build(deps): bump the dependencies group in /systemtest with 3 updates

[dependabot]

Bumps the dependencies group in /systemtest with 3 updates: github.com/docker/docker, go.opentelemetry.io/collector/pdata and go.opentelemetry.io/collector/semconv.

Updates github.com/docker/docker from 27.5.1+incompatible to 28.0.1+incompatible

Release notes

Sourced from github.com/docker/docker's releases.

v28.0.1

28.0.1

For a full list of pull requests and changes in this release, refer to the relevant GitHub milestones:

• docker/cli, 28.0.1 milestone
• moby/moby, 28.0.1 milestone

Networking

• Remove dependency on kernel modules ip_set, ip_set_hash_net and netfilter_xt_set.
  • The dependency was introduced in release 28.0.0 but proved too disruptive. The iptables rules using these modules have been replaced. moby/moby#49530
• Allow daemon startup on a host with IPv6 disabled without requiring --ip6tables=false. moby/moby#49525
• Fix a bug that was causing containers with --restart=always and a published port already in use to restart in a tight loop. moby/moby#49507
• Fix an issue with Swarm ingress, caused by incorrect ordering of iptables rules. moby/moby#49538
• Fix creation of a swarm-scoped network from a --config-only network. moby/moby#49521
• Fix docker network inspect reporting an IPv6 gateway with CIDR suffix for a newly created network with no specific IPAM config, until a daemon restart. moby/moby#49520
• Improve the error reported when kernel modules ip_set, ip_set_hash_net and netilter_xt_set are not available. moby/moby#49524
• Move most of Docker's iptables rules out of the filter-FORWARD chain, so that other applications are free to append rules that must follow Docker's rules. moby/moby#49518
• Update --help output and man page lo state which options only apply to the default bridge network. moby/moby#49522

Bug fixes and enhancements

• Fix docker context create always returning an error when using the "skip-tls-verify" option. docker/cli#5850
• Fix shell completion suggesting IDs instead of names for services and nodes. docker/cli#5848
• Fix unintentionally printing exit status to standard error output when docker exec/run returns a non-zero status. docker/cli#5854
• Fix regression protocol "tcp" is not supported by the RootlessKit port driver "slirp4netns". moby/moby#49514
• containerd image store: Fix docker inspect not being able to show multi-platform images with missing layers for all platforms. moby/moby#49533
• containerd image store: Fix docker images --tree reporting wrong content size. moby/moby#49535
• Fix compilation on i386 moby/moby#49526

Packaging updates

• Update github.com/go-jose/go-jose/v4 to v4.0.5 to address. GHSA-c6gw-w398-hv78 / CVE-2025-27144 docker/cli#5867
• Update Buildx to v0.21.1. docker/docker-ce-packaging#1167
• Update Compose to v2.33.1. docker/docker-ce-packaging#1168

API

• containerd image store: Fix GET /images/json?manifests=1 not filling Manifests for index-only images. moby/moby#49533
• containerd image store: Fix GET /images/json and /images/<name>/json Size.Content field including the size of content that's not available locally. moby/moby#49535

v28.0.0

28.0.0

For a full list of pull requests and changes in this release, refer to the relevant GitHub milestones:

• docker/cli, 28.0.0 milestone

... (truncated)

Commits

• bbd0a17 Merge pull request #49538 from robmry/docker_ingress
• 8ae4858 Merge pull request #49545 from robmry/revert_check-config_ipset
• 1814363 Revert "contrib/check-config: add ipset related flags"
• 558da63 Jump to DOCKER-INGRESS from DOCKER-FORWARD
• f92fdfe Merge pull request #49530 from robmry/disable_ip_set
• 88bc9a3 Merge pull request #49535 from vvoland/c8d-fixcontentsize
• 76417bf Don't use ipset
• c35159e c8d/manifests: Fix Content size including missing content
• 0510499 Merge pull request #49533 from vvoland/c8d-inspectlist-indeximg
• 0274c63 Merge pull request #49518 from robmry/docker_forward_chain
• Additional commits viewable in compare view

Updates go.opentelemetry.io/collector/pdata from 1.25.0 to 1.26.0

Release notes

Sourced from go.opentelemetry.io/collector/pdata's releases.

v1.26.0/v0.120.0

Images and binaries here: https://github.com/open-telemetry/opentelemetry-collector-releases/releases/tag/v0.120.0

End User Changelog

🛑 Breaking changes 🛑

• all: Added support for go1.24, bumped minimum version to 1.23 (#12370)
• mdatagen: Removing deprecated generated funcs and a few test funcs as well. (#12304)
• service: Align component logger attributes with those defined in RFC (#12217) See Pipeline Component Telemetry RFC

💡 Enhancements 💡

• otlpreceiver: Update stability for logs (#12335)
• exporterhelper: Implement sync disabled queue used when batching is enabled. (#12245)
• exporterhelper: Enable the new pull-based batcher in exporterhelper (#12291)
• exporterhelper: Update queue size after the element is done exported (#12399) After this change the active queue size will include elements in the process of being exported.
• otelcol: Add featuregate command to display information about available features (#11998) The featuregate command allows users to view detailed information about feature gates including their status, stage, and description.

🧰 Bug fixes 🧰

• memorylimiter: Logger no longer attributes to single signal, pipeline, or component. (#12217)
• otlpreceiver: Logger no longer attributes to random signal when receiving multiple signals. (#12217)
• exporterhelper: Fix undefined behavior access to request after send to next component. This causes random memory access. (#12281)
• exporterhelper: Fix default batcher to correctly call all done callbacks exactly once (#12247)
• otlpreceiver: Fix OTLP http receiver to correctly set Retry-After (#12367)
• otlphttpexporter: Fix parsing logic for Retry-After in OTLP http protocol. (#12366) The value of Retry-After field can be either an HTTP-date or delay-seconds and the current logic only parsed delay-seconds.
• cmd/builder: Ensure unique aliases for modules with same suffix (#12201)

API Changelog

🛑 Breaking changes 🛑

• configauth: Remove NewDefaultAuthentication (#12223) The value returned by this function will always cause an error on startup. In configgrpc.Client/ServerConfig.Auth, nil should be used instead to disable authentication.

• otelcol: Make the ConfigProvider interface a struct (#12297) Calls to NewConfigProvider will now return *ConfigProvider, but will otherwise work the same as before.

• extension: Remove extension.Settings.ModuleInfo (#12296)

  • The functionality is now available as an optional, hidden interface on service's implementation of the Host

... (truncated)

Changelog

Sourced from go.opentelemetry.io/collector/pdata's changelog.

v1.26.0/v0.120.0

🛑 Breaking changes 🛑

• configauth: Remove NewDefaultAuthentication (#12223) The value returned by this function will always cause an error on startup. In configgrpc.Client/ServerConfig.Auth, nil should be used instead to disable authentication.

• otelcol: Make the ConfigProvider interface a struct (#12297) Calls to NewConfigProvider will now return *ConfigProvider, but will otherwise work the same as before.

• extension: Remove extension.Settings.ModuleInfo (#12296)

  • The functionality is now available as an optional, hidden interface on service's implementation of the Host

• component: Remove deprecated field component.TelemetrySettings.MetricsLevel. (#11061)

• confighttp: Add ToClientOption type and add it to signature of ToClient method. (#12353)

  • This has no use for now, it may be used in the future.

• mdatagen: Remove unused not_component config for mdatagen (#12237)

🚩 Deprecations 🚩

• component/componenttest: Deprecate CheckReceiverMetrics in componenenttest (#12185) Use the metadatatest.AssertEqualMetric series of functions instead of obsreporttest.CheckReceiverMetrics
• component/componenttest: Deprecate CheckReceiverTraces in componenenttest (#12185) Use the metadatatest.AssertEqualMetric series of functions instead of obsreporttest.CheckReceiverTraces
• component: Deprecate ConfigValidator and ValidateConfig (#11524) Please use Validator and Validate respectively from xconfmap.
• receiver, scraper, processor, exporter, extension: Deprecate existing MakeFactoryMap functions in favor of generic implementation (#12222)
• extension, connector, processor, receiver, exporter, scraper: Deprecate Create* methods from Create*Func types. (#12305)
• extensiontest, connectortest, processortest, receivertest, exportertest, scrapertest: Deprecate *test.NewNopSettings in favor of *test.NewNopSettingsWithType (#12305)

🚀 New components 🚀

• xconfmap: Create the xconfmap module and add the Validator interface and Validate function to facilitate config validation (#11524)

💡 Enhancements 💡

• configgrpc: Add the omitempty mapstructure tag to struct fields (#12191) This results in unset fields not being rendered when marshaling.
• confignet: Add the omitempty mapstructure tag to struct fields (#12191) This results in unset fields not being rendered when marshaling.
• configtls: Add the omitempty mapstructure tag to struct fields (#12191) This results in unset fields not being rendered when marshaling.
• consumer: Clarify that data cannot be accessed after Consume* func is called. (#12284)
• pdata/pprofile: Introduce aggregation temporality constants (#12253)

🧰 Bug fixes 🧰

... (truncated)

Commits

• c87bda5 [chore] Prepare release v1.26.0/v0.120.0 (#12412)
• 4397ebc [chore] More pseudoversions bumps (#12408)
• a567a01 [chore] Bump pseudoversion on root module (#12404)
• 36e0467 Add FOSSA scanning workflow (#12394)
• 0d2f646 Update queue size after the element is done exported (#12399)
• 41f3e69 [chore] fix the class field of metadata.yaml files (#12379)
• f9562a0 [chore] Remove abandoned test certificates (#12397)
• 9dd4a5a Remove unused not_component config for mdatagen (#12237)
• 0831231 Deprecate CheckReceiverMetrics functions (#12120)
• 12d8ab1 [docs] Fix links syslist.go (#12388)
• Additional commits viewable in compare view

Updates go.opentelemetry.io/collector/semconv from 0.119.0 to 0.120.0

Changelog

Sourced from go.opentelemetry.io/collector/semconv's changelog.

v1.26.0/v0.120.0

🛑 Breaking changes 🛑

• configauth: Remove NewDefaultAuthentication (#12223) The value returned by this function will always cause an error on startup. In configgrpc.Client/ServerConfig.Auth, nil should be used instead to disable authentication.

• otelcol: Make the ConfigProvider interface a struct (#12297) Calls to NewConfigProvider will now return *ConfigProvider, but will otherwise work the same as before.

• extension: Remove extension.Settings.ModuleInfo (#12296)

  • The functionality is now available as an optional, hidden interface on service's implementation of the Host

• component: Remove deprecated field component.TelemetrySettings.MetricsLevel. (#11061)

• confighttp: Add ToClientOption type and add it to signature of ToClient method. (#12353)

  • This has no use for now, it may be used in the future.

• mdatagen: Remove unused not_component config for mdatagen (#12237)

🚩 Deprecations 🚩

• component/componenttest: Deprecate CheckReceiverMetrics in componenenttest (#12185) Use the metadatatest.AssertEqualMetric series of functions instead of obsreporttest.CheckReceiverMetrics
• component/componenttest: Deprecate CheckReceiverTraces in componenenttest (#12185) Use the metadatatest.AssertEqualMetric series of functions instead of obsreporttest.CheckReceiverTraces
• component: Deprecate ConfigValidator and ValidateConfig (#11524) Please use Validator and Validate respectively from xconfmap.
• receiver, scraper, processor, exporter, extension: Deprecate existing MakeFactoryMap functions in favor of generic implementation (#12222)
• extension, connector, processor, receiver, exporter, scraper: Deprecate Create* methods from Create*Func types. (#12305)
• extensiontest, connectortest, processortest, receivertest, exportertest, scrapertest: Deprecate *test.NewNopSettings in favor of *test.NewNopSettingsWithType (#12305)

🚀 New components 🚀

• xconfmap: Create the xconfmap module and add the Validator interface and Validate function to facilitate config validation (#11524)

💡 Enhancements 💡

• configgrpc: Add the omitempty mapstructure tag to struct fields (#12191) This results in unset fields not being rendered when marshaling.
• confignet: Add the omitempty mapstructure tag to struct fields (#12191) This results in unset fields not being rendered when marshaling.
• configtls: Add the omitempty mapstructure tag to struct fields (#12191) This results in unset fields not being rendered when marshaling.
• consumer: Clarify that data cannot be accessed after Consume* func is called. (#12284)
• pdata/pprofile: Introduce aggregation temporality constants (#12253)

🧰 Bug fixes 🧰

... (truncated)

Commits

• c87bda5 [chore] Prepare release v1.26.0/v0.120.0 (#12412)
• 4397ebc [chore] More pseudoversions bumps (#12408)
• a567a01 [chore] Bump pseudoversion on root module (#12404)
• 36e0467 Add FOSSA scanning workflow (#12394)
• 0d2f646 Update queue size after the element is done exported (#12399)
• 41f3e69 [chore] fix the class field of metadata.yaml files (#12379)
• f9562a0 [chore] Remove abandoned test certificates (#12397)
• 9dd4a5a Remove unused not_component config for mdatagen (#12237)
• 0831231 Deprecate CheckReceiverMetrics functions (#12120)
• 12d8ab1 [docs] Fix links syslist.go (#12388)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

[mergify]

This pull request does not have a backport label. Could you fix it @dependabot[bot]? 🙏
To fixup this pull request, you need to add the backport labels for the needed
branches, such as:

• backport-7.17 is the label to automatically backport to the 7.17 branch.
• backport-8./d is the label to automatically backport to the 8./d branch. /d is the digit.
• backport-9./d is the label to automatically backport to the 9./d branch. /d is the digit.
• backport-8.x is the label to automatically backport to the 8.x branch.
• backport-active-all is the label that automatically backports to all active branches.
• backport-active-8 is the label that automatically backports to all active minor branches for the 8 major.
• backport-active-9 is the label that automatically backports to all active minor branches for the 9 major.

[kruskall]

@Mergifyio queue

[mergify]

queue

🟠 Waiting for conditions to match

• any of: [🔀 queue conditions]
  • all of: [📌 queue conditions of queue default]
    • #approved-reviews-by >= 1 [🛡 GitHub branch protection]
    • #approved-reviews-by >= 1 [🛡 GitHub repository ruleset rule]
    • #approved-reviews-by >= 1 [🛡 GitHub repository ruleset rule]
    • branch-protection-review-decision = APPROVED [🛡 GitHub branch protection]
    • #changes-requested-reviews-by = 0 [🛡 GitHub branch protection]
    • #changes-requested-reviews-by = 0 [🛡 GitHub repository ruleset rule]
    • #changes-requested-reviews-by = 0 [🛡 GitHub repository ruleset rule]
    • any of: [🛡 GitHub branch protection]
      • check-success = lint
      • check-neutral = lint
      • check-skipped = lint
    • any of: [🛡 GitHub branch protection]
      • check-success = system-test
      • check-neutral = system-test
      • check-skipped = system-test
    • any of: [🛡 GitHub branch protection]
      • check-success = CLA
      • check-neutral = CLA
      • check-skipped = CLA
    • any of: [🛡 GitHub branch protection]
      • check-success = buildkite/docs-build-pr
      • check-neutral = buildkite/docs-build-pr
      • check-skipped = buildkite/docs-build-pr
• -closed [📌 queue requirement]
• -conflict [📌 queue requirement]
• -draft [📌 queue requirement]
• any of: [📌 queue -> configuration change requirements]
  • -mergify-configuration-changed
  • check-success = Configuration changed