The comment on ConfigMapsLeasesResourceLock begins with the wrong name: EndpointsLeasesResourceLock.
Kubernetes-commit: a50c9db09ba4d22328088887d2fd00b61b36e6c4
Since the behavior is now changed, and the old behavior leaked objects,
this adds a new comment about how Replace works.
Signed-off-by: Odin Ugedal <ougedal@palantir.com>
Signed-off-by: Odin Ugedal <odin@uged.al>
Kubernetes-commit: 27f4bcae5c52a3bb88141f940ec23d907a15cde5
This is useful to both reduce the code complexity, and to ensure clients
get the "newest" version of an object known when its deleted. This is
all best-effort, but for clients it makes more sense giving them the
newest object they observed rather than an old one.
This is especially useful when an object is recreated. eg.
Object A with key K is in the KnownObjects store;
- DELETE delta for A is queued with key K
- CREATE delta for B is queued with key K
- Replace without any object with key K in it.
In this situation its better to create a DELETE delta with
DeletedFinalStateUnknown with B (with this patch), than it is to give
the client an DeletedFinalStateUnknown with A (without this patch).
Signed-off-by: Odin Ugedal <ougedal@palantir.com>
Signed-off-by: Odin Ugedal <odin@uged.al>
Kubernetes-commit: 7bcc3e00fc28b2548886d04639a2e352ab37fb55
This fixes an issue where a relist could result in a DELETED delta
with an object wrapped in a DeletedFinalStateUnknown object; and then on
the next relist, it would wrap that object inside another
DeletedFinalStateUnknown, leaving the user with a "double" layer
of DeletedFinalStateUnknown's.
Signed-off-by: Odin Ugedal <ougedal@palantir.com>
Signed-off-by: Odin Ugedal <odin@uged.al>
Kubernetes-commit: 0bf0546d9f75d92c801e81c9f7adf040bba64102
Requests can accumulate errors with no obvious indication, e.g. if
their primary purpose is to construct a URL: URL() itself doesn't
return an error if r.err is non-nil.
Instead of changing URL() to return an error, which has quite a large
impact, add an Error() function and indicate on URL() that it should
be checked.
Signed-off-by: Stephen Kitt <skitt@redhat.com>
Kubernetes-commit: f69c1c47463ff70ad61adf6f38c4d5b7373e9d0a
This fixes a race condition when a "short lived" object
is created and the create event is still present on the queue
when a relist replaces the state. Previously that would lead in the
object being leaked.
The way this could happen is roughly;
1. new Object is added O, agent gets CREATED event for it
2. watch is terminated, and the agent runs a new list, L
3. CREATE event for O is still on the queue to be processed.
4. informer replaces the old data in store with L, and O is not in L
- Since O is not in the store, and not in the list L, no DELETED event
is queued
5. CREATE event for O is still on the queue to be processed.
6. CREATE event for O is processed
7. O is <leaked>; its present in the cache but not in k8s.
With this patch, on step 4. above it would create a DELETED event
ensuring that the object will be removed.
Signed-off-by: Odin Ugedal <ougedal@palantir.com>
Signed-off-by: Odin Ugedal <odin@uged.al>
Kubernetes-commit: 25d77218acdac2f793071add9ea878b08c7d328b
When Shutdown was called, delivery of each pending event would still be retried
12 times with a delay of ~10s between each retry. In apiserver integration
tests that caused the goroutine to linger long after the corresponding
apiserver of the test was shut down.
Kubernetes-commit: 15b01af9c18a0840d71e2bb7dff4d8c29b158aad
This improves performance of the text formatting and ktesting.
Because ktesting no longer buffers messages by default, one unit
test needs to ask for that explicitly.
Kubernetes-commit: 961819a4d09488e20931103e0c36d2bed588fdcb
This fixes the following warning (error?) in the apiserver:
E0126 18:10:38.665239 16370 fieldmanager.go:210] "[SHOULD NOT HAPPEN] failed to update managedFields" err="failed to convert new object (test/claim-84; resource.k8s.io/v1alpha1, Kind=ResourceClaim) to smd typed: .status.reservedFor: element 0: associative list without keys has an element that's a map type" VersionKind="/, Kind=" namespace="test" name="claim-84"
The root cause is the same as in e50e8a0c919c0e02dc9a0ffaebb685d5348027b4:
nothing in Kubernetes outright complains about a list of items where the item
type is comparable in Go, but not a simple type. This nonetheless isn't
supposed to be done in the API and can causes problems elsewhere.
For the ReservedFor field, everything seems to work okay except for the
warning. However, it's better to follow conventions and use a map. This is
possible in this case because UID is guaranteed to be a unique key.
Validation is now stricter than before, which is a good thing: previously,
two entries with the same UID were allowed as long as some other field was
different, which wasn't a situation that should have been allowed.
Kubernetes-commit: 508cd60760567b3832da748140e3cf782c1b8695
If gomega.Eventually/Consistently run into a situation where it observes some
state of e.g. a pod which does not satisfy the condition and then further
polling fails with API server errors, gomega will report both the most recent
pod state and API error instead of just the API error.
Kubernetes-commit: aa1279b5eb79177f5351368d8d9159982b1bfb5e
These are not regenerated by any input. The OWNERS files were the last
things left for these 2 directories
Kubernetes-commit: dc88f34ce30eb98285f7f30e391b135e842cdbc2
It seems valuable to be able to provide hand-written docs for these
first-level directories, and if don't want them, the generated doc.go
files are not actually very helpful.
This commit also adds new doc.go files for client-go listers/ and
informers/.
Kubernetes-commit: 95bf7b0afe9dd6a0f00125b1d290514a23e778e2
While refactoring the backoff manager to simplify and unify the code
in wait a race condition was encountered in
TestSharedInformerWatchDisruption. The new implementation failed
because the fake clock was not propagated to the backoff managers
when the reflector was used in a controller. After ensuring the
mangaers, reflector, controller, and informer shared the same
clock the test needed was updated to avoid the race condition by
advancing the fake clock and adding real sleeps to wait for
asynchronous propagation of the various goroutines in the controller.
Due to the deep structure of informers it is difficult to inject
hooks to avoid having to perform sleeps. At a minimum the FakeClock
interface should allow a caller to determine the number of waiting
timers (to avoid the first sleep).
Kubernetes-commit: 91b3a81fbd916713afe215f7d701950e13a02869
Add a "lazy" type to track when an update is needed. It uses a nested
locking technique to avoid extra evaluation calls.
Kubernetes-commit: 5a1091d88d95bd1dd5c27f2c72cee4ecb4219dda
Bumping version to include changes that
better handle TLS errors. Bump nescessary
to prepare for when the version of Go is
bumped to 1.20
Signed-off-by: Madhav Jivrajani <madhav.jiv@gmail.com>
Kubernetes-commit: 8b064fa4be71b5f1b498fabb5caade3c57f5d434
Update isomorphic event definition in the events/v1 client to match aggregation logic from core/v1
Kubernetes-commit: f56c79398e3c58b4f5a9c7e6a1f4d64248ef1b83
The new ginkgo release adds sorting of specs. This was triggered by
the observation that parallel test execution of Kubernetes E2E tests
sometimes ran the same spec twice and (presumably) other specs not at all
because spec order was random due to iteration over a map.
Sorting should avoid that problem.
Kubernetes-commit: baf832d80d798d53ceb7d4de3a39330c6eda5c6a
Currently, watch package embeds context deadlineexceeded error
in it's own error using `%v`, as can be seen in here;
`fmt.Errorf("UntilWithSync: unable to sync caches: %v", ctx.Err())`
However, consumers of this function can not use
`errors.Is(err, context.DeadlineExceeded)` due this `%v`.
To let consumers can distinguish context deadlineexceeded errors,
this PR changes error embedding format to `%w`.
Kubernetes-commit: 6b7c365f8f6d50280c2dab171efdd4b93d964f32
Fake discovery should return an error if an error-returning reactor was prepended.
This is relevant e.g. for unit tests which test a function which relies
on discovery to check if an API Server is available.
Matches existing behavior of other fake types, for example fake_namespace.
Adds unit test coverage as well.
Kubernetes-commit: b47748103a53c0fe5ba1ddc950662ffc9bd9ed0f
Currently, when the remote connection is unexpected closed, forward() prints an error message saying "lost connection to pod" via runtime.HandleError, but then it returns nil for the error.
This prevents the caller from being able to handle this error differently.
This commit changes forward() to return the "lost connection to pod" error so that it can be handled by the caller.
Making this change enables kubectl port-forward to exit with code 1, instead of 0, which is the expected behavior for a command that has failed.
Kubernetes-commit: a9f04103854893056237a09250ad3335867b0391
When attempting to record a new Event and a new Serie on the apiserver
at the same time, the patch of the Serie might happen before the Event
is actually created. In that case, we handle the error and try to create
the Event. But the Event might be created during that period of time and
it is treated as an error today. So in order to handle that scenario, we
need to retry when a Create call for a Serie results in an AlreadyExist
error.
Signed-off-by: Damien Grisonnet <dgrisonn@redhat.com>
Kubernetes-commit: 2f83117bcfe30ad3ada7f1ca66f4b885a1d5df25
There was a data race in the recordToSink function that caused changes
to the events cache to be overriden if events were emitted
simultaneously via Eventf calls.
The race lies in the fact that when recording an Event, there might be
multiple calls updating the cache simultaneously. The lock period is
optimized so that after updating the cache with the new Event, the lock
is unlocked until the Event is recorded on the apiserver side and then
the cache is locked again to be updated with the new value returned by
the apiserver.
The are a few problem with the approach:
1. If two identical Events are emitted successively the changes of the
second Event will override the first one. In code the following
happen:
1. Eventf(ev1)
2. Eventf(ev2)
3. Lock cache
4. Set cache[getKey(ev1)] = &ev1
5. Unlock cache
6. Lock cache
7. Update cache[getKey(ev2)] = &ev1 + Series{Count: 1}
8. Unlock cache
9. Start attempting to record the first event &ev1 on the apiserver side.
This can be mitigated by recording a copy of the Event stored in
cache instead of reusing the pointer from the cache.
2. When the Event has been recorded on the apiserver the cache is
updated again with the value of the Event returned by the server.
This update will override any changes made to the cache entry when
attempting to record the new Event since the cache was unlocked at
that time. This might lead to some inconsistencies when dealing with
EventSeries since the count may be overriden or the client might even
try to record the first isomorphic Event multiple time.
This could be mitigated with a lock that has a larger scope, but we
shouldn't want to reflect Event returned by the apiserver in the
cache in the first place since mutation could mess with the
aggregation by either allowing users to manipulate values to update
a different cache entry or even having two cache entries for the same
Events.
Signed-off-by: Damien Grisonnet <dgrisonn@redhat.com>
Kubernetes-commit: 55ec09d377274b4a6107fe0b7a061ad408fe05a7
* Add tracker types and tests
* Modify ResourceEventHandler interface's OnAdd member
* Add additional ResourceEventHandlerDetailedFuncs struct
* Fix SharedInformer to let users track HasSynced for their handlers
* Fix in-tree controllers which weren't computing HasSynced correctly
* Deprecate the cache.Pop function
Kubernetes-commit: 8100efc7b3122ad119ee8fa4bbbedef3b90f2e0d
There should only be one source of truth for the API group's name and
version.
Signed-off-by: Steve Kuznetsov <skuznets@redhat.com>
Kubernetes-commit: e13198ec6f52c4a6405388e90053954dc7656a31
Ginkgo v2.5.0 adds support for a "timeline": a full description of what happened
while a specific test ran, including failures, timeouts, and log output.
Ginkgo v2.6.0 adds ReportBeforeSuite which we need for
https://github.com/kubernetes/kubernetes/issues/114313.
Kubernetes-commit: f3ef4004317c1a12d84021be29dd5f92badc8eff
Update the definition of an isomorphic event in the events/v1 client to
match the aggregation logic that was already present in the core/v1
implementation.
The note field was omitted even though the message was used in the core
API aggregation because we didn't reach consensus.
Signed-off-by: Damien Grisonnet <dgrisonn@redhat.com>
Kubernetes-commit: 21f2f746abc1a5a1b3193274401f5728e19cc26f
remove allowOmittingUsageKeyEncipherment as it is always true
Signed-off-by: Paco Xu <paco.xu@daocloud.io>
Kubernetes-commit: 160f015ef4affe903f98e74cf42b40fceef15cb9
The error result of `d.downloadAPIs()` is set in `aerr`,
not `err`.
This prevents a nil-ptr dereference of apiGroups in the next step.
Signed-off-by: Abhijit Hoskeri <abhijithoskeri@gmail.com>
Kubernetes-commit: 450ba4f50638ad9ee4d287a762a8530c64e89ebd
* Add RedactSecrets function
* Move RedactSecrets method to existing RawBytesData case
* Update TestRedactSecrets to use new pattern of os.CreateTemp()
Kubernetes-commit: e721272d10dd6c4d85ff613182ba0eaddcec9272
rather than modify the object directly, this function provides a JSONPATCH that should be sent to the server to upgrade its managed fields.
Kubernetes-commit: 4e4d748c06e2c2dfec7608f96237c4b0a42540c9
adds unneccessary complexity. also discussed in SIG CLI meeting to keep annotation around for a while longer
Kubernetes-commit: 0c055eae3c9eaea26574743f0623d6b0e9e3d6b4
Gomega adds support for formatting extensions and StopTrying in matchers.
Ginkgo enhances DeferCleanup.
This also triggered an update of other dependencies.
Kubernetes-commit: e6ad2f2f23449c9d24606b864c4737dc66a7427e
No particular benefit and no relevant changes, it's just to stay up-to-date and
to avoid having to pull that in when merging
https://github.com/kubernetes/kubernetes/pull/111023 which indirectly depends
on the newer release.
Kubernetes-commit: 9b93cc663a102b6e36f07eecc7b6e32225f39295
All other clients:
- expose a New() method that takes a rest.Interface
- expose their RESTClient()
- return pointers to the type, not instances of an interface that the
type implements
For code that is generic over all Kubernetes clients, and for general
developer experience, it's best to make sure that this client adheres to
these common practices.
Signed-off-by: Steve Kuznetsov <skuznets@redhat.com>
Kubernetes-commit: 74af6f1e7d9057bfcb64f4d875063c14041937e5
It's clear that client-sets contain many versions of one group, so this
comment just seems to be out-dated.
Signed-off-by: Steve Kuznetsov <skuznets@redhat.com>
Kubernetes-commit: 588f016c3bc04ea2da85d7077643677028a8cb1b
5 years after third party resources were removed, we're probably just confusing readers with this reference.
Kubernetes-commit: d21fc6e762276747e3306cfaf27b0ce1201071c2
Mark remotecommand.Executor as deprecated and related modifications.
Handle crash when streamer.stream panics
Add a test to verify if stream is closed after connection being closed
Remove blank line and update waiting time to 1s to avoid test flakes in CI.
Refine the tests of StreamExecutor according to comments.
Remove the comment of context controlling the negotiation progress and misc.
Signed-off-by: arkbriar <arkbriar@gmail.com>
Kubernetes-commit: 42808c8343671e6783ba4c901dcd619bed648c3d
Add an annotation that can be added to the exampleType passed to
NewReflector to indicate the expected type for the Reflector. This is
useful for types such as unstuctured.Unstructured, which, when used with
a dynamic informer, do not have their TypeMeta filled in.
Signed-off-by: Andy Goldstein <andy.goldstein@redhat.com>
Kubernetes-commit: 474fc8c5234000bce666a6b02f7ffbb295ef135f
SharedInformerFactory starts goroutines in Start and those can be stopped by
closing the stop channel. However, there was no API that waits for the
goroutines.
This is a problem for unit testing. A test has to return while the informers
are still running, which may get flagged by tools like
https://github.com/uber-go/goleak or by klog/ktesting when those informers
lead to log output.
While at it, more documentation gets added to address
https://github.com/kubernetes/kubernetes/issues/65036.
Kubernetes-commit: e89d1d47e8365cad31600b17dab662d3c8a359dd
Ginkgo v2.1.6 adds ginkgo.SuppressProgressReporting which is needed
to suppress too verbose output each time the ReportAfterEach of the custom
progress reporter is invoked.
Kubernetes-commit: 311144fb3e61dabdbcd48d164dc80716b5ba5a73
The lock acquired by tryAcquireOrRenew is released when the leader ends
leadership. However, due to the cancellation of the context, the lock may
be set as an empty lock, so the Update cannot be run normally, resulting
in a failure to release the lock.
Signed-off-by: jackzhang <x_jackzhang@qq.com>
Kubernetes-commit: 8690ff6264cceb38bd81dec99bb8affcc40286a9
This change updates the transport.Config .Dial and .TLS.GetCert fields
to use a struct wrapper. This indirection via a pointer allows the
functions to be compared and thus makes them valid to use as map keys.
This change is then leveraged by the existing global exec auth and TLS
config caches to return the same authenticator and TLS config even when
distinct but identical rest configs were used to create distinct
clientsets.
Signed-off-by: Monis Khan <mok@microsoft.com>
Kubernetes-commit: 831d95b6a021c2767effe85e461309cb6a0fdcec
for correctness. technically shouldnt be an issue since restarting a stopped processor is not supported
Kubernetes-commit: 3a81341cfa6f7e2ca1b9bfc195c567dcdfaa4dea
The functionality provided by the finalURLTemplate is still used by
certain external projects to track the request latency for requests
performed to kube-apiserver.
Using a template of the URL, instead of the URL itself, prevents the
explosion of label cardinality in exposed metrics since it aggregates
the URLs in a way that common URLs requests are reported as being the
same.
This reverts commit bebf5a608f68523fc430a44f6db26b16022dc862.
Signed-off-by: André Martins <aanm90@gmail.com>
Kubernetes-commit: f8f190cdd2fa76296f8b1b019ac77128b5d40b79
To be able to write more precise unit tests in the future
Change-Id: I8f45947dfacca501acd856849bd978fad0f735cd
Kubernetes-commit: dad8454ebb87ba7af897537db6d34033127bbfef
This is a little more computationally expensive but reduces the
likelihood of a potentially malicious cache collision.
Signed-off-by: Nic Cope <nicc@rk0n.org>
Kubernetes-commit: c5957c284e1d23bdadc98fbbe2bb481fc1f345d4
- Run hack/update-codegen.sh
- Run hack/update-generated-device-plugin.sh
- Run hack/update-generated-protobuf.sh
- Run hack/update-generated-runtime.sh
- Run hack/update-generated-swagger-docs.sh
- Run hack/update-openapi-spec.sh
- Run hack/update-gofmt.sh
Signed-off-by: Davanum Srinivas <davanum@gmail.com>
Kubernetes-commit: a9593d634c6a053848413e600dadbf974627515f
This helps avoid (potentially malicious) collisions when reading and
writing cache data.
Signed-off-by: Nic Cope <nicc@rk0n.org>
Kubernetes-commit: 288a17fd337c65cb5aea44e44ecb74e9cb8088f5
It is used to request that a pod runs in a unique user namespace.
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
Signed-off-by: Rodrigo Campos <rodrigoca@microsoft.com>
Co-authored-by: Rodrigo Campos <rodrigoca@microsoft.com>
Kubernetes-commit: 9e9b23fd3ca6c0c58ee401b18a65422c0564bec0
Part of the API discovery cache uses an HTTP RoundTripper that
transparently caches responses to disk. The upstream implementation of
the disk cache is hard coded to call Sync() on every file it writes.
This has noticably poor performance on modern Macs, which ask their disk
controllers to flush all the way to persistant storage because Go uses
the `F_FULLFSYNC` fnctl. Apple recommends minimizing this behaviour in
order to avoid degrading performance and increasing disk wear.
The content of the discovery cache is not critical; it is indeed just a
cache and can be recreated by hitting the API servers' discovery
endpoints. This commit replaces upstream httpcache's diskcache
implementation with a similar implementation that can use CRC-32
checksums to detect corrupted cache entries at read-time. When such an
entry is detected (e.g. because it was only partially flushed to
permanent storage before the host lost power) the cache will report a
miss. This causes httpcache to fall back to its underlying HTTP
transport (i.e. the real API server) and re-cache the resulting value.
Apart from adding CRC-32 checksums and avoiding calling fsync this
implementation differs from upstream httpcache's diskcache package in
that it uses FNV-32a hashes rather than MD5 hashes of cache keys in
order to generate filenames.
Signed-off-by: Nic Cope <nicc@rk0n.org>
Kubernetes-commit: 7a2c6a432f9e8db8b84abe5607843429f8bff417
This benchmark is intended to demonstrate a performance improvement
gained by removing fsyncs. Refer to the below issue for more detail.
https://github.com/kubernetes/kubernetes/issues/110753
Signed-off-by: Nic Cope <nicc@rk0n.org>
Kubernetes-commit: eace46906512b99c23ad9635edc2ea055363a602
This makes ktesting more resilient against logging from leaked goroutines,
which is a problem that came up in kubelet node shutdown
tests (https://github.com/kubernetes/kubernetes/issues/110854).
Kubernetes-commit: 3581e308835c69b11b2c9437db44073129e0e2bf
This will help us to get rid of `Ginkgo` v1 dep.
Signed-off-by: Dave Chen <dave.chen@arm.com>
Kubernetes-commit: 597071af17377f5ab4de03804b0d8b41f73fe7ce
The main practical advantage is that klog.Fatal no longer dumps the backtrace
of all goroutines.
Kubernetes-commit: f05e327ca611c23469ef41310d1d59b384cedc27
This type should never have been shared between Service and Ingress.
The `ports` field is unfortunate, but it is needed to stay compatible.
Kubernetes-commit: 0153bfad16102e42d0b0dbb56742d0a6626e4180
To be able to implement controllers that are dynamically deciding
on which resources to watch, it is required to get rid of
dedicated watches and event handlers again. This requires the
possibility to remove event handlers from SharedIndexInformers again.
Stopping an informer is not sufficient, because there might
be multiple controllers in a controller manager that independently
decide which resources to watch.
Unfortunately the ResourceEventHandler interface encourages to use
value objects for handlers (like the ResourceEventHandlerFuncs
struct, that uses value receivers to implement the interface).
Go does not support comparison of function pointers and therefore
the comparison of such structs is not possible, also. To be able
to remove all kinds of handlers and to solve the problem of
multi-registrations of handlers a registration handle is introduced.
It is returned when adding a handler and can later be used to remove
the registration again. This handle directly stores the created
listener to simplify the deletion.
Kubernetes-commit: 7436af3302088c979b431856c432b95dd230f847
This fix allows Reflector/Informer callers to detect API errors using the standard Go errors.As unwrapping methods used by the apimachinery helper methods. Combined with a custom WatchErrorHandler, this can be used to stop an informer that encounters specific errors, like resource not found or forbidden.
Kubernetes-commit: 9ace604b63045ebbb066cab5e8508b51d0900a05
The updated zapr is more resilient against MarshalLog crashing. Not a known
problem in Kubernetes, though.
Kubernetes-commit: 3e6974e0ba67a8f598e7bc4ccedfdab928935551
* Introduce networking/v1alpha1 api, ClusterCIDRConfig type
Introduce networking/v1alpha1 api group.
Add `ClusterCIDRConfig` type to networking/v1alpha1 api group, this type
will enable the NodeIPAM controller to support multiple ClusterCIDRs.
* Change ClusterCIDRConfig.NodeSelector type in api
* Fix review comments for API
* Update ClusterCIDRConfig API Spec
Introduce PerNodeHostBits field, remove PerNodeMaskSize
Kubernetes-commit: b9792a9daef4d978c5c30b6d10cbcdfa77a9b6ac
This commit refactors the retry logic to include resetting the
request body. The reset logic will be called iff it is not the
first attempt. This refactor is nescessary mainly because now
as per the retry logic, we always ensure that the request body
is reset *after* the response body is *fully* read and closed
in order to reuse the same TCP connection.
Previously, the reset of the request body and the call to read
and close the response body were not in the right order, which
leads to race conditions.
This commit also adds a test that verifies the order in which
the function calls are made to ensure that we seek only after
the response body is closed.
Co-authored-by: Madhav Jivrajani <madhav.jiv@gmail.com>
Kubernetes-commit: 68c8c458ee8f6629eef806c48c1a776dedad3ec4
* Add FeatureGate PodHostIPs
* Add HostIPs field and update PodIPs field
* Types conversion
* Add dropDisabledStatusFields
* Add HostIPs for kubelet
* Add fuzzer for PodStatus
* Add status.hostIPs in ConvertDownwardAPIFieldLabel
* Add status.hostIPs in validEnvDownwardAPIFieldPathExpressions
* Downward API support for status.hostIPs
* Add DownwardAPI validation for status.hostIPs
* Add e2e to check that hostIPs works
* Add e2e to check that Downward API works
* Regenerate
Kubernetes-commit: 61b3c028ba618a939559c39befb546ae5e5fd0b9
* Implement status subresource in NetworkPolicy
* add NetworkPolicyStatus generated files
* Fix comments in netpol status review
Kubernetes-commit: 42a12010829962c6e87cee8e4bc217d39d7a8043
reflect latest struct changes
use correct discovery openapi test data layout
make the OpenAPIv3 interface less blue
field grouping
add copyrights
implement cached discovery client
add cached discovery tests
address review feedback
Kubernetes-commit: 075866b3e3ea029c243d82d8d6eb99e96d9c49d3
Currenlty an event recorder can send an event to a
broadcaster that is already stopped, resulting
in a panic. This ensures the broadcaster holds
a lock while it is shutting down and then forces
any senders to drop queued events following
broadcaster shutdown.
It also updates the Action, ActionOrDrop, Watch,
and WatchWithPrefix functions to return an error
in the case where data is sent on the closed bradcaster
channel rather than panicing.
Lastly it updates unit tests to ensure the fix works correctly
fixes: https://github.com/kubernetes/kubernetes/issues/108518
Signed-off-by: Andrew Stoycos <astoycos@redhat.com>
Kubernetes-commit: 6aa779f4ed3d3acdad2f2bf17fb27e11e23aabe4
client-go: refactor retry logic for backoff, rate limiter and metric to be reused by Watch, Stream, and Do
Kubernetes-commit: 52cd4d53ac8ac33cacd3d2c618cf22f1e3fd6a7e
Some of these changes are cosmetic (repeatedly calling klog.V instead of
reusing the result), others address real issues:
- Logging a message only above a certain verbosity threshold without
recording that verbosity level (if klog.V().Enabled() { klog.Info... }):
this matters when using a logging backend which records the verbosity
level.
- Passing a format string with parameters to a logging function that
doesn't do string formatting.
All of these locations where found by the enhanced logcheck tool from
https://github.com/kubernetes/klog/pull/297.
In some cases it reports false positives, but those can be suppressed with
source code comments.
Kubernetes-commit: edffc700a43e610f641907290a5152ca593bad79
ServerResources function was deprecated and instead ServerGroupsAndResources
function is suggested.
This PR removes ServerResources function and move every place to use ServerGroupsAndResources.
Kubernetes-commit: ef39a8914291ba200bd5486c88a7575ffd4b7d1d
Get metrics for the request and response size, so we can correlate latency
and size on a request, otherwise we could get confused because we don't know if the
network is slow or just the request size huge.
Kubernetes-commit: 64d9d0585f6dbc9266f31b6d0f795d6c0421495e
The restclient metrics were updated to track only the host field of the
url, the finalURLTemplate is not longer needed, its only goal was to
replace name and namespace in the path to avoid cardinality.
Kubernetes-commit: bebf5a608f68523fc430a44f6db26b16022dc862
Also runs:
hack/pin-dependency.sh golang.org/x/mod \
v0.6.0-dev.0.20220106191415-9b9b3d81d5e3
Signed-off-by: Stephen Augustus <foo@auggie.dev>
Kubernetes-commit: 4b1bd548bbe4d71609c65b050b69f63af1ca81d1
- Also update test-cmd.sh to pass a signing ca to the kube controller
manager, so CSRs work properly in integration tests.
Signed-off-by: Margo Crawford <margaretc@vmware.com>
Kubernetes-commit: f015fd66ce95d02cd66efc263eb9e5441b42a17d
2021-12-07 15:58:46 -08:00
659 changed files with 95442 additions and 10836 deletions
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/
// Code generated by applyconfiguration-gen. DO NOT EDIT.
packagev1alpha1
// ValidatingAdmissionPolicyBindingSpecApplyConfiguration represents an declarative configuration of the ValidatingAdmissionPolicyBindingSpec type for use
// ValidatingAdmissionPolicyBindingSpecApplyConfiguration constructs an declarative configuration of the ValidatingAdmissionPolicyBindingSpec type for use with
// RollingUpdateStatefulSetStrategyApplyConfiguration constructs an declarative configuration of the RollingUpdateStatefulSetStrategy type for use with
// RollingUpdateStatefulSetStrategyApplyConfiguration constructs an declarative configuration of the RollingUpdateStatefulSetStrategy type for use with
// RollingUpdateStatefulSetStrategyApplyConfiguration constructs an declarative configuration of the RollingUpdateStatefulSetStrategy type for use with
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/
// Code generated by applyconfiguration-gen. DO NOT EDIT.
packagev1
import(
v1"k8s.io/api/batch/v1"
)
// PodFailurePolicyOnExitCodesRequirementApplyConfiguration represents an declarative configuration of the PodFailurePolicyOnExitCodesRequirement type for use
// PodFailurePolicyOnExitCodesRequirementApplyConfiguration constructs an declarative configuration of the PodFailurePolicyOnExitCodesRequirement type for use with
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/
// Code generated by applyconfiguration-gen. DO NOT EDIT.
packagev1
import(
v1"k8s.io/api/core/v1"
)
// PodFailurePolicyOnPodConditionsPatternApplyConfiguration represents an declarative configuration of the PodFailurePolicyOnPodConditionsPattern type for use
// PodFailurePolicyOnPodConditionsPatternApplyConfiguration constructs an declarative configuration of the PodFailurePolicyOnPodConditionsPattern type for use with
Some files were not shown because too many files have changed in this diff
Show More
Reference in New Issue
Block a user
Blocking a user prevents them from interacting with repositories, such as opening or commenting on pull requests or issues. Learn more about blocking a user.
