Automatic merge from submit-queue (batch tested with PRs 45408, 45355, 45528)
Admission options spits out admission control
**What this PR does / why we need it**:
This PR adds ApplyTo method to AdmissionOptions struct. The method creates and initialises admission control to the server configuration.
**Release note**:
```
NONE
```
Automatic merge from submit-queue
fix typo in docker_container.go
Signed-off-by: Carlory <fanbaofa@gmail.com>
**What this PR does / why we need it**:
fix typo in docker_container.go
**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes #
NONE
**Special notes for your reviewer**:
NONE
**Release note**:
```release-note
NONE
```
Added support for AAAA record for coredns and included unit test.
Fixed function names in comments for Google and AWS tests to match
actual test name in this area.
Automatic merge from submit-queue
describe pod: add unit test for Node
**What this PR does / why we need it**:
Add unit test for "describe pod" in order to get node info.
**Release note**:
```release-note
NONE
```
In some setups, after creation of dynamic PVs and before mounting/using
these PVs in a pod, the endpoint/service got mistakenly deleted by the
user/developer. By making these methods 'plugin' specific, we can call
it from mounter if there are scenarios where the endpoint and service
got wiped in between accidentally.
Signed-off-by: Humble Chirammal hchiramm@redhat.com
Automatic merge from submit-queue
add --as-group option to cli
The usecase of this change:
When a super user grant some RBAC permissions to a group, he can use
--as--group to test whether the group get the permissions.
Note that now we support as-groups, as-user-extra in kubeconfig file after this change.
**Release note**:
```NONE
```
@liggitt
Automatic merge from submit-queue
Make fake iptables' Save operation more realistic
Ref https://github.com/kubernetes/kubernetes/pull/45622#issuecomment-301624384 (2nd point)
This would make fake IPtables actually return the iptable contents it stores.
cc @kubernetes/sig-scalability-misc @wojtek-t
Automatic merge from submit-queue
fix missing argument for Errorf(%v): format reads arg 1, have only 0 args
Signed-off-by: yupengzte <yu.peng36@zte.com.cn>
**What this PR does / why we need it**:
add the missing code of "len(res.Items)"
**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes #
**Special notes for your reviewer**:
**Release note**:
```release-note
```
Automatic merge from submit-queue
delete the code after "return"
Signed-off-by: yupengzte <yu.peng36@zte.com.cn>
**What this PR does / why we need it**:
After return, the code is unreachable, delete it.
**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes #
**Special notes for your reviewer**:
**Release note**:
```release-note
```
Automatic merge from submit-queue
Fix kube-apiserver crash when patching TPR data
**What this PR does / why we need it**: While trying to do a strategic merge patch, kube-apiserver crashes with a nil pointer dereference because `UnsafeConvertor` is `nil` for TPR data resources here: https://github.com/kubernetes/kubernetes/blob/master/pkg/master/thirdparty/thirdparty.go#L314-L337.
This PR does not make strategic merge patch work on TPR data but makes sure that the kube-api server does not crash while trying to do so.
**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes#44587
**Special notes for your reviewer**:
**Release note**:
```
NONE
```
Automatic merge from submit-queue
Internal audit API
Forked from https://github.com/kubernetes/kubernetes/pull/45315
I pulled out only the internal audit API types and would like to merge this to unblock the audit implementation work while we figure out the versioned types and code generation.
I will continue to iterate on https://github.com/kubernetes/kubernetes/pull/45315, but lets get this internal type submitted.
/cc @ericchiang @ihmccreery
Automatic merge from submit-queue
Assign label to pod when exec 'kubectl run' command with flags "--expose=true" and "--restart=Never"
**What this PR does / why we need it**:
As the title says and issue #40503 mentioned.
cc @tanapoln
**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes#40503
**Special notes for your reviewer**:
**Release note**:
```release-note
NONE
```
Automatic merge from submit-queue (batch tested with PRs 45664, 45861)
Add update-federation-* scripts to update-all.sh
This is to ensure that `make verify` succeeds after running `update-all.sh`
Fixes https://github.com/kubernetes/kubernetes/issues/45853
Automatic merge from submit-queue (batch tested with PRs 45664, 45861)
Fix#45213: Syncing jobs would return error when podController exception
**What this PR does / why we need it**:
Jobcontroller: Syncing jobs would return error when podController exception
**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes #
fixes#45213
**Special notes for your reviewer**:
**Release note**:
```release-note
```
Automatic merge from submit-queue (batch tested with PRs 45835, 45389)
Introduce visibility rules to kubernetes code.
**What this PR does / why we need it**:
Use rules to identify "bad" dependencies on kubectl code for later refactoring or removal, and prevent their reintroduction.
**Which issue this PR fixes**
First in a series of PRs to address kubernetes/community#598
**Release note**:
```release-note
NONE
```
Automatic merge from submit-queue (batch tested with PRs 45835, 45389)
client-gen: honor groupName overrides in customArgs
If there is a comment of the form "// +groupName=somegroup" or
"// +groupName=somegroup.foo.bar.io", use the first field (somegroup) as
the name of the group in customArgs.GroupVersions and
customArgs.GroupVersionToInputPath.
@deads2k this lets OpenShift generate the correct group names for pkg/deploy (groupName=apps) and pkg/sdn (groupName=network), although we still need your hack to specify `--group`.
cc @smarterclayton @liggitt @sttts @kubernetes/sig-api-machinery-pr-reviews
Automatic merge from submit-queue (batch tested with PRs 44337, 45775, 45832, 45574, 45758)
daemoncontroller.go:format for
**What this PR does / why we need it**:
format for.
delete redundant para.
make code clean.
**Release note**:
```release-note
NONE
```
Automatic merge from submit-queue (batch tested with PRs 44337, 45775, 45832, 45574, 45758)
Fix lint failures on kubernetes-e2e charm
**What this PR does / why we need it**:
This fixes a test failure on the kubernetes-e2e charm relating to tox and flake8:
```DEBUG🏃/bin/sh: 1: flake8: not found```
**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes #
**Special notes for your reviewer**:
This is a follow-up to https://github.com/kubernetes/kubernetes/pull/45494 where the same thing was done for kubernetes-master.
**Release note**:
```release-note
Fix lint failures on kubernetes-e2e charm
```
Automatic merge from submit-queue (batch tested with PRs 44337, 45775, 45832, 45574, 45758)
Tighten validation of mirror pod annotations
Tightens validation for pods with a mirror pod annotation:
1. spec.nodeName must be set
2. makes the mirror pod annotation immutable
3. starts validating pod-specific annotations during pod status update
None of these changes affect usage of the mirror pod annotation by kubelets, which only set it on pod creation (verified this is true back to 1.5.x)
the second commit updates the pod validation tests to look for specific error messages (best reviewed ignoring whitespace changes)
This is the validation portion of https://github.com/kubernetes/community/blob/master/contributors/design-proposals/kubelet-authorizer.md and https://github.com/kubernetes/features/issues/279
```release-note
Mirror pods must now indicate the nodeName they are bound to on creation. The mirror pod annotation is now treated as immutable and cannot be added to an existing pod, removed from a pod, or modified.
```
Automatic merge from submit-queue (batch tested with PRs 44337, 45775, 45832, 45574, 45758)
Refactor gcr.io/google_containers/elasticsearch to alpine
**What this PR does / why we need it**:
This reduces the image size of the gcr.io/google_containers/elasticsearch image.
Before:
```
REPOSITORY TAG IMAGE ID CREATED SIZE
gcr.io/google_containers/elasticsearch v2.4.1-2 6941e43df81a 4 weeks ago 419MB
```
After:
```
REPOSITORY TAG IMAGE ID CREATED SIZE
gcr.io/google_containers/elasticsearch v2.4.1-2 24ad40c21a52 About an hour ago 178MB
```
**Special notes for your reviewer**:
I used a workaround to make the elasticsearch_logging_discovery binary work with alpine. (See [stackoverflow](https://stackoverflow.com/questions/34729748/installed-go-binary-not-found-in-path-on-alpine-linux-docker/35613430#35613430)). Alternatively this can be solved by setting ```CGO_ENABLED=0```when compiling the binary. I didn't feel comfortable chaing the Makefile though, since I'm no golang expert. Feedback wanted!
Automatic merge from submit-queue
Update scheduler reviewers
**What this PR does / why we need it**:
Update Scheduler OWNERS to more accurately reflect reality.
**Special notes for your reviewer**:
Are there others to add here?
**Release note**:
```
NONE
```
/cc @kubernetes/sig-scheduling-pr-reviews
