dealing with an allocation. If a device is only allocated for admin access, allocating it again for normal usage is now supported, as originally intended. To allow admin access, starting with 1.32 the DRAAdminAccess feature gate must be enabled. (#127266, @​pohly) [SIG API Machinery, Apps, Auth, Etcd, Network, Node, Scheduling and Testing]

• Disallow k8s.io and kubernetes.io namespaced extra key in structured authentication configuration. (#126553, @​aramase) [SIG Auth]

• Fixed a bug in the NestedNumberAsFloat64 Unstructured field accessor that could have caused it to return rounded float64 values instead of errors when accessing very large int64 values. (#128099, @​benluddy)

• Fixed the bug where spec.terminationGracePeriodSeconds of the pod will always be overwritten by the MaxPodGracePeriodSeconds of the soft eviction, you can enable the AllowOverwriteTerminationGracePeriodSeconds feature gate, which will restore the previous behavior. If you do need to set this, please file an issue with the Kubernetes project to help contributors understand why you needed it. (#122890, @​HirazawaUi) [SIG API Machinery, Architecture, Node and Testing]

... (truncated)

Commits

• 8db5d19 release v32.0.0
• 84e4e28 regenerate client for release 32.0.0 (#344)
• 99ace17 [doc] update changelog
• 193c9f2 allow resource names >2 parts (#343)
• 5e5de93 Add notice about a breaking change (#341)
• 1978af8 chore(deps): bump codecov/codecov-action from 4 to 5 (#340)
• 6897114 fix rest api aiohttp timeout (#337)
• 089f487 chore(deps): update sphinx requirement (#336)
• 73d443e regenerate client for release 31.1.0 (#335)
• 7d11519 Fix content-type detection for object sending as patch (#334)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)