🌱 Bump sigs.k8s.io/cluster-api from 1.13.0-rc.0 to 1.13.0-rc.1

[dependabot]

Bumps sigs.k8s.io/cluster-api from 1.13.0-rc.0 to 1.13.0-rc.1.

Release notes

Sourced from sigs.k8s.io/cluster-api's releases.

v1.13.0-rc.1

🚨 This is a RELEASE CANDIDATE. Use it only for testing purposes. If you find any bugs, file an issue.

⚠️ RELEASE CANDIDATE NOTES ⚠️

👌 Kubernetes version support

• Management Cluster: v1.32.x -> v1.35.x
• Workload Cluster: v1.30.x -> v1.35.x

More information about version support can be found here

Highlights

CAPI v1.13 is a release focused on stability, reliability and performances:

• Bumped to Go 1.25, controller-runtime v0.23, k8s.io/* v0.35, controller-gen v0.20
• KCP now allows to recover from different kind of failures as well as from multiple failures:
  • Increased tolerance to unexpected state of control plane components (accidental node deletion, manual removal of etcd members, accidental deletion of kubeadm control plane labels, and more)
  • Better visibility on common symptoms of kubeadm join errors (failed to promote etcd member, failed to apply kubeadm control plane labels and taints)
• Multiple improvements to improve controllers memory and CPU footprint, performance and stability at scale

Note: Cluster API is only supported on conformant Kubernetes Clusters and contract-relevant provider resources (e.g. InfraCluster) have to be implemented as CRDs (i.e. not via an aggregated apiserver).

Other changes

• The implementation of the Taint propagation proposal is now completed
• Runtime Hooks are now embedding v1beta2 Cluster types
• Machine now reports info about machine placement in the status.failureDomain field
• rolloutAfter for control plane and MachineDeployments can now be controlled from Cluster.spec.topology
• MachineWaitForVolumeDetachConsiderVolumeAttachments feature graduated to GA
• PriorityQueue feature graduated to beta and it is now enabled by default
• ReconcilerRateLimiting feature graduated to beta and it is now enabled by default
  • Starting from this release ReconcilerRateLimiting feature also requires PriorityQueue to be enabled. This ensures that ReconcilerRateLimiting works consistently with controller runtime ExponentialBackoff.

Deprecation and Removals Warning

• v1alpha3 and v1alpha4 apiVersions have been removed
• Reminder: v1beta1 is on track to be unserved in CAPI v1.16
  • Reminder: Provider should start implementing the v1beta2 contract ASAP.

For additional details for providers, please take a look at Cluster API v1.12 compared to v1.13.

Changes since v1.13.0-rc.0

📈 Overview

• 9 new commits merged
• 1 breaking change ⚠️
• 2 bugs fixed 🐛

⚠️ Breaking Changes

• CAPD: Mark docker resources as deprecated (#13565)

... (truncated)

Commits

• 70c3dad Merge pull request #13582 from k8s-infra-cherrypick-robot/cherry-pick-13580-t...
• df5b8fb seedling: Bump the all-go-mod-patch-and-minor group across 3 directories with...
• ca25db6 Merge pull request #13581 from k8s-infra-cherrypick-robot/cherry-pick-13568-t...
• 783e853 Small doc fix
• b31d991 Merge pull request #13577 from k8s-infra-cherrypick-robot/cherry-pick-13566-t...
• a3558e6 Improve v1.13 migration doc
• 7e677f2 Merge pull request #13573 from k8s-infra-cherrypick-robot/cherry-pick-13571-t...
• dfa4b91 fix CVE-2026-39883
• faca160 Merge pull request #13569 from k8s-infra-cherrypick-robot/cherry-pick-13564-t...
• 9489e81 Merge pull request #13565 from k8s-infra-cherrypick-robot/cherry-pick-13557-t...
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[k8s-ci-robot]

[APPROVALNOTIFIER] This PR is NOT APPROVED

This pull-request has been approved by: dependabot[bot]
Once this PR has been reviewed and has the lgtm label, please assign sbueringer for approval. For more information see the Code Review Process.

The full list of commands accepted by this bot can be found here.

Details

Needs approval from an approver in each of these files:

• OWNERS

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

[k8s-ci-robot]

Hi @dependabot[bot]. Thanks for your PR.

I'm waiting for a kubernetes-sigs member to verify that this patch is reasonable to test. If it is, they should reply with /ok-to-test on its own line. Until that is done, I will not automatically test new commits in this PR, but the usual testing commands by org members will still work.

Regular contributors should join the org to skip this step.

Once the patch is verified, the new status will be reflected by the ok-to-test label.

I understand the commands that are listed here.

Details

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository.

[k8s-ci-robot]

@dependabot[bot]: The following test failed, say /retest to rerun all failed tests or /retest-required to rerun all mandatory failed tests:

Test name	Commit	Details	Required	Rerun command
pull-cluster-api-addon-provider-helm-e2e	fed4d5b	link	true	/test pull-cluster-api-addon-provider-helm-e2e

Full PR test history. Your PR dashboard. Please help us cut down on flakes by linking to an open issue when you hit one in your PR.

Details

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository. I understand the commands that are listed here.

[mboersma]

/close

See #540

[k8s-ci-robot]

@mboersma: Closed this PR.

Details

In response to this:

/close

See #540

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository.

[dependabot]

OK, I won't notify you again about this release, but will get in touch when a new version is available. If you'd rather skip all updates until the next major or minor version, let me know by commenting @dependabot ignore this major version or @dependabot ignore this minor version. You can also ignore all major, minor, or patch releases for a dependency by adding an ignore condition with the desired update_types to your config file.

If you change your mind, just re-open this PR and I'll resolve any conflicts on it.