chore(deps): update dependency kubernetes to v36

[Varashi]

This PR contains the following updates:

Package	Change	Age	Confidence
kubernetes	31.0.0 → 36.0.1

---

Release Notes

kubernetes-client/python (kubernetes)

v36.0.1: Kubernetes Python Client v36.0.1 Stable Release

Compare Source

Getting started:

pip install --pre --upgrade kubernetes

Or from source, download attached zip file, then

unzip client-python-v36.0.1.zip
cd client-python-v36.0.1
python setup-release.py install

Then follow examples in https://github.com/kubernetes-client/python/tree/release-36.0/examples

Changelog: https://github.com/kubernetes-client/python/blob/release-36.0/CHANGELOG.md

v36.0.0

Compare Source

Kubernetes API Version: v1.36.1

v35.0.0: Kubernetes Python Client v35.0.0 Stable Release

Compare Source

Getting started:

pip install --pre --upgrade kubernetes

Or from source, download attached zip file, then

unzip client-python-v35.0.0.zip
cd client-python-v35.0.0
python setup.py install

Then follow examples in https://github.com/kubernetes-client/python/tree/release-35.0/examples

Changelog: https://github.com/kubernetes-client/python/blob/release-35.0/CHANGELOG.md

v34.1.0: Kubernetes Python Client v34.1.0 Stable Release

Compare Source

Getting started:

pip install --pre --upgrade kubernetes

Or from source, download attached zip file, then

unzip client-python-v34.1.0.zip
cd client-python-v34.1.0
python setup.py install

Then follow examples in https://github.com/kubernetes-client/python/tree/release-34.0/examples

Changelog: https://github.com/kubernetes-client/python/blob/release-34.0/CHANGELOG.md

v33.1.0: Kubernetes Python Client v33.1.0 Stable Release

Compare Source

Getting started:

pip install --pre --upgrade kubernetes

Or from source, download attached zip file, then

unzip client-python-v33.1.0.zip
cd client-python-v33.1.0
python setup.py install

Then follow examples in https://github.com/kubernetes-client/python/tree/release-33.0/examples

Changelog: https://github.com/kubernetes-client/python/blob/release-33.0/CHANGELOG.md

v32.0.1: Kubernetes Python Client v32.0.1 Stable Release

Compare Source

Getting started:

pip install --pre --upgrade kubernetes

Or from source, download attached zip file, then

unzip client-python-v32.0.1.zip
cd client-python-v32.0.1
python setup.py install

Then follow examples in https://github.com/kubernetes-client/python/tree/release-32.0/examples

Changelog: https://github.com/kubernetes-client/python/blob/release-32.0/CHANGELOG.md

v32.0.0: Kubernetes Python Client v32.0.0 Stable Release

Compare Source

Getting started:

pip install --pre --upgrade kubernetes

Or from source, download attached zip file, then

unzip client-python-v32.0.0.zip
cd client-python-v32.0.0
python setup.py install

Then follow examples in https://github.com/kubernetes-client/python/tree/release-32.0/examples

Changelog: https://github.com/kubernetes-client/python/blob/release-32.0/CHANGELOG.md

---

Configuration

📅 Schedule: (UTC)

• Branch creation
  • At any time (no schedule defined)
• Automerge
  • At any time (no schedule defined)

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

---

• If you want to rebase/retry this PR, check this box

---

This PR has been generated by Mend Renovate.

[coderabbitai]

📝 Walkthrough

Walkthrough

The Dockerfile updates the Python kubernetes package dependency from version 31.0.0 to 36.0.1 in the pip install command during Docker image construction.

Changes

Kubernetes Dependency Update

Layer / File(s)	Summary
Kubernetes package version bump Dockerfile	The kubernetes Python package is pinned to version 36.0.1 instead of 31.0.0 in the pip install step of the Docker build.

Estimated code review effort

🎯 1 (Trivial) | ⏱️ ~2 minutes

Poem

🐰 One version up, from thirty-one to thirty-six so fine,
The kubernetes package dances in the Dockerfile line,
A hop and a bound, the controller takes flight,
With dependencies fresh and dependencies right! 🚀

🚥 Pre-merge checks | ✅ 5

✅ Passed checks (5 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title check	✅ Passed	The title accurately reflects the main change: updating the kubernetes dependency from version 31.0.0 to version 36.0.1 in the Dockerfile.
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.
Linked Issues check	✅ Passed	Check skipped because no linked issues were found for this pull request.
Out of Scope Changes check	✅ Passed	Check skipped because no linked issues were found for this pull request.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Commit unit tests in branch renovate/kubernetes-36.x

---

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[coderabbitai]

Actionable comments posted: 1

🤖 Prompt for all review comments with AI agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

Inline comments:
In `@Dockerfile`:
- Line 12: The Kubernetes client upgrade breaks auth loading: either pin the
kubernetes package in the Dockerfile to a safe version (<36.0.0) or add a
workaround after calling load_incluster_config()/load_kube_config to copy
Configuration.api_key['authorization'] into Configuration.api_key['BearerToken']
before instantiating/using CoreV1Api; update the Dockerfile dependency pin or
modify the code path that creates CoreV1Api/uses Configuration so BearerToken is
populated (reference load_incluster_config, load_kube_config,
Configuration.api_key, and CoreV1Api).

🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

• Push a commit to this branch (recommended)
• Create a new PR with the fixes

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: Organization UI

Review profile: ASSERTIVE

Plan: Pro Plus

Run ID: 4ad7a985-e863-4189-877b-7992c577656c

📥 Commits

Reviewing files that changed from the base of the PR and between 3ae1aba and 244dba4.

📒 Files selected for processing (1)

• Dockerfile

[coderabbitai]

⚠️ Potential issue | 🟠 Major

🧩 Analysis chain

🌐 Web query:

Python kubernetes client 36.0.1 release notes: were there breaking changes to kubernetes.config.load_incluster_config, kubernetes.config.load_kube_config, kubernetes.client.CoreV1Api, or kubernetes.client.rest.ApiException/status compared with 31.0.0?

💡 Result:

There were breaking auth-related changes/regressions in kubernetes Python client v36.0.0 (the release line that includes 36.0.1) compared with v31.0.0, affecting: 1) kubernetes.config.load_incluster_config Yes. In v36, load_incluster_config writes the service-account token into Configuration.api_key['authorization'], but Configuration.auth_settings/auto-generated auth code expects the token in api_key['BearerToken'] (so Authorization headers are not sent). This manifests as 401 Unauthorized/system:anonymous responses after upgrading from v35 to v36. [1][2][3] 2) kubernetes.config.load_kube_config Likely yes (paired regression). An issue notes the same loader-side mismatch for load_kube_config (kube_config.py writes the old key shape) causing BearerToken-authed requests to go anonymous in v36. [2] 3) kubernetes.client.CoreV1Api Not a direct client-API breaking change by itself. CoreV1Api is just an API class; the breakage reported occurs when making calls via CoreV1Api after load_incluster_config/load_kube_config in v36, due to the auth/header mismatch. [1][3] 4) kubernetes.client.rest.ApiException / status No explicit breaking change to ApiException itself or a status field was identified in the sources returned. The reported failures are HTTP-level 401/403 responses triggered by missing/incorrect Authorization headers, which then surface via exceptions. [1][3] What you should do if upgrading to 36.x - If you rely on load_incluster_config/load_kube_config, treat v36 as having a breaking auth regression unless you apply the upstream fix or pin to <36.0.0 as suggested in the issues. [2] Confidence: Medium (high confidence about load_incluster_config/load_kube_config auth token key mismatch; lower confidence about ApiException/status because the returned sources didn’t show a concrete change log item for those symbols).

Citations:

• 1: load_incluster_config() sets api_key['authorization'] but auth_settings() expects api_key['BearerToken'] in v36 kubernetes-client/python#2584
• 2: Configuration.auth_settings() returns empty dict in v36.0.0 - all BearerToken-authed requests go anonymous kubernetes-client/python#2582
• 3: v36.0.0 regression: load_incluster_config() sends requests as system:anonymous on GKE kubernetes-client/python#2592

---

Kubernetes v36.0.1 client upgrade breaks auth loader—pin or apply workaround before merge.

Dockerfile pins kubernetes==36.0.1. The kubernetes Python client has a known breaking auth regression in the v36.0.0+/36.0.1 release line: load_incluster_config (and likely load_kube_config) writes the service-account token to Configuration.api_key['authorization'], while the generated auth code expects Configuration.api_key['BearerToken'], resulting in missing Authorization headers (e.g., 401 system:anonymous) on CoreV1Api calls.
Action: pin kubernetes to <36.0.0 or apply the upstream fix/workaround so BearerToken is populated before creating/using CoreV1Api.

🤖 Prompt for AI Agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In `@Dockerfile` at line 12, The Kubernetes client upgrade breaks auth loading:
either pin the kubernetes package in the Dockerfile to a safe version (<36.0.0)
or add a workaround after calling load_incluster_config()/load_kube_config to
copy Configuration.api_key['authorization'] into
Configuration.api_key['BearerToken'] before instantiating/using CoreV1Api;
update the Dockerfile dependency pin or modify the code path that creates
CoreV1Api/uses Configuration so BearerToken is populated (reference
load_incluster_config, load_kube_config, Configuration.api_key, and CoreV1Api).