java icon indicating copy to clipboard operation
java copied to clipboard

Published 20 hours ago verified publisher icon kubernetes-client

Security provider support missing from legacy releases >22.0.0

Open silbermannnn opened this issue 7 months ago • 8 comments
trafficstars

Hi All, I am trying to use kubernetes-client java on a FIPS enabled machine using the bouncy castle FIPS libraries. Commit #3590 allowed for bouncy castle FIPS support and loading of security providers but only seems to be included in release 22.0.0-legacy, and not 22.0.1-legacy or 23.0.0-legacy. Is this on purpose? I'm unable to use version 22.0.0-legacy because of its incompatibility with Java 8.

Client Version 23.0.0-legacy

Java Version Java 8

Server: OS: Linux

silbermannnn avatar Apr 01 '25 21:04 silbermannnn

I don't think this is on purpose, I think that we need to cherry-pick this into the release-23-legacy branch. Release 22.0.0 was accidentally cut on the wrong branch, that's why it is in that release.

If you send a cherry-pic PR to the legacy branches, I can cut a new release(s)

brendandburns avatar Apr 01 '25 23:04 brendandburns

Ok, I'll go ahead and do that, thanks. Will that code be available in future legacy branch releases as well? (release-24-legacy and so on)

silbermannnn avatar Apr 02 '25 17:04 silbermannnn

If you cherry-pick it into the master-java8 branch it should also go forward, though it's not clear how long we are going to maintain those branches. Java8 is pretty much 100% deprecated.

brendandburns avatar Apr 03 '25 15:04 brendandburns

I haven't had any time to approach this, is there any way someone can do the small cherry pick of the security providers onto release-legacy-22,23, and master-java8 branches?

silbermannnn avatar Apr 12 '25 16:04 silbermannnn

@brendandburns @yue9944882

silbermannnn avatar Apr 14 '25 20:04 silbermannnn

@brendandburns can you cut a new release for the legacy 22 and 23 branches?

silbermannnn avatar Apr 29 '25 20:04 silbermannnn

Hi @brendandburns @yue9944882 may we have new legacy releases cut with these changes as promised? Thanks

silbermannnn avatar May 07 '25 22:05 silbermannnn

I am also affected by this issue and still require the use of java 8 right now.

@brendandburns @yue9944882 When can we get a new legacy release cut with these changes given they were already merged? Is there something you all are waiting on first?

chrisvt-hokie avatar May 19 '25 14:05 chrisvt-hokie

The Kubernetes project currently lacks enough contributors to adequately respond to all issues.

This bot triages un-triaged issues according to the following rules:

  • After 90d of inactivity, lifecycle/stale is applied
  • After 30d of inactivity since lifecycle/stale was applied, lifecycle/rotten is applied
  • After 30d of inactivity since lifecycle/rotten was applied, the issue is closed

You can:

  • Mark this issue as fresh with /remove-lifecycle stale
  • Close this issue with /close
  • Offer to help out with Issue Triage

Please send feedback to sig-contributor-experience at kubernetes/community.

/lifecycle stale

k8s-triage-robot avatar Aug 17 '25 14:08 k8s-triage-robot

The Kubernetes project currently lacks enough active contributors to adequately respond to all issues.

This bot triages un-triaged issues according to the following rules:

  • After 90d of inactivity, lifecycle/stale is applied
  • After 30d of inactivity since lifecycle/stale was applied, lifecycle/rotten is applied
  • After 30d of inactivity since lifecycle/rotten was applied, the issue is closed

You can:

  • Mark this issue as fresh with /remove-lifecycle rotten
  • Close this issue with /close
  • Offer to help out with Issue Triage

Please send feedback to sig-contributor-experience at kubernetes/community.

/lifecycle rotten

k8s-triage-robot avatar Sep 16 '25 14:09 k8s-triage-robot

The Kubernetes project currently lacks enough active contributors to adequately respond to all issues and PRs.

This bot triages issues according to the following rules:

  • After 90d of inactivity, lifecycle/stale is applied
  • After 30d of inactivity since lifecycle/stale was applied, lifecycle/rotten is applied
  • After 30d of inactivity since lifecycle/rotten was applied, the issue is closed

You can:

  • Reopen this issue with /reopen
  • Mark this issue as fresh with /remove-lifecycle rotten
  • Offer to help out with Issue Triage

Please send feedback to sig-contributor-experience at kubernetes/community.

/close not-planned

k8s-triage-robot avatar Oct 16 '25 15:10 k8s-triage-robot

@k8s-triage-robot: Closing this issue, marking it as "Not Planned".

In response to this:

The Kubernetes project currently lacks enough active contributors to adequately respond to all issues and PRs.

This bot triages issues according to the following rules:

  • After 90d of inactivity, lifecycle/stale is applied
  • After 30d of inactivity since lifecycle/stale was applied, lifecycle/rotten is applied
  • After 30d of inactivity since lifecycle/rotten was applied, the issue is closed

You can:

  • Reopen this issue with /reopen
  • Mark this issue as fresh with /remove-lifecycle rotten
  • Offer to help out with Issue Triage

Please send feedback to sig-contributor-experience at kubernetes/community.

/close not-planned

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository.

k8s-ci-robot avatar Oct 16 '25 15:10 k8s-ci-robot