github/kubernetes
4
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
114,959 Commits 1 Branch 31 Tags
2c8dffdd5ff0b55c9d9fe01f7d63cc0ee5b22a6d
Commit Graph

23095 Commits

Author SHA1 Message Date
Kubernetes Prow Robot
2c8dffdd5f Merge pull request #116619 from MadhavJivrajani/fix-subresource-e2e-flake 
test/e2e: Fix flaking subresource test
 2023-03-14 17:45:02 -07:00
Kubernetes Prow Robot
fa5253976c Merge pull request #116551 from SergeyKanzhelev/standaloneMode 
Test kubelet standalone mode
 2023-03-14 17:44:47 -07:00
Kubernetes Prow Robot
f22504a9ba Merge pull request #116539 from pohly/ginkgo-gomega-update 
dependencies: ginkgo v2.9.1, gomega v1.27.3
 2023-03-14 17:44:40 -07:00
Kubernetes Prow Robot
f7bcff44cd Merge pull request #116425 from jsafrane/flip-selinux 
Flip SELinuxMountReadWriteOncePod to Beta
 2023-03-14 16:34:41 -07:00
Kubernetes Prow Robot
fbfc887a09 Merge pull request #116556 from pohly/dra-podschedulingcontext 
dra: PodScheduling -> PodSchedulingContext
 2023-03-14 15:14:34 -07:00
Kubernetes Prow Robot
900278dd41 Merge pull request #116390 from alexzielenski/kubectl/explain/openapiv3/on-by-default 
kubectl explain: use openapiv3 by default
 2023-03-14 15:14:26 -07:00
Madhav Jivrajani
87b64744dc test/e2e: Fix flaking subresource test 
Avoid comparing fields that might end up changing
between two invocations of kubectl.

Signed-off-by: Madhav Jivrajani <madhav.jiv@gmail.com>
 2023-03-15 03:42:17 +05:30
Patrick Ohly
fe59e091eb dependencies: ginkgo v2.9.1, gomega v1.27.4 
They contain some nice-to-have improvements (for example, better printing of
errors with gomega/format.Object) but nothing that is critical right now.

"go mod tidy" was run manually in
staging/src/k8s.io/kms/internal/plugins/mock (https://github.com/kubernetes/kubernetes/pull/116613
not merged yet).
 2023-03-14 22:26:27 +01:00
Kubernetes Prow Robot
60be214af1 Merge pull request #116599 from justinsb/kubectl_applyset_e2e_test 
kubectl prunev2: simple e2e/integration test
 2023-03-14 14:13:33 -07:00
Kubernetes Prow Robot
c0ef73222f Merge pull request #116522 from robscott/topology-1-27-updates 
Introducing Topology Mode Annotation, Deprecating Topology Hints Annotation
 2023-03-14 14:12:48 -07:00
Sergey Kanzhelev
1e6281e4a2 first iteration to add standalone mode 2023-03-14 20:46:41 +00:00
Alexander Zielenski
4fb6385140 fix test to look for FIELD: not RESOURCE: when a field was looked up 2023-03-14 12:47:09 -07:00
Kubernetes Prow Robot
abb6328661 Merge pull request #116590 from MadhavJivrajani/e2e-kubectl-subresource 
test/e2e: Add e2e tests for kubectl --subresource
 2023-03-14 12:38:42 -07:00
Kubernetes Prow Robot
1cb334960c Merge pull request #116591 from gjkim42/add-service-feature-gates-to-e2e_node 
Add service-feature-gates argument to node_e2e
 2023-03-14 10:41:17 -07:00
Kubernetes Prow Robot
94ed45ab4a Merge pull request #116568 from pacoxu/fix-alpha-feature-ci 
get pvc again to get the pv name that bound to the PVC
 2023-03-14 10:41:09 -07:00
Kubernetes Prow Robot
bab2774b21 Merge pull request #116517 from dims/re-organize-remote-e2e-test-to-be-pluggable 
re-organize remote e2e test to be pluggable
 2023-03-14 10:41:00 -07:00
Kubernetes Prow Robot
4950f51903 Merge pull request #116155 from enj/enj/f/dek_reuse 
kmsv2: re-use DEK while key ID is unchanged
 2023-03-14 10:40:28 -07:00
Kubernetes Prow Robot
49649c89ea Merge pull request #113584 from yangjunmyfm192085/volume-contextual-logging 
volume: use contextual logging
 2023-03-14 10:40:16 -07:00
justinsb
04ae8e9b2e kubectl prunev2: simple e2e/integration test 
Starting with the most basic e2e test, checking that we can create and
prune configmaps.
 2023-03-14 16:45:29 +00:00
Kubernetes Prow Robot
f769c66aa8 Merge pull request #113622 from 249043822/br-context-logging-daemon 
daemonset: use contextual logging
 2023-03-14 09:38:28 -07:00
Kubernetes Prow Robot
204a9a1f17 Merge pull request #116459 from ffromani/podresources-ratelimit-minimal 
add podresources DOS prevention using rate limit
 2023-03-14 08:36:45 -07:00
Madhav Jivrajani
a466b7f5aa test/e2e: Add e2e tests for kubectl --subresource 
Signed-off-by: Madhav Jivrajani <madhav.jiv@gmail.com>
 2023-03-14 21:01:44 +05:30
Davanum Srinivas
a1d157bf32 Add some missing flags 
Signed-off-by: Davanum Srinivas <davanum@gmail.com>
 2023-03-14 10:36:25 -04:00
Kubernetes Prow Robot
689fc37dd2 Merge pull request #112334 from dgrisonnet/fix-eventseries-count 
Fix EventSeries starting count discrepancy
 2023-03-14 07:28:16 -07:00
Monis Khan
832d6f0e19 kmsv2: re-use DEK while key ID is unchanged 
This change updates KMS v2 to not create a new DEK for every
encryption.  Instead, we re-use the DEK while the key ID is stable.

Specifically:

We no longer use a random 12 byte nonce per encryption.  Instead, we
use both a random 4 byte nonce and an 8 byte nonce set via an atomic
counter.  Since each DEK is randomly generated and never re-used,
the combination of DEK and counter are always unique.  Thus there
can never be a nonce collision.  AES GCM strongly encourages the use
of a 12 byte nonce, hence the additional 4 byte random nonce.  We
could leave those 4 bytes set to all zeros, but there is no harm in
setting them to random data (it may help in some edge cases such as
live VM migration).

If the plugin is not healthy, the last DEK will be used for
encryption for up to three minutes (there is no difference on the
behavior of reads which have always used the DEK cache).  This will
reduce the impact of a short plugin outage while making it easy to
perform storage migration after a key ID change (i.e. simply wait
ten minutes after the key ID change before starting the migration).

The DEK rotation cycle is performed in sync with the KMS v2 status
poll thus we always have the correct information to determine if a
read is stale in regards to storage migration.

Signed-off-by: Monis Khan <mok@microsoft.com>
 2023-03-14 10:23:50 -04:00
Gunju Kim
cdf501f77b Add service-feature-gates argument to node_e2e 
This separates the "service-feature-gates" argument from the
"feature-gates" to set feature gates of API service independently.
 2023-03-14 22:54:30 +09:00
Jan Safranek
a84dc2d5c5 Flip SELinuxMountReadWriteOncePod to Beta 
And enable all e2e tests by default. They're still behind
`[Feature:SELinux]` tag to ensure the underlying OS supports SELinux.
 2023-03-14 14:32:38 +01:00
zhucan
80ff4b90a5 e2e: test for node expand volume with secrets failed 
Signed-off-by: zhucan <zhucan.k8s@gmail.com>
 2023-03-14 21:12:31 +08:00
Paco Xu
a5587de2e4 print all calls when compare CSI call failed 2023-03-14 18:03:08 +08:00
Patrick Ohly
fec5233668 api: resource.k8s.io PodScheduling -> PodSchedulingContext 
The name "PodScheduling" was unusual because in contrast to most other names,
it was impossible to put an article in front of it. Now PodSchedulingContext is
used instead.
 2023-03-14 10:18:08 +01:00
Paco Xu
4e5171b396 upgrade csi provisioner to v3.4.0 
Signed-off-by: Paco Xu <paco.xu@daocloud.io>
 2023-03-14 16:51:46 +08:00
Paco Xu
40d543a59d check node expand secret ref and fix CSI calls compare failure 
Signed-off-by: Paco Xu <paco.xu@daocloud.io>
 2023-03-14 16:51:46 +08:00
Paco Xu
2f71a635af get pvc again to get the pv name that bound to the PVC 
Signed-off-by: Paco Xu <paco.xu@daocloud.io>
 2023-03-14 16:51:46 +08:00
Patrick Ohly
29941b8d3e api: resource.k8s.io v1alpha1 -> v1alpha2 
For Kubernetes 1.27, we intend to make some breaking API changes:
- rename PodScheduling -> PodSchedulingHints (https://github.com/kubernetes/kubernetes/issues/114283)
- extend ResourceClaimStatus (https://github.com/kubernetes/enhancements/pull/3802)

We need to switch from v1alpha1 to v1alpha2 for that.
 2023-03-14 07:52:03 +01:00
Kubernetes Prow Robot
152876a3eb Merge pull request #115668 from jiahuif-forks/feature/validating-admission-policy/type-system 
Type System for ValidatingAdmissionPolicy
 2023-03-13 23:27:09 -07:00
Kubernetes Prow Robot
6612af0af0 Merge pull request #110304 from RomanBednar/resize-e2e 
add e2e test for correct resizing of a snaphot restore
 2023-03-13 22:27:08 -07:00
Kubernetes Prow Robot
cd56332d06 Merge pull request #116501 from mattcary/ss-beta 
Graduate StatefulSetAutoDelete to beta
 2023-03-13 19:31:20 -07:00
Rob Scott
e23af041f5 Introducing Topology Mode Annotation, Deprecating Topology Hints 
Annotation

As part of this change, kube-proxy accepts any value for either
annotation that is not "disabled".

Change-Id: Idfc26eb4cc97ff062649dc52ed29823a64fc59a4
 2023-03-14 02:23:11 +00:00
ZhangKe10140699
7198bcffcd daemonset: use contextual logging 2023-03-14 08:50:27 +08:00
杨军10092085
361e4ff0fa volume: use contextual logging 2023-03-14 08:37:30 +08:00
Matthew Cary
1d6df8233c Graduate StatefulSetAutoDelete to beta 
Change-Id: Iee385580d313c69fbb8a893eb5c165aa0b75725d
 2023-03-13 17:09:29 -07:00
Kubernetes Prow Robot
b740a34302 Merge pull request #116545 from flant/table-ssr-e2e 
Fix DescribeTable for selfsubjectreview e2e
 2023-03-13 16:49:21 -07:00
Davanum Srinivas
a889cc7f79 prevent initializing the same flag more than once 
Signed-off-by: Davanum Srinivas <davanum@gmail.com>
 2023-03-13 17:07:00 -04:00
m.nabokikh
d5aa8351e3 Fix DescribeTable for selfsubjectreview e2e 
Signed-off-by: m.nabokikh <maksim.nabokikh@flant.com>
 2023-03-13 20:06:10 +01:00
Davanum Srinivas
be42dcfd73 re-organize remote e2e test to be pluggable 
Signed-off-by: Davanum Srinivas <davanum@gmail.com>
 2023-03-13 12:33:47 -04:00
Sergey Kanzhelev
009a2cbbc8 initialize feature gates in test project 2023-03-13 16:16:03 +00:00
Kubernetes Prow Robot
a0b1bee7c5 Merge pull request #115840 from atosatto/remove-taint-manager-cli 
Remove enable-taint-manager and pod-eviction-timeout CLI flags
 2023-03-13 08:13:10 -07:00
Kubernetes Prow Robot
492a08c916 Merge pull request #113525 from 249043822/br-context-logging-deployment 
deployment controller: use contextual logging
 2023-03-13 08:13:02 -07:00
Kubernetes Prow Robot
85524e7da6 Merge pull request #116518 from tzneal/refactor-remote-runner 
test: refactor remote test running
 2023-03-13 05:56:59 -07:00
Damien Grisonnet
d00364902b events: fix EventSeries starting count discrepancy 
The kube-apiserver validation expects the Count of an EventSeries to be
at least 2, otherwise it rejects the Event. There was is discrepancy
between the client and the server since the client was iniatizing an
EventSeries to a count of 1.

According to the original KEP, the first event emitted should have an
EventSeries set to nil and the second isomorphic event should have an
EventSeries with a count of 2. Thus, we should matcht the behavior
define by the KEP and update the client.

Also, as an effort to make the old clients compatible with the servers,
we should allow Events with an EventSeries count of 1 to prevent any
unexpected rejections.

Signed-off-by: Damien Grisonnet <dgrisonn@redhat.com>
 2023-03-13 13:31:07 +01:00