github/kubernetes
4
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
104,367 Commits 1 Branch 31 Tags
00aab6312f7889659e68285efec8b95266025896
Commit Graph

14439 Commits

Author SHA1 Message Date
Kubernetes Prow Robot
3fb98823c4 Merge pull request #105736 from deejross/drain-output-ffix 
kubectl drain node output should say node was drained not evicted
 2021-10-27 14:19:11 -07:00
Kubernetes Prow Robot
b8ce285a03 Merge pull request #105923 from liggitt/feature/podsecurity-webhook 
PodSecurity webhook makefile, image, and manifests
 2021-10-27 11:58:24 -07:00
Jordan Liggitt
09e9ba99ab PodSecurity: add resource quota for clusters that limit cluster-critical by default 2021-10-27 13:54:19 -04:00
Jordan Liggitt
a356c32797 PodSecurity: simplify pki setup 2021-10-27 13:54:19 -04:00
Jordan Liggitt
0be8280faa PodSecurity: Set version build flags in makefile 
Change-Id: I719e7ce1efce9014e24903f0ad203a52a207f892
 2021-10-27 13:54:19 -04:00
Samuel Roth
2a4701c2ca PodSecurity webhook image 2021-10-27 13:54:19 -04:00
Kubernetes Prow Robot
aa7c6338c6 Merge pull request #105711 from VilledeMontreal/feat/multiComp 
Shell completion of multiple resource names
 2021-10-27 10:33:25 -07:00
Kubernetes Prow Robot
011aef1222 Merge pull request #105851 from VilledeMontreal/feature/compOutputFlag 
Add completion to the --output/-o flag
 2021-10-26 19:10:37 -07:00
Marc Khouzam
7aa5cb4031 Complete multiple resource names 
This commit teaches the completion function to repeat resource names
when supported by the command. The logic checks if a resource name
has already been specified by the user and does not include it again
when repeating the completion.

For example, the get command can receive multiple pods names, therefore
with this commit we have:
  kubectl get pod pod1 [tab]
will provide completion of pod names again, but not show 'pod1' since
it is already part of the command-line.

The improvement affects the following commands:
- annotate
- apply edit-last-applied
- apply view-last-applied
- autoscale
- delete
- describe
- edit
- expose
- get
- label
- patch
- rollout history
- rollout pause
- rollout restart
- rollout resume
- rollout undo
- scale
- taint

Note that "rollout status" only accepts a single resource name, unlike
the other "rollout ..." commands; this required the creation of a
special completion function that did not repeat just for that case.

Signed-off-by: Marc Khouzam <marc.khouzam@montreal.ca>
 2021-10-26 21:50:11 -04:00
Kubernetes Prow Robot
18cb34ebb2 Merge pull request #105896 from zqzten/upgrade-json-patch 
upgrade json-patch to v4.12.0
 2021-10-26 15:27:09 -07:00
Kubernetes Prow Robot
7c53095218 Merge pull request #104748 from p0lyn0mial/not-found-handler 
return 503 for aggregated APIs when the APIServiceRegistrationController hasn't finished installing all known APIServices
 2021-10-26 14:25:09 -07:00
Kubernetes Prow Robot
99ad414127 Merge pull request #104832 from zc2638/fix/kubectl-env-update 
add unit tests for `updateEnv`
 2021-10-26 13:21:10 -07:00
Jordan Liggitt
c65a0793cd [PodSecurity] Aggregate identical warnings for multiple pods in a namespace (#105889) 
* [PodSecurity] Aggregate identical warnings for multiple pods in a namespace

* Make warning order deterministic, limit accumulated pod name data

Co-authored-by: njuptlzf <li.zhifeng@zte.com.cn>
 2021-10-26 11:43:09 -07:00
Kubernetes Prow Robot
dba9975e3e Merge pull request #105857 from liggitt/runAsNonRoot-runAsUser 
PodSecurity: Add runAsUser check to restricted policy
 2021-10-26 00:15:30 -07:00
Zach Zhu
20cc72344e upgrade github.com/evanphx/json-patch to v4.12.0 
Fix partial negative indice support in json patch
 2021-10-26 11:20:45 +08:00
Kubernetes Prow Robot
e1f62e406d Merge pull request #105719 from yuanhh/master 
sample-controller/docs: Use italics font on package name
 2021-10-25 20:03:29 -07:00
Kubernetes Prow Robot
87d8a75b0e Merge pull request #105749 from tallclair/pod-security-cli 
Add --version flag to podsecurity-webhook command
 2021-10-25 13:34:25 -07:00
Jordan Liggitt
40635ca59e PodSecurity: runAsUser: generated fixtures 2021-10-25 16:17:10 -04:00
Jordan Liggitt
a476a5e00e PodSecurity: runAsUser 2021-10-25 16:17:10 -04:00
Jordan Liggitt
9b930e3728 PodSecurity: test: generate 1.23 fixtures 2021-10-25 16:17:10 -04:00
Jordan Liggitt
ef3bf86f5b PodSecurity: test: ensure fixtures are exercised for all relevant policy versions 2021-10-25 16:16:31 -04:00
Kubernetes Prow Robot
a6ffd29e5f Merge pull request #105314 from calvin0327/issue-podsecurity-errormessage 
[PodSecurity]Add context to failure message
 2021-10-25 11:25:02 -07:00
Tim Allclair
c7cdf19cbe Add --version flag to podsecurity-webhook command 2021-10-25 10:26:05 -07:00
Kubernetes Prow Robot
6166203f45 Merge pull request #105828 from ahg-g/ahg-legacy 
Remove scheduler's legacy policy config
 2021-10-25 09:38:23 -07:00
Maciej Borsz
f0c7c9abc9 Update writers.go 2021-10-25 13:35:43 +02:00
Kubernetes Prow Robot
f3551dd942 Merge pull request #105866 from MikeSpreitzer/clarify-phase 
Clarify metrics help wrt APF execution phases
 2021-10-25 02:42:23 -07:00
Wojciech Tyczyński
f609a8e0b5 Fix delete collection error channel size 2021-10-25 08:07:21 +02:00
Mike Spreitzer
d7a3bf0d26 Clarify metrics help wrt APF execution phases 2021-10-24 22:32:13 -04:00
Abdullah Gharaibeh
faf0ce68a0 Remove scheduler's legacy policy config 2021-10-24 21:58:12 -04:00
Kubernetes Prow Robot
89dd275dde Merge pull request #105584 from goofy-z/fix-extension-point-postfilter-comment 
update extension point PostFilter comment
 2021-10-22 20:00:20 -07:00
Marc Khouzam
5f22baeaf1 Add completion to the --output/-o flag 
For example:
$ kubectl get -o json<TAB>
json   jsonpath   jsonpath-as-json  jsonpath-file

Signed-off-by: Marc Khouzam <marc.khouzam@montreal.ca>
 2021-10-22 15:16:23 -04:00
Patrick Ohly
e36d54ce62 component-base: test json output for KObj and KObjs 
Thanks to the new klog, logr and zapr releases, ObjectRef is now
logged as struct in JSON output.
 2021-10-22 15:32:20 +02:00
Patrick Ohly
169e8b65a0 klog 2.30.0, logr 1.2.0, zapr 1.2.0 
The new releases fix logging of KObj in JSON output: klog implements the new
logr.Marshaler interface and zapr uses it instead of Stringer when logging the
ObjectRef created by KObj.
 2021-10-22 15:32:20 +02:00
Kubernetes Prow Robot
cc25656b00 Merge pull request #105030 from liggitt/json-stdlib 
switch from json-iterator to forked stdlib json decoder
 2021-10-21 20:40:37 -07:00
Kubernetes Prow Robot
313b43a8cb Merge pull request #105511 from benluddy/apf-delegated-signal 
Free APF seats for watches handled by an aggregated apiserver.
 2021-10-21 16:50:37 -07:00
Kubernetes Prow Robot
c767c9d993 Merge pull request #105663 from Jefftree/feature-openapiv3 
Add feature flag for OpenAPI v3
 2021-10-21 10:17:37 -07:00
Kubernetes Prow Robot
4cfd2820ba Merge pull request #105514 from jpetazzo/tweak-kubectl-run-help 
Minor improvements in 'kubectl run' flag help
 2021-10-21 08:41:39 -07:00
Kubernetes Prow Robot
2dede1d4d4 Merge pull request #105606 from sxllwx/fix/goroutine-leak 
fix goroutine leak in the DeleteCollection
 2021-10-21 06:48:09 -07:00
Lukasz Szaszkiewicz
5116a508a7 aggregator: pass apiServiceRegistrationControllerInitiated signal directly to apiserviceRegistration controller 2021-10-21 15:25:33 +02:00
scott
53df1caeef fix goroutine leak in the DeleteCollection 2021-10-21 19:19:38 +08:00
Yuanhao Hsueh
79a7caeb76 sample-controller/docs/controller-client-go.md: Use italics font on package name 2021-10-21 15:38:28 +08:00
calvin0327
12bfe734a8 add context to failure message. 2021-10-21 14:37:53 +08:00
Alkaid
ae9ca48f01 [PodSecurity] Implement metricRecorder for admission (#104217) 
* init

Signed-off-by: jyz0309 <45495947@qq.com>

go fmt

Signed-off-by: jyz0309 <45495947@qq.com>

remove useless code

Signed-off-by: jyz0309 <45495947@qq.com>

add metrics.Attributes interface

Signed-off-by: jyz0309 <45495947@qq.com>

address comment

Signed-off-by: jyz0309 <45495947@qq.com>

go fmt code

Signed-off-by: jyz0309 <45495947@qq.com>

resolve import cycle

Signed-off-by: jyz0309 <45495947@qq.com>

fix comment

Signed-off-by: jyz0309 <45495947@qq.com>

fix lints

Signed-off-by: jyz0309 <45495947@qq.com>

fix build error

Signed-off-by: jyz0309 <45495947@qq.com>

fix test

Signed-off-by: jyz0309 <45495947@qq.com>

try

Signed-off-by: jyz0309 <45495947@qq.com>

* try to compare version

Signed-off-by: jyz0309 <45495947@qq.com>

fix conflict

Signed-off-by: jyz0309 <45495947@qq.com>

remove unuse change

Signed-off-by: jyz0309 <45495947@qq.com>

* address comment

Signed-off-by: jyz0309 <45495947@qq.com>

* fix import error

Signed-off-by: jyz0309 <45495947@qq.com>

fix import

Signed-off-by: jyz0309 <45495947@qq.com>

address comment

Signed-off-by: jyz0309 <45495947@qq.com>

address comment

Signed-off-by: jyz0309 <45495947@qq.com>

* address comment

Signed-off-by: jyz0309 <45495947@qq.com>

* format code

Signed-off-by: jyz0309 <45495947@qq.com>

* remove exempt and error record

Signed-off-by: jyz0309 <45495947@qq.com>

* ignore pod

Signed-off-by: jyz0309 <45495947@qq.com>

* add decision default value

Signed-off-by: jyz0309 <45495947@qq.com>

* address comment

Signed-off-by: jyz0309 <45495947@qq.com>

* remore useless import

Signed-off-by: jyz0309 <45495947@qq.com>

* remove policy vaild check

Signed-off-by: jyz0309 <45495947@qq.com>

use init to register metric

Signed-off-by: jyz0309 <45495947@qq.com>

fix test

Signed-off-by: jyz0309 <45495947@qq.com>

remove check

Signed-off-by: jyz0309 <45495947@qq.com>

remove blank line

Signed-off-by: jyz0309 <45495947@qq.com>

add allowedImports

Signed-off-by: jyz0309 <45495947@qq.com>

Add mock recorder

Signed-off-by: jyz0309 <45495947@qq.com>

format code

Signed-off-by: jyz0309 <45495947@qq.com>

separe record into 3 function

Signed-off-by: jyz0309 <45495947@qq.com>

* fix comment

Signed-off-by: jyz0309 <45495947@qq.com>
 2021-10-20 20:02:08 -07:00
Kubernetes Prow Robot
f355d0e738 Merge pull request #104886 from egernst/cri-pod-overhead 
pass sandbox resource requirements  over CRI
 2021-10-20 16:20:08 -07:00
Kubernetes Prow Robot
c269494ebc Merge pull request #105729 from MikeSpreitzer/do-not-assume-decision 
Remove presumptions about what decision has been made
 2021-10-20 15:16:16 -07:00
Eric Ernst
91be6f7926 autogenerated fun 
Signed-off-by: Eric Ernst <eric_ernst@apple.com>
 2021-10-20 11:30:23 -07:00
Eric Ernst
b8caa328d7 cri: add overhead, resources to linux sandbox config 
Signed-off-by: Eric Ernst <eric_ernst@apple.com>
 2021-10-20 11:30:23 -07:00
Kubernetes Prow Robot
9c97ae286c Merge pull request #105588 from kerthcet/cleanup/remove-servfice-affinity-plugin 
Cleanup/remove service affinity plugin
 2021-10-20 10:24:10 -07:00
Kubernetes Prow Robot
881980a5c6 Merge pull request #105490 from aojea/restclient-shared-transport 
client-go: share the same transport for generated clientsets
 2021-10-20 10:23:58 -07:00
Jordan Liggitt
434ce4336a vendor sigs.k8s.io/json 2021-10-20 13:12:08 -04:00