Cherrypick 1.23

[cowsking]

No description provided.

[google-oss-prow]

[APPROVALNOTIFIER] This PR is NOT APPROVED

This pull-request has been approved by:
Once this PR has been reviewed and has the lgtm label, please assign sdowell for approval. For more information see the Kubernetes Code Review Process.

The full list of commands accepted by this bot can be found here.

Details

Needs approval from an approver in each of these files:

• OWNERS

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

[gemini-code-assist]

Summary of Changes

Hello @cowsking, I'm Gemini Code Assist¹! I'm currently reviewing this pull request and will post my feedback shortly. In the meantime, here's a summary to help you and other reviewers quickly get up to speed!

This pull request primarily focuses on updating core dependencies and enhancing the OpenTelemetry integration within the project. It brings the Go version and various third-party tools up to date, while also significantly improving the performance and stability of OpenTelemetry metric collection. Additionally, the changes refine the end-to-end testing infrastructure to better accommodate modern Kubernetes environments like GKE Autopilot, ensuring more robust and flexible test execution.

Highlights

• Dependency Updates: Multiple dependencies have been updated to their latest versions, including Go (1.25.5 to 1.25.7), Kustomize (v5.4.2-gke.1 to v5.4.2-gke.4), Helm (v3.18.6-gke.1 to v3.18.6-gke.3), Git Sync (v4.4.2-gke.12 to v4.4.2-gke.14), OpenTelemetry Collector (v0.127.0-gke.4 to v0.127.0-gke.6), Google Go API client (v0.264.0 to v0.265.0), and gRPC Gateway (v2.27.3 to v2.27.7). The OpenTelemetry SDK and its components have also been upgraded from v1.39.0 to v1.40.0.
• OpenTelemetry SDK Enhancements: The OpenTelemetry SDK has received significant updates, including the stabilization and integration of previously experimental features. Synchronous metric instruments now include an Enabled() method for performance optimization, allowing checks before computationally expensive operations. Performance of exemplar sampling and histogram/last-value aggregations has been improved through atomic operations and hot/cold swapping mechanisms. Semantic conventions have been updated to v1.39.0, and related RPC status code attributes have been refined.
• E2E Test Infrastructure Improvements: The end-to-end testing framework has been enhanced to better support GKE Autopilot clusters. The git server deployment now includes specific resource requests and limits, along with an empty node selector, to meet Autopilot requirements. A new InstallMethod enum has been introduced for Config Sync installation, allowing tests to explicitly choose between apply and update methods, improving flexibility and robustness in test setups and teardowns.
• OpenTelemetry Agent Configuration Streamlining: The OpenTelemetry agent configurations across various manifests have been simplified by removing explicit health check extensions, their associated ports (13133), and readiness probes. This change streamlines the deployment configurations for the OpenTelemetry agents.

🧠 New Feature in Public Preview: You can now enable Memory to help Gemini Code Assist learn from your team's feedback. This makes future code reviews more consistent and personalized to your project's style. Click here to enable Memory in your admin console.

Changelog

• Makefile
  • Updated GOLANG_IMAGE_VERSION from 1.25.5 to 1.25.7
  • Updated KUSTOMIZE_VERSION from v5.4.2-gke.1 to v5.4.2-gke.4
  • Updated HELM_VERSION from v3.18.6-gke.1 to v3.18.6-gke.3
  • Updated GIT_SYNC_VERSION from v4.4.2-gke.12__linux_amd64 to v4.4.2-gke.14__linux_amd64
  • Updated OTELCONTRIBCOL_VERSION from v0.127.0-gke.4 to v0.127.0-gke.6
• e2e/nomostest/config_sync.go
  • Introduced InstallMethod enum (apply, update) to define Config Sync installation strategy
  • Modified InstallConfigSync function to accept InstallMethod parameter, enabling server-side apply or client-side update logic
• e2e/nomostest/git-server.go
  • Imported k8s.io/apimachinery/pkg/api/resource for resource management
  • Added constants for CPU and memory requests (gitServerCPURequest, gitServerMemoryRequest, etc.) for Autopilot clusters
  • Updated installGitServer and gitServer functions to pass nt *NT context
  • Refactored gitDeployment to dynamically configure container and pod specifications
  • Implemented logic in gitDeployment to set resource requests/limits and an empty nodeSelector for GKE Autopilot clusters
• e2e/nomostest/new.go
  • Modified InstallConfigSync call to explicitly use InstallMethodApply
• e2e/testcases/cli_test.go
  • Removed ntopts.SkipConfigSyncInstall from nomostest.New calls
  • Updated InstallConfigSync calls in cleanup routines to use InstallMethodUpdate and added nt.Must(nt.WatchForAllSyncs())
  • Changed WatchForNotFound to WatchForCurrentStatus for Deployment and RootSyncV1Beta1 in migration and uninstall tests
• go.mod
  • Updated Go language version from 1.25.5 to 1.25.7
  • Updated go.opentelemetry.io/otel and related modules from v1.39.0 to v1.40.0
  • Updated google.golang.org/api from v0.264.0 to v0.265.0
  • Updated github.com/grpc-ecosystem/grpc-gateway/v2 from v2.27.3 to v2.27.7
  • Updated google.golang.org/genproto/googleapis/api and google.golang.org/genproto/googleapis/rpc versions
• go.sum
  • Updated checksums for various Go modules due to version bumps
• manifests/otel-agent-cm.yaml
  • Removed OpenTelemetry health check extension configuration
• manifests/otel-agent-reconciler-cm.yaml
  • Removed OpenTelemetry health check extension configuration
• manifests/templates/reconciler-manager-configmap.yaml
  • Removed OpenTelemetry health check port (13133) and readiness probe
• manifests/templates/reconciler-manager.yaml
  • Removed OpenTelemetry health check port (13133) and readiness probe
• manifests/templates/resourcegroup-manifest.yaml
  • Removed OpenTelemetry health check extension configuration and port (13133) and readiness probe
• pkg/hydrate/tool_util.go
  • Updated HelmVersion from v3.18.6-gke.1 to v3.18.6-gke.3
  • Updated KustomizeVersion from v5.4.2-gke.1 to v5.4.2-gke.4
• test/kustomization/expected.yaml
  • Removed OpenTelemetry health check extension configuration and ports/probes from expected YAML output
• vendor/go.opentelemetry.io/otel/.golangci.yml
  • Added modernize linter and disabled omitzero rule
• vendor/go.opentelemetry.io/otel/CHANGELOG.md
  • Added changelog entry for OpenTelemetry v1.40.0, detailing new features, performance improvements, fixes, and deprecations
• vendor/go.opentelemetry.io/otel/CONTRIBUTING.md
  • Updated semantic convention version references from v1.37.0 to v1.39.0
• vendor/go.opentelemetry.io/otel/attribute/internal/attribute.go
  • Refactored slice value conversion to use reflect.TypeFor for improved type safety and performance
• vendor/go.opentelemetry.io/otel/attribute/set.go
  • Refactored keyValueType initialization to use reflect.TypeFor
• vendor/go.opentelemetry.io/otel/attribute/value.go
  • Refactored IntSliceValue to use reflect.TypeFor
• vendor/go.opentelemetry.io/otel/baggage/baggage.go
  • Changed strings.Split to strings.SplitSeq for parsing baggage members
• vendor/go.opentelemetry.io/otel/dependencies.Dockerfile
  • Updated otel/weaver image version from v0.19.0 to v0.20.0
• vendor/go.opentelemetry.io/otel/exporters/otlp/otlpmetric/otlpmetricgrpc/version.go
  • Updated version from 1.39.0 to 1.40.0
• vendor/go.opentelemetry.io/otel/internal/global/instruments.go
  • Added Enabled() method to synchronous metric instruments (sfCounter, sfUpDownCounter, sfHistogram, sfGauge, siCounter, siUpDownCounter, siHistogram, siGauge)
• vendor/go.opentelemetry.io/otel/internal/global/meter.go
  • Refactored instrument kind identification to use reflect.TypeFor
• vendor/go.opentelemetry.io/otel/metric/asyncfloat64.go
  • Updated comments for Float64Callback to clarify reentrancy and concurrent safety
• vendor/go.opentelemetry.io/otel/metric/asyncint64.go
  • Updated comments for Int64Callback to clarify reentrancy and concurrent safety
• vendor/go.opentelemetry.io/otel/metric/meter.go
  • Updated comments for Callback to clarify reentrancy and concurrent safety
• vendor/go.opentelemetry.io/otel/metric/noop/noop.go
  • Added Enabled() method to no-op synchronous metric instruments
• vendor/go.opentelemetry.io/otel/metric/syncfloat64.go
  • Added Enabled() method to Float64Counter, Float64UpDownCounter, Float64Histogram, Float64Gauge interfaces
• vendor/go.opentelemetry.io/otel/metric/syncint64.go
  • Added Enabled() method to Int64Counter, Int64UpDownCounter, Int64Histogram, Int64Gauge interfaces
• vendor/go.opentelemetry.io/otel/sdk/metric/exemplar/fixed_size_reservoir.go
  • Introduced atomic.Uint64 and nextTracker for concurrent-safe count and next value tracking
  • Refactored NewFixedSizeReservoir to handle k bounds and use nextTracker
  • Changed randomFloat64 to a package-level function
• vendor/go.opentelemetry.io/otel/sdk/metric/exemplar/histogram_reservoir.go
  • Removed sync.Mutex from HistogramReservoir and refactored Offer and Collect for improved concurrency
• vendor/go.opentelemetry.io/otel/sdk/metric/exemplar/storage.go
  • Added sync.Mutex to measurement struct and implemented fine-grained locking for individual measurements
• vendor/go.opentelemetry.io/otel/sdk/metric/instrument.go
  • Removed go.opentelemetry.io/otel/sdk/metric/internal/x import and x.EnabledInstrument interface check
• vendor/go.opentelemetry.io/otel/sdk/metric/internal/aggregate/atomic.go
  • Added reset() method to atomicCounter and introduced generic atomicN and atomicMinMax structs
• vendor/go.opentelemetry.io/otel/sdk/metric/internal/aggregate/exponential_histogram.go
  • Removed count field from expoHistogramDataPoint and added count() method for dynamic calculation
• vendor/go.opentelemetry.io/otel/sdk/metric/internal/aggregate/histogram.go
  • Major refactoring to use atomic operations and hot/cold swapping for concurrent-safe histogram aggregation
• vendor/go.opentelemetry.io/otel/sdk/metric/internal/aggregate/lastvalue.go
  • Major refactoring to use atomic operations and hot/cold swapping for concurrent-safe last-value aggregation
• vendor/go.opentelemetry.io/otel/sdk/metric/internal/aggregate/sum.go
  • Refactored valueMap to sumValueMap for sum aggregation types
• vendor/go.opentelemetry.io/otel/sdk/metric/internal/observ/instrumentation.go
  • Updated semantic convention version references from v1.37.0 to v1.39.0
• vendor/go.opentelemetry.io/otel/sdk/metric/internal/x/README.md
  • Removed file, indicating stabilization of experimental features
• vendor/go.opentelemetry.io/otel/sdk/metric/internal/x/x.go
  • Removed file, indicating stabilization of experimental features
• vendor/go.opentelemetry.io/otel/sdk/metric/periodic_reader.go
  • Updated semantic convention version references from v1.37.0 to v1.39.0
• vendor/go.opentelemetry.io/otel/sdk/metric/pipeline.go
  • Adjusted isAggregatorCompatible logic for better readability
• vendor/go.opentelemetry.io/otel/sdk/metric/version.go
  • Updated version from 1.39.0 to 1.40.0
• vendor/go.opentelemetry.io/otel/sdk/resource/builtin.go
  • Updated semantic convention version references from v1.37.0 to v1.39.0
• vendor/go.opentelemetry.io/otel/sdk/resource/container.go
  • Updated semantic convention version references from v1.37.0 to v1.39.0
• vendor/go.opentelemetry.io/otel/sdk/resource/env.go
  • Updated semantic convention version references from v1.37.0 to v1.39.0
• vendor/go.opentelemetry.io/otel/sdk/resource/host_id.go
  • Changed ioreg command path to /usr/sbin/ioreg for Darwin and updated string splitting
• vendor/go.opentelemetry.io/otel/sdk/resource/os.go
  • Updated semantic convention version references from v1.37.0 to v1.39.0
• vendor/go.opentelemetry.io/otel/sdk/resource/process.go
  • Updated semantic convention version references from v1.37.0 to v1.39.0
• vendor/go.opentelemetry.io/otel/sdk/version.go
  • Updated version from 1.39.0 to 1.40.0
• vendor/go.opentelemetry.io/otel/semconv/v1.39.0/MIGRATION.md
  • Added new migration guide for OpenTelemetry semantic conventions v1.39.0
• vendor/go.opentelemetry.io/otel/semconv/v1.39.0/README.md
  • Added README for OpenTelemetry semantic conventions v1.39.0
• vendor/go.opentelemetry.io/otel/semconv/v1.39.0/doc.go
  • Added documentation for OpenTelemetry semantic conventions v1.39.0
• vendor/go.opentelemetry.io/otel/semconv/v1.39.0/error_type.go
  • Added ErrorType function for standardizing error type attributes
• vendor/go.opentelemetry.io/otel/semconv/v1.39.0/exception.go
  • Added ExceptionEventName constant
• vendor/go.opentelemetry.io/otel/semconv/v1.39.0/otelconv/metric.go
  • Renamed from v1.37.0/otelconv/metric.go and updated to reflect v1.39.0 semantic conventions, including changing AttrRPCGRPCStatusCode to AttrRPCResponseStatusCode
• vendor/go.opentelemetry.io/otel/semconv/v1.39.0/schema.go
  • Added SchemaURL constant for OpenTelemetry semantic conventions v1.39.0
• vendor/go.opentelemetry.io/otel/trace/auto.go
  • Updated semantic convention version references from v1.37.0 to v1.39.0
• vendor/go.opentelemetry.io/otel/version.go
  • Updated version from 1.39.0 to 1.40.0
• vendor/go.opentelemetry.io/otel/versions.yaml
  • Updated OpenTelemetry SDK versions and experimental metrics/logs versions
• vendor/google.golang.org/api/internal/version.go
  • Updated version from 0.264.0 to 0.265.0
• vendor/modules.txt
  • Updated various module versions to reflect changes in go.mod

Using Gemini Code Assist

The full guide for Gemini Code Assist can be found on our documentation page, here are some quick tips.

Invoking Gemini

You can request assistance from Gemini at any point by creating a comment using either /gemini <command> or @gemini-code-assist <command>. Below is a summary of the supported commands on the current page.

Feature	Command	Description
Code Review	/gemini review	Performs a code review for the current pull request in its current state.
Pull Request Summary	/gemini summary	Provides a summary of the current pull request in its current state.
Comment	@gemini-code-assist	Responds in comments when explicitly tagged, both in pull request comments and review comments.
Help	/gemini help	Displays a list of available commands.

Customization

To customize Gemini Code Assist for GitHub experience, repository maintainers can create a configuration file and/or provide a custom code review style guide (such as PEP-8 for Python) by creating and adding files to a .gemini/ folder in the base of the repository. Detailed instructions can be found here.

Limitations & Feedback

Gemini Code Assist may make mistakes. Please leave feedback on any instances where its feedback is incorrect or counter productive. You can react with 👍 and 👎 on @gemini-code-assist comments. If you're interested in giving your feedback about your experience with Gemini Code Assist for Github and other Google products, sign up here.

You can also get AI-powered code generation, chat, as well as code reviews directly in the IDE at no cost with the Gemini Code Assist IDE Extension.

Footnotes

1. Review the Privacy Notices, Generative AI Prohibited Use Policy, Terms of Service, and learn how to configure Gemini Code Assist in GitHub here. Gemini can make mistakes, so double check it and use code with caution. ↩

[gemini-code-assist]

Code Review

This pull request appears to be a cherry-pick that includes several dependency version bumps and related code changes. Key modifications include:

• Updating versions for Go, Kustomize, Helm, and several Go modules like OpenTelemetry.
• Introducing a new InstallMethodUpdate for installing Config Sync in tests, which uses a client-side update approach. I've noted a potential issue with this implementation regarding immutable fields on Kubernetes objects.
• Refactoring the git-server deployment in e2e tests to support GKE Autopilot clusters by adding resource requests/limits.
• Removing the OpenTelemetry agent health check extension and readiness probes from manifests, likely due to changes in the updated OpenTelemetry library.
• Fixing test logic in cli_test.go to correctly wait for resource statuses after migration.

Overall, the changes seem to be improvements and necessary updates, with one area of concern in the new test helper function.

[gemini-code-assist]

Using Update here can lead to errors for certain resource types, like Service. Update performs a full replacement. If the manifest object o doesn't specify a field that was set by the cluster and is immutable (e.g., Service.spec.clusterIP), the API server will reject the update.

Consider using Patch with a merge strategy to apply changes more robustly. Alternatively, if Update must be used, you might need to manually copy immutable fields from the existing object (currentObj) to the new object (o) before updating.

For example, for a Service object, you would need to preserve spec.clusterIP:

if svc, ok := o.(*corev1.Service); ok {
    if currentSvc, ok := currentObj.(*corev1.Service); ok {
        svc.Spec.ClusterIP = currentSvc.Spec.ClusterIP
    }
}

This would require adding logic for each resource type with immutable fields.

[tiffanny29631]

Let's not include this commit in this patch release

[google-oss-prow]

@cowsking: The following tests failed, say /retest to rerun all failed tests or /retest-required to rerun all mandatory failed tests:

Test name	Commit	Details	Required	Rerun command
kpt-config-sync-presubmit-e2e-multi-repo-test-group1	be3545f	link	true	/test kpt-config-sync-presubmit-e2e-multi-repo-test-group1
kpt-config-sync-presubmit-e2e-multi-repo-test-group3	be3545f	link	true	/test kpt-config-sync-presubmit-e2e-multi-repo-test-group3
kpt-config-sync-presubmit-e2e-multi-repo-test-group2	be3545f	link	true	/test kpt-config-sync-presubmit-e2e-multi-repo-test-group2
kpt-config-sync-presubmit	be3545f	link	true	/test kpt-config-sync-presubmit

Details

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. I understand the commands that are listed here.