github/kubernetes
1
0
Fork 0
mirror of https://github.com/k3s-io/kubernetes.git synced 2025-08-06 02:34:03 +00:00
Code Issues Projects Releases Wiki Activity
121,913 Commits 42 Branches 7,905 Tags 1.3 GiB
1b3d10aafa
Commit Graph

121913 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Kubernetes Prow Robot
6efef796f6
Merge pull request #122998 from MikeSpreitzer/add-deletion-handling 
Add DeletionHandlingObjectToName
 2024-03-05 12:41:45 -08:00
Patrick Ohly
27df75c577 dra api: fix status updates 
Changing object meta is not supposed to be possible via status updates. For
example, it circumvents RBAC permission checks.
 2024-03-05 21:39:24 +01:00
Tim Allclair
ec325b328d Match annotations against pod AppArmor field 2024-03-05 12:22:50 -08:00
Tim Allclair
d25b1ded76 PodSecurity check for AppArmor fields 2024-03-05 12:22:50 -08:00
Tim Allclair
24537a9131 Stop appending AppArmor status to node ready condition 2024-03-05 12:22:50 -08:00
Tim Allclair
207a965b3f Update AppArmor e2e tests 2024-03-05 12:22:50 -08:00
Tim Allclair
bf3c8464ba Implement Kubelet AppArmor field handling 2024-03-05 12:22:50 -08:00
Tim Allclair
289ec02e8b Implement version skew strategy 2024-03-05 12:22:50 -08:00
Tim Allclair
b7f620c12b Generated code 2024-03-05 12:22:50 -08:00
Sean Sullivan
855bc74023 Adds OWNERS files to client-go streaming dirs 2024-03-05 20:21:48 +00:00
Tim Allclair
94927afb50 AppArmor API changes 2024-03-05 12:02:43 -08:00
Jiahui Feng
6b03166bed update to inject only the list of excluded resources. 2024-03-05 11:11:10 -08:00
Filip Křepinský
7a57bcea6c fix e2e test for kubectl interactive delete 2024-03-05 19:57:28 +01:00
Kubernetes Prow Robot
b0ee334374
Merge pull request #123708 from p0lyn0mial/upstream-const-watchlist-bookmark-event 
apimachinery/meta/types.go: define InitialEventsAnnotationKey const
 2024-03-05 10:40:51 -08:00
Kubernetes Prow Robot
180c6bdc25
Merge pull request #122056 from dhenkel92/keep-pdb-condition 
keep existing PDB conditions when updating status
 2024-03-05 10:40:42 -08:00
Peter Hunt
646d464203 e2e_node: use kubelet_exec_t instead of bin_t for kubelet 
as bin_t isn't powerful enough, and we run into a wack-a-mole situation making bin_t powerful
enough for the tests

Signed-off-by: Peter Hunt <pehunt@redhat.com>
 2024-03-05 13:39:52 -05:00
Michał Woźniak
e568a77a93
Support for the Job managedBy field (alpha) (#123273) 
* support for the managed-by label in Job

* Use managedBy field instead of managed-by label

* Additional review remarks

* Review remarks 2

* review remarks 3

* Skip cleanup of finalizers for job with custom managedBy

* Drop the performance optimization

* imrpove logs
 2024-03-05 09:25:15 -08:00
Kubernetes Prow Robot
a81411594a
Merge pull request #123226 from ivanvc/add-suspend-to-jobs-table 
printers: Add Job status to jobs table
 2024-03-05 09:25:06 -08:00
Antonio Ojea
5122fe0732 don't watch headless services on kubelet 
The kubelet watches services only to generate the environment variables
inside a pod, but headless services are not needed for this.

Change-Id: I22ee2b3352f8fe71cddfafa6f09b768c0a0e26b4
 2024-03-05 17:16:48 +00:00
Antonio Ojea
0595ec7942 implement field selector for clusterIP on services 
This will allow components that don't need to watch headless services
(heavily used on ai/ml workloads) to filter them server side.

Specially useful for kubelet and kube-proxy

Co-authored-by: Jianbo Ma <sakuranlbj@gmail.com>

Change-Id: I6434d2c8c77aaf725ec5c07acbcda14311f24bfa

Change-Id: Iba9e25afb90712facfb3dee25c500bbe08ef38fc
 2024-03-05 17:16:42 +00:00
Anish Ramasekar
b502aa6f31
Duplicate v1alpha1 AuthenticationConfiguration to v1beta1 
Signed-off-by: Anish Ramasekar <anish.ramasekar@gmail.com>
 2024-03-05 09:10:34 -08:00
Monis Khan
290f2a7e1b
Fix AuthenticationConfiguration docs around nested claims via CEL 
Signed-off-by: Monis Khan <mok@microsoft.com>
 2024-03-05 12:01:11 -05:00
Monis Khan
bc7aa13bf7
Mark StructuredAuthenticationConfiguration feature gate as beta 
Signed-off-by: Monis Khan <mok@microsoft.com>
 2024-03-05 11:34:30 -05:00
Kubernetes Prow Robot
4369fcb00f
Merge pull request #123684 from hakuna-matatah/123570 
Addd negative case for the fix in #123570
 2024-03-05 08:24:39 -08:00
Kubernetes Prow Robot
bc00c9eef0
Merge pull request #123366 from kerthcet/feat/support-initcontainer 
Consider initContainer images in pod scheduling
 2024-03-05 08:24:30 -08:00
Antonio Ojea
53d38a3161 node-controller require providerID to initialize a node 
Since the migration to the external cloud providers, the node
controller in the cloud controller manager is responsible of
initializing the nodes.

There is a strong assumption across the ecosystem that the nodes has
set the node.spec.providerID value, however, the node controller does
not check if this value is set during the initialization  of the node,
and if there are some failures on the cloud provider API calls, the
node can be untainted without the value and never reconciled.

In addition, it seems that is possible for some cloud provider to not
implement the providerID value, though is not likely this is going to
happen, but for backward compatibility purposes we should allow this case.

The node controller will require the providerID to untain the Nodes,
except when the cloud provider does not use InstancesV2 and does implement it.

ProviderID is inmutable once set, so that value has preferences,
otherwise InstancesV2 is preferred over Instances.

Change-Id: Ic41cf7ebcca1ff0fbd8daafc036166f19fc37251
Signed-off-by: Antonio Ojea <aojea@google.com>
 2024-03-05 16:19:52 +00:00
Kubernetes Prow Robot
74adc0b3f7
Merge pull request #122489 from carlory/fix-120080 
storage e2e: update hostpath and mock images
 2024-03-05 07:11:36 -08:00
Kubernetes Prow Robot
791fd50eeb
Merge pull request #123114 from bzsuni/cleanup/npd/v0.8.15 
Bump npd from v0.8.13 to v0.8.16
 2024-03-05 05:46:42 -08:00
Kubernetes Prow Robot
a33f8b8211
Merge pull request #122259 from pacoxu/enlarge-pod-delete-timeout 
use e2e f.Timeouts.PodDelete instead of 1 minute
 2024-03-05 05:46:29 -08:00
Kubernetes Prow Robot
777070c9a5
Merge pull request #123702 from p0lyn0mial/upstream-clean-up-after-123190 
storage/cacher: mark the addition of a metric for waitUntilFreshAndBlock as completed
 2024-03-05 04:41:15 -08:00
Kubernetes Prow Robot
13f40e9759
Merge pull request #123686 from kerthcet/fix/flaky-test-on-multi-profile 
[Scheduler] Fix flaky test on multi profiles waitingPods
 2024-03-05 04:41:09 -08:00
Kubernetes Prow Robot
d826407152
Merge pull request #122653 from ardaguclu/interactive-delete-e2e-test 
Add e2e test for kubectl interactive delete
 2024-03-05 03:08:59 -08:00
Kubernetes Prow Robot
835ad2bccd
Merge pull request #120346 from ardaguclu/custom-debug-profile 
kubectl debug: Add custom debug profiles on top of static profiles
 2024-03-05 03:08:45 -08:00
Lukasz Szaszkiewicz
3f7d4b787b apimachinery/meta/types.go: define InitialEventsAnnotationKey const 
InitialEventsAnnotationKey the name of the key
under which an annotation marking the end of
a watchlist stream is stored.
The annotation is added to a "Bookmark" event.

The const will be immediately used in client-go and apiserver packages.
 2024-03-05 11:52:25 +01:00
Lukasz Szaszkiewicz
221ad9f7c2 storage/cacher: mark the addition of a metric for waitUntilFreshAndBlock as completed 2024-03-05 10:23:23 +01:00
HirazawaUi
01689d0906 add e2e tests for relaxed validation 2024-03-05 17:09:15 +08:00
HirazawaUi
fa3c101439 relax validation pod envfrom 2024-03-05 17:09:15 +08:00
HirazawaUi
e56240b2e1 add validation method at the top level 2024-03-05 17:09:10 +08:00
kerthcet
5b072a59a2 Fix flaky test on multi profiles waiting pod 
Signed-off-by: kerthcet <kerthcet@gmail.com>
 2024-03-05 14:54:33 +08:00
Kubernetes Prow Robot
dc3f5ec6cc
Merge pull request #112957 from mxpv/log-dir 
Allow changing pod log directory
 2024-03-04 21:07:06 -08:00
HirazawaUi
96a16a7bc9 add relaxed env var name function 2024-03-05 12:51:54 +08:00
Arda Güçlü
af2dadcb18 Add custom debug profiles on top of static profiles 
This PR adds `custom` flag to let user customizes debug resources.
`custom` flag accepts partial container spec in json format.
 2024-03-05 07:47:41 +03:00
Kubernetes Prow Robot
50f4b1ea47
Merge pull request #123568 from enj/enj/i/jwt_username_required 
jwt: fail on empty username via CEL expression
 2024-03-04 20:07:33 -08:00
Kubernetes Prow Robot
26600b17ab
Merge pull request #123561 from enj/enj/i/validate_jwt_sa_iss 
Prevent conflicts between service account and jwt issuers
 2024-03-04 20:07:24 -08:00
Kubernetes Prow Robot
a76a3e031f
Merge pull request #123487 from gauravkghildiyal/kep-4444 
Introduce trafficDistribution field for Kubernetes Services
 2024-03-04 20:07:15 -08:00
Kubernetes Prow Robot
229ebabc0a
Merge pull request #123336 from HyunSu1768/hyunsu1768/use-switch-cases 
Refactoring to encourage use of switch case
 2024-03-04 20:07:06 -08:00
Kubernetes Prow Robot
0bcf6e3dde
Merge pull request #123679 from seans3/remotecommand-extend-deadlines 
Extend deadlines to one minute
 2024-03-04 18:38:32 -08:00
Kubernetes Prow Robot
699984f25a
Merge pull request #123641 from liggitt/authz-config-beta-gate 
Promote StructuredAuthorizationConfiguration feature gate to beta
 2024-03-04 18:38:23 -08:00
Kubernetes Prow Robot
5b6d8a4293
Merge pull request #123532 from serathius/separate-rpc 
Move cacher watch to separate rpc preventing starvation
 2024-03-04 18:38:14 -08:00
Kubernetes Prow Robot
439f7df65b
Merge pull request #122320 from armstrongli/master 
allow service NodePort to be updated to 0 in case AllocateLoadBalance…
 2024-03-04 18:38:05 -08:00