chore: Bump the kubernetes group with 6 updates

[dependabot]

Bumps the kubernetes group with 6 updates:

Package	From	To
k8s.io/api	0.34.3	0.35.0
k8s.io/apiextensions-apiserver	0.34.3	0.35.0
k8s.io/apimachinery	0.34.3	0.35.0
k8s.io/apiserver	0.34.3	0.35.0
k8s.io/client-go	0.34.3	0.35.0
sigs.k8s.io/kind	0.30.0	0.31.0

Updates k8s.io/api from 0.34.3 to 0.35.0

Commits

• 9afe7de Update dependencies to v0.35.0 tag
• bbcbaa8 Merge remote-tracking branch 'origin/master' into release-1.35
• 5bced61 Bump golang.org/x/crypto to v0.45.0
• 39e2e26 Merge pull request #135131 from Dev1622/sig-storage/mock-expand-flake-fix
• c22b4a1 vendor: update vendor and license metadata after replacing BeTrue usage in cs...
• e3b1f3d Resolve lint restriction on BeTrue by introducing Succeed() with contextual e...
• 3da327c Update vendored dependencies
• c764b44 Merge pull request #132919 from ndixita/pod-level-in-place-pod-resize
• aced136 Generated files from API changes
• 02d790d Adding Resources and AllocatedResoures fields to the list of expected fields ...
• Additional commits viewable in compare view

Updates k8s.io/apiextensions-apiserver from 0.34.3 to 0.35.0

Commits

• a8d2a03 Update dependencies to v0.35.0 tag
• b9eb912 Merge remote-tracking branch 'origin/master' into release-1.35
• e526698 Bump golang.org/x/crypto to v0.45.0
• fd7881d Merge pull request #135278 from aman4433/KUBE-134468
• 8db5ab6 Merge pull request #135131 from Dev1622/sig-storage/mock-expand-flake-fix
• 4ed5bd4 vendor: update vendor and license metadata after replacing BeTrue usage in cs...
• 704bc3d Resolve lint restriction on BeTrue by introducing Succeed() with contextual e...
• 7d598d7 Refactor: Contextualize CRDFinalizer to fix goroutine leak
• 27e5803 Update vendored dependencies
• c4e434c Merge pull request #134216 from Goend/master
• Additional commits viewable in compare view

Updates k8s.io/apimachinery from 0.34.3 to 0.35.0

Commits

• 72d71ea Merge remote-tracking branch 'origin/master' into release-1.35
• e2a2dbc Bump golang.org/x/crypto to v0.45.0
• 2e9c228 Merge pull request #135131 from Dev1622/sig-storage/mock-expand-flake-fix
• f274aac vendor: update vendor and license metadata after replacing BeTrue usage in cs...
• 9445443 Resolve lint restriction on BeTrue by introducing Succeed() with contextual e...
• 52154f7 Update vendored dependencies
• 5a348c5 KEP-5471: Extend tolerations operators (#134665)
• 6f89492 Merge pull request #133648 from richabanker/merged-discovery
• c77dde2 util/sort: Add MergePreservingRelativeOrder for topological sorting
• 729c13d Merge pull request #134624 from yt2985/podcertificates-beta
• Additional commits viewable in compare view

Updates k8s.io/apiserver from 0.34.3 to 0.35.0

Commits

• 5c93bee Update dependencies to v0.35.0 tag
• 131539d Merge remote-tracking branch 'origin/master' into release-1.35
• 3e0a914 Merge pull request #135536 from dims/bump-x/crypto-to-v0.45.0
• f6430f6 Merge remote-tracking branch 'origin/master' into release-1.35
• 095ead6 Merge pull request #135560 from lalitc375/map-debug
• 60ad4b7 Remove TestWatchStreamSeparation from storage/cacher related tests
• 7dde12d Fix MAP failure on objects with duplicate list items
• db821a3 Bump golang.org/x/crypto to v0.45.0
• 6e94bf6 Merge pull request #135131 from Dev1622/sig-storage/mock-expand-flake-fix
• ea22028 Merge pull request #135359 from liggitt/vap-ns-latency
• Additional commits viewable in compare view

Updates k8s.io/client-go from 0.34.3 to 0.35.0

Commits

• 9bcb694 Update dependencies to v0.35.0 tag
• 2d83546 Merge remote-tracking branch 'origin/master' into release-1.35
• 56b4af2 Merge pull request #135591 from p0lyn0mial/upstream-watchlist-reflector-log-f...
• 891f94c Merge remote-tracking branch 'origin/master' into release-1.35
• 65ffe04 Merge pull request #135580 from serathius/client-go-transformer
• 2fe4ac2 downgrade reflector watchlist fallback log to V(4)
• 97256a6 Bump golang.org/x/crypto to v0.45.0
• 46360b5 Merge pull request #135131 from Dev1622/sig-storage/mock-expand-flake-fix
• 171ef8c Use transformer in consistency checker
• 3878a64 vendor: update vendor and license metadata after replacing BeTrue usage in cs...
• Additional commits viewable in compare view

Updates sigs.k8s.io/kind from 0.30.0 to 0.31.0

Release notes

Sourced from sigs.k8s.io/kind's releases.

v0.31.0

This release contains dependency updates and defaults to Kubernetes 1.35.0.

Please take note of the breaking changes from Kubernetes 1.35, and how to prepare for future changes to move off of the deprecated kubeam v1beta3 in favor of v1beta4. We will include updated reminders for both again in subsequent releases.

The default node image is now kindest/node:v1.35.0@sha256:452d707d4862f52530247495d180205e029056831160e22870e37e3f6c1ac31f

Kubernetes will be removing cgroup v1 support, and therefore kind node images at those versions will also be dropping support.

You can read more about this change in the Kubernetes release blog: https://kubernetes.io/blog/2025/12/17/kubernetes-v1-35-release/#removal-of-cgroup-v1-support

If you must use kind on cgroup v1, we recommend using an older Kubernetes release for the immediate future, but we also strongly recommend migrating to cgroup v2.

In the near future as Kubernetes support dwindles, KIND will also clean up cgroup v1 workarounds and drop support in future kind releases and images, regardless of Kubernetes version.

Most stable linux distros should be on cgroupv2 out of the box.

This is a reminder to use pinned images by digest, see the note below about images for this release.

WARNING: Future kind releases will adopt kubeadm v1beta4 configuration, kubeadm v1beta4 has a breaking change to extraArgs: https://kubernetes.io/blog/2024/08/23/kubernetes-1-31-kubeadm-v1beta4/.

If you use the kubeadmConfigPatches feature then you may need to prepare for this change. We recommend that you use versioned config patches that explicitly match the version required.

KIND uses kubeadm v1beta3 for Kubernetes 1.23+, and will likely use v1beta4 for Kubernetes 1.36+ The exact version is TBD pending work to fix this but expected to be 1.36. It will definitely be an as-of-yet-unreleased Kubernetes version to avoid surprises, and it will not be on a patch-release boundary.

KIND may still work with older Kubernetes versions at v1beta2, but we no longer test or actively support these as Kubernetes only supports 1.32+ currently: https://kubernetes.io/releases/

You likely only need v1beta3 + v1beta4 patches, you can take your existing patches that work with v1beta3, explicitly set apiVersion: kubeadm.k8s.io/v1beta3 in the patch at the top level, and make another copy for v1beta4. The v1beta4 patch will need to move extraArgs from a map to a list, for examples see: https://kubernetes.io/docs/reference/config-api/kubeadm-config.v1beta4/

For a concrete example of kind config with kubeadm config patch targeting both v1beta3 and v1beta4, consider this simple kind config that sets verbosity of the apiserver logs:

kind: Cluster
apiVersion: kind.x-k8s.io/v1alpha4
kubeadmConfigPatches:
# patch for v1beta3 (1.23 ...)
- |
  kind: ClusterConfiguration
  apiVersion: kubeadm.k8s.io/v1beta3
  apiServer:
    extraArgs:
</tr></table> 

... (truncated)

Commits

• a323333 version v0.31.0
• 32124c6 Merge pull request #4077 from BenTheElder/135
• b088420 drop almalinux 8
• b1b15ed bump node image to 1.35.0
• c17c183 Merge pull request #4069 from BenTheElder/latest-images
• 36ee7a6 update node image to 1.34.3 with runc 1.2.x
• 1f8526c Merge pull request #4073 from aoxn/typo
• a47cf1e license typo
• 57ed4da use base image with runc 1.2.x
• 5e1c871 downgrade runc to 1.2.9 due to broken Kubernetes 1.33 tests
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions