github/kubernetes
1
0
Fork 0
mirror of https://github.com/k3s-io/kubernetes.git synced 2025-07-23 11:50:44 +00:00
Code Issues Projects Releases Wiki Activity
102,227 Commits 42 Branches 7,905 Tags 1.3 GiB
f10dfc6e30
Commit Graph

102227 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Jordan Liggitt
f10dfc6e30 PodSecurity: restricted capabilities: cleanup 
Fix formatting of container names,
Add unit test for containers missing drop, containers with invalid adds
Consolidate integration test fixtures
 2021-07-08 02:19:24 -04:00
Jordan Liggitt
bd4dc42a72 PodSecurity: baseline capabilities: regenerate files 2021-07-08 02:19:24 -04:00
Jordan Liggitt
809abf4f5b PodSecurity: baseline capabilities: cleanup 
Rename to capabilities_baseline
Add unit test exercising forbidden reason and details
Consolidate integration test fixtures
 2021-07-08 02:19:23 -04:00
Jordan Liggitt
b390e9e32d PodSecurity: appArmorProfile: cleanup 
Also allow  values
Add unit test exercising forbidden reason/detail
Clean up forbidden reason construction
 2021-07-08 02:19:23 -04:00
Jordan Liggitt
8291f8490b PodSecurity: allowPrivilegeEscalation: regenerate files 2021-07-08 02:19:23 -04:00
Jordan Liggitt
1e2886341a PodSecurity: allowPrivilegeEscalation: cleanup 
Make forbidden details more compact
Add unit test exercising forbidden message/details
Consolidate fixtures
 2021-07-08 02:19:23 -04:00
Jordan Liggitt
648b970718 PodSecurity: add message helper 2021-07-08 02:19:22 -04:00
Kubernetes Prow Robot
818ed1afff
Merge pull request #103552 from liggitt/podsecurity-code 
PodSecurity: use code/reason/details from admission library
 2021-07-07 17:05:56 -07:00
Kubernetes Prow Robot
075ce33452
Merge pull request #103487 from novahe/fix/fixture-data-race 
client-go: fix fixture data race
 2021-07-07 17:05:48 -07:00
Kubernetes Prow Robot
7bfd0b0503
Merge pull request #103467 from thockin/svc-alloc-lb-nodeports-bug 
Fix small bug with AllocateLoadBalancerNodePorts
 2021-07-07 17:05:40 -07:00
Kubernetes Prow Robot
10ba908d74
Merge pull request #103419 from natasha41575/upgradeKust4.2 
Upgrade kustomize-in-kubectl to v4.2.0
 2021-07-07 17:05:31 -07:00
Kubernetes Prow Robot
6ed98b60f0
Merge pull request #103383 from Huang-Wei/move-up-pods 
sched: provide an option for plugin developers to move pods to activeQ
 2021-07-07 17:05:22 -07:00
Kubernetes Prow Robot
8e56a34195
Merge pull request #102966 from SergeyKanzhelev/deprecateDynamicKubeletConfig 
deprecate and disable by default DynamicKubeletConfig feature flag
 2021-07-07 17:05:15 -07:00
Kubernetes Prow Robot
785d9f028a
Merge pull request #102188 from alculquicondor/fasterselector 
Improve slice allocation in LabelSelectorAsSelector
 2021-07-07 17:05:06 -07:00
Kubernetes Prow Robot
e3234f3d6b
Merge pull request #101604 from pacoxu/tuning-grpc 
use PermitWithoutStream=true for etcd: send pings even without active stream
 2021-07-07 17:04:53 -07:00
Kubernetes Prow Robot
e67979eaf6
Merge pull request #103550 from tkashem/apf-bootstrap-log-message 
apf: fix bootstrap ensurer log message
 2021-07-07 14:20:36 -07:00
Kubernetes Prow Robot
a392ca0f25
Merge pull request #103543 from liggitt/implement-check_dropCapabilities.go 
Implement check drop capabilities.go
 2021-07-07 14:20:23 -07:00
Jordan Liggitt
1dfacd3c70 PodSecurity: use code/reason/details from admission library 2021-07-07 16:25:16 -04:00
Wei Huang
fb9cafc99b
sched: provide an option for plugin developers to move pods to activeQ 2021-07-07 12:50:12 -07:00
Kubernetes Prow Robot
d7123a6524
Merge pull request #103537 from wojtek-t/pf_chunking_refactor 
Avoid code duplication in watchcache
 2021-07-07 12:40:42 -07:00
Kubernetes Prow Robot
ac6a1b1821
Merge pull request #103414 from ravisantoshgudimetla/fix-pdb-status 
[disruptioncontroller] Don't error for unmanaged pods
 2021-07-07 12:40:35 -07:00
Kubernetes Prow Robot
ac554af79b
Merge pull request #103142 from serathius/etcd-3.5.0 
Upgrade etcd to 3.5.0
 2021-07-07 12:40:22 -07:00
Abu Kashem
d9e3fbff94
apf: fix bootstrap ensurer log message 2021-07-07 15:01:46 -04:00
Kubernetes Prow Robot
006d5b8539
Merge pull request #103524 from bergerhoffer/help-text-updates 
Minor adjustments to descriptions and example text
 2021-07-07 10:44:12 -07:00
Kubernetes Prow Robot
b93cd81609
Merge pull request #103481 from wojtek-t/pf_watch_tracker 
Add watch tracker to APF for request cost estimation
 2021-07-07 10:44:06 -07:00
Kubernetes Prow Robot
896cf744cb
Merge pull request #103420 from raisaat/pods-api-test-fix 
Fix pkg/api/pod/util tests to ensure feature gate is set
 2021-07-07 10:43:53 -07:00
Kubernetes Prow Robot
20be00980c
Merge pull request #103232 from astraw99/fix_delete_nil_pointer 
Fix delete nil pointer panic
 2021-07-07 10:43:41 -07:00
Jordan Liggitt
6408f3dffc Update generated files 2021-07-07 12:02:21 -04:00
Jordan Liggitt
250f47a45c Rename to capabilities_restricted 2021-07-07 12:02:21 -04:00
Jordan Liggitt
08608a24f1 Update dropCapabilities check/fixtures 2021-07-07 12:02:12 -04:00
Kubernetes Prow Robot
657c6fe033
Merge pull request #103407 from brianpursley/visit-order-tests 
Added unit tests for ExpandPathsToFileVisitors
 2021-07-07 08:57:08 -07:00
Kubernetes Prow Robot
f166221f10
Merge pull request #103390 from ironyman/validators 
Use system-validators v1.5.0
 2021-07-07 08:56:56 -07:00
Kubernetes Prow Robot
eaba61b4de
Merge pull request #103276 from NetApp/data-source-ref 
Add DataSourceRef field to PVC spec
 2021-07-07 08:56:44 -07:00
novahe
ce257266aa client-go: copying object to fix data race (#103148) 2021-07-07 23:44:14 +08:00
ravisantoshgudimetla
2c116055f7 [disruptioncontroller] Don't error for unmanaged pods 
As of now, we allow PDBs to be applied to pods via
selectors, so there can be unmanaged pods(pods that
don't have backing controllers) but still have PDBs associated.
Such pods are to be logged instead of immediately throwing
a sync error. This ensures disruption controller is
not frequently updating the status subresource and thus
preventing excessive and expensive writes to etcd.
 2021-07-07 10:42:24 -04:00
mgutierrez98
a8793dcb3e Implement check_dropAllCapabilities.go and test/fixtures_dropAllCapabilities.go 2021-07-07 09:41:15 -04:00
Kubernetes Prow Robot
b289fbb03d
Merge pull request #103409 from andrewsykim/service-internal-traffic-policy-e2e 
test/e2e/network: add test for Service internalTrafficPolicy
 2021-07-07 06:18:43 -07:00
Andrea Hoffer
6b736f3484 Minor adjustments to descriptions and example text 2021-07-07 08:27:51 -04:00
wojtekt
cea1dcfeed Add watch tracker to APF for request cost estimation 2021-07-07 11:05:30 +02:00
Kubernetes Prow Robot
17f6f28621
Merge pull request #103468 from Huang-Wei/fix-sched-cc 
instantiates scheduler ComponentConfig after parsing feature gates
 2021-07-07 01:22:43 -07:00
wojtekt
2df05df698 Avoid code duplication in watchcache 2021-07-07 09:41:28 +02:00
Kubernetes Prow Robot
ec39cc2eaf
Merge pull request #103507 from CaoDonghui123/updateurl 
update  kubectl url
 2021-07-06 23:56:43 -07:00
Kubernetes Prow Robot
656d00e894
Merge pull request #103496 from neolit123/1.22-add-defaulting-v1beta3-imagepull 
kubeadm: statically default ImagePullPolicy in v1beta3
 2021-07-06 22:11:48 -07:00
Kubernetes Prow Robot
72f28fb8b3
Merge pull request #103445 from tallclair/podsecurity-attrs 
Move pod-security-admission to an external Attributes interface
 2021-07-06 22:11:39 -07:00
Samuel Roth
9e87082b85
[Pod Security] Baseline + restricted policy checks for seccomp (#103341) 
* podsecurity: add seccomp policy checks

* podsecurity: generated seccomp fixtures
 2021-07-06 22:11:28 -07:00
Kubernetes Prow Robot
2547c5bb97
Merge pull request #103307 from aojea/kubelet_podIPs 
podIPs order match node IP family preference (Downward API)
 2021-07-06 22:11:20 -07:00
Kubernetes Prow Robot
561959f682
Merge pull request #102823 from ehashman/kep-2400-swap 
Alpha node swap support
 2021-07-06 22:11:11 -07:00
Kubernetes Prow Robot
99f77725c8
Merge pull request #102677 from yuzhiquan/deprecated-warning-for-drain 
Deprecated message for ignore-errors flag
 2021-07-06 22:11:03 -07:00
Kubernetes Prow Robot
60475ee5c2
Merge pull request #102181 from enj/enj/i/deprecate_gcp_azure 
Deprecate azure and gcp in-tree auth plugins
 2021-07-06 22:10:55 -07:00
Kubernetes Prow Robot
7df432f78f
Merge pull request #99582 from chendave/fix_config 
custom plugin config should take precedence over default plugin config
 2021-07-06 22:10:43 -07:00