github/kubernetes
4
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
93,054 Commits 1 Branch 31 Tags
479249b3a3ca0a118568ea0b87717c7b0d32d33f
Commit Graph

10808 Commits

Author SHA1 Message Date
wojtekt
8ec193ba9c Limit number of instances in single update to GCE target pool 2020-02-07 10:29:06 +01:00
Kubernetes Prow Robot
1f147a4cf5 Merge pull request #87734 from mikedanese/ctxsnap 
snapshot clientsets pending context migration
 2020-02-07 00:08:10 -08:00
Kubernetes Prow Robot
c5bf3fbdf0 Merge pull request #87612 from enj/enj/i/oidc_audience_token_review 
Make oidc authenticator audience agnostic
 2020-02-07 00:07:56 -08:00
wojtekt
ea140f5e1a Register conversions for kubectl testing types 2020-02-07 08:12:42 +01:00
Kubernetes Prow Robot
e4061baeac Merge pull request #87830 from dims/update-sigs.k8s.io/yaml-to-v1.2.0 
Updating dependency sigs.k8s.io/yaml to version v1.2.0
 2020-02-06 17:48:01 -08:00
Kubernetes Prow Robot
f0bd622e35 Merge pull request #87829 from zhan849/harry/backoff-manager 
implement backoff manager
 2020-02-06 17:47:51 -08:00
Kubernetes Prow Robot
9c1e124b15 Merge pull request #87823 from tallclair/test-tokens 
Ensure testing credentials are labeled as such
 2020-02-06 17:47:29 -08:00
Kubernetes Prow Robot
8d80a44177 Merge pull request #87813 from sttts/sttts-schema-aggregation-logging 
kube-aggregator: increase log level of AggregationController API group logging
 2020-02-06 17:47:01 -08:00
Kubernetes Prow Robot
91d2088f24 Merge pull request #87778 from p0lyn0mial/improve-unavailableGauge 
makes unavailableGauge metric to always reflect the current state of a service
 2020-02-06 17:46:38 -08:00
Aldo Culquicondor
1071eb89f3 Remove deprecated fields from kubescheduler.config.k8s.io/v1alpha2 
Signed-off-by: Aldo Culquicondor <acondor@google.com>
 2020-02-06 16:22:30 -05:00
Antoine Pelisse
a52776fbfb Add UpdateTwice and UpdateApply benchmarks for fieldmanager 
I've also moved the deserialization of the object outside the benchmark
since we're not trying to benchmark the yaml parser.
 2020-02-06 09:25:52 -08:00
zhouya0
527e66fc28 Add kubectl diff exit code doc 2020-02-06 14:49:55 +08:00
Sakura
d5edfc9817 fix staticcheck errors in vendor/k8s.io/legacy-cloud-providers/aws. 
Signed-off-by: Sakura <longfei.shang@daocloud.io>
 2020-02-06 11:08:45 +08:00
inductor
0c74a260c9 update generated file 2020-02-06 10:27:49 +09:00
Weinong Wang
c08db5feac add a flag in azure auth module to omit spn: prefix in audience claim 2020-02-05 14:17:59 -08:00
Kubernetes Prow Robot
9f6f608816 Merge pull request #87492 from 928234269/fix_staticcheck05 
fix static check errors in vendor/k8s.io/apimachinery/pkg/api/resource
 2020-02-05 12:11:55 -08:00
Marek Siarkowicz
30989b648d Remove references to prometheus is test/e2e 2020-02-05 15:54:36 +01:00
shaloulcy
fa9ba80a67 validate storage cache indexers 
Signed-off-by: shaloulcy <lcy041536@gmail.com>
 2020-02-05 17:37:56 +08:00
Kubernetes Prow Robot
7e8f31b313 Merge pull request #87809 from mfojtik/kubectl-logs-preselect 
kubectl: allow to preselect interesting container in logs
 2020-02-05 01:09:20 -08:00
Kubernetes Prow Robot
85ffc9dbd7 Merge pull request #87791 from mikedanese/authexp 
remove authn/z expansions
 2020-02-05 01:08:48 -08:00
Harry Zhang
fc8a39d439 implement backoff manager 2020-02-04 14:23:15 -08:00
Monis Khan
9b23f22472 Make oidc authenticator audience agnostic 
This change removes the audience logic from the oidc authenticator
and collapses it onto the same logic used by other audience unaware
authenticators.

oidc is audience unaware in the sense that it does not know or
understand the API server's audience.  As before, the authenticator
will continue to check that the token audience matches the
configured client ID.

The reasoning for this simplification is:

1. The previous code tries to make the client ID on the oidc token
a valid audience.  But by not returning any audience, the token is
not valid when used via token review on a server that is configured
to honor audiences (the token works against the Kube API because the
audience check is skipped).

2. It is unclear what functionality would be gained by allowing
token review to check the client ID as a valid audience.  It could
serve as a proxy to know that the token was honored by the oidc
authenticator, but that does not seem like a valid use case.

3. It has never been possible to use the client ID as an audience
with token review as it would have always failed the audience
intersection check.  Thus this change is backwards compatible.

It is strange that the oidc authenticator would be considered
audience unaware when oidc tokens have an audience claim, but from
the perspective of the Kube API (and for backwards compatibility),
these tokens are only valid for the API server's audience.

This change seems to be the least magical and most consistent way to
honor backwards compatibility and to allow oidc tokens to be used
via token review when audience support in enabled.

Signed-off-by: Monis Khan <mok@vmware.com>
 2020-02-04 13:24:49 -08:00
Davanum Srinivas
5bb1838c5c Updating dependency sigs.k8s.io/yaml to version v1.2.0 2020-02-04 15:45:47 -05:00
Tim Allclair
9d3670f358 Ensure testing credentials are labeled as such 2020-02-04 10:36:05 -08:00
Brian Pursley
2d21f16c38 Fixed code formatting issues discovered by verify-gofmt 2020-02-04 10:16:06 -05:00
Brian Pursley
97185e9752 Fixed problem in unit test where error expected/actual comparison was not being performed 2020-02-04 10:12:48 -05:00
Brian Pursley
48ee18b516 Removed unneeded newline (moved to end of directory not found message) 2020-02-04 10:12:48 -05:00
Brian Pursley
f60c0af977 Ignore empty or blank string in path when listing plugins 2020-02-04 10:12:48 -05:00
Brian Pursley
78248d0c2a Fixed code formatting issues discovered by verify-gofmt 2020-02-04 10:11:18 -05:00
Brian Pursley
e70a630dac Added 'No resources found' message to describe and top pod commands 2020-02-04 09:55:40 -05:00
Dr. Stefan Schimanski
059429ce53 kube-aggregator: increase log level of AggregationController API group logging 2020-02-04 14:14:17 +01:00
Michal Fojtik
439f93c91b kubectl: allow to preselect interesting container in logs 2020-02-04 13:50:41 +01:00
Lukasz Szaszkiewicz
7368862c19 makes unavailableGauge metric to always reflect the current state of a service 2020-02-04 11:49:30 +01:00
Kubernetes Prow Robot
d52ecd5f70 Merge pull request #86430 from wojtek-t/avoid_thundering_herd_on_etcd 
Avoid thundering herd of relists on etcd
 2020-02-03 23:09:25 -08:00
Mike Danese
65483a19ab generated: update clients 2020-02-03 14:31:56 -08:00
Mike Danese
41bd53866e remove create expansions form authn/z clients 2020-02-03 14:28:08 -08:00
Mike Danese
533d0b7f74 use generated clients instead of expansions for most of authn/z 2020-02-03 14:28:08 -08:00
Mike Danese
0f18715473 snapshot clientsets pending context migration 
https://github.com/kubernetes/enhancements/blob/master/keps/sig-api-machinery/20200123-client-go-ctx.md

Part of #46503
 2020-02-03 08:36:00 -08:00
Odin Ugedal
1e50bc2d09 Add error check in kubectl proxy on server setup 
If "NewServer" returns an error, it will result in a nil pointer
dereference segfault.

A simple way to test the behavior is to prefix the server url with a
colon, ":".
 2020-02-03 16:43:01 +01:00
Kubernetes Prow Robot
4c3aa3f26b Merge pull request #87515 from Sh4d1/proxy_agg 
Use network proxy for aggregator api
 2020-02-03 01:53:21 -08:00
shaloulcy
87582e2c3c add indexer for storage cacher 
Signed-off-by: shaloulcy <lcy041536@gmail.com>
 2020-02-03 13:37:17 +08:00
zhouya0
e3c8add683 fix kubectl drain ignore daemonsets and others 2020-02-03 10:36:52 +08:00
Kubernetes Prow Robot
9de5763473 Merge pull request #87740 from jennybuckley/rate-limit-log 
Log when client rate limiter latency is very high at a lower log level
 2020-02-01 23:39:20 -08:00
Kubernetes Prow Robot
19ca6d30d2 Merge pull request #87437 from apelisse/kubectl-diff-exit-code 
kubectl-diff: Return non-1 errors on kubectl failures
 2020-02-01 18:33:20 -08:00
Kubernetes Prow Robot
b763a58878 Merge pull request #87663 from lavalamp/docs 
add to api repo documentation
 2020-02-01 12:55:32 -08:00
Patrik Cyvoct
df9b4e92e8 use network proxy for aggregator api 
Signed-off-by: Patrik Cyvoct <patrik@ptrk.io>
 2020-02-01 19:38:29 +01:00
Kubernetes Prow Robot
38137df87d Merge pull request #87689 from newrelic-forks/master 
fix: missing variadic dots
 2020-01-31 20:07:57 -08:00
Kubernetes Prow Robot
18ade93915 Merge pull request #87686 from feiskyer/file-client 
Fix backoff retries for AzureFile client
 2020-01-31 20:07:48 -08:00
Kubernetes Prow Robot
21e6ec0ba5 Merge pull request #87685 from feiskyer/vmas-disable 
Add disableAvailabilitySetNodes to avoid VM list for VMSS clusters
 2020-01-31 20:07:34 -08:00
Kubernetes Prow Robot
fa83cf56eb Merge pull request #87635 from feiskyer/cache-nil-for-deleting-node 
Set cache to nil data when Azure node provisioning state is deleting
 2020-01-31 20:07:21 -08:00