build(deps): Bump the k8s group with 1 update

[dependabot]

Bumps the k8s group with 1 update: sigs.k8s.io/kind.

Updates sigs.k8s.io/kind from 0.20.0 to 0.21.0

Release notes

Sourced from sigs.k8s.io/kind's releases.

v0.21.0

This release patches the recent runc CVEs, as well as an issue with kind build node-image and docker v25.0.0+

• The default node image is a Kubernetes v1.29.1 image: kindest/node:v1.29.1@sha256:a0cc28af37cf39b019e2b448c54d1a3f789de32536cb5a5db61a49623e527144

If you haven't already, please see also v0.20.0 release notes which had important announcements that still apply going forward.

• Upgraded go to 1.20.13
• Upgraded crictl to 1.28
• Upgraded containerd fuse overlayfs to 1.0.6
• Began marking some core images pinned in containerd, which may eventually make enabling imageGC safer
• kindnetd will ignore nodes with empty podCIDR, enabling some niche use-cases

Images pre-built for this release:

• v1.29.1: kindest/node:v1.29.1@sha256:a0cc28af37cf39b019e2b448c54d1a3f789de32536cb5a5db61a49623e527144
• v1.28.6: kindest/node:v1.28.6@sha256:b7e1cf6b2b729f604133c667a6be8aab6f4dde5bb042c1891ae248d9154f665b
• v1.27.10: kindest/node:v1.27.10@sha256:3700c811144e24a6c6181065265f69b9bf0b437c45741017182d7c82b908918f
• v1.26.13: kindest/node:v1.26.13@sha256:15ae92d507b7d4aec6e8920d358fc63d3b980493db191d7327541fbaaed1f789
• v1.25.16: kindest/node:v1.25.16@sha256:9d0a62b55d4fe1e262953be8d406689b947668626a357b5f9d0cfbddbebbc727
• v1.24.17: kindest/node:v1.24.17@sha256:ea292d57ec5dd0e2f3f5a2d77efa246ac883c051ff80e887109fabefbd3125c7
• v1.23.17: kindest/node:v1.23.17@sha256:fbb92ac580fce498473762419df27fa8664dbaa1c5a361b5957e123b4035bdcf

NOTE: You must use the @sha256 digest to guarantee an image built for this release, until such a time as we switch to a different tagging scheme. Even then we will highly encourage digest pinning for security and reproducibility reasons.

See also:

• https://kind.sigs.k8s.io/docs/user/quick-start/#creating-a-cluster
• https://kind.sigs.k8s.io/docs/user/quick-start/#building-images

NOTE: These node images support amd64 and arm64, both of our supported platforms. You must use the same platform as your host, for more context see kubernetes-sigs/kind#2718

• Updated runc to v1.1.12, containerd to v1.7.13 including the fix for GHSA-xr7r-f8xq-vfvv
• Fixed kind build node-image with docker v25.0.0+
  • NOTE: kind load docker-image is still broken with Docker v25.0.0 due to a docker bug, which has a fix merged that should be included in Docker v25.0.1+
• Assorted docs fixes

Thank you to everyone who contributed to this release! ❤️

Users whose commits are in this release (alphabetically by user name)

• @​adelton

... (truncated)

Commits

• 8eca32c version v0.21.0
• fc67703 Merge pull request #3499 from BenTheElder/bumpity2
• 020f24d bump node image to 1.29.1
• 8b6d869 bump kindnetd image
• b8f7cfb bump local-path-provisioner image
• 7c6a17b bump base image
• 8f1494e Merge pull request #3498 from BenTheElder/latest-go
• e56e6cd use latest go 1.20 (1.20.13)
• 7368a26 Merge pull request #3497 from ameukam/bump-runc-containerd
• ca8b6a8 Update runc and containerd.
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions