Automatic merge from submit-queue (batch tested with PRs 48636, 49088, 49251, 49417, 49494)
StatefulSet: Remove `pod.alpha.kubernetes.io/initialized` annotation.
The `pod.alpha.kubernetes.io/initialized` annotation was originally a tool for validating StatefulSet's ordered Pod creation guarantees during the feature's alpha phase.
If set to "false" on a given Pod, it would interrupt StatefulSet's normal behavior. In v1.5.0, the annotation was deprecated and the default became "true" as part of StatefulSet's graduation to beta.
The annotation is now ignored, meaning it cannot be used to interrupt StatefulSet Pod management.
```release-note
StatefulSet: The deprecated `pod.alpha.kubernetes.io/initialized` annotation for interrupting StatefulSet Pod management is now ignored. If you were setting it to `true` or leaving it unset, no action is required. However, if you were setting it to `false`, be aware that previously-dormant StatefulSets may become active after upgrading.
```
ref #41605
Automatic merge from submit-queue
stop jsonpath panicing on negative array length
Related downstream issue: https://github.com/openshift/origin/issues/15075
Returns error if provided jsonpath value results in a negative slice index after adding the length of the slice:
```go
a := [0, 1, 2, 3]
b := a[-1:] // 3
c := a[-4:] // 0
d := a[-5:] // out of range error
e := a[4:] // out of range error
```
**Release note**:
```release-note
NONE
```
cc @fabianofranz
Automatic merge from submit-queue
Fix tls config copy in dial test
Fixes a bug introduced in 0d42da1b93 (diff-1748ffb7995a87b1f6bfd534dc5a51abL99) that broke the mutation test check (it was checking an object against itself)
Automatic merge from submit-queue (batch tested with PRs 49444, 47864, 48584, 49395, 49118)
rate limiting should not affect system masters
A `system:masters` user is either a loopback connection or someone with complete access to the cluster. Either way, they should not be rate-limited like a normal client since their requests are more important. This moves the maxinflight checker post-authentication and excluded system:masters from the rate limit.
@smarterclayton as discussed.
@kubernetes/sig-api-machinery-misc
This introduces fake implementations of dynamic.Client and
dynamic.ClientPool. They function similarly to the fake generated
clientsets, since they're also based in testing.Fake.
Automatic merge from submit-queue
installer.go amend some comment
**What this PR does / why we need it**:
**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes #
**Special notes for your reviewer**:
**Release note**:
```release-note
NONE
Automatic merge from submit-queue
Fix staging godeps for k8s.io/metrics and k8s.io/kube-gen
**What this PR does / why we need it**:
#49095 introduced an issue with the formatting of the k8s.io/metrics staging godeps. This fixes that issue, and alters the script to prevent it from happening again.
**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes #
**Special notes for your reviewer**:
**Release note**:
```release-note
NONE
```
Automatic merge from submit-queue (batch tested with PRs 49326, 49394, 49346, 49379, 49399)
Make client-go authoritative
client-go now is authoritative except for `client-go/pkg/version`, which I think we can leave as is for a while.
Automatic merge from submit-queue (batch tested with PRs 46210, 48607, 46874, 46598, 49240)
Remove types.generated.go generated for internal API types
We don't need generated codecs for internal types.
Automatic merge from submit-queue (batch tested with PRs 46210, 48607, 46874, 46598, 49240)
Ipv6 support for ChooseHostInterface (part 3 of 3)
**What this PR does / why we need it**:
Provides IPv6 support for the ChooseHostInterface() and ChooseBindAddress() functions
in the apimachinery's util/net/interface.go file. It strives to maintain backward compatibility with existing use of IPv4, but allow IPv6 to be used when available. This is part 3 of a set of PRs, and has been rebased on top of #46138, which is rebased on top of #46044.
This is part of an overall effort to provide IPv6 support in the code, by addressing places where IPv4 logic exists and making it IPv6 ready.
**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes#44848
**Special notes for your reviewer**:
You can look at the other PRs for the commit description of what each of them does. I do see some unrelated test failures in those commits - appears to be flakes.
**Release note**:
```release-noteNONE
```
Automatic merge from submit-queue
Add a new API version apps/v1beta2
xref: #49135
This PR adds a new API version `apps/v1beta2` which contains a copy (of types, conversions, and defaults) of `apps/v1beta1` StatefulSet, Deployment, and their subresources. Note that `apps/v1beta2` is still WIP and we will make breaking changes to it before releasing 1.8.
Moving core controllers (StatefulSet, Deployment, ReplicaSet, DaemonSet) to `apps/v1beta2` is the first step of moving them to `apps/v1` (GA).
This PR is a starting point for DaemonSet and ReplicaSet to move from `/extensions` to `/apps` and for Deployment and StatefulSet to make some breaking changes (e.g. new defaults and/or remove deprecated fields).
```release-note
Add a new API version apps/v1beta2
```
This adds an interface form of dynamic.Client and
dynamic.ResourceClient, making those two follow the general client
conventions: `Interface` is an interface, and `Client` is the concrete
implementation. `ClientPool` retains it's interface status.
This allows us to create a fake implemenation of dyanmic.Interface,
dynamic.ResourceInterface, and dynamic.ClientPool for testing.
Automatic merge from submit-queue
Use specified ServerName in aggregator TLS validation
Fixes#49354
The aggregator sets a ServerName in the proxier tlsConfig, but the code path handling websocket upgrade requests did not honor it, and instead tried to verify TLS using the dialed host
* Honors ServerName if already set in tls.Config
* Adds unit tests for upgrade functionality via the aggregator
* Fixes mutation of shared tlsConfig.ServerName in spdy roundtripper
```release-note
Websocket requests to aggregated APIs now perform TLS verification using the service DNS name instead of the backend server's IP address, consistent with non-websocket requests.
```
Automatic merge from submit-queue (batch tested with PRs 48565, 49172)
Use $(location) to find generated output paths.
Along with the build-infra PR https://github.com/kubernetes/repo-infra/pull/19, this allows Kubernetes binaries (e.g. hyperkube) to be built as external dependencies in other Bazel projects.
```release-note
NONE
```
