kubernetes

mirror of https://github.com/k3s-io/kubernetes.git synced 2025-07-23 19:56:01 +00:00

Author	SHA1	Message	Date
Dr. Stefan Schimanski	dc0bcd62e3	options/authentication: revert extra serviceaccount TokenGetter function silently enabling serviceaccounts Signed-off-by: Dr. Stefan Schimanski <stefan.schimanski@gmail.com>	2024-07-22 18:21:26 +02:00
Kubernetes Prow Robot	0caeba5cbe	Merge pull request #126204 from vrutkovs/unsafeRecordQueried-atomicPointer feature_gate: avoid extra copy when queried feature is already stored, use Set instead of map	2024-07-22 09:09:42 -07:00
Kubernetes Prow Robot	af71138323	Merge pull request #124837 from carlory/rm-FindCreatablePluginBySpec remove unused FindCreatablePluginBySpec	2024-07-22 08:01:54 -07:00
Kubernetes Prow Robot	3f933ef262	Merge pull request #124053 from PichuChen/patch-1 Fix a typo	2024-07-22 08:01:40 -07:00
Kubernetes Prow Robot	8b8f84c6a7	Merge pull request #125862 from sanposhiho/cleanup-nominated cleanup: remove duplicated AddNominatedPod	2024-07-22 06:50:03 -07:00
Kubernetes Prow Robot	1f436e0fba	Merge pull request #124108 from carlory/update-test-InTreePluginXXXUnregister update unit test for adc to test volume migration	2024-07-22 06:49:49 -07:00
杨朱 · Kiki	bc3c07091b	Fix a bug where the target pod doesn't become schedulable within 5 minutes when a deleted pod uses the same PVC with the ReadWriteOncePod access mode. (#126263 ) Co-authored-by: Kensei Nakada <handbomusic@gmail.com>	2024-07-22 01:20:34 -07:00
Kubernetes Prow Robot	00d03ec049	Merge pull request #126259 from liggitt/node-get-authz Authorize Node reads via name, not graph	2024-07-21 13:08:21 -07:00
Jordan Liggitt	c75c07c8e1	Authorize Node reads via name, not graph	2024-07-21 15:01:46 -04:00
Kubernetes Prow Robot	69eee1c4a2	Merge pull request #126149 from sttts/sttts-aggregator-availability-controller-split Step 11 - Split aggregator availability controller into local and remote part	2024-07-21 09:54:46 -07:00
Dr. Stefan Schimanski	b27142852f	test/integration: adapt numbers in TestAPIServerTransportMetrics with less rest client creations Signed-off-by: Dr. Stefan Schimanski <stefan.schimanski@gmail.com>	2024-07-21 17:41:50 +02:00
Dr. Stefan Schimanski	834cd7ca4a	aggregator: split availability controller into local and remote part Signed-off-by: Dr. Stefan Schimanski <stefan.schimanski@gmail.com>	2024-07-21 17:31:24 +02:00
Dr. Stefan Schimanski	bbdc247406	aggregator: make linter happy Signed-off-by: Dr. Stefan Schimanski <stefan.schimanski@gmail.com>	2024-07-21 16:45:28 +02:00
Dr. Stefan Schimanski	b5759ad4f9	aggregator: (pre-)move availability controller Signed-off-by: Dr. Stefan Schimanski <stefan.schimanski@gmail.com>	2024-07-21 13:48:50 +02:00
Dr. Stefan Schimanski	c5095069a8	aggregator: separate out status controller metrics Signed-off-by: Dr. Stefan Schimanski <stefan.schimanski@gmail.com>	2024-07-21 13:48:49 +02:00
Kubernetes Prow Robot	815efa2baa	Merge pull request #126250 from my-git9/pkiutil-consot kubeadm: remove unused constants in util/pkiutil	2024-07-21 03:02:57 -07:00
Kensei Nakada	82a54e8cc8	cleanup: remove duplicated addNominatedPodUnlocked	2024-07-21 16:04:25 +09:00
Kubernetes Prow Robot	10496b35a8	Merge pull request #126015 from micahhausler/kubelet-cert-validation Enhance node admission to validate kubelet CSR's CN	2024-07-20 21:27:42 -07:00
Kubernetes Prow Robot	558c9536a1	Merge pull request #123678 from kinvolk/userns-use-kubelet-user-mappings kubelet: Add logs for userns custom mappings parsing	2024-07-20 19:59:57 -07:00
Micah Hausler	b251efe0ad	Enhance node admission to validate kubelet CSR's CN Signed-off-by: Micah Hausler <mhausler@amazon.com>	2024-07-20 19:06:00 -05:00
Kubernetes Prow Robot	b14769f2af	Merge pull request #126224 from neolit123/1.31-fix-bug-in-join-patches-healthz kubeadm: fix join bug where kubeletconfig was not patched in memory	2024-07-20 14:27:24 -07:00
Kubernetes Prow Robot	90a84704d6	Merge pull request #126231 from seans3/websocket-https-proxy-fix Falls back to SPDY for gorilla/websocket https proxy error	2024-07-20 13:23:16 -07:00
Kubernetes Prow Robot	8527092e02	Merge pull request #119024 from wafuwafu13/deprecated-node-label chore(node/util): add more labels to `deprecatedNodeLabels`	2024-07-20 11:31:40 -07:00
Lubomir I. Ivanov	b90b280c5a	kubeadm: fix join bug where kubeletconfig was not patched in memory During kubeadm join in 1.30 kubeadm started respecting the kubeletconfiguration healthz address/port. Previously it hardcoded the health check to localhost:defaultport. A corner case was not handled where the user applies --patches on join to modify the local kubeletconfiguration. This results in kubeletconfiguration patch target patches not being applied to the KubeletConfiguration in memory and the health check running on the address:port which are present in the kubelet-config configmap. Fix that by explicitly calling a new function to patch the KubeletConfiguration in memory. This is scoped to only handle the healthz checks after the kubelet config.yaml was already patched and written to disk.	2024-07-20 19:31:19 +03:00
xin.li	c1dca0ad7c	kubeadm: remove unused constants in util/pkiutil Signed-off-by: xin.li <xin.li@daocloud.io>	2024-07-20 23:30:25 +08:00
Kubernetes Prow Robot	892acaa6a7	Merge pull request #126107 from enj/enj/i/svm_not_found_err svm: set UID and RV on SSA patch to cause conflict on logical create	2024-07-20 08:18:01 -07:00
Sean Sullivan	bc52647251	moving for easier cherry-pick	2024-07-20 05:29:57 -07:00
Kubernetes Prow Robot	b293ca9057	Merge pull request #126229 from aojea/network_policies_0.5.0 bump kube-network-policies to v0.5.0	2024-07-20 05:13:54 -07:00
Kubernetes Prow Robot	f2f7708375	Merge pull request #126244 from googs1025/informer chore(servicecidr): use WaitForCacheSync after sharedInformerFactory Start in integration test	2024-07-20 03:11:39 -07:00
googs1025	bc514ff68b	chore: remove t.Fatal typo	2024-07-20 16:19:47 +08:00
googs1025	a6ee8599f1	chore: use WaitForCacheSync method after sharedInformerFactory Start	2024-07-20 16:17:57 +08:00
Sean Sullivan	9d560540c5	Falls back to SPDY for gorilla/websocket https proxy error	2024-07-20 00:10:32 -07:00
Kubernetes Prow Robot	8f265b6305	Merge pull request #126136 from cici37/removeFG Remove feature gate CustomResourceValidationExpressions	2024-07-20 00:08:52 -07:00
Kubernetes Prow Robot	a8d354bf39	Merge pull request #126122 from HirazawaUi/remove-unused-options kubelet: Remove unused run container options	2024-07-19 18:05:16 -07:00
Kubernetes Prow Robot	14b34fc255	Merge pull request #125834 from tallclair/log-cleanup [kubelet] Cleanup incorrect log about static pod status change	2024-07-19 16:58:54 -07:00
Kubernetes Prow Robot	64ba17c605	Merge pull request #125571 from liggitt/filter-auth-02-sar add field and label selectors to authorization	2024-07-19 15:30:01 -07:00
Kubernetes Prow Robot	ec8015daac	Merge pull request #124273 from panoswoo/fix/124255 Remove missing extended resources from init containers	2024-07-19 15:29:53 -07:00
Kubernetes Prow Robot	fa15f12fb5	Merge pull request #126174 from dobsonj/corruptedmnt-enodev mount-utils: treat syscall.ENODEV as corrupted mount	2024-07-19 13:08:48 -07:00
Vadim Rutkovsky	77e84efe31	featuregate: clone queriedFeatures only when mutation is needed Avoid allocating memory when cloned set of queried features is not necessary	2024-07-19 21:07:12 +02:00
Jordan Liggitt	5f22dd7c1a	Add integration test exercising webhook selector authz	2024-07-19 15:06:52 -04:00
Jordan Liggitt	9f8f36708a	Fixup lint warning	2024-07-19 15:06:52 -04:00
Jordan Liggitt	4d535db8be	Add selector authorization to the Node authorizer	2024-07-19 15:06:51 -04:00
Jordan Liggitt	a1398a8cca	Add structured labelSelector / fieldSelector to authorization webhook match conditions	2024-07-19 15:06:50 -04:00
Jordan Liggitt	83bd512861	Adjust CEL cost calculation and versioning for authorization library	2024-07-19 15:06:49 -04:00
David Eads	be2e32fa3e	Add CEL fieldSelector / labelSelector support to authorizer library	2024-07-19 15:06:49 -04:00
Jordan Liggitt	03d48b7683	Move CEL env initialization out of package init() This ensures compatibility version and feature gates can be initialized before cached CEL environments are created.	2024-07-19 15:06:48 -04:00
Jordan Liggitt	1d2ad282cf	Improve CEL cost tests to catch unhandled estimates or types	2024-07-19 15:06:47 -04:00
David Eads	92e3445e9d	add field and label selectors to authorization attributes Co-authored-by: Jordan Liggitt <liggitt@google.com>	2024-07-19 15:06:47 -04:00
Kubernetes Prow Robot	b3e769b72e	Merge pull request #126228 from googs1025/fix_informer chore(Job): make trivial improvements to job controller unit test	2024-07-19 12:03:24 -07:00
Kubernetes Prow Robot	6f3f115378	Merge pull request #126222 from macsko/dont_lock_activeq_twice_in_activate_in_scheduling_queue Don't lock activeQ twice when activating pod in scheduling queue	2024-07-19 12:03:10 -07:00

1 2 3 4 5 ...

124115 Commits