github/kubernetes
1
0
Fork 0
mirror of https://github.com/k3s-io/kubernetes.git synced 2025-07-29 14:37:00 +00:00
Code Issues Projects Releases Wiki Activity
101,910 Commits 42 Branches 7,905 Tags 1.3 GiB
a6ef76157b
Commit Graph

101910 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Kubernetes Prow Robot
a6ef76157b
Merge pull request #102623 from vazmin/bug-cli-string-slice-flag 
fix bug where string slice flag is not assigned
 2021-06-30 11:49:28 -07:00
Kubernetes Prow Robot
f962166f30
Merge pull request #100339 from p0lyn0mial/upstream-delegated-authz-metrics 
adds metrics for delegated authz
 2021-06-30 11:49:16 -07:00
Kubernetes Prow Robot
98d20f552b
Merge pull request #99378 from mattcary/api 
StatefulSet PersistentVolumeClaimDeletePolicy
 2021-06-30 11:49:03 -07:00
Kubernetes Prow Robot
044fd6fdf6
Merge pull request #99829 from palnabarun/migrate-to-go-embed 
Replace go-bindata with //go:embed
 2021-06-30 10:37:03 -07:00
Kubernetes Prow Robot
1534e0c7ec
Merge pull request #103350 from tech-geek29/fix-mac-local-cluster 
Update local-cluster-up.sh to auto-detect darwin and skip kubelet and kube-proxy
 2021-06-30 09:11:04 -07:00
Rishabh Jain
584eb5e947 Update local-cluster-up.sh to auto-detect darwin and skip kubelet and kube-proxy 2021-06-30 20:30:03 +05:30
Kubernetes Prow Robot
b3cc522b53
Merge pull request #103281 from makusu2/patch-1 
Fix grammar
 2021-06-30 05:41:03 -07:00
Kubernetes Prow Robot
d787eaa4d5
Merge pull request #103332 from mcshooter/updateNPDVersion 
Update NPD release version and include windows defender config
 2021-06-30 01:19:02 -07:00
Lukasz Szaszkiewicz
4a2aef00d6 adds metrics for authorization webhook 2021-06-30 09:26:25 +02:00
Kubernetes Prow Robot
696d0f5772
Merge pull request #103316 from sejr/podsecurity-baseline-hostNamespace 
[Pod Security]: HostNamespace baseline check
 2021-06-29 21:19:03 -07:00
Samuel Roth
71cb2d71a8 podsecurity: add baseline hostNamespace check 
less repetitive detail

dont ensure security context

minor doc fix

fixing keys
 2021-06-29 23:11:32 -04:00
Kubernetes Prow Robot
7ad7c0757a
Merge pull request #103160 from ravisantoshgudimetla/fix-ubernetes-tests 
Run ubernetes tests on gke only
 2021-06-29 18:29:14 -07:00
Kubernetes Prow Robot
61ee139a08
Merge pull request #103070 from jeremyje/logspam 
GCE Windows: Upgrade to flb-exporter v0.17.0 which reduces log spam.
 2021-06-29 18:29:02 -07:00
Kubernetes Prow Robot
c9bff73105
Merge pull request #103179 from tanjing2020/runtimeclass 
[e2e] Destroy the created runtimeclass resources at the end of the test case.
 2021-06-29 17:07:15 -07:00
Kubernetes Prow Robot
21f41b8e82
Merge pull request #101711 from hbagdi/ingressclass-namespaced-params-beta 
graduate IngressClassNamespacedParams to beta
 2021-06-29 17:07:03 -07:00
Michelle Tandya
03f85e9ade Update NPD release version and include windows defender config 2021-06-30 00:00:32 +00:00
Kubernetes Prow Robot
7eaf2ebab2
Merge pull request #103313 from neolit123/1.22-fix-key-check-download-certs 
kubeadm: fix wrong check for keys/certs during "download-certs"
 2021-06-29 14:54:20 -07:00
Kubernetes Prow Robot
00af17037b
Merge pull request #103256 from pacoxu/static-check-0.2.0 
upgrade staticcheck to v0.2.0 and update the static failure packages
 2021-06-29 13:42:32 -07:00
Kubernetes Prow Robot
e0f66be1aa
Merge pull request #101822 from yuzhiquan/NodeResourcesFit-score 
Add score func for NodeResourcesFit plugin
 2021-06-29 13:42:20 -07:00
Lubomir I. Ivanov
5c00024c70 kubeadm: fix wrong check for keys/certs during "download-certs" 
During "join" of new control plane machines, kubeadm would
download shared certificates and keys from the cluster stored
in a Secret. Based on the contents of an entry in the Secret,
it would use helper functions from client-go to either write
it as public key, cert (mode 644) or as a private key (mode 600).

The existing logic is always writing both keys and certs with mode 600.
Allow detecting public readable data properly and writing some files
with mode 644.

First check the data with ParsePrivateKeyPEM(); if this passes
there must be at least one private key and the file should be written
with mode 600 as private. If that fails, validate if the data contains
public keys with ParsePublicKeysPEM() and write the file as public
(mode 644).

As a result of this new logic, and given the current set of managed
kubeadm files, .key files will end up with 600, while .crt and .pub
files will end up with 644.
 2021-06-29 23:42:04 +03:00
Harry Bagdi
f0d917a3ca add fuzzer patch to fix tests 2021-06-29 12:59:59 -07:00
Kubernetes Prow Robot
92726bf0f3
Merge pull request #103248 from sttts/sttts-crd-converison-test 
apiextension: fix typo and test case in conversion integration test
 2021-06-29 11:20:03 -07:00
Kubernetes Prow Robot
f2e47502fd
Merge pull request #103076 from wzshiming/fix/flake-gracefulnodeshutdown-dbus 
Fix the GracefulNodeShutdown e2e test running on dbus that refuses to manually start
 2021-06-29 11:19:50 -07:00
Kubernetes Prow Robot
dae03ba921
Merge pull request #99364 from p0lyn0mial/upstream-delegated-authn-metrics 
adds metrics for delegated authn
 2021-06-29 11:19:38 -07:00
Nabarun Pal
ac41e56582
docs: add documentation on adding files to the embedded data 
Signed-off-by: Nabarun Pal <pal.nabarun95@gmail.com>
 2021-06-29 23:30:50 +05:30
yuzhiquan
deb14b995a Add score plugin for NodeResourcesFit 2021-06-29 13:16:55 -04:00
Kubernetes Prow Robot
01819dd322
Merge pull request #102028 from chrishenzie/read-write-once-pod-access-mode 
ReadWriteOncePod access mode for PVs and PVCs
 2021-06-29 10:04:40 -07:00
ravisantoshgudimetla
c65b80a637 [storage] [test] Remove extra zone test 
We're running ubernetes tests
`should only be allowed to provision PDs in zones
where nodes exist`
on gcp&gke. While the test is useful in exercising
the scenario of identifying extra zone and
creating a node in it, not every Kube
distribution uses the same approach to create a node,
further if even there is an extra zone, we cannot
guarantee the zone to have enough quota. There can also
be other GCP specific edge cases all of which cannot be
covered within this test. So, removing the test
as agreed upon with the storage team
 2021-06-29 12:52:58 -04:00
Kubernetes Prow Robot
756203fda0
Merge pull request #102576 from dobsonj/101911 
kubelet: do not call RemoveAll on volumes directory for orphaned pods
 2021-06-29 06:54:40 -07:00
Nabarun Pal
0ab03d3d5b
dependencies: remove go-bindata 
Signed-off-by: Nabarun Pal <pal.nabarun95@gmail.com>
 2021-06-29 19:16:51 +05:30
Nabarun Pal
bbccf2ecb4
e2e-node: move to embedded test manifests 
Signed-off-by: Nabarun Pal <pal.nabarun95@gmail.com>
 2021-06-29 19:16:49 +05:30
Nabarun Pal
d98b2dd2d6
generated: remove usage of go-bindata 
Signed-off-by: Nabarun Pal <pal.nabarun95@gmail.com>
 2021-06-29 19:16:48 +05:30
Nabarun Pal
68b334d02b
test: setup embedded file sources for manifests 
Signed-off-by: Nabarun Pal <pal.nabarun95@gmail.com>
 2021-06-29 19:16:46 +05:30
Kubernetes Prow Robot
3d87fd6a9a
Merge pull request #103273 from XudongLiuHarold/fix-loadbalancerclass-test-name 
fix loadbalancerclass integration test funcation name
 2021-06-29 05:40:41 -07:00
Kubernetes Prow Robot
ebcb4a2d88
Merge pull request #103104 from pacoxu/npd-088 
update npd to v0.8.8
 2021-06-29 02:30:40 -07:00
Dr. Stefan Schimanski
903d76f558 apiextension: fix typo and test case in conversion integration test 2021-06-29 11:03:24 +02:00
Nabarun Pal
3af6329caf
e2e-framework: add an EmbeddedFileSource to sources 
The data structure would wrap an embedded filesystem andthe root
directory relative to which the embedded filesystem is constructed.

Signed-off-by: Nabarun Pal <pal.nabarun95@gmail.com>
 2021-06-29 13:36:29 +05:30
Nabarun Pal
7546e5d6dc
vendor: update manifest 
Signed-off-by: Nabarun Pal <pal.nabarun95@gmail.com>
 2021-06-29 13:36:29 +05:30
Nabarun Pal
43c2e454a0
hack: remove bindata generation logic for translations 
also, remove generated bindata

Signed-off-by: Nabarun Pal <pal.nabarun95@gmail.com>
 2021-06-29 13:36:28 +05:30
Nabarun Pal
eb75b34394
kubectl: use embedded translations instead of generated bindata 
Signed-off-by: Nabarun Pal <pal.nabarun95@gmail.com>
 2021-06-29 13:36:27 +05:30
Nabarun Pal
5ece28b77a
kubectl: move translations to i18n package to kubectl staging directory 
Go 1.16's embed directive doesn't allow embeding files from parent
directories. Hence, moving the translations data to inside the i18n package.

Logically speaking as well, kubectl related artifacts should be inside
the kubectl package.

Signed-off-by: Nabarun Pal <pal.nabarun95@gmail.com>
 2021-06-29 13:36:26 +05:30
Lukasz Szaszkiewicz
322c18c147 adds metrics for authentication webhook 2021-06-29 09:49:14 +02:00
Kubernetes Prow Robot
1151dc1ee5
Merge pull request #103138 from sbangari/winDsrLoadBalancerServiceFix 
Loadbalancer IngressIP policy should be configured as non-DSR to enable routing mesh by default
 2021-06-28 23:26:51 -07:00
Kubernetes Prow Robot
adf561fb96
Merge pull request #96699 from tengqm/kubelet-config-norm 
Tweak kubelet config comments for consistency and readability
 2021-06-28 23:26:40 -07:00
Chris Henzie
b7d732d3d6 Map PV access modes to CSI access modes 2021-06-28 21:25:38 -07:00
Chris Henzie
8db83c89aa CSI client helpers for NodeGetCapabilities 2021-06-28 21:25:37 -07:00
Chris Henzie
5f98f6cfa4 Update helper methods to print and parse ReadWriteOncePod access mode 2021-06-28 21:25:37 -07:00
Chris Henzie
2b98f8edc7 Enforce ReadWriteOncePod access mode during mount 2021-06-28 21:25:37 -07:00
Chris Henzie
7491d01651 Validate use of the ReadWriteOncePod access mode 
This will only work if the "ReadWriteOncePod" feature gate is enabled.
Additionally, this access mode will only work when used by itself. This
is because when ReadWriteOncePod is used on a PV or PVC, it renders all
other access modes useless since it is most restrictive.
 2021-06-28 21:25:37 -07:00
Chris Henzie
48ba5020a2 ReadWriteOncePod PV access mode and feature gate 2021-06-28 21:25:35 -07:00