github/kubernetes
4
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
117,318 Commits 1 Branch 31 Tags
2a91bd1dfdd2e293b9ec017ea3a976ecc2ecd545
Commit Graph

19027 Commits

Author SHA1 Message Date
Kubernetes Prow Robot
2a91bd1dfd Merge pull request #118782 from MikeSpreitzer/exempt-borrowing-impl 
Exempt borrowing implementation
 2023-07-14 09:16:00 -07:00
Kubernetes Prow Robot
4e9b487e7e Merge pull request #118051 from A-Hilaly/api-server/webhooks/smart-reload 
support `WebhookAccessors` smart reload
 2023-07-14 09:15:48 -07:00
Kubernetes Prow Robot
e3bc35bc1b Merge pull request #119008 from nilekhc/hotreload-update-metrics 
[KMSv2] feat: implements metrics for encryption config hot reload
 2023-07-13 23:08:00 -07:00
Kubernetes Prow Robot
18e0e668ca Merge pull request #118933 from wojtek-t/apf_watchlist_support 
Add support for watchlist to APF
 2023-07-13 23:07:49 -07:00
Mike Spreitzer
7305c96710 QueueSet and controller part of borrowing by exempt PLs 
Signed-off-by: Mike Spreitzer <mspreitz@us.ibm.com>
 2023-07-14 01:01:57 +00:00
Abu Kashem
f8e4e8abac apf: add validation to exempt for borrowing 
Signed-off-by: Mike Spreitzer <mspreitz@us.ibm.com>
 2023-07-14 01:01:09 +00:00
Mike Spreitzer
f78d6062eb Update generated code for APF borrowing by exempt 
Signed-off-by: Mike Spreitzer <mspreitz@us.ibm.com>
 2023-07-14 01:00:06 +00:00
Mike Spreitzer
a9d8cace1f Fix AutoUpdateAnnotationKey, NominalConcurrencyShares 
Signed-off-by: Mike Spreitzer <mspreitz@us.ibm.com>
 2023-07-14 00:47:58 +00:00
Abu Kashem
3d3240c8b4 apf: add API changes for borrowing by exempt pl 2023-07-14 00:47:28 +00:00
Kubernetes Prow Robot
5c72df7281 Merge pull request #118953 from mskrocki/escLib 
Convert EndpointSlice Reconciler to a library in staging.
 2023-07-13 17:13:34 -07:00
Jiahui Feng
b635f2a401 ValidatingAdmissionPolicy: Variable Composition (#118642) 
* [API REVIEW] Variable Composition

* lazy map.

* variable composition implementation.

* check variables during VAP validation.

* generated: ./hack/update-vendor.sh

* generated: UPDATE_COMPATIBILITY_FIXTURE_DATA

(cd staging/src/k8s.io/api/ && env UPDATE_COMPATIBILITY_FIXTURE_DATA=true go test)

* cost calucation.

* tests for cost calculations.

* e2e test for variables.

* fix doc for Validation.Expression.

* generated: ./hack/update-codegen.sh

* fix missing utilruntime import.

* generated: ./hack/update-openapi-spec.sh
 2023-07-13 17:13:28 -07:00
Kubernetes Prow Robot
1e21da87b8 Merge pull request #118988 from nilekhc/hash-keyid 
[KMSv2] chore: hashes keyID being logged
 2023-07-13 15:47:48 -07:00
Amine
49d0346802 Pre-allocate webhook accessors arrays for mutating and validating 
webhooks
 2023-07-13 23:43:12 +01:00
Alex Zielenski
423f4dfc79 Add quantity library to CEL (#118803) 
* add quantity library to CEL

* add more tests to quantity

* use 1.29 env for quantity

* set CEL default env to 1.28 for 1.28 release

* add compare function

* docs and arith lib

* fixup addInt and subInt overload, add docs

* more tests

* cleanup docs

* remove old comments

* remove unnecessary cast

* add isInteger

* add overflow tests

* boilerplate

* refactor expectedResult for tests

* doc typo fix

* returns bool

* add docs link

* different dos link

* add isInteger true case

* expand iff

* add quantity back to 1.28 version, and revert change to DefaultCompatibilityVersion

* formatting
 2023-07-13 14:43:56 -07:00
Kubernetes Prow Robot
bea27f82d3 Merge pull request #118209 from pohly/dra-pre-scheduled-pods 
dra: pre-scheduled pods
 2023-07-13 14:43:37 -07:00
Nilekh Chaudhari
131216fa8f chore: hashes keyID 
Signed-off-by: Nilekh Chaudhari <1626598+nilekhc@users.noreply.github.com>
 2023-07-13 20:42:09 +00:00
Jiahui Feng
049614f884 ValidatingAdmissionPolicy controller for Type Checking (#117377) 
* [API REVIEW] ValidatingAdmissionPolicyStatucController config.

worker count.

* ValidatingAdmissionPolicyStatus controller.

* remove CEL typechecking from API server.

* fix initializer tests.

* remove type checking integration tests

from API server integration tests.

* validatingadmissionpolicy-status options.

* grant access to VAP controller.

* add defaulting unit test.

* generated: ./hack/update-codegen.sh

* add OWNERS for VAP status controller.

* type checking test case.
 2023-07-13 13:41:50 -07:00
Nilekh Chaudhari
c291e6355c feat: implements metrics for encryption config hot reload 
Signed-off-by: Nilekh Chaudhari <1626598+nilekhc@users.noreply.github.com>
 2023-07-13 20:08:27 +00:00
Kubernetes Prow Robot
1d846a12da Merge pull request #118804 from benluddy/authz-deferred-errors 
CEL lib: Expose errors on authz decisions instead of raising them from check()
 2023-07-13 12:39:37 -07:00
Kubernetes Prow Robot
d39965270e Merge pull request #119286 from ardaguclu/remove-openapiv3-alpha-env 
Remove KUBECTL_EXPLAIN_OPENAPIV3 environment variable
 2023-07-13 09:56:57 -07:00
Ricardo Katz
c688478a28 Fix lifecycle generator to check the version correctly (#119268) 
* Fix lifecycle generator to check the version correctly

* Fix file header

Co-authored-by: Antonio Ojea <antonio.ojea.garcia@gmail.com>

---------

Co-authored-by: Antonio Ojea <antonio.ojea.garcia@gmail.com>
 2023-07-13 09:56:49 -07:00
Kubernetes Prow Robot
eee56d56ed Merge pull request #119219 from cpanato/update-prombot 
Update publishing-bot rules for release branches to Go 1.20.5
 2023-07-13 08:40:49 -07:00
Kubernetes Prow Robot
d37c62dcbf Merge pull request #117800 from cyclinder/loggin_format 
Add '--logging-format' flag to kube-proxy
 2023-07-13 08:40:37 -07:00
Arda Güçlü
4d8f569b03 Remove KUBECTL_EXPLAIN_OPENAPIV3 environment variable 
Since explain openapiv3 has been moved to beta already, there is no
point to having this environment variable.

This PR removes it.
 2023-07-13 13:44:43 +03:00
cyclinder
71ef0dafa7 add flag 'logging-format' to kube-proxy 2023-07-13 14:33:33 +08:00
cyclinder
c550c17f7f accept int or string flush frequency 2023-07-13 14:33:33 +08:00
Kubernetes Prow Robot
79c02ceb73 Merge pull request #119154 from aimuz/fix-119152 
fix: Add "metav1.CauseType" to "field.ErrorType" map
 2023-07-12 12:01:11 -07:00
Kubernetes Prow Robot
e3fe07e322 Merge pull request #119243 from dprotaso/standard-app-protocol 
Update standard app protocols
 2023-07-12 10:58:00 -07:00
Kubernetes Prow Robot
374866eaf0 Merge pull request #119226 from enj/enj/i/kms_owners 
Add enj to apiserver options approver
 2023-07-12 10:57:52 -07:00
Kubernetes Prow Robot
047d040ce7 Merge pull request #119012 from pohly/dra-batch-node-prepare 
kubelet: support batched prepare/unprepare in v1alpha3 DRA plugin API
 2023-07-12 10:57:37 -07:00
Kubernetes Prow Robot
2ec4e14bfa Merge pull request #118812 from serathius/storage-metric 
Improve apiserver storage size metric
 2023-07-12 10:57:26 -07:00
Marek Siarkowicz
39bb8f4bb1 Implement ConsistentListFromCache feature gate 
Request bookmark every 100ms when there is at least one request blocked on revision not present in watch cache.
 2023-07-12 17:26:17 +02:00
Amine
0695853a30 Improve naming and code comments 2023-07-12 16:20:14 +01:00
Patrick Ohly
08d40f53a7 dra: test with and without immediate ReservedFor 
The recommendation and default in the controller helper code is to set
ReservedFor to the pod which triggered delayed allocation. However, this
is neither required nor enforced. Therefore we should also test the fallback
path were kube-scheduler itself adds the pod to ReservedFor.
 2023-07-12 16:57:17 +02:00
Amine
28b6c90696 Move DeleteFunc logging to level 2 2023-07-12 15:50:40 +01:00
Amine
761016482d Properly setup mutatingWebhookConfigurationManager{} 2023-07-12 15:50:40 +01:00
Amine
747dbd9b6b run ./hack/verify-gofmt.sh 2023-07-12 15:50:16 +01:00
Amine
1eb60939fe Add smart reload for MutatingWebhooks 2023-07-12 15:50:16 +01:00
Amine
aeefb762ec Properly handle parameter in shareInformer.DeleteFunc 2023-07-12 15:50:16 +01:00
Amine
a01a8cb07e Fix webhook accessors caching pattern 2023-07-12 15:50:16 +01:00
Amine
7d3d44af77 Add webhookAccessors smart reloads unit tests 
This patch adds few unit tests to assert that the webhook accessors are
only recreate when they are update in the api-server.

In order to test this feature we had to make few changes to wb manager
that allows us to mock `NewValidatingWebhookAccessor` external function.
 2023-07-12 15:50:16 +01:00
Amine
c6f36e8702 Fix deadlock issue 
This patch fixes the deadlock issue by using a map to cache already
initiated Webhooks instead of using `needRefresh` map.
 2023-07-12 15:50:16 +01:00
Amine
99875b3fb7 Webhook Accessors Smart Recompilation 
Addresses https://github.com/kubernetes/kubernetes/issues/116588

This is an WIP patch trying to avoid recompiling CELs expressions when
recreation Validating/Mutating WebhookAccessors.

Maybe we should also concider using generatic.Controller from
5f59f44983/staging/src/k8s.io/apiserver/pkg/admission/plugin/validatingadmissionpolicy/internal/generic/controller.go
 2023-07-12 15:50:14 +01:00
Patrick Ohly
d743c50bb9 kubelet: support batched prepare/unprepare in v1alpha3 DRA plugin API 
Combining all prepare/unprepare operations for a pod enables plugins to
optimize the execution. Plugins can continue to use the v1beta2 API for now,
but should switch. The new API is designed so that plugins which want to work
on each claim one-by-one can do so and then report errors for each claim
separately, i.e. partial success is supported.
 2023-07-12 14:50:30 +02:00
Marek Siarkowicz
7a63997c8a Improve apiserver storage size metric to allow it's graduation 
Change name to make it compliant with prometheus guidelines.
Calculate it on demand instead of periodic to comply with prometheus standards.
Replace "endpoint" with "server" label to make it semantically consistent with storage factory
 2023-07-12 14:33:10 +02:00
dprotaso
610509fedd Update standard app protocols 
Add websocket support - see https://github.com/kubernetes/enhancements/pull/3996
 2023-07-12 08:28:50 -04:00
Marek Siarkowicz
c1decb6763 Fix TestConditionalProgressRequester and TestWaitUntilFreshAndListTimeout flakes 2023-07-12 14:03:32 +02:00
Kubernetes Prow Robot
95e915c428 Merge pull request #119229 from HirazawaUi/fix-convert-slice 
Fix the converts an empty string to nil.
 2023-07-11 23:39:11 -07:00
Monis Khan
b81f07ac9a Add enj to apiserver options approver 
Signed-off-by: Monis Khan <mok@microsoft.com>
 2023-07-11 16:07:44 -04:00
Maciej Skrocki
43b509de42 staging: Add endpointslice to publishing data. 2023-07-11 18:08:26 +00:00