github/kubernetes
1
0
Fork 0
mirror of https://github.com/k3s-io/kubernetes.git synced 2025-07-31 15:25:57 +00:00
Code Issues Projects Releases Wiki Activity
119,720 Commits 42 Branches 7,905 Tags 1.3 GiB
44d89c8cf8
Commit Graph

119720 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Jordan Liggitt
44d89c8cf8
Include empty string attributes for CEL authz evaluation 2023-11-02 16:56:52 -04:00
Jordan Liggitt
2e2f51a441
Plumb failure policy from config to webhook construction 2023-11-02 16:56:51 -04:00
Jordan Liggitt
a000af25ff
Require match condition version only if matchConditions are specified 2023-11-02 13:54:39 -04:00
Kubernetes Prow Robot
3240e2b28e
Merge pull request #121674 from neolit123/1.29-super-admin-conf 
test/e2e_kubeadm: add test for the kubeadm:cluster-admins CRB
 2023-11-02 12:10:08 +01:00
Kubernetes Prow Robot
515d1ce6c0
Merge pull request #121393 from mimowo/backoff-limit-per-index-load-test 
Benchmark job with backoff limit per index
 2023-11-02 09:58:26 +01:00
Lubomir I. Ivanov
4c532213ae test/e2e_kubeadm: add test for the kubeadm:cluster-admins CRB 
Add a test that checks if the CRB (kubeadm:cluster-admins)
used for binding admin.conf file users (part of the
kubeadm:cluster-admins Group) to the "cluster-admins"
ClusterRole exists in kubeadm clusters.

It does that only for versions newer than the version
when this feature was added.
 2023-11-02 09:49:29 +02:00
Kubernetes Prow Robot
227d1b2357
Merge pull request #119762 from AxeZhan/PollUntilContextCancel 
wait.PollUntilContextCancel immediately executes condition once
 2023-11-02 05:40:03 +01:00
Kubernetes Prow Robot
6b8b188149
Merge pull request #121686 from logicalhan/update-inst-docs 
update docs for v1.29 release (note this must be committed after code freeze)
 2023-11-02 02:34:57 +01:00
Han Kang
85b10c06fa update docs for v1.29 release (note this must be committed after code freeze) 2023-11-01 15:00:48 -07:00
Kubernetes Prow Robot
9754e40439
Merge pull request #121682 from liggitt/conditional-rbac 
Make service-cidrs-controller role feature-gated
 2023-11-01 21:16:21 +01:00
Jordan Liggitt
cda349cda4
Make service-cidrs-controller role feature-gated 2023-11-01 15:10:33 -04:00
Kubernetes Prow Robot
4c54ff0e16
Merge pull request #121671 from kannon92/fix-swap-summary-failure 
increase bounded limits for major page faults
 2023-11-01 20:07:30 +01:00
Kubernetes Prow Robot
9e84a02950
Merge pull request #121672 from pohly/golangci-lint-comment-check-fix 
golangci-lint: tone down comment checking
 2023-11-01 17:47:45 +01:00
Kubernetes Prow Robot
974735854b
Merge pull request #121573 from tukwila/bump_etcd_v3.5.10 
bump etcd newest version: v3.5.10
 2023-11-01 15:33:13 +01:00
Kubernetes Prow Robot
da61382068
Merge pull request #121552 from pohly/klog-update 
klog v2.110.1 update
 2023-11-01 15:32:59 +01:00
Patrick Ohly
248100ce6d golangci-lint: tone down comment checking 
39df946c06 was meant to enable stricter comment checking only for cmd/kubeadm
because the maintainers of that want that. However, the exclude rule didn't
capture all possible error texts and therefore some checks were enabled across
the entire code base.

The extended pattern is now based on the golangci-lint source code.

Also, the hint config didn't suppress any of these checks.
 2023-11-01 14:59:28 +01:00
Kevin Hannon
ecb32a3e29 increase bounded limits for major page faults 2023-11-01 09:57:37 -04:00
Kubernetes Prow Robot
2c53de96e4
Merge pull request #121665 from pacoxu/sync-etcd-build 
etcd: add --provenance=false during etcd multi-arch build
 2023-11-01 14:14:23 +01:00
Paco Xu
ceaacc88f0 add --provenance=false during etcd multi-arch build 2023-11-01 17:16:28 +08:00
Kubernetes Prow Robot
375e9ee7c4
Merge pull request #120145 from LingyanYin/inplace_vpa_inprogress_custom_resource_fix 
fix inplace VPA stuck in InProgress when custom resources are specified
 2023-11-01 09:59:32 +01:00
Patrick Ohly
4a380609a9 serviceaccount: fix incorrect usage of %w in Errorf 
Found by govet in combination with new klog where printf-style checking is
enabled.
 2023-11-01 09:32:23 +01:00
Patrick Ohly
878d037d3b dependencies: klog v2.110.1 
Dropping a newline at the end of the message when using klog calls is an
intentional improvement (https://github.com/kubernetes/klog/pull/378)
 2023-11-01 09:32:20 +01:00
Kubernetes Prow Robot
d038b65fee
Merge pull request #121303 from humblec/csinodeexpand-ga 
Promote CSINodeExpandSecret to GA
 2023-11-01 07:32:23 +01:00
guangli.bao
bc1df9e7da bump to newest etcd: v3.5.10 
Signed-off-by: guangli.bao <guangli.bao@daocloud.io>
 2023-11-01 11:59:31 +08:00
Humble Chirammal
3890546265 Update APIs and adjust tests 
Signed-off-by: zhucan <zhucan.k8s@gmail.com>
Signed-off-by: Humble Chirammal <humble.devassy@gmail.com>
 2023-11-01 09:28:36 +05:30
Humble Chirammal
77f4178c98 Promote CSINodeExpandSecret to GA 
This feature is in Beta since 1.27 and this has been promoted
to GA in this release.

KEP: https://github.com/kubernetes/enhancements/pull/4239

Signed-off-by: Humble Chirammal <humble.devassy@gmail.com>
 2023-11-01 11:32:05 +08:00
Kubernetes Prow Robot
a8b7e1953f
Merge pull request #121456 from kiashok/addRuntimeClassInCriFeatureGate 
KEP 4216: Add changes for alpha version under RuntimeClassInImageCriApi feature gate
 2023-11-01 03:52:38 +01:00
Kubernetes Prow Robot
6abff7457e
Merge pull request #116516 from aojea/servicecidr 
KEP-1880 Multiple ServiceCIDR ( and IPAddress allocation)
 2023-11-01 03:52:24 +01:00
Kubernetes Prow Robot
bfd67c4454
Merge pull request #121648 from neolit123/1.29-super-admin-conf 
kubeadm: do not poll in TestEnsureAdminClusterRoleBindingImpl
 2023-11-01 01:51:26 +01:00
Kubernetes Prow Robot
593a17d3b6
Merge pull request #121575 from apelisse/update-smd 
Update sigs.k8s.io/structured-merge-diff to v4.4.0
 2023-11-01 01:51:17 +01:00
Kubernetes Prow Robot
9b10019b91
Merge pull request #121477 from wzshiming/kep-2681 
Promote KEP-2681 to beta in 1.29
 2023-11-01 01:51:08 +01:00
Kubernetes Prow Robot
257b8c3666
Merge pull request #121046 from danwinship/nftables 
kube-proxy nftables backend
 2023-11-01 01:50:59 +01:00
Kubernetes Prow Robot
960431407c
Merge pull request #120715 from gjkim42/do-not-reuse-memory-of-restartable-init-containers 
Don't reuse memory of a restartable init container
 2023-11-01 01:50:45 +01:00
Kubernetes Prow Robot
e0d6b7eaaa
Merge pull request #121650 from soltysh/fix_ginkgo_setup 
Move invocation to not to cause ginkgo panic
 2023-11-01 00:33:32 +01:00
Kubernetes Prow Robot
fafccc0c9a
Merge pull request #121078 from aramase/aramase/f/kep_3331_cel_integration 
Implement CEL for StructuredAuthenticationConfig
 2023-11-01 00:33:21 +01:00
kiashok
252e1d2dfe Imagepull per runtime class alpha release changes 
This commit does the following:
1. Add RuntimeClassInImageCriApi feature gate
2. Extend pkg/kubelet/container Image struct
3. Adds runtimeHandler string in the following CRI calls
   i.   ImageStatus
   ii.  PullImageRequest
   iii.  RemoveImage

Signed-off-by: kiashok <kiashok@microsoft.com>
 2023-10-31 15:52:46 -07:00
Kubernetes Prow Robot
715cd17c0d
Merge pull request #121645 from p0lyn0mial/upstream-fix-race-in-test-forget-watcher 
bring back: cacher: when forgeting a watcher, call stopWatcherLocked multiple times
 2023-10-31 22:57:08 +01:00
Kubernetes Prow Robot
3eba6fc9ad
Merge pull request #121628 from andrewsykim/cloud-pvl-admission 
cluster/gce: add webhook to replace PersistentVolumeLabel admission controller
 2023-10-31 22:56:59 +01:00
Kubernetes Prow Robot
84aca4ac74
Merge pull request #121579 from gjkim42/test-enable-sidecarcontainers 
Promote SidecarContainers feature to beta
 2023-10-31 22:56:50 +01:00
Dan Winship
0993bb78ef Redo service dispatch with maps 2023-10-31 17:54:53 -04:00
Dan Winship
9d71513ac1 Redo no-endpoint handling with maps 2023-10-31 17:54:53 -04:00
Dan Winship
4128631d0f Redo LoadBalancerSourceRanges firewall using sets 2023-10-31 17:54:53 -04:00
Dan Winship
edaa1d735b Redo --nodeport-addresses handling with a set 2023-10-31 17:54:53 -04:00
Dan Winship
ef1347b06d Port NAT rules to nftables (and backend is now functional) 2023-10-31 17:54:51 -04:00
Dan Winship
0c5c620b4f Port filter rules to nftables 2023-10-31 17:40:45 -04:00
Dan Winship
6cff415305 Port service/endpoint chain creation/cleanup to nftables 2023-10-31 17:40:45 -04:00
Dan Winship
2735ad541e Port table setup/cleanup code to nftables 2023-10-31 17:40:30 -04:00
Dan Winship
bcced184c5 Replace "iptables-restore" sync in nftables/proxier.go with (trivial) "nft -f -" sync 2023-10-31 17:38:32 -04:00
Dan Winship
93860a5217 Distinguish iptables-based and nftables-based backends, do startup cleanup 
When switching from iptables or ipvs to nftables, clean up old
iptables/ipvs rules. When switching the other way, clean up old
nftables rules.
 2023-10-31 17:38:32 -04:00
Dan Winship
abb1a458a9 Create an nftables.Interface in nftables proxier 
And update most of the comments to refer to "nftables" rather than
"iptables" (even though it doesn't actually do any nftables updating
at this point).

For now the proxy also internally creates a
utiliptablestesting.FakeIPTables to keep the existing sync code
compiling.
 2023-10-31 17:38:29 -04:00