Automatic merge from submit-queue
Certificate signing controller for TLS bootstrap (alpha)
The controller handles generating and signing certificates when a CertificateSigningRequest has the "Approved" condition. Uses cfssl to support a wide set of possible keys and algorithms. Depends on PR #25562, only the last two commits are relevant to this PR.
cc @mikedanese
[]()
Automatic merge from submit-queue
Support terminal resizing for exec/attach/run
```release-note
Add support for terminal resizing for exec, attach, and run. Note that for Docker, exec sessions
inherit the environment from the primary process, so if the container was created with tty=false,
that means the exec session's TERM variable will default to "dumb". Users can override this by
setting TERM=xterm (or whatever is appropriate) to get the correct "smart" terminal behavior.
```
Fixes#13585
Automatic merge from submit-queue
Log restclient request/response bodies using %#v.
These are now protobufs, so outputting them with %s dumps a large
amount of binary garbage into the log. %#v properly escapes exotic
characters.
Add support for terminal resizing for exec, attach, and run. Note that for Docker, exec sessions
inherit the environment from the primary process, so if the container was created with tty=false,
that means the exec session's TERM variable will default to "dumb". Users can override this by
setting TERM=xterm (or whatever is appropriate) to get the correct "smart" terminal behavior.
Automatic merge from submit-queue
Change storeToNodeConditionLister to return []*api.Node instead of api.NodeList for performance
Currently copies that are made while copying/creating api.NodeList are significant part of scheduler profile, and a bunch of them are made in places, that are not-parallelizable.
Ref #28590
Automatic merge from submit-queue
Some scheduler optimizations
Ref #28590
This PR doesn't do anything fancy - it is just reducing amount of memory allocations in scheduler, which in turn significantly speeds up scheduler.
Automatic merge from submit-queue
don't migrate files you can't access
If you can't access a file, you shouldn't try to migrate it.
Ref https://github.com/openshift/origin/issues/9581
@fabianofranz
Automatic merge from submit-queue
The notes are inconsistent with the code
In file "pkg/client/cache/store.go, the notes of line 102 "name and namespace" is inconsistent with line 103 "return parts[0], parts[1], nil", because parts[0] is namespace, and parts[1] is name, It is easy to be confused, and better to modify the notes to "namespace and name".
Automatic merge from submit-queue
Fix problem specifying fqdn:port in command line
When specifying --server in kubectl for example, we end up
with failure if you use "localhost:8080" instead of
"127.0.0.1:8080". This is because of the way url.Parse
works as shown in snippet:
https://play.golang.org/p/luD57S6sEz
Essentially localhost ends up as the Scheme and NOT as the Host.
So we add another check to make sure we prepend the scheme
when Host ends up being empty as well. Tested with
"kubectl --server localhost:8080 get po"
Fixes#2967
Automatic merge from submit-queue
"was not created" should be "was created"
In file pkg\client\restclient/request_test.go, line #1089, "t.Errorf("expected object was not created")" , here "was not created" should be "was created" because the if condition is "if wasCreated".
When specifying --server in kubectl for example, we end up
with failure if you use "localhost:8080" instead of
"127.0.0.1:8080". This is because of the way url.Parse
works as shown in snippet:
https://play.golang.org/p/luD57S6sEz
Essentially localhost ends up as the Scheme and NOT as the Host.
So we add another check to make sure we prepend the scheme
when Host ends up being empty as well. Tested with
"kubectl --server localhost:8080 get po"
Fixes#2967
Automatic merge from submit-queue
Lock all possible kubecfg files at the beginning of ModifyConfig.
Prevent concurrent calls to ModifyConfig on the same (or overlapping) kubeconfig files.
Automatic merge from submit-queue
Track object modifications in fake clientset
Fake clientset is used by unit tests extensively but it has some
shortcomings:
- no filtering on namespace and name: tests that want to test objects in
multiple namespaces end up getting all objects from this clientset,
as it doesn't perform any filtering based on name and namespace;
- updates and deletes don't modify the clientset state, so some tests
can get unexpected results if they modify/delete objects using the
clientset;
- it's possible to insert multiple objects with the same
kind/name/namespace, this leads to confusing behavior, as retrieval is
based on the insertion order, but anchors on the last added object as
long as no more objects are added.
This change changes core.ObjectRetriever implementation to track object
adds, updates and deletes.
Some unit tests were depending on the previous (and somewhat incorrect)
behavior. These are fixed in the following few commits.
