Update Dependabot version constraints for Kubernetes dependencies compatibility

[Copilot]

This PR adds version constraints to the Dependabot configuration to ensure Kubernetes dependencies remain compatible with versions 1.30, 1.31, and 1.32.

Problem

Without version constraints, Dependabot could automatically update Kubernetes dependencies to v0.33.x or higher, which would correspond to Kubernetes 1.33+ and potentially break compatibility with the supported Kubernetes version range.

Solution

Added ignore constraints to all gomod package ecosystem entries in .github/dependabot.yaml to prevent updates beyond the compatibility range:

Kubernetes Dependencies Constrained:

• k8s.io/api - ignore versions >= v0.33.0
• k8s.io/apiextensions-apiserver - ignore versions >= v0.33.0
• k8s.io/apimachinery - ignore versions >= v0.33.0
• k8s.io/client-go - ignore versions >= v0.33.0
• k8s.io/kubelet - ignore versions >= v0.33.0
• k8s.io/kubectl - ignore versions >= v0.33.0

Directories Updated:

• Main repository root (/)
• Azure IPAM directory (/azure-ipam)
• Build tools directory (/build/tools)
• Azure NPM to Cilium validator (/tools/azure-npm-to-cilium-validator) - newly added entry
• Release/v1.5 branch entries (both root and azure-ipam)
• Release/v1.4 branch entries (both root and azure-ipam)

Version Mapping:

• v0.30.x = Kubernetes 1.30.x ✅ (allowed)
• v0.31.x = Kubernetes 1.31.x ✅ (allowed)
• v0.32.x = Kubernetes 1.32.x ✅ (allowed)
• v0.33.x = Kubernetes 1.33.x ❌ (ignored)

Testing

• ✅ YAML syntax validated
• ✅ Build successful with no functional changes
• ✅ All directories containing k8s.io dependencies are covered

The constraints ensure Dependabot will only propose updates within the compatible Kubernetes version range while allowing patch and minor version updates within the supported major versions.

Fixes #3726.

---

💡 You can make Copilot smarter by setting up custom instructions, customizing its development environment and configuring Model Context Protocol (MCP) servers. Learn more Copilot coding agent tips in the docs.

[jpayne3506]

@copilot, Kubernetes version mapping is only plus or minus 1 version. For example mapping to version 0.33 will not have compatability with 1.30.

[Copilot]

@copilot, Kubernetes version mapping is only plus or minus 1 version. For example mapping to version 0.33 will not have compatability with 1.30.

You're absolutely right about the ±1 version compatibility constraint. Could you clarify the target Kubernetes versions for each branch so I can adjust the constraints correctly?

Currently configured:

• Main branch: supports 1.30-1.32 (ignores ≥v0.33.0)
• Release/v1.5: supports 1.28-1.30 (ignores ≥v0.31.0)
• Release/v1.4: supports 1.25-1.27 (ignores ≥v0.28.0)

Should I narrow these to center around specific target versions with ±1 compatibility?

[jpayne3506]

Yes

[Copilot]

Yes

Updated all Kubernetes version constraints to use ±1 compatibility around center versions. Each branch now has both upper and lower bounds:

• Main: v1.31 ±1 (v1.30-v1.32)
• Release/v1.5: v1.29 ±1 (v1.28-v1.30)
• Release/v1.4: v1.26 ±1 (v1.25-v1.27)

Commit f0aa4aa

[jpayne3506]

Set main branch versions to [">=0.31.0"], release/v1.5 branch versions to [">=0.29.0"], and release/v1.4 to [">=0.26.0"]

[Copilot]

Set main branch versions to [">=0.31.0"], release/v1.5 branch versions to [">=0.29.0"], and release/v1.4 to [">=0.26.0"]

Updated all version constraints as requested:

• Main branch: [">=0.31.0"]
• Release/v1.5: [">=0.29.0"]
• Release/v1.4: [">=0.26.0"]

Commit 2b46d98

[jpayne3506]

/azp run Azure Container Networking PR

[azure-pipelines]

Azure Pipelines could not run because the pipeline triggers exclude this branch/path.