* Change uses of whitelist to allowlist in kubelet sysctl
* Rename whitelist files to allowlist in Kubelet sysctl
* Further renames of whitelist to allowlist in Kubelet
* Rename podsecuritypolicy uses of whitelist to allowlist
* Update pkg/kubelet/kubelet.go
Co-authored-by: Danielle <dani@builds.terrible.systems>
Co-authored-by: Danielle <dani@builds.terrible.systems>
If no propagation policy has been set, the pods associated
with the jobs are going to linger because of OrphanDependents
policy set currently. This patch ensures that a warning
will be thrown when the user explicitly doesn't set deletionPolicy.
More context: https://github.com/kubernetes/kubernetes/pull/103449#discussion_r675820335
Check the Code in the Is family of functions where it makes sense. This
was already done in a couple of functions, but there were many others
where checking the code makes sense.
Consider known reasons in the Is* family of functions for checking
errors based on StatusReason and code.
Maintain backward compatibility by not checkng APIStatus for an unknown
reason in either IsTooManyRequests or IsRequestEntityToLargeError
Add tests for error types by code
Add tests to exercise error checks using both reasons and codes.
This allows to choose the correct architecture in the image manifest,
which defaulted to the host system before applying this patch.
Signed-off-by: Sascha Grunert <sgrunert@redhat.com>
1. string is formatted as unsafe json. Since this is created on the fly;
TaintKey and Effect are formatted as a 'key=effect' instead of '{key=effect}'
eliminating unsafe json representation.
2. Adds a fail test case for the case where a taint with same key and effect is added
and removed together.
Manual Testing
```
▶ ./_output/bin/kubectl taint nodes kind-control-plane key1=:NoSchedule key1=:NoSchedule-
error: can not both modify and remove the following taint(s) in the same command: key1=NoSchedule
```
For some reason when we send them to journald, many log lines are
consistently dropped as soon as the PLEG is started.
If we log directly to file, we don't have this problem. As a bonus, if
the tests crash, the kubelet logs will always be available since they
were already written; otherwise we normally wait until the end of the
test run to collect them from journald, meaning that we often end up
with empty logs.
Also update OWNERS in subdirs based on best-guess picks of appropriate
OWNERS. We can update as necessary in future iterations but this'll help
reduce initial noise for SIG-Arch.
