github/kubernetes
4
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
101,985 Commits 1 Branch 31 Tags 1,019 MiB
012bfaf98d
Commit Graph

1812 Commits

Author SHA1 Message Date
Nabarun Pal
0ab03d3d5b
dependencies: remove go-bindata 
Signed-off-by: Nabarun Pal <pal.nabarun95@gmail.com>
 2021-06-29 19:16:51 +05:30
Joyce Kung
aeccadda4f Update setcap image to buster-v2.0.3 2021-06-26 15:16:12 -04:00
Joyce Kung
0a8a9188c9 Update debian-iptables image to buster-v1.6.5 2021-06-25 20:45:20 -04:00
Joyce Kung
42f9333e7f Update debian-base image to buster-v1.8.0 2021-06-25 20:38:15 -04:00
Kubernetes Prow Robot
cfa0130b9f
Merge pull request #102466 from pacoxu/dns-1.8.4 
kubeadm: update coredns to 1.8.4
 2021-06-21 18:14:10 -07:00
pacoxu
4ee38f33d2 update etcd makefile to build v3.5.0 image 2021-06-16 14:41:44 +08:00
pacoxu
188193e1c0 kubeadm: upgrade coredns 1.8.4 and corefile-migration to v1.0.12 
Signed-off-by: pacoxu <paco.xu@daocloud.io>
 2021-06-15 13:03:42 +08:00
Kubernetes Prow Robot
f008ba0fed
Merge pull request #102062 from serathius/etcd-server 
Update Etcd server image to 3.5.0-rc.0-0
 2021-06-10 08:23:27 -07:00
Kubernetes Prow Robot
4f854e39f2
Merge pull request #102689 from cpanato/go1165 
[go1.16] Update to go1.16.5
 2021-06-09 12:31:27 -07:00
Kubernetes Prow Robot
afcb09cf5b
Merge pull request #102692 from dims/add-dims-as-approver-in-build-directory 
Add dims as approver in build/ directory
 2021-06-09 11:25:51 -07:00
Marek Siarkowicz
12447bc803 Upgrade etcd server version to 3.5.0-rc.0 2021-06-09 17:00:05 +02:00
Mengjiao Liu
dc5626cc18 Upgrade debian-base to buster v1.7.1 2021-06-09 14:30:31 +08:00
Kubernetes Prow Robot
4413ed50dd
Merge pull request #102585 from serathius/etcd-v3.5.0-rc.0 
Update etcd makefile to build v3.5.0-rc.0 image
 2021-06-08 12:26:28 -07:00
Davanum Srinivas
652e056e61
Add dims as approver in build/ directory 
Signed-off-by: Davanum Srinivas <davanum@gmail.com>
 2021-06-08 08:30:46 -04:00
Carlos Panato
1524526991
[go1.16] Update to go1.16.5 
Signed-off-by: Carlos Panato <ctadeu@gmail.com>
 2021-06-08 14:11:32 +02:00
Kubernetes Prow Robot
aaceb26ea3
Merge pull request #99080 from vinayakankugoyal/dockerfile3 
Use docker buildx for the build-image.
 2021-06-05 11:46:38 -07:00
Benjamin Elder
45179bb989 update debian-iptables to v1.6.2 
picks up https://github.com/kubernetes/release/pull/2106
 2021-06-04 01:03:55 -07:00
Marek Siarkowicz
82be7aad26 Update etcd makefile to build v3.5.0-rc.0 image 2021-06-04 08:31:19 +02:00
Kubernetes Prow Robot
bc8acbc43e
Merge pull request #102328 from lentzi90/update-cni-plugins 
Update CNI plugins v0.9.1
 2021-05-28 10:16:46 -07:00
Marko Mudrinić
12fe4dee2b
Update setcap to buster-v2.0.1 and add setcap to dependencies.yaml 
Signed-off-by: Marko Mudrinić <mudrinic.mare@gmail.com>
 2021-05-27 18:32:22 +02:00
Sascha Grunert
0ed0714f8c
Simplify kube-cross dependency handling 
We can indirectly retrieve the kube-cross version from the
`build/build-image/cross/VERSION` for the sample-apiserver. This allows
us to simplify the handling in `build/dependencies.yaml` as well as
the required approval (via `OWNERS`) if the kube-cross version changes.

Signed-off-by: Sascha Grunert <sgrunert@redhat.com>
 2021-05-27 14:51:46 +02:00
Sascha Grunert
ae4db677f4
Update kube-cross to v1.16.4-2 
This patch bumps kube-cross to the latest release.

Signed-off-by: Sascha Grunert <sgrunert@redhat.com>
 2021-05-27 12:18:28 +02:00
Lennart Jern
507710b50f
Update CNI plugins v0.9.1 
ref: https://github.com/containernetworking/plugins/releases/tag/v0.9.1
Signed-off-by: Lennart Jern <lennart.jern@est.tech>
 2021-05-26 11:02:04 +03:00
Marko Mudrinić
33fe4bb076
Update debian-base to buster-v1.7.0 
Signed-off-by: Marko Mudrinić <mudrinic.mare@gmail.com>
 2021-05-25 22:49:03 +02:00
Marko Mudrinić
3bcc15e19d
Update debian-iptables to buster-v1.6.1 
Signed-off-by: Marko Mudrinić <mudrinic.mare@gmail.com>
 2021-05-25 22:49:03 +02:00
Kubernetes Prow Robot
fd82c69957
Merge pull request #102277 from serathius/etcd-image 
Update etcd makefile to build v3.5.0-beta.3 image
 2021-05-25 13:46:54 -07:00
Marek Siarkowicz
e862421c2b Update etcd makefile to build v3.5.0-beta.3 image 2021-05-25 15:37:22 +02:00
Sascha Grunert
b167fc24d7
Update pause image to v3.5 
Update dependencies and the test images to use pause 3.5. We also
provide a changelog entry for the new container image version.

Signed-off-by: Sascha Grunert <sgrunert@redhat.com>
 2021-05-25 09:04:46 +02:00
Kubernetes Prow Robot
1c8f2c3d77
Merge pull request #100753 from johnSchnake/newCustomRegistries 
Clean up and make more image handling consistent
 2021-05-12 22:10:24 -07:00
Stephen Augustus
5b530da51f [go1.16] Update to go1.16.4 
Signed-off-by: Stephen Augustus <foo@auggie.dev>
 2021-05-07 15:47:54 -04:00
Kubernetes Prow Robot
44e7d15885
Merge pull request #100592 from claudiubelu/pause-image-kube-cross-update 
pause image: Uses kube-cross image to build Windows binaries
 2021-05-06 12:04:00 -07:00
John Schnake
0adf70b61b Clean up and make more image handling consistent 
- Cleans up some of the image registry handling by
initializing values in a more consistent and clear
manner.

- Adds the Docker library registry to the list of
values that is override-able.

- Adds a few branches to logic to ensure each registry
is handled the same.
 2021-05-05 21:08:29 -05:00
Michael Taufen
b33cd86a27 Update tests to use agnhost 2.32 
Updates e2e tests to use agnhost 2.32, which fixes an issue with the
conformance tests for ServiceAccountIssuerDiscovery.

Original fix: https://github.com/kubernetes/kubernetes/pull/101589

Image promotion: https://github.com/kubernetes/k8s.io/pull/1994
 2021-05-03 14:23:46 -07:00
Michael Taufen
0b3b99c096 Try both in-cluster and external discovery 
The conformance test for ServiceAccountIssuerDiscovery is currently
configured with --in-cluster-discovery, which only supports token
validation against in-cluster endpoints. Many cloud providers provide
their own, external endpoints for OIDC discovery, and because the iss
claim in tokens will point to these endpoints, but the client in this
test only trusts the Cluster CA, it will fail to connect to the external
discovery endpoints when validating the token.

To ensure that the conformance test at least supports scenario where
both the discovery doc endpoint and JWKS endpoint are cluster-local and
the scenario where both endpoints are cluster-external, this PR has the
test try both and requires at least one to pass.

Caveat: The test still won't support a configuration where one
endpoint is cluster-local and the other is external. We don't yet have
evidence that this is a configuration that is used in practice, so this
initial hotfix will at least fix the conformance test for the "both
external" configuration we know providers already use. Note that if one
endpoint is cluster-local, and the other is cluster-external, tokens can
still only be validated in-cluster, because both endpoints must be
accessible to Relying Parties that validate tokens.
 2021-04-29 08:56:02 -07:00
Claudiu Belu
b53958342d pause image: Uses kube-cross image to build windows binaries 
kube-cross:v1.16.3-1 contains x86_64-w64-mingw32, which will allow us to
build Windows binaries. With this, we won't have to rely on the dockerhub
image dockcross/windows-static-x64.
 2021-04-26 14:33:06 +00:00
Kubernetes Prow Robot
425e33bd50
Merge pull request #101100 from springasa/springasa-patch-1 
Simplify the repeat lines in build/root/Makefile
 2021-04-18 11:16:35 -07:00
Stephen Augustus
fac97f8a9b [go1.16] Update to go1.16.3 
Signed-off-by: Stephen Augustus <foo@auggie.dev>
 2021-04-16 19:56:51 -04:00
Kubernetes Prow Robot
3ed71cf190
Merge pull request #100976 from jindijamie/master 
releng: Update debian-base and debian-iptables to buster-v1.6.0 to patch base image CVEs
 2021-04-16 12:56:34 -07:00
sure freeing go
fa774535eb
Simplify the repeat lines in build/root/Makefile 2021-04-14 17:33:51 +08:00
jindijamie
f44116ce49
Update dependencies.yaml 2021-04-12 14:31:36 -07:00
jindijamie
7e7a6284be update debian-base to buster-v1.5.0 for CVEs 2021-04-09 19:27:10 +00:00
Sascha Grunert
33e0e035ea
Update cri-tools to v1.21.0 
This updates crictl to the latest available release.

Signed-off-by: Sascha Grunert <sgrunert@redhat.com>
 2021-04-09 11:05:13 +02:00
Kubernetes Prow Robot
e49ba9dff6
Merge pull request #99740 from aramprice/make-kube-cross-image-registry-name-configurable 
Add docs for KUBE_BASE_IMAGE_REGISTRY, update code comment
 2021-04-08 15:59:26 -07:00
Davanum Srinivas
57ddfb7314
Switch to newer agnhost image 
We have an update to the image in
f9aaf71ccb, we need to bump to use this
image.

Signed-off-by: Davanum Srinivas <davanum@gmail.com>
 2021-03-30 20:15:36 -04:00
Andrey Smirnov
f9aaf71ccb test/e2e: fix the OIDC discovery test with ECDSA service account key 
By default oidc library enables only `RS256` signature validation
method.

Signed-off-by: Andrey Smirnov <smirnov.andrey@gmail.com>
 2021-03-30 22:58:50 +03:00
Adolfo García Veytia (Puerco)
999a1f5c76 Add KUBE_BUILD_CONFORMANCE on package-tarballs target 
Signed-off-by: Adolfo García Veytia (Puerco) <adolfo.garcia@uservers.net>
 2021-03-25 18:20:36 -06:00
Ernest Wong
42011ecfe4
test image: bump agnhost version to 2.30 
Signed-off-by: Ernest Wong <chuwon@microsoft.com>
 2021-03-19 11:12:45 -07:00
Vinayak Goyal
086cdfb360 Use docker buildx for the build-image. 2021-03-16 19:51:15 -07:00
Kubernetes Prow Robot
72cc3f2112
Merge pull request #99860 from chewong/fix-99470 
agnhost: resolve service account issuer URL before invoking oidc.NewProvider
 2021-03-16 14:49:30 -07:00
Kubernetes Prow Robot
2a26f276a8
Merge pull request #97963 from saschagrunert/pause-non-root 
Run pause image as non-root user and group
 2021-03-16 05:30:36 -07:00