Automated cherry pick of #133573: fix: Update unit test to catch actual nil Labels case and fix functionality to handle nil Labels
Kubernetes-commit: a147a2c8da02ff628e560c32202de5951f296662
* client-go: Replace depracted ErrWaitTimeout with recommended method
* Fix UT and Integration tests
* IT test
Kubernetes-commit: ffe306d67958297202e9492ea644b42c0e7e694d
* Add FileKeyRef field and struct to the Pod API
* Add the implementation code in the kubelet.
* Add validation code
* Add basic functionality e2e tests
* add codes for drop disabled pod fields
* update go.mod
Kubernetes-commit: 6f3b6b91f08585727784620285f990782901572f
This TestMain() is equivalent to not having any TestMain() at all.
This is the only such instance in whole repo.
Kubernetes-commit: 7e5aafcb164db5135a4d18ee4661c8813f2cc908
Calling os.Exit() skipped the
`defer os.RemoveAll(tmp)`
above and thus dangling files & dirs would appear in their $TMPDIR.
Since go1.15 we can safely remove os.Exit() from TestMain() function.
As this exact issue was common enough so that go1.15 changed[1] the API of
TestMain to no longer require os.Exit to be called.
Reproducer:
$ (cd staging/src/k8s.io/client-go; go test ./tools/clientcmd)
$ ls -d /tmp/testkubeconfig*
/tmp/testkubeconfig1015943687
[1]: https://go-review.googlesource.com/c/go/+/219639
Kubernetes-commit: 457df1cf9817e29381609fbf2d85854a6b6a52ac
Prevent the failure of releasing the lock by updating the resource version in case of the resource conflict
Kubernetes-commit: 793191529651ab5c9e49914f19e9bdf85d412218
[client-go #1415] Use transformer from provided store within internal stores in reflector to limit memory usage bursts
Kubernetes-commit: 3f0a1c6c7f02f33649e58996408b1501fce3c0ee
Prior to this patch, this fails because the skipnonappliedfieldmanager
uses the `objectcreater` (aka `*runtime.Scheme`) to create a new object
for which it never sets the GVK. In the case of
`*unstructured.Unstructured`, the GVK can not be derived from the object
itself so the operation would subsequently fail [here][0] with an
```
Object 'Kind' is missing in 'unstructured object has no kind'
```
error. Fix this by explicitly setting the GVK in case of unstructured.
[0]: 02eb7d424a/staging/src/k8s.io/apimachinery/pkg/util/managedfields/internal/structuredmerge.go (L98)
Kubernetes-commit: dbdd6a3b4358d91a064de9c0f01d3050e606d553
The v1alpha3 version is still needed for DeviceTaintRule, but the rest of the
types and most structs became obsolete in v1.32 when we introduced v1beta1 and
bumped the storage version to v1beta1.
Removing them now simplifies adding new features because new fields don't need
to be added to these obsolete types. This could have been done already in 1.33,
but wasn't to minimize disrupting on-going work.
Kubernetes-commit: 10de6780cf6b24d5115e508606334b81d6634ba6
This raises awareness so that developers hopefully get it right without having to
learn about it from compile errors. It also explains that creating a PR to
fix the naming is not desired.
Kubernetes-commit: f40892f4813f29fc305d59073d2464a1fd7d6fe5
This removes a dependency from generated applyconfigurations to a testing
package. To do this, the type converter in the testing package has been
moved out to the apimachinery package and the utilities the converter
depend on have been reorganized.
Kubernetes-commit: 4821604f83a6f4764497879b666087ba7cb05060
Normal execution always started to trigger this after adding more logging in
the E2E framework's exec_util.go:
I0506 21:23:56.781188 6341 exec_util.go:201] unexpected error trying to use websockets for pod exec: <nil>
That the "should fall back" implementation gets called when there is no error
and thus no reason to even consider falling back is odd. Now the execute
implementation checks for nil first.
This is the same approach taken also in the portforward code:
b35c5c0a30/staging/src/k8s.io/client-go/tools/portforward/fallback_dialer.go (L52)
Kubernetes-commit: 35870c480d64a8ae35c0e5839cc40b0115b7328a
Promoted feature-gate `VolumeAttributesClass` to GA (on by default)
Signed-off-by: carlory <baofa.fan@daocloud.io>
Kubernetes-commit: 94bf8fc8a9d1d6c989eddad07996be0ca4dd3448
- Add a new VeryShortWatchError struct for error matching, returned
by `handleAnyWatch`, up through `Reflector.ListAndWatch`.
- Update test expectations to match exact errors.
Kubernetes-commit: 6eff9db0f10db72f2c64390e106a80621d136439
Change:
- refactor Reflector.ListAndWatch and Reflector.watch to always call
watcher.Stop.
- refactor Reflector.handleAnyWatch to always call watcher.Stop,
EXCEPT when exitOnWatchListBookmarkReceived &&
watchListBookmarkReceived.
- Update unit tests with these new expectations.
Effect:
- ensures watcher.Stop is always called at least once
- avoids deadlocks in watcher implementations when watcher.Watch is
called, but watcher.Stop is never called.
Note: It's impossible to guarantee that Stop will only be called once.
So watch.Interface implementations must tollerate Stop being called
multiple times.
Kubernetes-commit: 3e609ecf6e945bf4562bddfc563fde9a4c3d0d90
API approvers review new fields and need permissions to approve the
files generated from those new fields
Kubernetes-commit: 691398c8563f12db07505df7c05211e93145689a
In controller-runtime it is generally not expected to do any sort of
scheme registration if unstructured.Unstructured is used. To make this
work in the fakeclient, the fakeclient will register unstructured to
scheme if the scheme doesn't recognize the GVK.
This currently doesn't work with the `ManagedFieldsObjectTracker` as it
never reloads the scheme. This change makes it reload the scheme in an
inefficient but simple manner, which should be good enough for unit
tests.
Kubernetes-commit: 1cd71cbb14ecfd0ec6c5e8a57db6be00ecb8a4d1
Update to latest cadvisor @ v0.52.1 and new opencontainer/cgroups and drops opencontainers/runc
Kubernetes-commit: 0eaee48ecb8669dc65bfdf9a3583326ab88fc39d
[FG:PodObservedGenerationTracking] Kubelet sets pod `status.observedGeneration` when updating the pod status
Kubernetes-commit: 2effa5e3cf92af7dbcff87822b3293354823f567
This fixes variable passed as error reason upon websocker message read failure.
Previously a wrong variable was passed resulting in returning failure with nil error reason.
Kubernetes-commit: e1d3aaf8612c490fae965272a304d74fccf7e294
The event Object is created from the referenced Object name, however,
there is no guarantee that the name from the referenced Object will be a
valid Event Name.
For those Objects with name not valid for an Event, generate a new valid
name using an UUID.
Kubernetes-commit: ee36b817df06f84ce1a48ef4d65ed559c3775404
Consumers of the kubernetes golang API and clients must use
k8s.io/api,apimachinery,client-go. This is also require to download all
the necessary dependencies.
The apimachinery code contains a testing util for proxies that is used
in client-go and in the kubectl e2e. Since the tests on e2e require
ginkgo and we want to ensure this testing library is not used in
production, we cast the interface to match one of those libraries, but
the problem is that this forces consumers of apimachinery to also
download the ginkgo library.
Since NewHTTPProxyHandler receives a testing.TB interface, there is no
need to cast the interface, if someone wants to use it by implementing a
testing interface it is already aware of the risks.
Kubernetes-commit: af3b9e613d3b76b826369153760a069aabb4cf7f
The ability to automatically stop on context cancellation was new functionality
that adds complexity and wasn't really used in Kubernetes. If someone wants
this, they can add it outside of the function.
A *WithLogger variant avoids the complexity and is consistent with
NewStreamWatcherWithLogger over in apimachinery.
Kubernetes-commit: 1a8d8c9b4a33daf9330434e1ad544ef3571722a3
cache.ErrRequeue advertised itself as a way to requeue failures on a
FIFO, but it suffers the same problems as AddIfNotPresent. If we do
requeue an item at the end, we'll move the informer back in time. If we
requeue at the beginning we'll simply wedge FIFO.
We didn't find examples in the wild, but by removing the error type
those impacted will get a compile error and get to decide what action is
most appropriate for their failure. Most of the time, proceeding to the
next item is best.
Kubernetes-commit: 238c32a1d9b2c72d648193fa8642a53a2884975f
Logically a cache.Queue.AddIfNotPresent means that the informer can move
back in time since an older item is placed after newer items. The
alternative of placing errors at the head of the queue leads to
indefinite memory growth and repeated failures on retry.
Luckily this behavior was behind RetryOnError, which was always set to
false and impossible for normal users to set to true. By removing the
function and setting, impacted users (none found in a github search)
will get a compile failure.
Kubernetes-commit: 8e77ac000131019d5aa49c19aa1f477f6dac4d59
NewTypedDelayingQueueWithConfig spawns a goroutine, but apparently shutdown is
already handled somehow. Therefore only the option to set a logger gets added
to the Config struct.
The problem then becomes that developers might forget to set that
logger. logcheck can't detect that. For now, all in-tree users get updated
immediately.
Kubernetes-commit: f20eb2e7c16a9b28e69fd0bba2000e7166d68f29
mark_new_version.sh (actually mark-new-version.sh) has been removed. And we are
not creating vX.Y tags. We are using ldflags -X now.
Kubernetes-commit: 0f0f9d01c0db8906989616ccc1ef04175035ddf9
For compatibility reasons, the old functions without the ctx parameter still
get generated, now with context.Background instead of context.TODO. In practice
that code won't be used by the client-go reflector code because it prefers
the *WithContext functions, but it cannot be ruled out that some other code
only supports the old fields.
Kubernetes-commit: 8cc74e8a266e1042be1c60adfa3091852036f48a
The Lister and Watcher interfaces only supported methods without context, but
were typically implemented with client-go API calls which need a context. New
interfaces get added using the same approach as in
https://github.com/kubernetes/kubernetes/pull/129109.
Kubernetes-commit: 6688adae142e37114d9dfa8d94cd1d8a91fbcc13
For NewManager, the Config struct gets changed (not extended!) so that the
caller can provide a logger instead of just a logging function. Breaking the
API was chosen because it avoids having to maintain two different log calls in
various places (one for printf-style logging, one for structured logging).
RequestCertificateWithContext is an extension. It enables getting rid of
context.TODO calls.
NewFileStoreWithLogger also is an extension.
Kubernetes-commit: f9051901cee8d8ff4aed3db27ff495a706f1a487
The revised logging emits one log entry at the start of
round-tripping ("Request") and another at the end ("Response"). This avoids the
risk that related output gets interleaved by other output.
No API changes are necessary. A contextual logger is picked up from the context
of the request that is being handled. The verbosity level of that logger is
checked to determine what is supposed to be logged. This enables reducing log
details on a by-request basis by storing a `logger.V(1)` in the context of the
request.
As before, logging only gets injected into request processing at -v6 or higher,
so normally there is no additional overhead.
Kubernetes-commit: a85f489b28d3b0ef82dffb267b6145c73c2d0e33
* `client-go`: transform `watchErrorStream` to wrap the underlying error
This PR transforms the `client-go`'s `watchErrorStream` to wrap the error instead of transforming it into a single string. This enables clients to use `errors.Is/As/Unwrap` with the errors that come out of `StreamWithContext`
Fixes https://github.com/kubernetes/kubernetes/issues/129763
* adjust unit tests
Kubernetes-commit: 067012f5844b7390e7279f575342ae0536f80520
Storing a context and making sure that it never gets canceled also has
overhead. We might as well just do the klog.FromContext when constructing
the Result and store the logger for later use.
Kubernetes-commit: b7386467c8df686e935c477eac26049a80de789b
The BackoffManager interface sleeps without considering the caller's context,
i.e. cancellation is not supported. This alone is reason enough to deprecate it
and to replace it with an interface that supports a context parameter.
The other reason is that contextual logging needs that parameter.
Kubernetes-commit: b15a1943d51adfb8c5e0185d58d25e038c3d6ade
The default handler now uses contextual logging. Instead of
warnings.go:106] warning 1
it now logs the caller of client-go and uses structured, contextual
logging
main.go:100] "Warning" message="warning 1"
Users of client-go have the choice whether the handler that they provide uses
the traditional API (no API break!) or contextual logging.
Kubernetes-commit: 48fb886325fce4b16e4067caadb7bcd3044d460f
The last dependency pulling in the tips of go-difflib and go-spew has
reverted to the last release of both projects, so k/k can revert to
the releases too. As can be seen from the contents of vendor, this
doesn't result in any actual change in the code.
Signed-off-by: Stephen Kitt <skitt@redhat.com>
Kubernetes-commit: 3986472b3c7202716f92e586ccfaa4b4fe573dc5
The test relied on a 100ms sleep to ensure that controller was done. If that
race was lost, one goroutine was intentionally prevented from completing by
locking a mutex permanently. A TODO was left about detecting that.
Adding goroutine leak checking in
https://github.com/kubernetes/kubernetes/pull/126387 revealed that this race
indeed sometimes is lost because the goroutine
leaked (https://github.com/kubernetes/kubernetes/issues/129400).
Waiting for controller shutdown instead of relying on timing should fix this.
Kubernetes-commit: 8e1403563a60f3b7a258e3bbb64b5c3a7f6548fb
The methods NewFakeClock were using a testing dependency as a parameter,
to avoid breaking compatibility and to remove this dependency, just use
the clock.Clock interface.
If we have to do it again most probable we have chosen other pattern and
for sure other names, but now is too late.
Kubernetes-commit: 5c283cbb453acac9869b49020f6f999796360729
Only the v1 API should be in use. The v1beta1 API therefore doesn't get updated
and doesn't need the context.TODO anymore.
Kubernetes-commit: f1834f06f4f7de8c6a5a70138cf08f8ca804f5c2
The "// import <path>" comment has been superseded by Go modules.
We don't have to remove them, but doing so has some advantages:
- They are used inconsistently, which is confusing.
- We can then also remove the (currently broken) hack/update-vanity-imports.sh.
- Last but not least, it would be a first step towards avoiding the k8s.io domain.
This commit was generated with
sed -i -e 's;^package \(.*\) // import.*;package \1;' $(git grep -l '^package.*// import' | grep -v 'vendor/')
Everything was included, except for
package labels // import k8s.io/kubernetes/pkg/util/labels
because that package is marked as "read-only".
Kubernetes-commit: 8a908e0c0bd96a3455edf7e3b5f5af90564e65b0
Given the ongoing work on generifying client-go, it might make sense
for me to be a reviewer (at least to keep better track of changes
being made before they go in).
Signed-off-by: Stephen Kitt <skitt@redhat.com>
Kubernetes-commit: 3d069b2a8a6a635434331f96b79e44bc7c98f29c
"Real" clients use objectWithMeta to enforce support for meta.Object;
strictly speaking, fakes don't need this, but it's best to align them
with the real clients to ensure that fakes don't end up allowing types
that can't be used with the real clients.
Signed-off-by: Stephen Kitt <skitt@redhat.com>
Kubernetes-commit: 736e5560ba6b21247c21f8ed12007e1d6d5fec1a
This adds a generic implementation of a fake clientset, and uses it to
replace the template code in generated fake clientsets for the default
methods. The templates are preserved as-is (or as close as they can
be) for use in extensions, whether for resources or subresources.
Fake clientsets with no extensions are reduced to their main getter,
their specific struct, and their constructor. All method
implementations are provided by the generic implementation. The
dedicated struct is preserved to allow extensions and expansions to be
defined where necessary.
Instead of handling the variants (with/without list, apply) with a
complex sequence of if statements, build up an index into an array
containing the various declarations.
Similarly, instead of calling different action constructors for
namespaced and non-namespaced clientsets, assume the current behaviour
of non-namespaced action creation (equivalent to creating a namespaced
action with an empty namespace) and document that assumption in the
action implementation.
Signed-off-by: Stephen Kitt <skitt@redhat.com>
Kubernetes-commit: b0ce65df9b74d4dc72050840d5ad067596d7b822
KEP-4603: Maintain current 10 minute recovery threshold for container backoff regardless of changes to the maximum duration
Kubernetes-commit: ab30adcbae57fc498cb876979e232b422468af9a
With the ClientsAllowCBOR client-go feature gate enabled, a 415 response to a CBOR-encoded REST
causes all subsequent requests from the client to fall back to a JSON request encoding. This
mechanism had only worked as intended when CBOR was explicitly configured in the
ClientContentConfig. When both ClientsAllowCBOR and ClientsPreferCBOR are enabled, an
unconfigured (empty) content type defaults to CBOR instead of JSON. Both ways of configuring a
client to use the CBOR request encoding are now subject to the same fallback mechanism.
Kubernetes-commit: a77f4c7ba2e761461daaf115a38903fc91916dd6
Integration testing has to this point relied on patching serving codecs for built-in APIs. The
test-only patching is removed and replaced by feature gated checks at runtime.
Kubernetes-commit: 439d2f7b4028638b3d8d9261bb046c3ba8d9bfcb
The media type application/cbor describes exactly one encoded item. As a new (to Kubernetes) format
with no existing clients, streaming/watch responses will use the application/cbor-seq media
type. CBOR watch responses conform to the specification of CBOR Sequences and are encoded as the
concatenation of zero or more items with no additional framing.
Kubernetes-commit: 504f14998e920ca8837b3310094b3da11c62a070
This commit introduces:
1. Cleanups in port-forwarding error handling code, which ensures that
we only compare lowercased text always.
2. E2E verifying that when a pod is removed a port-forward is stopped.
Signed-off-by: Maciej Szulik <soltysh@gmail.com>
Kubernetes-commit: 0b1617ccefbc6ea61c0e7c2b0b4052703f11c51c
This enables a future extension where capacity of a single device gets consumed
by different claims. The semantic without any additional fields is the same as
before: a capacity cannot be split up and is only an attribute of a device.
Because its semantically the same as before, two-way conversion to v1alpha3 is
possible.
Kubernetes-commit: 81fd64256c9cfca47385997e06a694bf98bfb799
For alpha, there is one apiserver feature gate and two client-go feature gates controlling
CBOR. They were initially wired to separate test-only feature gate instances in order to prevent
them from being configurable at runtime via command-line flags or environment variables (for
client-go feature gates outside of Kubernetes components). All of the integration tests required by
the KEP as alpha criteria have been implemented. This adds the feature gates to the usual feature
gate instances and removes the temporary code to support separate test-only feature gate instances.
Kubernetes-commit: 072dfcb416fd4e1ddab0a89ac4faf519e268bc96
chore(leader-election): modify leader-election comment to OnStoppedLeading callback is always called when the LeaderElector exits, even if it did not start leading.
Kubernetes-commit: 1a7326902fa07b85e07de458dd2d4d4d99057d87
Using the "normal" logic for a feature gated field simplifies the
implementation of the feature gate.
There is one (entirely theoretic!) problem with updating from 1.31: if a claim
was allocated in 1.31 with admin access, the status field was not set because
it didn't exist yet. If a driver now follows the current definition of "unset =
off", then it will not grant admin access even though it should. This is
theoretic because drivers are starting to support admin access with 1.32, so
there shouldn't be any claim where this problem could occur.
Kubernetes-commit: 4419568259590c35f1dab69aabec3d740944a51d
If a client is configured to encode request bodies to CBOR, but the server does not support CBOR,
the server will respond with HTTP 415 (Unsupported Media Type). By feeding this response back to the
RESTClient, subsequent requests can fall back to JSON, which is assumed to be acceptable.
Kubernetes-commit: 1745dfdd154b1a838765e70b81c861c644bfcffe
Drivers need to know that because admin access may also grant additional
permissions. The allocator needs to ignore such results when determining which
devices are considered as allocated.
In both cases it is conceptually cleaner to not rely on the content of the
ClaimSpec.
Kubernetes-commit: f3fef01e79a75ebc4c327afb7d05d6fd350e08fa
As with the apiserver feature gate for CBOR as a serving and storage encoding, the client feature
gates for CBOR are being initially added through a test-only feature gate instance that is not wired
to environment variables or to command-line flags and is intended only to be enabled
programmatically from integration tests. The test-only instance will be removed as part of alpha
graduation and replaced by conventional client feature gating.
Kubernetes-commit: ea13190d8bd3a4bb3e82055b529aa7599ae5c6e1
This removes the DRAControlPlaneController feature gate, the fields controlled
by it (claim.spec.controller, claim.status.deallocationRequested,
claim.status.allocation.controller, class.spec.suitableNodes), the
PodSchedulingContext type, and all code related to the feature.
The feature gets removed because there is no path towards beta and GA and DRA
with "structured parameters" should be able to replace it.
Kubernetes-commit: f84eb5ecf894fa0fc4e0d05da52ef51d4cd723d9
The context is used for cancellation and to support contextual logging.
In most cases, alternative *WithContext APIs get added, except for
NewIntegerResourceVersionMutationCache where code searches indicate that the
API is not used downstream.
An API break around SharedInformer couldn't be avoided because the
alternative (keeping the interface unchanged and adding a second one with
the new method) would have been worse. controller-runtime needs to be updated
because it implements that interface in a test package. Downstream consumers of
controller-runtime will work unless they use those test package.
Converting Kubernetes to use the other new alternatives will follow. In the
meantime, usage of the new alternatives cannot be enforced via logcheck
yet (see https://github.com/kubernetes/kubernetes/issues/126379 for the
process).
Passing context through and checking it for cancellation is tricky for event
handlers. A better approach is to map the context cancellation to the normal
removal of an event handler via a helper goroutine. Thanks to the new
HandleErrorWithLogr and HandleCrashWithLogr, remembering the logger is
sufficient for handling problems at runtime.
Kubernetes-commit: 4638ba971661497b147906b8977ae206c9dd6e44
Several tests leaked goroutines. All of those get fixed where possible
without API changes. Goleak is used to prevent regressions.
One new test specifically covers shutdown of an informer and its event
handlers.
Kubernetes-commit: 0ba43734b4c8998b4aaeb1fa2bec8dee609fa50a
With this change, we can typically avoid an extra heap allocation when
calling AddAfter with a positive duration (which causes the creation of
a waitFor object). This is because workqueues are typically used with
string keys, and casting a string (or more generally, non-pointer types)
to an `interface{}` will cause an heap escape / allocation.
Ater this change, there is no longer any usage of `type t interface{}`,
which was creating some confusion after the switch to generics in the
workqueue package.
Co-authored-by: Quan Tian <quan.tian@broadcom.com>
Signed-off-by: Antonin Bas <antonin.bas@broadcom.com>
Kubernetes-commit: 53ddffb55709857fec6bddbd5ca4ca1b03f7da97
I frequently find myself in the situation of not remembering which of
QPS/Burst I have to set. This change adds a small go doc to clarify
that.
Kubernetes-commit: cd1645ff2c195fbb353cfabcbc36e3c3b883c3c5
The workqueue implementation was recently updated to be strongly typed,
using Go generics. However the metrics implementation was not updated,
and continued using interface{}. This translated to unnecessary memory
allocations when invoking the queueMetrics interface methods to track
queue operation. We can avoid these extra heap allocations by using
generics for the metrics implementation as well.
Signed-off-by: Antonin Bas <antonin.bas@broadcom.com>
Kubernetes-commit: 1aec7568e111f5855121e3afacacf431e5f95948
The azure and gcp plugins no longer do anything other than point to
the corresponding external credential plugins. Client code should no
longer try to load them, so they should be removed from the examples.
Signed-off-by: Stephen Kitt <skitt@redhat.com>
Kubernetes-commit: 4531c6de760ec42941d9f509103f1b29c88bfae0
It was added for compatibility reason but ended up getting a `config`
argument by accident, resulting in not actually being compatible, this
change fixes that.
Kubernetes-commit: 6933c1bc229c196e9c71061e19a0cdc76adb1dbc
The goal is to increase confidence that a change to the dynamic client does not unintentionally
introduce subtle changes to objects returned by dynamic clients in existing programs.
Kubernetes-commit: c8b1037a58ab6ddc3a8b237938eca2f6336abb73
Logging in rest.Request.Body cannot be made context-aware without an API
change. Such a change is complicated if done in a backwards-compatible
fashion (must change lots of callers in Kubernetes) and prohibitive if not (all
callers of Body would have to pass a context).
Instead, logging of the request body gets moved into the functions which send
the request. This is a change of behavior, but it is limited to log levels >= 8
and thus should have no impact in production.
A request which gets sent multiple times will also log the body multiple
times. This might even be a good thing because it serves as reminder what is
being sent when it is being sent.
While at it, stack backtracing gets enhanced so that the caller of the REST API
is logged and tests for the new behavior get added.
Kubernetes-commit: 57f9b7c7a2412865e7817dbf7638881b00ac9721
I am moving myself to emeritus as I am now firmly on the end-user side
of things.
Signed-off-by: Andy Goldstein <andy.goldstein@gmail.com>
Kubernetes-commit: 3ab816dcabf37acda33c665ab5aa85f1f6163bc1
These are long gone, removed in 2016:
* AuthPath removal: https://github.com/kubernetes/kubernetes/pull/29216
* Flag removal: https://github.com/kubernetes/kubernetes/pull/40048
This removes the remnants from clientcmd, mostly in the comments
describing how the configuration is loaded.
Since getServerIdentificationPartialConfig can no longer fail (it
copies fields from one struct to another), this drops the error
return, along with the error handling in the caller.
Signed-off-by: Stephen Kitt <skitt@redhat.com>
Kubernetes-commit: 8a8238ba7f850241de9c5cc4b22fa1a6b6a19480
This change renames NewTypedDelayingQueue to NewTypedDelayingQueue to
stay consistent with the naming scheme in the package. A
NewTypedDelayingQueue constructor is kept for backwards compatibility
but marked as deprecated.
Kubernetes-commit: 45da5dc30ecf0ba4c4b44befd96b8617278c496b
This commit refactors the `renew` function in the leader election package to replace
the deprecated `wait.PollImmediateUntil` with `wait.PollUntilContextTimeout`.
This change simplifies the context handling by removing the need for an additional
timeout context and its cancellation.
The previous implementation created a timeout context for each retry period,
which added unnecessary complexity. The new implementation directly passes the parent
context to the retry function, ensuring that the timeout is handled within `PollUntilContextTimeout`.
This change also ensures that the context passed to `tryAcquireOrRenew` and
`tryCoordinatedRenew` is consistent, improving the readability and maintainability of the code.
Kubernetes-commit: 3d2f498aa31cb2e90bcfc372b7930aed0604fbef
I was workinng on updating a dependency, and noticed that running
hack/update-vendor.sh resulted in a diff. Comitting the result
as a PR.
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
Kubernetes-commit: aeb607443dd9b8ee378ee10209e9b446256f3ee2
The Error method of the error returned from Request.Watch was "unknown"
even the server returned clear message in the Status struct. It was
because Request.Watch used the Result's err member directly, which is an
unstructured error from the response which the Result object may use if
the caller did not return a structured error.
The patch fixes it by calling the Result's Error method instead, which
returns the structured error when it's present.
It also removes the wrong expectation about events.
Kubernetes-commit: 596c5696c64023808af164284263647d795b0ac2
This makes the Stop method idempotent so that if Stop is called multiple
times, it does not cause a panic due to closing a closed channel.
Signed-off-by: mprahl <mprahl@users.noreply.github.com>
Kubernetes-commit: a54ba917be42c941edf1a0359dced04e1a5e1d6f
When the client does not have permission to watch a resource, the
RetryWatcher continuously retried. In this case, it's better to send an
error and stop retrying to let the caller handle this case since this is
not a transient error that can be recovered without user intervention.
This is particularly helpful in applications that leverage a user
provided service account and the application needs to notify the user to
set the correct permissions for the service account.
This also accounts for invalid credentials from the watch client.
Signed-off-by: mprahl <mprahl@users.noreply.github.com>
Kubernetes-commit: db2218d16e3fb2a30b21ffa0f307beb515d8394b
This is a complete revamp of the original API. Some of the key
differences:
- refocused on structured parameters and allocating devices
- support for constraints across devices
- support for allocating "all" or a fixed amount
of similar devices in a single request
- no class for ResourceClaims, instead individual
device requests are associated with a mandatory
DeviceClass
For the sake of simplicity, optional basic types (ints, strings) where the null
value is the default are represented as values in the API types. This makes Go
code simpler because it doesn't have to check for nil (consumers) and values
can be set directly (producers). The effect is that in protobuf, these fields
always get encoded because `opt` only has an effect for pointers.
The roundtrip test data for v1.29.0 and v1.30.0 changes because of the new
"request" field. This is considered acceptable because the entire `claims`
field in the pod spec is still alpha.
The implementation is complete enough to bring up the apiserver.
Adapting other components follows.
Kubernetes-commit: 91d7882e867da25ae8014f679db32b20e35e89b4
Now all claims are shareable up to the limit imposed by the size of the
"reserverFor" array.
This is one of the agreed simplifications for 1.31.
Kubernetes-commit: 8a629b9f150c1042e2918043e6012a4f22742b19
As agreed in https://github.com/kubernetes/enhancements/pull/4709, immediate
allocation is one of those features which can be removed because it makes no
sense for structured parameters and the justification for classic DRA is weak.
Kubernetes-commit: de5742ae83c8d77268a7caf5f3b1f418c4a13a84
This is in preparation for revamping the resource.k8s.io completely. Because
there will be no support for transitioning from v1alpha2 to v1alpha3, the
roundtrip test data for that API in 1.29 and 1.30 gets removed.
Repeating the version in the import name of the API packages is not really
required. It was done for a while to support simpler grepping for usage of
alpha APIs, but there are better ways for that now. So during this transition,
"resourceapi" gets used instead of "resourcev1alpha3" and the version gets
dropped from informer and lister imports. The advantage is that the next bump
to v1beta1 will affect fewer source code lines.
Only source code where the version really matters (like API registration)
retains the versioned import.
Kubernetes-commit: b51d68bb87ba4fa47eb760f8a5e0baf9cf7f5b53
This allows different actors to force ownership of it without having to
explicitly unset the other field.
Kubernetes-commit: 7313990f61881c676c1f5d68365144a1d77cced3
Adding the required Kubernetes API so that the kubelet can start using
it. This patch also adds the corresponding alpha feature gate as
outlined in KEP 4639.
Signed-off-by: Sascha Grunert <sgrunert@redhat.com>
Kubernetes-commit: f7ca3131e0922563a561134b4ed9eed8d2bdd2c4
KEP-3619: don't capitalize comment in K8S API
KEP-3619: fix typos and grammatical ones in K8s API
KEP-3619: rephrase NodeFeatures, NodeHandlerFeatures in K8s API
Kubernetes-commit: 5d75660dc11ff443ebab2551aed8e56a54cc218d
This update dropped the otelgrpc → cloud.google.com/go/compute dependency,
among others. This dropped out because genproto cleaned up it's dependencies
on google cloud libraries, and otel updated - details in #113366.
Signed-off-by: Davanum Srinivas <davanum@gmail.com>
Co-Authored-By: David Ashpole <dashpole@google.com>
Kubernetes-commit: ff7942be83ed0c0aaa8c258e8e2b9965d383935c
This makes the API nicer:
resourceClaims:
- name: with-template
resourceClaimTemplateName: test-inline-claim-template
- name: with-claim
resourceClaimName: test-shared-claim
Previously, this was:
resourceClaims:
- name: with-template
source:
resourceClaimTemplateName: test-inline-claim-template
- name: with-claim
source:
resourceClaimName: test-shared-claim
A more long-term benefit is that other, future alternatives
might not make sense under the "source" umbrella.
This is a breaking change. It's justified because DRA is still
alpha and will have several other API breaks in 1.31.
Kubernetes-commit: bde9b64cdfbbbb185593c20fea84cdced631ffd6
This adds a generic implementation of a clientset, and uses it to
replace the template code in generated clientsets for the default
methods. The templates are preserved as-is (or as close as they can
be) for use in extensions, whether for resources or subresources.
Clientsets with no extensions are reduced to their main getter, their
interface, their specific struct, and their constructor. All method
implementations are provided by the generic implementation. The
dedicated interface is preserved so that each clientset can have its
own set of methods, and the dedicated struct is preserved to allow
extensions and expansions to be defined where necessary.
Instead of handling the variants (with/without namespace, list, apply)
with a complex sequence of if statements, build up an index into an
array containing the various declarations.
The namespaced/non-namespaced distinction matters in the code
templates, but not in the methods themselves, so drop all the
non-namespaced variants and pass in "" explicitly.
Signed-off-by: Stephen Kitt <skitt@redhat.com>
Kubernetes-commit: 3734f5bf9b6ce1e9cf2385f4e4453b32d8f35ab1
- Extract watchWithResync to simplify ListAndWatch
- Wrap watchHandler with two variants, one for WatchList and one for
just Watch.
- Replace a bool pointer arg with a bool arg and bool return, to
improve readability.
- Use errors.Is to satisfy the linter
- Use %w to wrap the store.Replace error, to allow unwrapping.
Kubernetes-commit: 65fc1bb463c85a4c85e619bf7acac9503e23a253
The watch.Interface design is hard to change, because it would break
most client-go users that perform watches. So instead of changing the
interface to be more user friendly, this change updates the method
comments to explain the different responsibilities of the consumer
(client user) and the producer (interface implementer).
Kubernetes-commit: 1f35231a1d4f7b8586a7ec589c799729eeb4f7c4
This library release makes a number of behaviors configurable in ways that are required for CBOR
support in Kubernetes.
Kubernetes-commit: c4279660cad039bc15495311cf7863640b6308f9
client-go/consistencydetector: refactor TestCheckListFromCacheDataConsistencyIfRequestedInternalHappyPath to work with unstructured data
Kubernetes-commit: 51f89c3b2d114fea99d3a0e8401c639f39e27877
client-go/consistencydetector: refactor TestDataConsistencyChecker to work with unstructured data
Kubernetes-commit: 96815d6dc8de717579484ffef88f74063dfd40ca
- Switch to using the ProxyWatcher to validate the dance between
closing the stop channel and closing the result channel.
- Use the new clientfeaturestesting.SetFeatureDuringTest to test with
the WatchListClient enabled and disabled. These should result in
almost the exact same output events from the informer
(list ordering not garenteed), but with different input events
recieved from the apiserver.
Kubernetes-commit: 28e3a728e5e6fe651d7a17839d33ce42204c0b4e
- Add tests to confirm that Stop is always called.
- Add TODOs to show were Stop is not currently being called
(to fix in a future PR)
Kubernetes-commit: ab5aa4762fd5206d0dbd8412d7c6f3b76533a122
* Add `Linux{Sandbox,Container}SecurityContext.SupplementalGroupsPolicy` and `ContainerStatus.user` in cri-api
* Add `PodSecurityContext.SupplementalGroupsPolicy`, `ContainerStatus.User` and its featuregate
* Implement DropDisabledPodFields for PodSecurityContext.SupplementalGroupsPolicy and ContainerStatus.User fields
* Implement kubelet so to wire between SecurityContext.SupplementalGroupsPolicy/ContainerStatus.User and cri-api in kubelet
* Clarify `SupplementalGroupsPolicy` is an OS depdendent field.
* Make `ContainerStatus.User` is initially attached user identity to the first process in the ContainerStatus
It is because, the process identity can be dynamic if the initially attached identity
has enough privilege calling setuid/setgid/setgroups syscalls in Linux.
* Rewording suggestion applied
* Add TODO comment for updating SupplementalGroupsPolicy default value in v1.34
* Added validations for SupplementalGroupsPolicy and ContainerUser
* No need featuregate check in validation when adding new field with no default value
* fix typo: identitiy -> identity
Kubernetes-commit: 552fd7e85084b4cbd3ae8e81ff13433e28dc8327
The previous attempt to fix this in
6aa779f4ed (diff-efa2cd1347df22ace5a516ea794152d00ef2a079db135c81787ed920ecb73658)
didn't address the root cause (or perhaps created it, not sure): the goroutine
must not be started if watch creation failed.
Instead, the error gets logged (as before) and an empty watch gets returned to
the caller (new). This is necessary because the function doesn't have an error
return value and changing that now would be disruptive. The empty watch is
valid and usable, so callers won't crash when they calls Stop.
This showed up recently in failed unit tests, probably because test
cancellation makes this error more likely:
"Unable start event watcher (will not retry!)" err="broadcaster already
stopped" logger="TestGarbageCollectorConstruction leaked goroutine"
The logger value and a preceding warning show that this occurs after test
completion.
Kubernetes-commit: 080432c46a7a49c3abf86d7fc5f2a5d7abc92239
client-go/util/consistencydetector: improve validation of list parameters (RV, ListOptions)
Kubernetes-commit: bc8ec4f9aaaeee7de285c0207bd8eb793ecf3307
client-go/consistency-detector: change the signature of checkWatchListConsistencyIfRequested
Kubernetes-commit: f5d62f738a686ddc6221a85374113af80790129e
Ginkgo v2.18.0 allows tweaking the output so that
it's easier to follow while a job runs in
Prow (https://github.com/onsi/ginkgo/issues/1347). Using this in
hack/ginkgo-e2e.sh will follow in a separate commit.
Gomega gets bumped to the latest release to keep it up-to-date.
Ginkgo v1.19.0 adds support for --label-filter with labels that represent
sets (like our Feature:<Foo>).
Kubernetes-commit: 37e2dd6857084a172ef5210caee1fefa8dd8159a
Implementing custom marshaling on several API types for CBOR makes the upstream CBOR library an
indirect dependency of several staging modules.
Kubernetes-commit: d7cccf3e792ad08d9ab2e7aac394f8e6ddcf3466
Constructing a Broadcaster already starts a watch which runs in the
background. Shutdown must be called to avoid leaking the goroutine. Providing
a context was supposed to remove the need to call Shutdown, but that did not
actually work because the logic for "must check for cancellation" was
accidentally inverted.
While at it, structured log output also gets tested together with checking for
goroutine leaks.
Kubernetes-commit: ff779f1cb56cf896405e52f7923188b99b88bb00
the signature of the method was tightly connected to the reflector,
making it difficult to use for anything other than a reflector.
this simple refactor makes the method more generic.
Kubernetes-commit: 83c7542abc8c542c01ecb67376f134b2071c5304
This change makes us use the generic workqueue throughout the project in
order to improve type safety and readability of the code.
Kubernetes-commit: 6d0ac8c561a7ac66c21e4ee7bd1976c2ecedbf32
Hang when canceling leader election information.
Occasionally, two leaders may run simultaneously.
Kubernetes-commit: b6b46a0e00682517d2ca7b7e9c2706b8e407e52e
In particular, document that ListAllByNamespace delegates to ListAll
if no namespace is specified.
Signed-off-by: Stephen Kitt <skitt@redhat.com>
Kubernetes-commit: 54e899317ef46e3b70827cacee244717022db0ad
This change adds a generic version of the various workqueue types while
retaining compatibility for the existing exported symbols and constructors.
The generic variants are prefixed with `Typed` and the existing ones are
marked as deprecated to nudge people to transition without breaking
them.
Kubernetes-commit: 0c7370bb851c15825d30a516722139ccccca0cfc
When renaming NodeResourceSlice to ResourceSlice, the embedded
[Node]ResourceModel also should have been renamed.
Kubernetes-commit: a0add8d2c7578cd9f94fc302d6212f9f7d16175b
The runtime classes are apiserver's concept, while the handlers are kubelet's concept.
For NodeStatus, it makes more sense to return the latter ones here.
This commit modifies the following files:
- pkg/apis/core/types.go
- staging/src/k8s.io/api/core/v1/types.go
- pkg/kubelet/nodestatus/setters.go
- pkg/kubelet/kubelet_node_status.go
- pkg/registry/core/node/strategy.go
- test/e2e_node/mount_rro_linux_test.go
Other changes were auto-generated by running `make update`.
Signed-off-by: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp>
Kubernetes-commit: 1dc05009fe7f4e1d139b0c8394683edb54f8d082
This commit modifies the following files:
- pkg/apis/core/types.go
- staging/src/k8s.io/api/core/v1/types.go
Other changes were auto-generated by running `make update`.
Signed-off-by: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp>
Kubernetes-commit: d940886d0a4ee9aa8a7ca075fee175b002baf883
The default queue implementation is mostly FIFO and it is not
exchangeable unless we implement the whole `workqueue.Interface` which
is less desirable as we have to duplicate a lot of code. There was one
attempt done in [kubernetes/kubernetes#109349][1] which tried to
implement a priority queue. That is really useful and [knative/pkg][2]
implemented something called two-lane-queue. While two lane queue is
great, but isn't perfect since a full slow queue can still slow down
items in fast queue.
This change proposes a swappable queue implementation while not adding
extra maintenance effort in kubernetes community. We are happy to
maintain our own queue implementation (similar to two-lane-queue) in
downstream.
[1]: https://github.com/kubernetes/kubernetes/pull/109349
[2]: https://github.com/knative/pkg/blob/main/controller/two_lane_queue.go
Kubernetes-commit: 87b4279e07349b3c68f16f69a349a02bddd12f25
The canonical import for json-patch v4 is
gopkg.in/evanphx/json-patch.v4 (see
https://github.com/evanphx/json-patch/blob/master/README.md#get-it for
reference).
Using the v4-specific path should also reduce the risk of unwanted v5
upgrade attempts, because they won't be offered as automated upgrades
by dependency upgrade management tools, and they won't happen through
indirect dependencies (see
https://github.com/kubernetes/kubernetes/pull/120327 for context).
Signed-off-by: Stephen Kitt <skitt@redhat.com>
Kubernetes-commit: 5300466a5c8988b479a151ceb77f49dd00065c83
This adds a generic implementation of a lister, and uses it to replace
the template code in generated listers. The corresponding templates
are no longer used and are removed.
Listers are reduced to their interfaces (non-namespaced and namespaced
if appropriate), their specific structs, and their constructors. All
method implementations are provided by the generic implementation. The
dedicated interface is preserved so that each lister can have its own
set of methods (e.g. the method returning the namespaced lister if
appropriate), and the dedicated struct is preserved to allow
expansions to be defined where necessary.
The external interface is unchanged and doesn't expose generics.
Signed-off-by: Stephen Kitt <skitt@redhat.com>
Kubernetes-commit: 2e9adcd14aae27394238291fa08fb603bf2f3e77
While currently those objects only get published by the kubelet for node-local
resources, this could change once we also support network-attached
resources. Dropping the "Node" prefix enables such a future extension.
The NodeName in ResourceSlice and StructuredResourceHandle then becomes
optional. The kubelet still needs to provide one and it must match its own node
name, otherwise it doesn't have permission to access ResourceSlice objects.
Kubernetes-commit: 0b6a0d686a060b5d5ff92cea931aacd4eba85adb
This adds support for semantic version comparison to the CEL support in the
"named resources" structured parameter model. For example, it can be used to
check that an instance supports a certain API level.
To minimize the risk, the new "semver" type is only defined in the CEL
environment for DRA expressions, not in the base library. See
https://github.com/kubernetes/kubernetes/pull/123664 for a PR which
adds it to the base library.
Validation of semver strings is done with the regular expression from
semver.org. The actual evaluation at runtime then uses semver/v4.
Kubernetes-commit: 42ee56f093133402ed860d4c5f54b049041386c9
Like the current device plugin interface, a DRA driver using this model
announces a list of resource instances. In contrast to device plugins, this
list is made available to the scheduler together with attributes that can be
used to select suitable instances when they are not all alike.
Because this is the first structured parameter model, some checks that
previously were not possible, in particular "is one structured parameter field
set", now gets enabled. Adding another structured parameter model will be
similar.
The applyconfigs code generator assumes that all types in an API are defined in
a single package. If it wasn't for that, it would be possible to place the
"named resources" types in separate packages, which makes their names in the Go
code more natural and provides an indication of their stability level because
the package name could include a version.
Kubernetes-commit: d4d5ade7f5be047472f8d9572c7f01f142951a2d
* support for the managed-by label in Job
* Use managedBy field instead of managed-by label
* Additional review remarks
* Review remarks 2
* review remarks 3
* Skip cleanup of finalizers for job with custom managedBy
* Drop the performance optimization
* imrpove logs
Kubernetes-commit: e568a77a931a1cf4239a4a5fa43e2b05bad3abdf
NodeResourceSlice will be used by kubelet to publish resource information on
behalf of DRA drivers on the node. NodeName and DriverName in
NodeResourceSlice must be immutable. This simplifies tracking the different
objects because what they are for cannot change after creation.
The new field in ResourceClass tells scheduler and autoscaler that they are
expected to handle allocation.
ResourceClaimParameters and ResourceClassParameters are new types for telling
in-tree components how to handle claims.
Kubernetes-commit: 39bbcedbcae84bf716923b3f9464968ca70b42e7
Because of how the previous 100+ commits were done, so changes snuck
thru that properly belong in earlier commits but it's not really
possible to do that without a lot of effort.
We agreed it was OK to "spackle" these cracks with a final commit.
Kubernetes-commit: 21715e6bbd19c932576ff268843d8ead3edb05e4
If, for whatever reason, the context was context.Background(), the additional
goroutine was started and then got stuck forever because
context.Background().Done() is a nil channel. Found when indirectly
instantiating a broadcaster with such a context:
found unexpected goroutines:
[Goroutine 9106 in state chan receive (nil chan), with k8s.io/kubernetes/vendor/k8s.io/client-go/tools/record.NewBroadcaster.func1 on top of the stack:
goroutine 9106 [chan receive (nil chan)]:
k8s.io/kubernetes/vendor/k8s.io/client-go/tools/record.NewBroadcaster.func1()
/home/prow/go/src/k8s.io/kubernetes/_output/local/go/src/k8s.io/kubernetes/vendor/k8s.io/client-go/tools/record/event.go:206 +0x2c
created by k8s.io/kubernetes/vendor/k8s.io/client-go/tools/record.NewBroadcaster in goroutine 8957
/home/prow/go/src/k8s.io/kubernetes/_output/local/go/src/k8s.io/kubernetes/vendor/k8s.io/client-go/tools/record/event.go:205 +0x1a5
This can be fixed by checking for a nil channel.
Another problem also gets addressed: if Shutdown was called without canceling
the context, the goroutine also didn't stop. Now it waits for the cancelation
context and thus terminates in both cases.
Kubernetes-commit: eed6e29a5b8cfaa20fbc426541d9c74105d430ee
until #115478(use streaming against the etcd storage)
is resolved the cacher need a way to disable the streaming.
Kubernetes-commit: 41e706600aea7468f486150d951d3b8948ce89d5
The main reason for updating is support for reporting the cause of context
cancellation: Ginkgo provides that information when canceling a context and
Gomega polling code includes that when generating a failure message.
Kubernetes-commit: 18f0af1f000f95749ca1ea075d62ca89e86bb7da
ReplaceFeatureGates logs a warning when the default env var
implementation has been already used.
Such a situation indicates a potential ordering issue and usually is unwanted.
Kubernetes-commit: 04bbd3481f70825eea54b4b154a04d2496dcf652
This PR add a feature gates mechanisim to client-go
as described in https://docs.google.com/document/d/1g9BGCRw-7ucUxO6OtCWbb3lfzUGA_uU9178wLdXAIfs
In particular:
- Adds a default feature gate implementation based on environment variables.
- Adds a set of methods for reading, overwriting the default implementation, and adding features to an external registry.
Co-authored-by: deads2k <deads@redhat.com>
Co-authored-by: Ben Luddy <bluddy@redhat.com>
Kubernetes-commit: d74c57d4f592d20a992afb54b1ee64f56215210e
Bumping tools to include the fix for a nil pointer
deref error in go/types. See golang/go#64812
for more details.
This fix is needed for when we bump to go1.22.
Signed-off-by: Madhav Jivrajani <madhav.jiv@gmail.com>
Kubernetes-commit: a8da4202c0ac785d57b545e6e310fd754888b50e
27a68aee3a4834 introduced context support. In order to use that
also with NewEventBroadcasterAdapter, a variant of the call is needed to allow
the caller to specify the context.
The `logcheck:context` comment ensures that code which is meant to be
contextual uses the new call.
Kubernetes-commit: f8e25eff926c640c86daa46222bfaf8d625e75d7
This commit defines the ClusterTrustBundlePEM projected volume types.
These types have been renamed from the KEP (PEMTrustAnchors) in order to
leave open the possibility of a similar projection drawing from a
yet-to-exist namespaced-scoped TrustBundle object, which came up during
KEP discussion.
* Add the projection field to internal and v1 APIs.
* Add validation to ensure that usages of the project must specify a
name and path.
* Add TODO covering admission control to forbid mirror pods from using
the projection.
Part of KEP-3257.
Kubernetes-commit: ecfdc8fda55923c18708488ec1561a4fcf9f3e33
Dropping a newline at the end of the message when using klog calls is an
intentional improvement (https://github.com/kubernetes/klog/pull/378)
Kubernetes-commit: 878d037d3ba8fc4f11bf45a6cf5a66301ba89d82
KEP-2593 proposed to expand the existing node-ipam controller
to be configurable via a ClusterCIDR objects, however, there
were reasonable doubts on the SIG about the feature and after
several months of dicussions we decided to not move forward
with the KEP intree, hence, we are going to remove the existing
code, that is still in alpha.
https://groups.google.com/g/kubernetes-sig-network/c/nts1xEZ--gQ/m/2aTOUNFFAAAJ
Change-Id: Ieaf2007b0b23c296cde333247bfb672441fe6dfc
Kubernetes-commit: c2d473f0d438cedab2f1831d23457d24961e0f4e
* Add warning handler callback function in shortcut expander
Currently, errors in client-go are propagated back to the callers via
function returns. However, there is no elegant way for just warning users.
For example, when user wants to get a resource with it's short name format
and if there are multiple resources belonging to this short name, we need to
warn user about this ambugity which one is picked and which ones are discarded.
Not only to overcome this particular case mentioned above, but also propose a
way for the possible warnings in the future, this commit adds a warningHandler
callback function in shortcutExpander.
* Add warningPrinter functionality in ConfigFlags
ConfigFlags has neither warning user in a standardized
format functionality nor passing warning callback functions to other upper level
libraries such as client-go.
This commit adds an ability that user can set warningPrinters
according to their IOStreams and this warningPrinters will be used
to raise possible warnings happening not only in cli-runtime but
also in client-go.
* Pass warning callback function in ConfigFlags to shortcutExpander
This commit passes warning callback function to print possible
warnings happened in shortcut expander to warn user in a
standardized format.
* Add integration test for CRDs having ambiguous short names
This commit adds integration test to assure that warning message
related to this ambiguity is printed when resources are being retrieved via their short name
representations in cases where multiple resources have same
short names.
This integration test also ensures that the logic behind which resource
will be selected hasn't been changed which may cause disperancies in
clusters.
* Remove defaultConfigFlag global variable
* Move default config flags initialization into function
* Skip warning for versions of same group/resource
* Run update-vendor
* Warn only once when there are multiple versions registered for ambiguous resource
* Apply gocritic review
* Add multi-resource multi-version ambiguity unit test
Kubernetes-commit: a504aed54d028dbc8ea2508142c94d309f5f1ec6
checkWatchListConsistencyIfRequested performs a data consistency check only when
the KUBE_WATCHLIST_INCONSISTENCY_DETECTOR environment variable was set during a binary startup.
The consistency check is meant to be enforced only in the CI, not in production.
The check ensures that data retrieved by the watch-list api call
is exactly the same as data received by the standard list api call.
Note that this function will panic when data inconsistency is detected.
This is intentional because we want to catch it in the CI.
Kubernetes-commit: b31e7793d0d873a71c90caf8455556aa905cf88d
Bumping golang.org/x/net in light of CVE-2023-39325 and CVE-2023-44487.
Signed-off-by: Madhav Jivrajani <madhav.jiv@gmail.com>
Kubernetes-commit: fc7c951d5a5b8b75dfa105e3bea7bbddaf4c792e
Besides simply staying up-to-date, ginkgo v2.13.0 adds a `PreviewSpecs` which
will be used for introspection of the E2E test suites.
Kubernetes-commit: 79355caa565cc34e8726c427562c9f109ebe0e34
originally we honored only apierrors.IsInvalid
but decided to fallback on every error
because it is better to make progress than deadlocking
Kubernetes-commit: 4b3915017950a114124a88c5d308bd8bfb9ec48e
Because the EventBroadcaster code now has a a context, changing the EventSink
interface so that the methods accepts a context instead of using context.TODO
becomes possible.
Kubernetes-commit: 5dc540ff57eed5d0e6bc8476f95fe03b7a983cf5
Using StartRecordingToSinkWithContext instead of StartRecordingToSink and
StartLogging instead of StartStructuredLogging has several advantages:
- Spawned goroutines no longer get stuck for extended periods of
time during shutdown when passing in a context that gets canceled.
- Log output can be directed towards a specific logger instead of the global
default, for example one which writes to a testing.T instance.
- The new methods return an error when something went wrong instead of
merely recording the error.
That last point is the reason for deprecating the old methods instead of merely
adding new alternatives.
Setting a context when constructing an EventBroadcaster makes calling Shutdown
optional. It can also be used to specify the logger.
Both EventRecorder interfaces in tools/events and tools/record now have a
WithLogger helper. Using that method is optional, but recommended to support
contextual logging properly. Without it, errors that occur while emitting an
event are not associated with the caller.
Kubernetes-commit: 27a68aee3a48340f7c14235f7fc24aa69aaeb8f6
After 12 months as reviewer, constantly reviewing and contributing
to client-go, I think is fair to move to the next ladder.
Change-Id: I49e579dcefcd39c6f0b29400c90467df00719cca
Kubernetes-commit: cc77b97c5e9cc9f778016b9d260c66bf7b277448
This uses the generic ptr.To in k8s.io/utils to replace functions and
code constructs which only serve to return pointers to intstr
values. Other uses of the deprecated pointer package are updated in
modified files.
Signed-off-by: Stephen Kitt <skitt@redhat.com>
Kubernetes-commit: aa89e6dc978bf88653d893284248039b776aed54
The "set" list type was chosen because it seemed appropriate (no duplicates!)
but that made tracking of managed fields more expensive (each entry in the list
is tracked, not the entire field) and for no good reason (one client is
responsible for the entire list).
Therefore the type gets changed to "atomic". Server-side-apply has not been
used in the past and PodSchedulingContext objects are short-lived and still in
alpha, so the any potential compatibility issues should be minor.
The scheduling throughput in scheduler_perf increases:
name old SchedulingThroughput/Average new SchedulingThroughput/Average
PerfScheduling/SchedulingWithResourceClaimTemplate/2000pods_100nodes-36 18.8 ± 8% 24.0 ±37%
PerfScheduling/SchedulingWithMultipleResourceClaims/2000pods_100nodes-36 13.7 ±81% 18.5 ±40%
Kubernetes-commit: 5567f288e745db05d88fc60e15915f8b0d1f6c4b
The Service Account Token link in the readme is broken and refers to a page that no longer exists.
In this PR I updated the correct link in the readme
Kubernetes-commit: 279a663f948337da156f544b74e41928ad66f9ef
This reverts commit 890a6c8f70d2e0f45b3692d34a6df1ecb6d8335b, reversing
changes made to 4f60a8d493ab9571eb328b9d98da477a50bc7446.
Kubernetes-commit: 0d90d1ffa5e87dfc4d3098da7f281351c7ff1972
Client-side extract calls depend on `managedFields`, which might not be
available. Therefore they should not be used in production code.
They are okay in test files (because the API has to be tested), in the
generated code (because the various type specific APIs still need to be
provided) and in unstructured.go (same reason).
Kubernetes-commit: 4bc9434f99d9a87dd5b63e738b6b1b16693f10e4
It turned out that there were lots of unnecessary accessor functions being called locking and unlocking the cond which are not needed because Wait() automatically unlocks and locks the cond for us and best practice says we should run it in a for checking for the condition (so this is what I have done).
Kubernetes-commit: 2b12df56b0be93bc2cac7c5a66342c0ffaa72311
Also add support for metadata informer factory to use SharedInformerOption
Signed-off-by: Eric Lin <exlin@google.com>
Kubernetes-commit: 9c4651bd0479b84f5e5913649207476717f3f13e
The path module has a few different functions:
Clean, Split, Join, Ext, Dir, Base, IsAbs. These functions do not
take into account the OS-specific path separator, meaning that they
won't behave as intended on Windows.
For example, Dir is supposed to return all but the last element of the
path. For the path "C:\some\dir\somewhere", it is supposed to return
"C:\some\dir\", however, it returns ".".
Instead of these functions, the ones in filepath should be used instead.
Kubernetes-commit: 856bb5c8f266f5276f1a576f47be622d7cb384e7
This creates go.work and enables Go Workspaces. This is a file that
includes info on k/k and all the staging modules.
This depends on go 1.22 and setting FORCE_HOST_GO=true (for kube
scripts, which try to be hermetic).
Make this part of the normal update/verify sequence.
The top-level go.work file contains no replace statements. Instead, the
replace statements in the individual go.mod files are used. For this to
work, replace statements in the individual go.mod files have to be
consistent.
hack/tools has different dependencies and can't be in the main
workspace, so this adds a go.work just for that. Without this, go tries
to consider all deps in all modules and pick one that works for all.
This is problematic because there are so many of them that it is
difficult to manage.
Likewise for k8s.io/code-generator/examples and
k8s.io/kms/internal/plugins/_mock - add trivial go.work files.
For example k/k depends on an older version of a lib that gloangci-lint
needs (transitively) and it breaks.
This also updates vendor (needed to make go happy), and removes
vendor'ed symlinks. This breaks a LOT of our build tools, which will be
fixed subsequently.
Result: `go` commands work across modules:
Before:
```
$ go list ./pkg/proxy/iptables/ ./staging/src/k8s.io/api/core/v1/
main module (k8s.io/kubernetes) does not contain package k8s.io/kubernetes/staging/src/k8s.io/api/core/v1
$ go build ./pkg/proxy/iptables/ ./staging/src/k8s.io/api
main module (k8s.io/kubernetes) does not contain package k8s.io/kubernetes/staging/src/k8s.io/api
$ go test ./pkg/proxy/iptables/ ./staging/src/k8s.io/api
main module (k8s.io/kubernetes) does not contain package k8s.io/kubernetes/staging/src/k8s.io/api
```
After:
```
$ go list ./pkg/proxy/iptables/ ./staging/src/k8s.io/api/core/v1/
k8s.io/kubernetes/pkg/proxy/iptables
k8s.io/api/core/v1
$ go build ./pkg/proxy/iptables/ ./staging/src/k8s.io/api
$ go test ./pkg/proxy/iptables/ ./staging/src/k8s.io/api
ok k8s.io/kubernetes/pkg/proxy/iptables 0.360s
ok k8s.io/api 2.302s
```
Result: `make` fails:
```
$ make
go version go1.22rc1 linux/amd64
+++ [0106 12:11:03] Building go targets for linux/amd64
k8s.io/kubernetes/cmd/kube-proxy (static)
k8s.io/kubernetes/cmd/kube-apiserver (static)
k8s.io/kubernetes/cmd/kube-controller-manager (static)
k8s.io/kubernetes/cmd/kubelet (non-static)
k8s.io/kubernetes/cmd/kubeadm (static)
k8s.io/kubernetes/cmd/kube-scheduler (static)
k8s.io/component-base/logs/kube-log-runner (static)
k8s.io/kube-aggregator (static)
k8s.io/apiextensions-apiserver (static)
k8s.io/kubernetes/cluster/gce/gci/mounter (static)
k8s.io/kubernetes/cmd/kubectl (static)
k8s.io/kubernetes/cmd/kubectl-convert (static)
github.com/onsi/ginkgo/v2/ginkgo (non-static)
k8s.io/kubernetes/test/e2e/e2e.test (test)
k8s.io/kubernetes/test/conformance/image/go-runner (non-static)
k8s.io/kubernetes/cmd/kubemark (static)
github.com/onsi/ginkgo/v2/ginkgo (non-static)
k8s.io/kubernetes/test/e2e_node/e2e_node.test (test)
test/e2e/e2e.go:35:2: cannot find package "k8s.io/api/apps/v1" in any of:
/home/thockin/src/kubernetes/_output/local/go/src/k8s.io/kubernetes/vendor/k8s.io/api/apps/v1 (vendor tree)
/home/thockin/src/kubernetes/_output/local/.gimme/versions/go1.22rc1.linux.amd64/src/k8s.io/api/apps/v1 (from $GOROOT)
/home/thockin/src/kubernetes/_output/local/go/src/k8s.io/api/apps/v1 (from $GOPATH)
... more ...
... more ...
... more ...
!!! [0106 12:13:41] Call tree:
!!! [0106 12:13:41] 1: /home/thockin/src/kubernetes/hack/lib/golang.sh:948 kube::golang::build_binaries_for_platform(...)
!!! [0106 12:13:41] 2: hack/make-rules/build.sh:27 kube::golang::build_binaries(...)
!!! [0106 12:13:41] Call tree:
!!! [0106 12:13:41] 1: hack/make-rules/build.sh:27 kube::golang::build_binaries(...)
!!! [0106 12:13:41] Call tree:
!!! [0106 12:13:41] 1: hack/make-rules/build.sh:27 kube::golang::build_binaries(...)
make: *** [Makefile:96: all] Error 1
```
Again, this requires go 1.22 (e.g. gotip), as go 1.21.x does not have
`go work vendor` support.
TO REPEAT:
( \
./hack/update-go-workspace.sh; \
./hack/update-vendor.sh; \
./hack/update-go-workspace.sh; \
)
Kubernetes-commit: 65b841c077e0d3282d28b9199aec72d23d045104
2022-06-08 12:12:42 +02:00
1972 changed files with 72056 additions and 54682 deletions
> ⚠️ **This is an automatically published [staged repository](https://git.k8s.io/kubernetes/staging#external-repository-staging-area) for Kubernetes**.
> Contributions, including issues and pull requests, should be made to the main Kubernetes repository: [https://github.com/kubernetes/kubernetes](https://github.com/kubernetes/kubernetes).
> This repository is read-only for importing, and not used for direct contributions.
> See [CONTRIBUTING.md](./CONTRIBUTING.md) for more details.
# client-go
Go clients for talking to a [kubernetes](http://kubernetes.io/) cluster.
@@ -75,14 +80,14 @@ We will backport bugfixes--but not new features--into older versions of
// ValidatingAdmissionPolicyBindingSpecApplyConfiguration represents a declarative configuration of the ValidatingAdmissionPolicyBindingSpec type for use
// ValidatingAdmissionPolicyBindingSpecApplyConfiguration constructs a declarative configuration of the ValidatingAdmissionPolicyBindingSpec type for use with
// MutatingAdmissionPolicyBindingSpecApplyConfiguration constructs a declarative configuration of the MutatingAdmissionPolicyBindingSpec type for use with
// ValidatingAdmissionPolicyBindingSpecApplyConfiguration represents an declarative configuration of the ValidatingAdmissionPolicyBindingSpec type for use
// ValidatingAdmissionPolicyBindingSpecApplyConfiguration represents a declarative configuration of the ValidatingAdmissionPolicyBindingSpec type for use
// ValidatingAdmissionPolicyBindingSpecApplyConfiguration constructs an declarative configuration of the ValidatingAdmissionPolicyBindingSpec type for use with
// ValidatingAdmissionPolicyBindingSpecApplyConfiguration constructs a declarative configuration of the ValidatingAdmissionPolicyBindingSpec type for use with
// MutatingAdmissionPolicyBindingSpecApplyConfiguration constructs a declarative configuration of the MutatingAdmissionPolicyBindingSpec type for use with
// ValidatingAdmissionPolicyBindingSpecApplyConfiguration represents an declarative configuration of the ValidatingAdmissionPolicyBindingSpec type for use
// ValidatingAdmissionPolicyBindingSpecApplyConfiguration represents a declarative configuration of the ValidatingAdmissionPolicyBindingSpec type for use
// ValidatingAdmissionPolicyBindingSpecApplyConfiguration constructs an declarative configuration of the ValidatingAdmissionPolicyBindingSpec type for use with
// ValidatingAdmissionPolicyBindingSpecApplyConfiguration constructs a declarative configuration of the ValidatingAdmissionPolicyBindingSpec type for use with
// RollingUpdateStatefulSetStrategyApplyConfiguration constructs an declarative configuration of the RollingUpdateStatefulSetStrategy type for use with
// RollingUpdateStatefulSetStrategyApplyConfiguration constructs a declarative configuration of the RollingUpdateStatefulSetStrategy type for use with
Some files were not shown because too many files have changed in this diff
Show More
Reference in New Issue
Block a user
Blocking a user prevents them from interacting with repositories, such as opening or commenting on pull requests or issues. Learn more about blocking a user.
