github/kubernetes
1
0
Fork 0
mirror of https://github.com/k3s-io/kubernetes.git synced 2025-08-05 02:09:56 +00:00
Code Issues Projects Releases Wiki Activity
117,807 Commits 42 Branches 7,905 Tags 1.3 GiB
a505c7160e
Commit Graph

117807 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Kubernetes Prow Robot
2c6c4566ef
Merge pull request #119128 from alexanderConstantinescu/azure-fix 
[Azure] Issue 4230: remove readiness check for cache exclusion
 2023-08-02 13:14:20 -07:00
Jordan Liggitt
a5fff9a5d0
Catch direct references to unwanted dependencies in kubernetes modules 2023-08-02 15:44:25 -04:00
Humble Chirammal
85c385d410 Update the container images used in cloudbuild to their latest version 
This carry below GOLLANG_VERSION which got many CVE fixes:

/workspace # echo $GOLANG_VERSION
1.20.5
/workspace #

CVE-2023-29403 and Go issue https://go.dev/issue/60272.
CVE-2023-29404 and CVE-2023-29405:
  Go issues https://go.dev/issue/60305 and https://go.dev/issue/60306
CVE-2023-29402 and Go issue https://go.dev/issue/60167

Signed-off-by: Humble Chirammal <humble.devassy@gmail.com>
 2023-08-03 00:09:53 +05:30
Kubernetes Prow Robot
dfe6685f0f
Merge pull request #119729 from pohly/scheduler-binding-data-race 
scheduler: fix data race after binding failure
 2023-08-02 08:32:44 -07:00
Patrick Ohly
2f30fae0e8 scheduler: fix data race after binding failure 
When binding has failed, `Done` gets called by
`handleBindingCycleError`. Calling it again is at best redundant and worse,
suffers from a data race:
- the `assumedPodInfo` is placed in the backoff queue
- an event causes the `Pod` pointer to get updated in it
- reading `assumedPodInfo.Pod.UID` races with that write

This race was found with`go test -race`.
 2023-08-02 11:04:10 +02:00
Madhav Jivrajani
1b90dff527 .*: bump golang.org/x/net to v0.13.0 
Signed-off-by: Madhav Jivrajani <madhav.jiv@gmail.com>
 2023-08-02 11:11:22 +05:30
Jordan Liggitt
b6ae858e01
Drop AvailableResources from controller context 2023-08-01 14:52:45 -04:00
Han Kang
d5d90b7b22 add support for ExponentialBucketsRange 2023-08-01 11:38:20 -07:00
Kubernetes Prow Robot
99190634ab
Merge pull request #119693 from enj/patch-7 
Update CHANGELOG-1.28.md for KMSv2KDF
 2023-08-01 01:22:38 -07:00
tao.yang
a215b29d7c remove makefile:generated_files in v1.29. 
Signed-off-by: tao.yang <tao.yang@daocloud.io>
 2023-08-01 16:14:18 +08:00
Kubernetes Prow Robot
2f9c143145
Merge pull request #119696 from sanchita-07/patch-1 
Update CHANGELOG OWNERS to reflect 1.28 Release Notes team
 2023-07-31 22:28:37 -07:00
Kubernetes Prow Robot
d3b7391dc2
Merge pull request #119310 from thockin/warn_externalname_externalips 
API warnings for services with bad combos of ExternalIPs and ExternalName
 2023-07-31 12:36:38 -07:00
SANCHITA MISHRA
73107c1b75
Update OWNERS 2023-07-31 22:30:56 +05:30
Kubernetes Prow Robot
513da69f76
Merge pull request #119634 from aramase/patch-1 
docs: update release note for KMSv1 deprecation
 2023-07-31 09:44:39 -07:00
SANCHITA MISHRA
53c8872cc1
Update OWNERS 2023-07-31 22:11:07 +05:30
Mo Khan
2a82aac524
Update CHANGELOG-1.28.md for KMSv2KDF 2023-07-31 11:06:53 -04:00
Kubernetes Prow Robot
700e1ed1f4
Merge pull request #119653 from sttts/sttts-crd-stored-version-errors 
apiextensions: fix validation error for status.storedVersions
 2023-07-31 07:12:40 -07:00
Kubernetes Prow Robot
41da26dbe1
Merge pull request #119624 from dims/fix-wrong-feature-gate-in-changelog-DefaultHostNetworkHostPortsInPodTemplates 
[release-notes] DefaultHostNetworkHostPortsInWorkloads -> DefaultHostNetworkHostPortsInPodTemplates
 2023-07-30 23:28:01 -07:00
Kubernetes Prow Robot
e68629e7b3
Merge pull request #119671 from xmudrii/dl-npd 
Avoid pulling node-problem-detector through CDN
 2023-07-30 05:48:01 -07:00
Marko Mudrinić
294c7df328
Avoid pulling node-problem-detector through CDN 
Signed-off-by: Marko Mudrinić <mudrinic.mare@gmail.com>
 2023-07-30 13:02:17 +02:00
lengrongfu
c23cee1be3 fix OOM killer 
Signed-off-by: lengrongfu <rongfu.leng@daocloud.io>
 2023-07-30 11:16:12 +08:00
Kubernetes Prow Robot
cc2f7b3198
Merge pull request #119663 from dims/avoid-pulling-mounter-through-CDN 
Avoid pulling mounter.tar through the CDN
 2023-07-28 20:27:41 -07:00
Davanum Srinivas
b4ef4015a2
Avoid pulling mounter.tar through the CDN 
Signed-off-by: Davanum Srinivas <davanum@gmail.com>
 2023-07-28 22:15:55 -04:00
tinatingyu
ca338e517b Fix the flaky legacy_service_account_token_clean_up_test.Fix the flaky 
legacy_service_account_token_clean_up_test.
 2023-07-28 18:18:40 +00:00
Dr. Stefan Schimanski
cfcbce31a3
apiextensions: fix validation error for status.storedVersions 2023-07-28 12:31:19 +02:00
carlory
14251738d2 NCC-E003660-PCK: Non Constant-Time Comparison of Service Account Token Secrets 2023-07-28 14:06:23 +08:00
Kubernetes Prow Robot
97c7dbcd22
Merge pull request #119603 from borg-land/machine-type-fix 
Calculate the correct machine-type
 2023-07-27 17:51:53 -07:00
Anish Ramasekar
936819c21b
docs: update release note for KMSv1 deprecation 
Tweaked release note to mention `--feature-gates=KMSv1=true` is required in future release only as the current default is `true`.
 2023-07-27 17:08:03 -07:00
Todd Neal
2a767c9916 update the busybox test image to 1.36.1 2023-07-27 15:26:06 -05:00
Davanum Srinivas
6689fd9746
DefaultHostNetworkHostPortsInWorkloads -> DefaultHostNetworkHostPortsInPodTemplates 
Signed-off-by: Davanum Srinivas <davanum@gmail.com>
 2023-07-27 13:47:29 -04:00
Stephen Kitt
7f53f7649e
Use intstr.Parse instead of reimplementing it 
Signed-off-by: Stephen Kitt <skitt@redhat.com>
 2023-07-27 13:12:32 +02:00
Kubernetes Prow Robot
d4fde1e92a
Merge pull request #118549 from a7i/kubelet-prober-metric-pod 
fix 'pod' in kubelet prober metrics
 2023-07-26 18:28:06 -07:00
upodroid
a65d207507 calculate the correct machine-type 2023-07-26 23:10:06 +00:00
Tim Hockin
182a4f858a
API warn non-ExternalName services w/ externalName 2023-07-26 15:57:57 -07:00
Tim Hockin
7bd0a857e3
API warn ExternalName services with externalIPs 2023-07-26 15:52:49 -07:00
Kubernetes Prow Robot
a6776f4e39
Merge pull request #119597 from akhilerm/publishing-bot-rules-for-release-1.28 
publishing-bot rules for release-1.28 branch
 2023-07-26 14:24:07 -07:00
Akhil Mohan
dd8a64d7e1
publishing-bot rules for release-1.28 branch 
Signed-off-by: Akhil Mohan <akhilerm@gmail.com>
 2023-07-26 21:52:00 +05:30
Kubernetes Prow Robot
98358b8ce1
Merge pull request #119587 from borg-land/node-env-patch 
Set node-env map parser to nil if an empty string is passed
 2023-07-26 05:26:18 -07:00
Kubernetes Release Robot
a005617111 CHANGELOG: Update directory for v1.28.0-rc.0 release 2023-07-26 09:07:45 +00:00
upodroid
7d13c9b096 set map to nil if an empty string is passed 2023-07-26 10:32:27 +03:00
Kubernetes Prow Robot
dc6d8c6b58
Merge pull request #119571 from haircommander/node-log-query-on-node 
test: fix NodeLogQuery tests to query the correct node for logs
 2023-07-25 15:36:31 -07:00
Amine
eb4063f0ce
Add cases to tests AdmissionWebhook MatchConditions size limit (#119404) 2023-07-25 15:36:19 -07:00
Jiahui Feng
66aa2af097 CEL lazy map: add test for boolean short-circuiting 2023-07-25 14:46:45 -07:00
Amine
ef4907eddd
Add e2e tests for admission webhooks MatchCondition fields (#118319) 
* Add e2e tests for admission webhooks MatchCondition fields

Signed-off-by: Amine Hilaly <hilalyamine@gmail.com>

* improve naming to distinguish tests

* adding e2e for mutating webhooks and match conditions

* Use `ginkgo.It` instead of `framework.ConformaceIt` and cleanup
resrources after creation

* Enable AdmissionWebhookMatchConditions feature

* Tag only matchcondition tests

* Improve expected error message for denied requests.

* Rename `onlyAllowLeaseObjectMatchConditions` to
`excludeLeasesMatchConditions`

* remove [Alpha] tag from AdmissionWebhookMatchConditions tests

* Using `gomega.Expect` instead of `framworkfail`

* Remove [Feature:AdmissionWebhookMatchConditions] tag

Signed-off-by: Amine <hilalyamine@gmail.com>

* Improve e2e names to specify whether it's using Validating or Mutating admission webhooks

---------

Signed-off-by: Amine Hilaly <hilalyamine@gmail.com>
Signed-off-by: Amine <hilalyamine@gmail.com>
 2023-07-25 14:02:17 -07:00
Peter Hunt
a248c4de52 test: fix NodeLogQuery tests to query the correct node for logs 
Currently, the test queries the local node, which is not correct for most kubernetes environments.
Instead, ssh to the target node and call journalctl there

Signed-off-by: Peter Hunt <pehunt@redhat.com>
 2023-07-25 15:41:38 -04:00
Kubernetes Prow Robot
cacc6e751b
Merge pull request #119531 from ritazh/kmsv2-test-enablement-restart 
kmsv2 test feature enablement disablement and restart
 2023-07-25 12:03:55 -07:00
Yuan Chen
c4739313b7 Track manually created secret-based tokens 
Add audit annotation and metrics to track secret-based tokens

Update pkg/serviceaccount/metrics.go

Co-authored-by: Jordan Liggitt <jordan@liggitt.net>

Update pkg/serviceaccount/legacy.go

Co-authored-by: Jordan Liggitt <jordan@liggitt.net>

Update pkg/serviceaccount/legacy.go

Co-authored-by: Jordan Liggitt <jordan@liggitt.net>

Update pkg/serviceaccount/metrics.go

Co-authored-by: Jordan Liggitt <jordan@liggitt.net>

Update pkg/serviceaccount/metrics.go

Co-authored-by: Jordan Liggitt <jordan@liggitt.net>

Update pkg/serviceaccount/metrics.go

Co-authored-by: Jordan Liggitt <jordan@liggitt.net>

Fix a bug
 2023-07-25 10:07:39 -07:00
Kubernetes Prow Robot
86b44a3222
Merge pull request #119564 from logicalhan/update-docs 
update documentation with descriptions
 2023-07-25 10:00:07 -07:00
Rita Zhang
67769438e1
kmsv2 test feature enablement disablement and restart 
Signed-off-by: Rita Zhang <rita.z.zhang@gmail.com>
 2023-07-25 09:50:59 -07:00
Han Kang
18a7025383 update documentation with descriptions 2023-07-25 08:57:54 -07:00