bump fabric8 client to 6.10.0

[jtnord]

https://github.com/fabric8io/kubernetes-client/releases/tag/v6.10.0 was released approx. 2 weeks ago but there has not been any dependabot PR here.

creating manually to see if something is missing.

Testing done

Submitter checklist

Beta Give feedback

1. Make sure you are opening from a topic/feature/bugfix branch (right side) and not your main branch!
2. Ensure that the pull request title represents the desired changelog entry
3. Please describe what you did
4. Link to relevant issues in GitHub or Jira
5. Link to relevant pull requests, esp. upstream and downstream changes
6. Ensure you have provided tests - that demonstrates feature works or fixes the issue

[Vlatombe]

there has not been any dependabot PR here.

dependabot seems to check only jenkinsci maven repo (which no longer serves maven central artifacts), but doesn't check maven central

updater | 2024/01/23 02:50:23 INFO <job_777537909> Checking if io.fabric8:kubernetes-client 6.9.2 needs updating
  proxy | 2024/01/23 02:50:23 [026] GET https://repo.jenkins-ci.org:443/public/org/jenkins-ci/plugins/plugin/4.76/plugin-4.76.pom
  proxy | 2024/01/23 02:50:23 [026] 200 https://repo.jenkins-ci.org:443/public/org/jenkins-ci/plugins/plugin/4.76/plugin-4.76.pom
  proxy | 2024/01/23 02:50:23 [028] GET https://repo.jenkins-ci.org:443/public/io/fabric8/kubernetes-client/maven-metadata.xml
  proxy | 2024/01/23 02:50:23 [028] 200 https://repo.jenkins-ci.org:443/public/io/fabric8/kubernetes-client/maven-metadata.xml
updater | 2024/01/23 02:50:23 INFO <job_777537909> Latest version is 
updater | 2024/01/23 02:50:23 INFO <job_777537909> Requirements to unlock update_not_possible
updater | 2024/01/23 02:50:23 INFO <job_777537909> Requirements update strategy 
updater | 2024/01/23 02:50:23 INFO <job_777537909> No update possible for io.fabric8:kubernetes-client 6.9.2

Could it be a dependabot bug?

[Vlatombe]

Looks good here, but we'd need downstream draft PRs against https://github.com/jenkinsci/kubernetes-plugin for sanity checking.

[jtnord]

there has not been any dependabot PR here.

dependabot seems to check only jenkinsci maven repo (which no longer serves maven central artifacts), but doesn't check maven central

but then later on in the same scan...

client/6.10.0/volumesnapshot-client-6.10.0.jar
  proxy | 2024/01/24 02:13:53 [028] 404 https://repo.jenkins-ci.org:443/public/io/fabric8/volumesnapshot-client/6.10.0/volumesnapshot-client-6.10.0.jar
  proxy | 2024/01/24 02:13:53 [030] HEAD https://repo.jenkins-ci.org:443/incrementals/io/fabric8/volumesnapshot-client/6.10.0/volumesnapshot-client-6.10.0.jar
  proxy | 2024/01/24 02:13:53 [030] 404 https://repo.jenkins-ci.org:443/incrementals/io/fabric8/volumesnapshot-client/6.10.0/volumesnapshot-client-6.10.0.jar
  proxy | 2024/01/24 02:13:53 [032] HEAD https://repo.maven.apache.org:443/maven2/io/fabric8/volumesnapshot-client/6.10.0/volumesnapshot-client-6.10.0.jar
  proxy | 2024/01/24 02:13:53 [032] 200 https://repo.maven.apache.org:443/maven2/io/fabric8/volumesnapshot-client/6.10.0/volumesnapshot-client-6.10.0.jar

Could it be a dependabot bug?

I have a feeling it stops as soon as it finds a repo containing the item.
given public used to contain maven central it may well have the metadata cached and is just returning that - and as central has been removed it is no longer looking elsewhere. (that is unless we have deployed a patched version to our repo)?

at any rate I think this is a DB bug - it should not assume an artifact is only available in a single repository.

jenkins-infra/helpdesk#3919

[jtnord]

@Vlatombe jenkinsci/kubernetes-plugin#1505 is passing CI? anything else I need to do or is this good to merge?

[alecharp]

This creates a PCT failure on Kubernetes plugin on 2.426, 2.440 and weekly branch. See https://ci.jenkins.io/job/Tools/job/bom/job/master/2466/testReport.

It can be reproduced outside of the BOM by updating both kubernetes-api-client (to the release containing this pull request) and bouncy-castle dependencies on the kubernetes plugin.