# Our build tools, post jammy, breaks old versions of docker.
# These old versions are surprisingly common, so build in a check here
define warning
Docker version is too old, please upgrade to a newer version.
endef
ifneq ($(findstring google,$(HOSTNAME)),)
warning+=Googlers: go/installdocker\#the-version-of-docker-thats-installed-is-old-eg-1126
endif

    echo "export ETCD_VERSION=3.0.17"
    echo
    echo "Alternatively, if you choose to allow an etcd upgrade that doesn't support downgrade,"
    echo "you might still be able to downgrade Kubernetes by pinning to the newer etcd version."
    echo "In all cases, it is strongly recommended to have an etcd backup before upgrading."
    echo
    if [ -t 0 ] && [ -t 1 ]; then

					},
				},
			},
			allowExperimental: true,
			errExpected:       false,
		},
		{
			name: "upgrade to an RC version should be supported. There may also be an even newer unstable version.",
			vg: &fakeVersionGetter{
				clusterVersion:   v1X5.String(),
				componentVersion: v1X5.String(),
				kubeletVersion:   v1X5.String(),
				kubeadmVersion:   v1X5.String(),

// (2) Rotates key/cert by deleting the secret generated in (1) and
// replacing it a new secret with a different server key/cert.
// (3) verify that client using older CA cert gets a 404 response
// (4) verify that client using the newer CA cert is able to establish TLS connection
// to deliver the HTTPS request.
func TestSingleTlsGateway_SecretRotation(t *testing.T) {
	framework.
		NewTest(t).
		Run(func(t framework.TestContext) {
			var (

			},
		}},
	}
	// manager.detectImages uses time.Now() to update the image's lastUsed field.
	// On Windows, consecutive time.Now() calls can return the same timestamp, which would mean
	// that the second image is NOT newer than the first one.
	// time.Sleep will result in the timestamp to be updated as well.
	if goruntime.GOOS == "windows" {
		time.Sleep(time.Millisecond)
	}
	_, err = manager.detectImages(ctx, time.Now())

			ResourceNames: res,
			Wildcard:      wildcard,
		}
		return true
	}

	// If there is mismatch in the nonce, that is a case of expired/stale nonce.
	// A nonce becomes stale following a newer nonce being sent to Envoy.
	// TODO: due to concurrent unsubscribe, this probably doesn't make sense. Do we need any logic here?
	if request.ResponseNonce != "" && request.ResponseNonce != previousInfo.NonceSent {

    change OkHttp's behavior in handling common HTTP status codes, but this fix is overdue! The new
    behavior is now consistent with [RFC 7231][rfc_7231_647], which is newer than OkHttp itself.
    If you want this update with the old behavior use [this interceptor][legacy_interceptor].

 *  Fix: Don't crash decompressing web sockets messages. We had a bug where we assumed deflated

    possible to implement decorators for cache encryption or compression.
 *  New: `Cookie.newBuilder()` to build upon an existing cookie.
 *  New: Use TLSv1.3 when running on JDK 8u261 or newer.
 *  New: `QueueDispatcher.clear()` may be used to reset a MockWebServer instance.
 *  New: `FileDescriptor.toRequestBody()` may be particularly useful for users of Android's Storage
    Access Framework.

None of the auto-provisioned JDKs will ever be revisited and automatically updated by auto-provisioning, even if there is a newer minor version available for them.

[[sub:download_repositories]]
=== Toolchain Download Repositories

Toolchain download repository definitions are added to a build by applying specific settings plugins.

    // We can continue if it's 1.8, and we can continue if it's an integer in [9, 20).
    if (javaVersion != null && javaVersion >= 20) {
      // TODO(b/261217224): Make this test work under newer JDKs.
      return;
    }
    TimedWaiterThread thread =
        new TimedWaiterThread(new AbstractFuture<Object>() {}, 2, TimeUnit.SECONDS);
    thread.start();
    thread.awaitWaiting();
    thread.suspend();