client-go

mirror of https://github.com/kubernetes/client-go.git synced 2026-05-16 20:37:09 +00:00

Author	SHA1	Message	Date
Michael Aspinwall	c38fc0fb1f	Refactor RealFIFO#Replace delete/update handling to reconcileReplacement Kubernetes-commit: b94e610244ea8e37bcade7eec7e77be0ff61e572	2026-01-14 12:56:32 -05:00
Michael Aspinwall	f3701130c2	Fix Replaced delta documentation Kubernetes-commit: ebd6959b126bad49c305d8088103455ce13241b2	2026-01-14 12:45:13 -05:00
Michael Aspinwall	548663c679	Refactor delta addition/clearing Kubernetes-commit: 2dad39751d993757b3f218fda93a380a450a2257	2026-01-14 12:44:38 -05:00
Kubernetes Publisher	d8ad3ab106	Merge pull request #136162 from dims/update-security-deps-jan2026 Update security-critical authentication and protobuf dependencies Kubernetes-commit: c29a5d73a6fd04896033fe615c259f2949c5e94f	2026-01-14 01:31:55 +00:00
Davanum Srinivas	179e2aab49	Update security-critical authentication and protobuf dependencies This PR updates security-critical dependencies addressing authentication and data parsing vulnerabilities. Authentication Security: - github.com/coreos/go-oidc: v2.3.0 -> v2.5.0 - Security fix: Now verifies token signature BEFORE validating payload - Prevents potential processing of tampered tokens before cryptographic verification - github.com/cyphar/filepath-securejoin: v0.6.0 -> v0.6.1 - Security fix: Fixed seccomp fallback logic - library now properly falls back to safer O_PATH resolver when openat2(2) is denied by seccomp-bpf - Fixed file descriptor leak in openat2 wrapper during RESOLVE_IN_ROOT - cyphar.com/go-pathrs: v0.2.1 -> v0.2.2 - Companion update to filepath-securejoin Protobuf Security: - google.golang.org/protobuf: v1.36.8 -> v1.36.11 - Security fix: Added recursion limit check in lazy decoding validation - Prevents potential stack exhaustion attacks via maliciously crafted protobuf messages - Also adds support for URL chars in type URLs in text-format These updates are critical for: - OIDC authentication in kube-apiserver - Container filesystem path resolution (used by container runtimes) - Protobuf message parsing throughout the codebase Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com> Signed-off-by: Davanum Srinivas <davanum@gmail.com> Kubernetes-commit: c825d80bbf2c82666192c329478a686fa3a1d5dc	2026-01-11 16:50:37 -05:00
Kubernetes Publisher	0b06cf5bf0	Merge pull request #129344 from pohly/log-client-go-apimachinery-network-util apimachinery: contextual logging in network util code Kubernetes-commit: c6be0527684a967c1b0dd14486ae2241832723f0	2026-01-13 21:32:02 +00:00
Kubernetes Publisher	934ba1dfa5	Merge pull request #136161 from dims/update-golang-x-deps-jan2026 Update golang.org/x dependencies to latest versions Kubernetes-commit: 1c894014ebe25e0b042efa91698284f527493d90	2026-01-13 01:36:55 +00:00
Davanum Srinivas	07c57c562d	Update golang.org/x dependencies to latest versions updates the golang.org/x package family to newer releases: - golang.org/x/crypto: v0.45.0 -> v0.46.0 - golang.org/x/net: v0.47.0 -> v0.48.0 - golang.org/x/sys: v0.38.0 -> v0.40.0 - golang.org/x/time: v0.9.0 -> v0.14.0 - golang.org/x/oauth2: v0.30.0 -> v0.34.0 - golang.org/x/text: v0.31.0 -> v0.33.0 - golang.org/x/term: v0.37.0 -> v0.39.0 - golang.org/x/sync: v0.18.0 -> v0.19.0 - golang.org/x/mod: v0.29.0 -> v0.32.0 - golang.org/x/tools: v0.38.0 -> v0.40.0 - golang.org/x/exp: 8a7402abbf56 -> 944ab1f22d93 Security & Stability: - x/crypto: Updated X509 root certificate bundle - x/net: HTTP/2 PING optimization to reduce DoS detection triggers, data race fix in trace RenderEvents - x/sys: Fixed out-of-bounds memory access in sockaddrIUCVToAny - x/time: Fixed rate limiter overflow when using very low rates that could cause the limiter to jam open Performance: - x/time: ~19% improvement in Sometimes.Do when no interval configured Maintenance: - Various vet diagnostic fixes for Go 1.26 compatibility - Dependency updates across the golang.org/x ecosystem Signed-off-by: Davanum Srinivas <davanum@gmail.com> Kubernetes-commit: 0e67c56a8f26ace2889fd24e098b78e13f9bbffe	2026-01-11 16:25:45 -05:00
Kubernetes Publisher	811a272277	Merge pull request #136108 from pohly/ginkgo-gomega-update dependencies: ginkgo v2.27.4, gomega v1.39.0 Kubernetes-commit: 758ef0ffbce5cbca7a893d839dde892d79c2738f	2026-01-08 22:43:17 +00:00
Patrick Ohly	2e32132ba0	dependencies: ginkgo v2.27.4, gomega v1.39.0 Latest release of both. The CurrentTreeConstructionNodeReport fix is needed before being able to use it in the E2E framework. Kubernetes-commit: f8a0c80ed81711f6add7a765d22b56d2d41ac522	2026-01-08 16:53:03 +01:00
Kubernetes Publisher	52d9854c37	Merge pull request #136068 from aojea/leader_race_time fix leader election data race reading observedtime Kubernetes-commit: 0f4705e12e12439b37e81ea6df2318def4b4a2c5	2026-01-07 18:34:00 +00:00
Kubernetes Publisher	2f784525d5	Merge pull request #135959 from pohly/client-go-testing-list-and-watch-race client-go testing: support List+Watch with ResourceVersion Kubernetes-commit: fe36b79c2ab54cd7cc10733ca50e5642e2304f86	2026-01-07 14:33:55 +00:00
Kubernetes Publisher	736bd66226	Merge pull request #132145 from inkel/inkel/client-go/improve-bearerauthrt-roundtrip-perf fix(client): Concatenate string instead of using `fmt.Sprintf` Kubernetes-commit: ed17ca808f5db19c9309ffa32694885d2f30ca7a	2026-01-07 14:33:53 +00:00
Antonio Ojea	7761b3a081	leaderelection RWlock We need to lock on observedTime reads to avoid races, before we were only locking to read the observed record. Use a RW lock since there are much more reads that writes. Kubernetes-commit: d5ac0e408a0a1e50197e1b599b9b8b2e505bfe46	2026-01-07 13:16:25 +00:00
Kubernetes Publisher	65de5216f1	Merge pull request #134798 from aditigupta96/fix-runwithcontext-apimachinery apimachinery: Use informer.RunWithContext in various components Kubernetes-commit: 6af6361e3b6a5eafc8349b05227afff54e0594ed	2026-01-07 02:39:25 +00:00
Kubernetes Publisher	c9ded7e60b	Merge pull request #136053 from tchap/kcm-leader-election-thread-mgmt leasecandidate: Improve goroutine management Kubernetes-commit: 3edae6c1c49958fd10a708d9cc8c4c9e7f5fb6e8	2026-01-06 20:59:08 +05:30
Ondra Kupka	0728b482e1	leasecandidate: Improve goroutine management Make sure all goroutines are terminated when Run returns. Kubernetes-commit: 498896ec4270b790e971a6fb01a292aa4c8cdfe0	2026-01-06 10:43:05 +01:00
Patrick Ohly	58e70dff3d	client-go testing: support List+Watch with ResourceVersion Quite a lot of unit tests set up informers with a fake client, do informerFactory.WaitForCacheSync, then create or modify objects. Such tests suffered from a race: because the fake client only delivered objects to the watch after the watch has been created, creating an object too early caused that object to not get delivered to the informer. Usually the timing worked out okay because WaitForCacheSync typically slept a bit while polling, giving the Watch call time to complete, but this race has also gone wrong occasionally. Now with WaitForCacheSync returning more promptly without polling (work in progress), the race goes wrong more often. Instead of working around this in unit tests it's better to improve the fake client such that List+Watch works reliably, regardless of the timing. The fake client has traditionally not touched ResourceVersion in stored objects and doing so now might break unit tests, so the added support for ResourceVersion is intentionally limited to List+Watch. The test simulates "real" usage of informers. It runs in a synctest bubble and completes quickly: go test -v . === RUN TestListAndWatch listandwatch_test.go:67: I0101 01:00:00.000000] Listed configMaps="&ConfigMapList{ListMeta:{ 1 <nil>},Items:[]ConfigMap{ConfigMap{ObjectMeta:{cm1 default 0 0001-01-01 00:00:00 +0000 UTC <nil> <nil> map[] map[] [] [] []},Data:map[string]string{},BinaryData:map[string][]byte{},Immutable:nil,},},}" err=null listandwatch_test.go:79: I0101 01:00:00.000000] Delaying Watch... listandwatch_test.go:90: I0101 01:00:00.100000] Caches synced listandwatch_test.go:107: I0101 01:00:00.100000] Created second ConfigMap listandwatch_test.go:81: I0101 01:00:00.100000] Continuing Watch... --- PASS: TestListAndWatch (0.00s) PASS ok k8s.io/client-go/testing/internal 0.009s Some users of the fake client need to be updated to avoid test failures: - ListMeta comparisons have to be updated. - Optional: pass ListOptions into tracker.Watch. It's optional because the implementation behaves as before when options are missing, but the List+Watch race fix only works when options are passed. Kubernetes-commit: 56448506075c3db1d16b5bbf0c581b833a4646f1	2025-12-27 21:57:54 +01:00
Kubernetes Publisher	d9d16a9e17	Merge pull request #135391 from jpbetz/smd-6_3_1 Bump structured-merge-diff to pick up flake fix and bug fixes Kubernetes-commit: 6f92c01979b7666f6631a556a8626e21b88d1f2a	2025-12-23 14:30:15 +00:00
Kubernetes Publisher	af9dcc3651	Merge pull request #135867 from dims/pin-versions-of-dbus-and-otelgrpc-to-avoid-breakage Pin versions of dbus and otelgrpc to avoid breakage Kubernetes-commit: dce2e8cef737ebce3a4d13d74654c50bcb244846	2025-12-21 02:29:37 +00:00
Davanum Srinivas	aa82641b9d	updated to last known good dependencies for otelgrpc and dbus Signed-off-by: Davanum Srinivas <davanum@gmail.com> Kubernetes-commit: 60cce0abd05d31f74ece404e584f53c915a7f3d5	2025-12-20 15:27:53 -05:00
Kubernetes Publisher	687c6c1315	Merge pull request #135836 from pohly/ginkgo-gomega-update dependencies: ginkgo v2.27.3 + gomega v1.38.3 Kubernetes-commit: 268bdbe214ac64b5a31a59cfae6b96f3a1585bd3	2025-12-19 18:29:40 +00:00
Kubernetes Publisher	1078d9cd6f	Merge pull request #135845 from skitt/drop-armon-circbuf Replace armon/circbuf with k8s.io/utils/buffer Kubernetes-commit: 0ea38248603ce745956d779787874cfd91ca29ae	2025-12-19 18:29:38 +00:00
Stephen Kitt	85ab7843a2	Replace armon/circbuf with k8s.io/utils/buffer This uses the new generic fixed ring implementation in k8s.io/utils. Signed-off-by: Stephen Kitt <skitt@redhat.com> Kubernetes-commit: 3653ae2b9a7768da89e47ef84d503ae9cf0b910b	2025-12-19 09:59:41 +01:00
Kubernetes Publisher	f36ae1f45e	Merge pull request #135840 from michaelasp/makeDeterministic Fix issue with TestReplaceEvents not sending history deterministically Kubernetes-commit: 09ca6040f7a0d6f80cd74fbbd9691341190b092f	2025-12-19 06:29:13 +00:00
Michael Aspinwall	e07f72a3ec	Fix issue with test not sending history deterministically Kubernetes-commit: 2b330f0357cb825de0dc196b426c858b2bba7f2c	2025-12-19 00:45:43 +00:00
Kubernetes Publisher	66d2ca7fea	Merge pull request #135832 from liggitt/test-replace-flake Make TestReplaceEvents deterministic for delete event comparison Kubernetes-commit: e07199dbc63e4aaa448f173045161ab209c71ec8	2025-12-18 18:29:04 +00:00
Kubernetes Publisher	ba82880ed7	Merge pull request #135539 from dims/move-httpcache-to-third_party/forked move httpcache to third_party/forked Kubernetes-commit: 04d866b37de3aefac063b2b6e12f11b30701c9ff	2025-12-18 18:29:02 +00:00
Jordan Liggitt	8e36d0d305	Make TestReplaceEvents deterministic for delete event comparison Kubernetes-commit: fb288e3ce164e86f590768d8dce92152e9ea0bbe	2025-12-18 09:54:56 -05:00
Patrick Ohly	a01f268c3e	dependencies: ginkgo v2.27.3 + gomega v1.38.3 This fixes some issues found in Kubernetes (data race in ginkgo CLI, gomega formatting) and helps with diagnosing OOM killing in CI jobs (exit status of processes). The modified gomega formatting shows up in some of the output tests for the E2E framework. They get updated accordingly. Kubernetes-commit: db841afdbb193ea7d612472c7cc4c7b3f58eb676	2025-12-16 14:32:00 +01:00
Davanum Srinivas	f0e0dbdb4b	move httpcache to third_party/forked Signed-off-by: Davanum Srinivas <davanum@gmail.com> Kubernetes-commit: ab1ffaf12e243798df20a5c98192b8d108ba9a9b	2025-12-01 21:58:55 -05:00
Kubernetes Publisher	8f891d54a2	Merge pull request #135665 from michaelasp/replaceTest Add test for replace events in client-go controller Kubernetes-commit: 9d8404426fc33f6fbb2e5180b2e80f685b16bbd6	2025-12-18 14:29:09 +00:00
Kubernetes Publisher	d008946b23	Merge pull request #135615 from soltysh/drop_autoscaling_v2betaX Drop autoscaling v2beta1 and v2beta2 Kubernetes-commit: 508074f023a82230a3af03a3827e7fa1aebbaa7a	2025-12-18 14:29:08 +00:00
Kubernetes Publisher	1aef261f0a	Merge pull request #135371 from Nikateen/contextual-logging-leaderelection Use contextual logging in leaderelection Kubernetes-commit: 3558d1e9ce6829e91b6e81bcf96dda03b21f6258	2025-12-18 06:33:06 +00:00
Kubernetes Publisher	ca2dee6d05	Merge pull request #135324 from p0lyn0mial/upstream-watchlist-unsupported-wl-better-docs client-go/reflector: Improve WatchListClient disabled log message for clarity Kubernetes-commit: 13b10dc70fb018204a4175db96889e7811093c2c	2025-12-18 06:33:04 +00:00
Kubernetes Publisher	b960c92ed7	Merge pull request #135183 from enj/patch-11 Add enj to k8s.io/client-go approvers Kubernetes-commit: d24c46b1d96d6299395dde872c392a9f54fdf716	2025-12-18 06:33:01 +00:00
Kubernetes Publisher	0d964cc386	Merge pull request #132807 from iholder101/feature/ImageVolumeWithDigest [KEP-5365] Implement Image Volume with Digest Kubernetes-commit: e14cdadc5a7b3c735782993d7899c9ea5df6e7b0	2025-12-18 02:29:38 +00:00
Michael Aspinwall	7d2828a105	Add test for replace events in controller Kubernetes-commit: 6b977a28e90a1f369de91b07a13213ec05a5a426	2025-12-08 16:18:46 +00:00
Maciej Szulik	8dc82bbe31	Generated changes Signed-off-by: Maciej Szulik <soltysh@gmail.com> Kubernetes-commit: 583ddba56983d77a0a8c77c3bc7aaac9885c8690	2025-12-05 11:53:07 +01:00
Kubernetes Publisher	a296bd743c	Merge pull request #135591 from p0lyn0mial/upstream-watchlist-reflector-log-fallback downgrade reflector watchlist fallback log to V(4) Kubernetes-commit: 9293f9326d41e1e4ad53096ef180dd6ab0f9c699	2025-12-05 02:33:54 +00:00
Kubernetes Publisher	6a962375ad	Merge pull request #135580 from serathius/client-go-transformer Embed proper interface in TransformingStore to ensure DeltaFIFO and RealFIFO are implementing it Kubernetes-commit: 04e8064bccebd04981ee0094457550c9de4f92e3	2025-12-04 22:33:40 +00:00
Kubernetes Publisher	453ad29ccd	Merge pull request #135536 from dims/bump-x/crypto-to-v0.45.0 Bump golang.org/x/crypto to v0.45.0 Kubernetes-commit: de61f598953ccd3e3950cdeda02740af2881048f	2025-12-04 22:33:40 +00:00
Lukasz Szaszkiewicz	4e4a2b723a	downgrade reflector watchlist fallback log to V(4) Kubernetes-commit: 3f42ca14011e972ee439a27d47415bc7574f2317	2025-12-04 16:14:19 +01:00
Davanum Srinivas	97256a6495	Bump golang.org/x/crypto to v0.45.0 Signed-off-by: Davanum Srinivas <davanum@gmail.com> Kubernetes-commit: 5302b929ae55e86ad40b57d74c326529792d0439	2025-12-01 14:11:01 -05:00
Kubernetes Publisher	46360b527e	Merge pull request #135131 from Dev1622/sig-storage/mock-expand-flake-fix e2e/storage: deflake CSI Mock volume expansion quota validation Kubernetes-commit: 4c04786f746e349a34042a0d59ec432a8a46ddcc	2025-11-26 20:44:31 +00:00
Jordan Liggitt	715440da15	Use transformer in consistency checker Kubernetes-commit: 91368adbb556286942d996c60ab6cc39306415b7	2025-11-26 15:19:00 -05:00
Joe Betz	521671e60d	hack/pin-dependency.sh sigs.k8s.io/structured-merge-diff/v6 v6.3.1 Kubernetes-commit: 5129fa152b3628ee65c060d3e2f59f69d271f7a6	2025-11-21 08:53:57 -05:00
Nikateen	a361bc1602	Use contextual logging in leaderelection Update leaderelection package to use contextual logging variants: - Replace wait.JitterUntil with wait.JitterUntilWithContext - Replace wait.Until with wait.UntilWithContext This enables proper contextual logging support as part of the structured logging migration. Ref #126379 Kubernetes-commit: c5b64ebf2ef8619fb96c35f3a613b1b945ebe0f2	2025-11-20 21:30:05 +05:30
Lukasz Szaszkiewicz	4fa8366691	client-go/reflector: Improve WatchListClient disabled log message for clarity Kubernetes-commit: f4c24b5ef52272fe5e473e92fe5f98bee844f8aa	2025-11-17 09:25:33 +01:00
Dev1622	3878a6464b	vendor: update vendor and license metadata after replacing BeTrue usage in csi tests Kubernetes-commit: 216aaf76cba4b0cba05f0901d759dc017f833cd3	2025-11-13 05:11:59 +00:00

1 2 3 4 5 ...

5202 Commits