Platform Briefing — Kubernetes 1.28 Release

Kubernetes 1.28 arrived on 24 August 2023 with upgrades to workload reliability and secure defaults. The release adds sidecar container lifecycle controls to improve init sequencing, strengthens image verification features, and promotes Pod Security admission to stable, requiring platform teams to revisit admission policies and node upgrade playbooks.

What changed

• Sidecar containers gained better lifecycle management via the SidecarContainers feature gate, improving startup/shutdown ordering.
• Pod Security admission graduated, giving clusters a stable mechanism to enforce baseline/restricted policies without PodSecurityPolicy.
• Image signature verification and provenance features advanced, including support for verifying Kubernetes release artifacts.

Why it matters

• Platform operators can reduce flaky deployments by sequencing init and sidecar containers explicitly, improving rollout reliability for service meshes and logging agents.
• Stable Pod Security admission enables consistent enforcement of least-privilege settings; policy configs must be revisited before enabling cluster-wide.
• Image verification changes support supply-chain risk reduction and align with emerging attestation workflows (Sigstore/COSIGN).

Upgrade guidance

• Test the 1.28 control plane in staging, enabling SidecarContainers and validating admission controller behavior with existing workloads.
• Update Pod Security admission configurations to align with baseline/restricted profiles and document exemptions for legacy namespaces.
• Refresh cluster hardening guides to integrate image signature verification and audit artifact provenance for components and addons.

Related briefings

Curated signals from the same pillar or overlapping topics.

Developer · Credibility 50/100 · August 5, 2025

Developer Platform Briefing — August 5, 2025

Kubernetes 1.31 leaves community support in August 2025, requiring platform teams to migrate workloads to supported releases before quarterly patch streams stop.

Developer · Credibility 40/100 · January 26, 2023

Runtime Briefing — Rust 1.67 Release

Rust 1.67 shipped on 26 January 2023 with improved default panic messages, wasm32 support enhancements, and package metadata controls that require teams to refresh toolchains and security policies for crate publication.

Developer · Credibility 88/100 · December 8, 2022

Runtime Briefing — Kubernetes 1.26 Release

Kubernetes 1.26 "Electrifying" delivers 37 enhancements—including CRI v1 enforcement, storage migrations, Windows HostProcess GA, and new admission controls—requiring platform teams to plan upgrade rehearsals and…

Developer · Credibility 90/100 · May 21, 2024

Developer Enablement Briefing — May 21, 2024

Microsoft Build 2024 introduced GitHub Copilot Extensions, allowing partners and internal teams to embed workflows directly into Copilot while retaining enterprise policy controls.

Developer · Credibility 40/100 · September 20, 2022

Platform Briefing — Java 19 General Availability

Oracle released Java 19 on 20 September 2022 with preview features like virtual threads, structured concurrency, and record patterns, requiring platform teams to update LTS transition plans and validate CI pipelines…

Continue in the Developer pillar

Return to the hub for curated research and deep-dive guides.

Visit pillar hub

Latest guides

• Secure Software Supply Chain Tooling Guide — Zeph Tech

  Engineer developer platforms that deliver verifiable provenance, SBOM distribution, vendor assurance, and runtime integrity aligned with SLSA v1.0, NIST SP 800-204D, and CISA SBOM…

• AI-Assisted Development Governance Guide — Zeph Tech

  Govern GitHub Copilot, Azure AI, and internal generative assistants with controls aligned to NIST AI RMF 1.0, EU AI Act enforcement timelines, OMB M-24-10, and enterprise privacy…

• Developer Enablement & Platform Operations Guide — Zeph Tech

  Plan AI-assisted development, secure SDLC controls, and runtime upgrades using Zeph Tech research on GitHub Copilot, GitHub Advanced Security, and major language lifecycles.