Kubernetes 1.28 Release (August 24 Update)

Kubernetes 1.28 arrived on 24 August 2023 with upgrades to workload reliability and secure defaults. The release adds sidecar container lifecycle controls to improve init sequencing, strengthens image verification features, and promotes Pod Security admission to stable, requiring platform teams to revisit admission policies and node upgrade playbooks.

Key changes

• Sidecar containers gained better lifecycle management via the SidecarContainers feature gate, improving startup/shutdown ordering.
• Pod Security admission graduated, giving clusters a stable mechanism to enforce baseline/restricted policies without PodSecurityPolicy.
• Image signature verification and provenance features advanced, including support for verifying Kubernetes release artifacts.

Why it matters

• Platform operators can reduce flaky deployments by sequencing init and sidecar containers explicitly, improving rollout reliability for service meshes and logging agents.
• Stable Pod Security admission enables consistent enforcement of least-privilege settings; policy configs must be revisited before enabling cluster-wide.
• Image verification changes support supply-chain risk reduction and align with emerging attestation workflows (Sigstore/COSIGN).

Upgrade guidance

• Test the 1.28 control plane in staging, enabling SidecarContainers and validating admission controller behavior with existing workloads.
• Update Pod Security admission configurations to align with baseline/restricted profiles and document exemptions for legacy namespaces.
• Refresh cluster hardening guides to integrate image signature verification and audit artifact provenance for components and addons.

Development recommendations

Development teams should adopt practices that ensure code quality and maintainability during and after this transition:

• Code review focus areas: Update code review checklists to include checks for deprecated patterns, new API usage, and migration-specific concerns. Establish review guidelines for changes that span multiple components.
• Documentation updates: Ensure README files, API documentation, and architectural decision records reflect the changes. Document rationale for setup choices to aid future maintenance.
• Version control practices: Use feature branches and semantic versioning to manage the transition. Tag releases clearly and maintain changelogs that highlight breaking changes and migration steps.
• Dependency management: Lock dependency versions during migration to ensure reproducible builds. Update package managers and lockfiles systematically to avoid version conflicts.
• Technical debt tracking: Document any temporary workarounds or deferred improvements introduced during migration. Create backlog items for post-migration cleanup and improvement.

Consistent application of development practices reduces risk and accelerates delivery of reliable software.

Long-run considerations

If you are affected, plan for ongoing maintenance and evolution of systems affected by this change:

• Support lifecycle awareness: Track support timelines for dependencies, runtimes, and platforms. Plan upgrades before end-of-life dates to maintain security patch coverage.
• Continuous improvement: Establish feedback loops to identify improvement opportunities. Monitor performance metrics and user feedback to guide iterative improvements.
• Knowledge management: Build team expertise through training, documentation, and knowledge sharing. Ensure institutional knowledge is preserved as team composition changes.
• Upgrade pathways: Maintain awareness of future versions and breaking changes. Plan incremental upgrades rather than large leap migrations where possible.
• Community engagement: Participate in relevant open source communities, user groups, or vendor programs. Stay informed about roadmaps, good practices, and common pitfalls.

preventive maintenance planning reduces technical debt accumulation and ensures systems remain secure, performant, and aligned with business needs.

• Test coverage analysis: Review existing test suites to identify gaps in coverage for affected functionality. Prioritize test creation for high-risk areas and critical user journeys.
• Regression testing: Establish full regression test suites to catch unintended side effects. Automate regression runs in CI/CD pipelines to catch issues early.
• Performance testing: Conduct load and stress testing to validate system behavior under production-like conditions. Establish performance baselines and monitor for degradation.
• Security testing: Include security-focused testing such as SAST, DAST, and dependency scanning. Address identified vulnerabilities before production deployment.
• User acceptance testing: Engage teams in UAT to validate that changes meet business requirements. Document acceptance criteria and sign-off procedures.

A full testing strategy provides confidence in changes and reduces the risk of production incidents.

Collaboration guidance

Effective collaboration across teams ensures successful adoption and ongoing support:

• Cross-functional alignment: Coordinate with product, design, QA, and operations teams on setup timelines and dependencies. Establish regular sync meetings during transition periods.
• Communication channels: Create dedicated channels for questions, updates, and issue reporting related to this change. Ensure relevant teams are included in communications.
• Knowledge sharing: Document lessons learned and share good practices across teams. Conduct tech talks or workshops to build collective understanding.
• Escalation paths: Define clear escalation procedures for blocking issues. Ensure decision-makers are identified and available during critical phases.
• Retrospectives: Schedule post-setup retrospectives to capture insights and improve future transitions. Track action items and follow through on improvements.

Strong collaboration practices accelerate delivery and improve outcomes across the organization.

• Risk identification: Catalog potential risks including technical failures, timeline delays, resource constraints, and external dependencies. Assess likelihood and impact for each risk.
• Mitigation strategies: Develop mitigation plans for high-priority risks. Assign ownership and track mitigation progress through regular reviews.
• Contingency planning: Prepare fallback options and recovery procedures for critical risks. Test contingency plans to ensure they are viable when needed.
• Risk monitoring: Establish indicators and triggers for risk escalation. Monitor risk status throughout the setup lifecycle.
• Lessons learned: Document risks that materialized and evaluate mitigation effectiveness. Apply insights to improve risk management for future initiatives.

early risk management reduces surprises and enables more predictable delivery outcomes.

You may also find useful

Hand-picked articles on adjacent topics.

Developer · Credibility 86/100 · August 5, 2025

Developer Platform — Kubernetes

Kubernetes 1.31 is now in maintenance mode as of August 2025. If you are still running 1.31 clusters, you are only getting critical security patches. The Kubernetes release cycle moves fast—plan to stay within the…

Developer · Credibility 73/100 · June 5, 2023

Kubernetes 1.27 Enhances Security with Pod Security Standards and KMS v2

Kubernetes 1.27 graduated SeccompDefault to stable and added in-place pod vertical scaling. The freeze on new feature gates gives teams time to stabilize before 1.28.

Developer · Credibility 40/100 · January 26, 2023

Rust 1.67 Release

Rust 1.67 release in January 2023 continued the language's evolution. Async improvements and standard library additions. Rust's growth in systems programming and security-sensitive applications continued.

Developer · Credibility 88/100 · December 8, 2022

Kubernetes 1.26 Release

Kubernetes 1.26 "Electrifying" delivers 37 improvements—including CRI v1 enforcement, storage migrations, Windows HostProcess GA, and new admission controls—requiring platform teams to plan upgrade rehearsals and…

Developer · Credibility 90/100 · May 21, 2024

GitHub Copilot Extensions

Microsoft Build 2024 introduced GitHub Copilot Extensions, allowing partners and internal teams to embed workflows directly into Copilot while retaining enterprise policy controls.

Continue in the Developer pillar

Return to the hub for curated research and deep-dive guides.

Visit pillar hub

Latest guides

• Secure Software Supply Chain Tooling Guide

  Engineer developer platforms that deliver verifiable provenance, SBOM distribution, vendor assurance, and runtime integrity aligned with SLSA v1.0, NIST SP 800-204D, and CISA SBOM…

• AI-Assisted Development Governance Guide

  Govern GitHub Copilot, Azure AI, and internal generative assistants with controls aligned to NIST AI RMF 1.0, EU AI Act enforcement timelines, OMB M-24-10, and enterprise privacy…

• Developer Enablement & Platform Operations Guide

  Plan AI-assisted development, secure SDLC controls, and runtime upgrades using our research on GitHub Copilot, GitHub Advanced Security, and major language lifecycles.

Coverage intelligence

Published

August 24, 2023

Coverage pillar

Developer

Source credibility

40/100 — low confidence

Topics

Kubernetes · Containers · Platform Engineering · Security · Operations

Sources cited

3 sources (kubernetes.io, github.com, iso.org)

Reading time

5 min

Documentation

1. Kubernetes 1.28 Release Notes
2. Kubernetes 1.28 Changelog
3. ISO/IEC 27034-1:2011 — Application Security — International Organization for Standardization