github/kubernetes
4
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
88,158 Commits 1 Branch 31 Tags
0714f814fe005364bb504c22ff306fd34e799d24
Commit Graph

9193 Commits

Author SHA1 Message Date
Kubernetes Prow Robot
ed74b7cc02 Merge pull request #87633 from brianpursley/kubectl-792 
Prevent error message from being displayed during plugin list when path includes empty string
 2020-02-07 18:33:09 -08:00
Kubernetes Prow Robot
a2161c1349 Merge pull request #86921 from mikedanese/metics 
token cache: make fetch_total a counter
 2020-02-07 18:32:27 -08:00
Kubernetes Prow Robot
37961763c0 Merge pull request #85889 from oke-py/kubectl/726 
`kubectl create clusterrolebinding` creates rbac.authorization.k8s.io/v1 object
 2020-02-07 18:32:12 -08:00
Kubernetes Prow Robot
9617322727 Merge pull request #87904 from alculquicondor/rm_v1alpha2_deprecated 
Remove deprecated fields from kubescheduler.config.k8s.io/v1alpha2
 2020-02-07 15:20:32 -08:00
Kubernetes Prow Robot
67ae5c8dac Merge pull request #87881 from wojtek-t/limit_add_instances_calls 
Limit number of instances in single update to GCE target pool
 2020-02-07 15:20:21 -08:00
Kubernetes Prow Robot
2c0fad1bc7 Merge pull request #87503 from liggitt/remove-alpha-node-api 
Drop k8s.io/node-api packages
 2020-02-07 15:20:12 -08:00
Kubernetes Prow Robot
15bf6416eb Merge pull request #85445 from shaloulcy/storage_indexer 
add indexer for storage cacher
 2020-02-07 15:19:45 -08:00
Kubernetes Prow Robot
64ba0bf3d6 Merge pull request #87892 from wojtek-t/manual_fake_kubectl_conversions 
Register conversions for kubectl testing types
 2020-02-07 07:38:01 -08:00
Jordan Liggitt
0b32e142d4 Drop k8s.io/node-api packages 2020-02-07 10:07:14 -05:00
Kubernetes Prow Robot
87f27638af Merge pull request #87896 from apelisse/fieldmanager-benchmark-updatetwice 
Add UpdateTwice and UpdateApply benchmarks for fieldmanager
 2020-02-07 05:57:56 -08:00
Kubernetes Prow Robot
f6abf820fd Merge pull request #87874 from 928234269/fix_staticcheck07 
fix staticcheck errors in vendor/k8s.io/legacy-cloud-providers/aws.
 2020-02-07 05:57:30 -08:00
Kubernetes Prow Robot
913c9ef150 Merge pull request #87630 from weinong/feat-87541 
add a flag in azure auth module to omit spn: prefix in audience claim
 2020-02-07 05:56:27 -08:00
Kubernetes Prow Robot
e128f6f4c9 Merge pull request #87559 from daohoangson/openapi/delete_return_type 
Openapi/delete return type
 2020-02-07 05:56:12 -08:00
wojtekt
8ec193ba9c Limit number of instances in single update to GCE target pool 2020-02-07 10:29:06 +01:00
Kubernetes Prow Robot
1f147a4cf5 Merge pull request #87734 from mikedanese/ctxsnap 
snapshot clientsets pending context migration
 2020-02-07 00:08:10 -08:00
Kubernetes Prow Robot
c5bf3fbdf0 Merge pull request #87612 from enj/enj/i/oidc_audience_token_review 
Make oidc authenticator audience agnostic
 2020-02-07 00:07:56 -08:00
wojtekt
ea140f5e1a Register conversions for kubectl testing types 2020-02-07 08:12:42 +01:00
Kubernetes Prow Robot
e4061baeac Merge pull request #87830 from dims/update-sigs.k8s.io/yaml-to-v1.2.0 
Updating dependency sigs.k8s.io/yaml to version v1.2.0
 2020-02-06 17:48:01 -08:00
Kubernetes Prow Robot
f0bd622e35 Merge pull request #87829 from zhan849/harry/backoff-manager 
implement backoff manager
 2020-02-06 17:47:51 -08:00
Kubernetes Prow Robot
9c1e124b15 Merge pull request #87823 from tallclair/test-tokens 
Ensure testing credentials are labeled as such
 2020-02-06 17:47:29 -08:00
Kubernetes Prow Robot
8d80a44177 Merge pull request #87813 from sttts/sttts-schema-aggregation-logging 
kube-aggregator: increase log level of AggregationController API group logging
 2020-02-06 17:47:01 -08:00
Kubernetes Prow Robot
91d2088f24 Merge pull request #87778 from p0lyn0mial/improve-unavailableGauge 
makes unavailableGauge metric to always reflect the current state of a service
 2020-02-06 17:46:38 -08:00
Aldo Culquicondor
1071eb89f3 Remove deprecated fields from kubescheduler.config.k8s.io/v1alpha2 
Signed-off-by: Aldo Culquicondor <acondor@google.com>
 2020-02-06 16:22:30 -05:00
Antoine Pelisse
a52776fbfb Add UpdateTwice and UpdateApply benchmarks for fieldmanager 
I've also moved the deserialization of the object outside the benchmark
since we're not trying to benchmark the yaml parser.
 2020-02-06 09:25:52 -08:00
Sakura
d5edfc9817 fix staticcheck errors in vendor/k8s.io/legacy-cloud-providers/aws. 
Signed-off-by: Sakura <longfei.shang@daocloud.io>
 2020-02-06 11:08:45 +08:00
Weinong Wang
c08db5feac add a flag in azure auth module to omit spn: prefix in audience claim 2020-02-05 14:17:59 -08:00
Kubernetes Prow Robot
9f6f608816 Merge pull request #87492 from 928234269/fix_staticcheck05 
fix static check errors in vendor/k8s.io/apimachinery/pkg/api/resource
 2020-02-05 12:11:55 -08:00
shaloulcy
fa9ba80a67 validate storage cache indexers 
Signed-off-by: shaloulcy <lcy041536@gmail.com>
 2020-02-05 17:37:56 +08:00
Kubernetes Prow Robot
7e8f31b313 Merge pull request #87809 from mfojtik/kubectl-logs-preselect 
kubectl: allow to preselect interesting container in logs
 2020-02-05 01:09:20 -08:00
Kubernetes Prow Robot
85ffc9dbd7 Merge pull request #87791 from mikedanese/authexp 
remove authn/z expansions
 2020-02-05 01:08:48 -08:00
Harry Zhang
fc8a39d439 implement backoff manager 2020-02-04 14:23:15 -08:00
Monis Khan
9b23f22472 Make oidc authenticator audience agnostic 
This change removes the audience logic from the oidc authenticator
and collapses it onto the same logic used by other audience unaware
authenticators.

oidc is audience unaware in the sense that it does not know or
understand the API server's audience.  As before, the authenticator
will continue to check that the token audience matches the
configured client ID.

The reasoning for this simplification is:

1. The previous code tries to make the client ID on the oidc token
a valid audience.  But by not returning any audience, the token is
not valid when used via token review on a server that is configured
to honor audiences (the token works against the Kube API because the
audience check is skipped).

2. It is unclear what functionality would be gained by allowing
token review to check the client ID as a valid audience.  It could
serve as a proxy to know that the token was honored by the oidc
authenticator, but that does not seem like a valid use case.

3. It has never been possible to use the client ID as an audience
with token review as it would have always failed the audience
intersection check.  Thus this change is backwards compatible.

It is strange that the oidc authenticator would be considered
audience unaware when oidc tokens have an audience claim, but from
the perspective of the Kube API (and for backwards compatibility),
these tokens are only valid for the API server's audience.

This change seems to be the least magical and most consistent way to
honor backwards compatibility and to allow oidc tokens to be used
via token review when audience support in enabled.

Signed-off-by: Monis Khan <mok@vmware.com>
 2020-02-04 13:24:49 -08:00
Davanum Srinivas
5bb1838c5c Updating dependency sigs.k8s.io/yaml to version v1.2.0 2020-02-04 15:45:47 -05:00
Tim Allclair
9d3670f358 Ensure testing credentials are labeled as such 2020-02-04 10:36:05 -08:00
Brian Pursley
2d21f16c38 Fixed code formatting issues discovered by verify-gofmt 2020-02-04 10:16:06 -05:00
Brian Pursley
97185e9752 Fixed problem in unit test where error expected/actual comparison was not being performed 2020-02-04 10:12:48 -05:00
Brian Pursley
48ee18b516 Removed unneeded newline (moved to end of directory not found message) 2020-02-04 10:12:48 -05:00
Brian Pursley
f60c0af977 Ignore empty or blank string in path when listing plugins 2020-02-04 10:12:48 -05:00
Dr. Stefan Schimanski
059429ce53 kube-aggregator: increase log level of AggregationController API group logging 2020-02-04 14:14:17 +01:00
Michal Fojtik
439f93c91b kubectl: allow to preselect interesting container in logs 2020-02-04 13:50:41 +01:00
Lukasz Szaszkiewicz
7368862c19 makes unavailableGauge metric to always reflect the current state of a service 2020-02-04 11:49:30 +01:00
Kubernetes Prow Robot
d52ecd5f70 Merge pull request #86430 from wojtek-t/avoid_thundering_herd_on_etcd 
Avoid thundering herd of relists on etcd
 2020-02-03 23:09:25 -08:00
Mike Danese
65483a19ab generated: update clients 2020-02-03 14:31:56 -08:00
Mike Danese
41bd53866e remove create expansions form authn/z clients 2020-02-03 14:28:08 -08:00
Mike Danese
533d0b7f74 use generated clients instead of expansions for most of authn/z 2020-02-03 14:28:08 -08:00
Mike Danese
0f18715473 snapshot clientsets pending context migration 
https://github.com/kubernetes/enhancements/blob/master/keps/sig-api-machinery/20200123-client-go-ctx.md

Part of #46503
 2020-02-03 08:36:00 -08:00
Kubernetes Prow Robot
4c3aa3f26b Merge pull request #87515 from Sh4d1/proxy_agg 
Use network proxy for aggregator api
 2020-02-03 01:53:21 -08:00
shaloulcy
87582e2c3c add indexer for storage cacher 
Signed-off-by: shaloulcy <lcy041536@gmail.com>
 2020-02-03 13:37:17 +08:00
Kubernetes Prow Robot
9de5763473 Merge pull request #87740 from jennybuckley/rate-limit-log 
Log when client rate limiter latency is very high at a lower log level
 2020-02-01 23:39:20 -08:00
Kubernetes Prow Robot
19ca6d30d2 Merge pull request #87437 from apelisse/kubectl-diff-exit-code 
kubectl-diff: Return non-1 errors on kubectl failures
 2020-02-01 18:33:20 -08:00