chore(deps): update k8s related bumps

[renovate]

This PR contains the following updates:

Package	Update	Change
k14s/kapp	minor	0.63.3 -> 0.64.0
k14s/ytt	patch	0.51.0 -> 0.51.1
kudobuilder/kuttl	minor	0.19.0 -> 0.20.0
mikefarah/yq	patch	4.44.5 -> 4.44.6

To easily extract checksums: yq_version=;curl -sSL https://github.com/mikefarah/yq/releases/download/v${jq_version}/checksums |grep "yq_linux_amd64 "|cut -d' ' -f37

---

Release Notes

k14s/kapp (k14s/kapp)

v0.64.0

Compare Source

Installation and signature verification

Installation

By downloading binary from the release

For instance, if you are using Linux on an AMD64 architecture:

##### Download the binary
curl -LO https://github.com/carvel-dev/kapp/releases/download/v0.64.0/kapp-linux-amd64

##### Move the binary in to your PATH
mv kapp-linux-amd64 /usr/local/bin/kapp

##### Make the binary executable
chmod +x /usr/local/bin/kapp

Via Homebrew (macOS or Linux)

$ brew tap carvel-dev/carvel
$ brew install kapp
$ kapp version  

Verify checksums file signature

The checksums file provided within the artifacts attached to this release is signed using Cosign with GitHub OIDC(Refer this page for cosign installation). To validate the signature of this file, run the following commands:

##### Download the checksums file, certificate and signature
curl -LO https://github.com/carvel-dev/kapp/releases/download/v0.64.0/checksums.txt
curl -LO https://github.com/carvel-dev/kapp/releases/download/v0.64.0/checksums.txt.pem
curl -LO https://github.com/carvel-dev/kapp/releases/download/v0.64.0/checksums.txt.sig

##### Verify the checksums file
cosign verify-blob checksums.txt \
  --certificate checksums.txt.pem \
  --signature checksums.txt.sig \
  --certificate-identity-regexp=https://github.com/carvel-dev \
  --certificate-oidc-issuer=https://token.actions.githubusercontent.com

Verify binary integrity

To verify the integrity of the downloaded binary, you can utilize the checksums file after having validated its signature.

##### Verify the binary using the checksums file
sha256sum -c checksums.txt --ignore-missing

✨ What's new

• Make ownership override allowed apps flag dangerous by @​100mik
• Add filter for apps for which ownership can be overriden by @​100mik
• Adding timeout in waitRules by @​rohitagg2020 in #​994
• Providing startTime and currentTime to facilitate timeout in case of ytt wait rules by @​rohitagg2020 and @​praveenrewar in #​1023
• Show actual log during custom wait rule if asked specifically by @​rohitagg2020 in #​1038
• Bump Go version to 1.23.3 by @​devanshuVmware in #​1039

Full Changelog: carvel-dev/kapp@v0.63.0...v0.64.0

📂 Files Checksum

0daa557bf6b00f99c187219b7765dc758a16801f5db462b88479d55aaae9b008  ./kapp-darwin-amd64
14207d33130e833d201f2cd6e3e87435fb8b9534298843ed3c00fe7cda5221df  ./kapp-linux-amd64
1c23dd0108db458ed1cd6b18b013073e3cea51195b5cc076efaef803320c2fd4  ./kapp-windows-amd64.exe
ee25c54f54d7035f0f74b85cd33cea6d81e8f172e0a70288d0b3e4335caff54e  ./kapp-darwin-arm64
fc7617107fa87480e6326c1cdf2c62708f455c9d96f8e9550fb5e848c296cc80  ./kapp-linux-arm64

k14s/ytt (k14s/ytt)

v0.51.1

Compare Source

Installation and signature verification

Installation

By downloading binary from the release

For instance, if you are using Linux on an AMD64 architecture:

##### Download the binary
curl -LO https://github.com/carvel-dev/ytt/releases/download/v0.51.1/ytt-linux-amd64

##### Move the binary in to your PATH
mv kapp-linux-amd64 /usr/local/bin/ytt

##### Make the binary executable
chmod +x /usr/local/bin/ytt

Via Homebrew (macOS or Linux)

$ brew tap carvel-dev/carvel
$ brew install ytt
$ ytt version  

Verify checksums file signature

The checksums file provided within the artifacts attached to this release is signed using Cosign with GitHub OIDC(Refer this page for cosign installation). To validate the signature of this file, run the following commands:

##### Download the checksums file, certificate and signature
curl -LO https://github.com/carvel-dev/ytt/releases/download/v0.51.1/checksums.txt
curl -LO https://github.com/carvel-dev/ytt/releases/download/v0.51.1/checksums.txt.pem
curl -LO https://github.com/carvel-dev/ytt/releases/download/v0.51.1/checksums.txt.sig

##### Verify the checksums file
cosign verify-blob checksums.txt \
  --certificate checksums.txt.pem \
  --signature checksums.txt.sig \
  --certificate-identity-regexp=https://github.com/carvel-dev \
  --certificate-oidc-issuer=https://token.actions.githubusercontent.com

Verify binary integrity

To verify the integrity of the downloaded binary, you can utilize the checksums file after having validated its signature.

##### Verify the binary using the checksums file
sha256sum -c checksums.txt --ignore-missing

What's Changed

• Bump golang to 1.23.3 by @​devanshuVmware in #​937

Full Changelog: carvel-dev/ytt@v0.51.0...v0.51.1

📂 Files Checksum

026a12ee7108ff2d1150eb1347d544367d92e993ade7b2d2727c4c8d13a47a6b  ./ytt-linux-amd64
1d6e054b9fb237ca18943b870a4c99b46503b79e6f8bc698be2b06cc414225b1  ./ytt-darwin-arm64
455ea8a02f6fa3ae7e885fb06977c653c758fd65dd79f94954114eb4a7cd39fe  ./ytt-windows-arm64.exe
55849cab41cf7780b0d26da416395cf77576a434a4bcf883b0e2a29944325e7c  ./ytt-linux-arm64
833dda4d66e1d16d97dd8435140205587ddee6de25de3e1bf2d8766ad071e574  ./ytt-darwin-amd64
c2a918ab38781dccd48e7ee5c87f2d78ecce6bb8a47c957e087d689fd555c6d0  ./ytt-windows-amd64.exe

kudobuilder/kuttl (kudobuilder/kuttl)

v0.20.0: kuttl-v0.20.0

Compare Source

🚀 Highlights

• feat: Configurable report granularity (#​581)
• feat: add context switching in TestStep (#​560)

🐛 Bug Fixes

• Allow for processing tls-server-name attribute in kubeconfig context (#​587)
• fix: lock testsuite and sort child testcases (#​585)
• Clarify help terminology (#​583)
• fix: handle redundant deletion of Namespace (#​566)
• Remove mention of unsupported flag (#​561)

🔧 Other Changes

• chore: pre-factor code related to junit reporting (#​580)
• Make 0009-expression-based-assertions.md implementable (#​574)
• chore: add Expression-Based Assertions KEP (#​568)

🌱 Dependency bumps

• Bump go version to 1.22.7 (#​582)
• Bump the kubernetes group with 6 updates (#​563, #​571, #​577)
• Bump github.com/stretchr/testify from 1.9.0 to 1.10.0 (#​578)
• Bump github.com/Masterminds/semver/v3 from 3.3.0 to 3.3.1 (#​579)
• Bump sigs.k8s.io/kind from 0.24.0 to 0.25.0 in the kubernetes group (#​573)
• Bump sigs.k8s.io/controller-tools from 0.16.3 to 0.16.5 in the kubernetes group (#​570, #​572)
• Bump github.com/docker/docker from 27.2.0+incompatible to 27.3.1+incompatible (#​564, #​567)

Contributors

@​avorima, @​dependabot, @​dependabot[bot], @​gmolau, @​jwitko, @​kumar-mallikarjuna and @​porridge

mikefarah/yq (mikefarah/yq)

v4.44.6

Compare Source

• Fixed deleting items in array bug #​2027, #​2172; Thanks @​jandubois
  • Docker image for armv7 / raspberry pi3, Thanks @​brianegge
  • Fixed no-colors regression #​2218
  • Fixed various panic scenarios #​2211
  • Bumped dependencies

---

Configuration

📅 Schedule: Branch creation - "after 1pm on Monday,before 4pm on Monday" (UTC), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.

---

• If you want to rebase/retry this PR, check this box

---

This PR was generated by Mend Renovate. View the repository job log.