github/kubernetes
1
0
Fork 0
mirror of https://github.com/k3s-io/kubernetes.git synced 2025-07-23 11:50:44 +00:00
Code Issues Projects Releases Wiki Activity
124,007 Commits 42 Branches 7,905 Tags 1.3 GiB
17521f04a4
Commit Graph

124007 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Peter Hunt
17521f04a4 PSA: allow procMount type Unmasked in baseline 
a masked proc mount has traditionally been used to prevent untrusted containers from accessing leaky kernel APIs.
However, within a user namespace, typical ID checks protect better than masked proc. Further, allowing unmasked proc
with a user namespace gives access to a container mounting sub procs, which opens avenues for container-in-container use cases.

Update PSS for baseline to allow a container to access an unmasked /proc, if it's in a user namespace and if the UserNamespacesPodSecurityStandards feature is enabled.

Signed-off-by: Peter Hunt <pehunt@redhat.com>
 2024-07-23 12:01:06 -04:00
Kubernetes Prow Robot
f82030111f
Merge pull request #126198 from aojea/flaku_lb 
e2e: fix flake on loadbalancer tests
 2024-07-18 13:41:45 -07:00
Kubernetes Prow Robot
d040043edb
Merge pull request #124736 from MikeSpreitzer/exempt-borrows-more 
More assertive borrowing by exempt
 2024-07-18 13:41:38 -07:00
Kubernetes Prow Robot
c4bd05df1c
Merge pull request #126181 from bitoku/refactor-kubeletseparatediskgc 
[sig-testing] refactor KubeletSeparateDiskGC nodefeature
 2024-07-18 10:39:25 -07:00
Kubernetes Prow Robot
595927da21
Merge pull request #125660 from saschagrunert/oci-volumesource-api 
[KEP-4639] Add `ImageVolumeSource` API
 2024-07-18 10:39:15 -07:00
Kubernetes Prow Robot
601eb7e9cf
Merge pull request #122922 from marosset/windows-memory-eviction 
Add support for Windows memory-pressure eviction
 2024-07-18 10:39:06 -07:00
Kubernetes Prow Robot
3adafc6a50
Merge pull request #126194 from mimowo/job-e2e-tests-cleanup 
Format helper scripts in Job e2e tests as multiline for readability
 2024-07-18 09:33:39 -07:00
Kubernetes Prow Robot
73198f893c
Merge pull request #124859 from morlay/master 
Remove json:",omitempty" where json:",inline" specified.
 2024-07-18 09:33:33 -07:00
Sascha Grunert
f7ca3131e0
Add ImageVolumeSource API 
Adding the required Kubernetes API so that the kubelet can start using
it. This patch also adds the corresponding alpha feature gate as
outlined in KEP 4639.

Signed-off-by: Sascha Grunert <sgrunert@redhat.com>
 2024-07-18 17:25:54 +02:00
Kubernetes Prow Robot
dda657b598
Merge pull request #126191 from p0lyn0mial/upstream-revert-promote-watch-list-to-beta 
Revert "Promote WatchList feature to Beta"
 2024-07-18 07:39:28 -07:00
Kubernetes Prow Robot
eb58e5e002
Merge pull request #125976 from vrutkovs/apf-typemeta-print-type 
flowcontrol: print object type when bootstrapping flowschemas
 2024-07-18 07:39:19 -07:00
Antonio Ojea
fdbe6912d2 e2e: fix flake on loadbalancer tests 
validating that one endpoint is reachable from one part of the cluster
is not enough condition to consider it will be reachable from any node,
as different Services proxies on different nodes will have different
propagation delays for the EndpointSlices and Services information.
 2024-07-18 12:54:54 +00:00
Kubernetes Prow Robot
7693a7e71a
Merge pull request #126190 from mimowo/job-controller-cleanup 
Cleanup Job controller isPodFailed function
 2024-07-18 02:44:53 -07:00
Kubernetes Prow Robot
a491ea7af4
Merge pull request #126092 from pacoxu/fix-node-lease 
fix node lease e2e flakes
 2024-07-18 02:44:43 -07:00
Michal Wozniak
2d680054c1 Format helper scripts in Job e2e tests as multiline for readability 2024-07-18 11:05:36 +02:00
Ayato Tokubi
662ed5a42d refactor nodefeature 
Signed-off-by: Ayato Tokubi <atokubi@redhat.com>
 2024-07-18 08:45:52 +00:00
Kubernetes Prow Robot
24fbb13eaf
Merge pull request #126113 from googs1025/enqueueExtensions_refactor 
scheduler: Add ctx param and error return to EnqueueExtensions.EventsToRegister()
 2024-07-18 00:53:25 -07:00
Kubernetes Prow Robot
9196650533
Merge pull request #123819 from fakecore/fc/master 
fix: handle socket file detection on Windows
 2024-07-18 00:53:16 -07:00
Lukasz Szaszkiewicz
2f5394567e Revert "kube-controller-manager: enable WatchListClient" 
This reverts commit 825091693d.
 2024-07-18 09:29:53 +02:00
Lukasz Szaszkiewicz
367401cd85 Revert "e2e/apimachinery/watchlist: always run WatchList e2e tests" 
This reverts commit be00cded2d.
 2024-07-18 09:29:46 +02:00
Lukasz Szaszkiewicz
88f47b4b4d Revert "kube-apiserver: promote WatchList feature to beta" 
This reverts commit 0b15903b35.
 2024-07-18 09:29:24 +02:00
Michal Wozniak
1be4df6e02 Cleanup Job controller isPodFailed function 2024-07-18 09:08:23 +02:00
Kubernetes Prow Robot
1b3d7d06c5
Merge pull request #126102 from carlory/cleanup-after-JobPodFailurePolicy-ga 
cleanup after JobPodFailurePolicy is promoted to GA
 2024-07-17 21:27:06 -07:00
googs1025
a3978e8315 scheduler: Add ctx param and error return to EnqueueExtensions.EventsToRegister() 2024-07-18 12:22:17 +08:00
carlory
dae05f3b88 cleanup after JobPodFailurePolicy is promoted to GA 2024-07-18 10:00:56 +08:00
Kubernetes Prow Robot
d0545c8eb4
Merge pull request #126073 from a7i/fake-apply-scale-subresource 
fix: fake clientset ApplyScale subresource from 'status' to 'scale'
 2024-07-17 17:35:52 -07:00
Kubernetes Prow Robot
45cb3a1bd0
Merge pull request #126173 from bergerhoffer/cli-help 
A few minor help text tweaks
 2024-07-17 16:29:34 -07:00
Kubernetes Prow Robot
b68a58d372
Merge pull request #126141 from Nordix/esotsal/fix-126135 
test/e2e_node:  Fix pod_resize tests in CI
 2024-07-17 16:29:25 -07:00
Mark Rossetti
3683010a7c
Adding e2e test to validate memory-pressure eviction on Windows 
Signed-off-by: Mark Rossetti <marosset@microsoft.com>
 2024-07-17 15:11:30 -07:00
Mark Rossetti
0411a3d565
Add support for memory pressure evictiong on Windows 
Signed-off-by: Mark Rossetti <marosset@microsoft.com>
 2024-07-17 15:11:30 -07:00
Kubernetes Prow Robot
5d40866fae
Merge pull request #125994 from carlory/fix-job-api 
clean up codes after PodDisruptionConditions was promoted to GA
 2024-07-17 14:37:09 -07:00
Kubernetes Prow Robot
ef2cb782be
Merge pull request #126172 from haircommander/proc-mount-loosten-test 
e2e_node: loosen proc mount test
 2024-07-17 13:10:09 -07:00
Kubernetes Prow Robot
42e22cc99d
Merge pull request #126162 from danwinship/kube-proxy-config-owners 
Add me to kube-proxy config api approvers
 2024-07-17 13:10:00 -07:00
Kubernetes Prow Robot
b23f41e192
Merge pull request #125940 from thockin/master 
Clarify errors in ProjectedVolume validation
 2024-07-17 13:09:51 -07:00
Kubernetes Prow Robot
6aa300c48b
Merge pull request #125482 from mimowo/failure-policy-e2e-conformance 
Promote JobPodFailurePolicy and PodDisruptionConditions e2e tests to Conformance
 2024-07-17 13:09:37 -07:00
Kubernetes Prow Robot
d879103c28
Merge pull request #125820 from macsko/add_separate_lock_for_pod_nominator_scheduling_queue 
Add a separate lock for pod nominator in scheduling queue
 2024-07-17 12:06:10 -07:00
Kubernetes Prow Robot
ef8d67f865
Merge pull request #125809 from aojea/cloud_hostname 
add unit tests for hostname node.status.addresses
 2024-07-17 12:05:52 -07:00
Andrea Hoffer
5252f79f9b A few minor help text tweaks 2024-07-17 13:30:34 -04:00
Peter Hunt
3d8cb4fa89 e2e_node: loosen proc mount test 
the exact number of lines/ro lines is not important, just that there are more than 0 ro lines
and more than 1 line total.

this helps accomodate different architectures that implement different kernel APIs

Signed-off-by: Peter Hunt <pehunt@redhat.com>
 2024-07-17 13:26:23 -04:00
Kubernetes Prow Robot
c3bcd4fff0
Merge pull request #126139 from enj/enj/i/revert_list_cache 
Revert "Move ConsistentListFromCache to Beta default"
 2024-07-17 09:59:14 -07:00
Kubernetes Prow Robot
a8110d7174
Merge pull request #125259 from sohankunkerkar/bump-proc-mount-beta 
[KEP-4265] promote ProcMountType feature gate to beta
 2024-07-17 09:59:07 -07:00
Michal Wozniak
25d938b481 Promote JobPodFailurePolicy and PodDisruptionConditions e2e tests to Conformance 2024-07-17 18:13:08 +02:00
Kubernetes Prow Robot
8ba158c7f4
Merge pull request #126164 from soltysh/cleanup_runners_2 
Cleanup unused test functions - cont-ed
 2024-07-17 08:25:07 -07:00
Maciej Szulik
ce01dfc492
Cleanup unused test functions - cont-ed 
Following up the work started in 0c0bd6d this is further cleaning up the
test/utils directory getting rid of unused functions.
 2024-07-17 16:22:11 +02:00
Dan Winship
5c372faca6 Add me to kube-proxy config api approvers 2024-07-17 09:41:53 -04:00
Kubernetes Release Robot
03fe89c233 CHANGELOG: Update directory for v1.30.3 release 2024-07-17 11:51:02 +00:00
Kubernetes Release Robot
ff78057631 CHANGELOG: Update directory for v1.28.12 release 2024-07-17 10:51:59 +00:00
Kubernetes Prow Robot
89283e0219
Merge pull request #124958 from bells17/qhint-volume-binding-storageclass 
volumebinding: scheduler queueing hints - StorageClass
 2024-07-17 02:47:06 -07:00
Maciej Skoczeń
5def93b10a Add a separate lock for pod nominator in scheduling queue 2024-07-17 07:58:59 +00:00
Kubernetes Release Robot
29e4f5a893 CHANGELOG: Update directory for v1.27.16 release 2024-07-17 07:48:22 +00:00