github/kubernetes
4
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
88,197 Commits 1 Branch 31 Tags 1,019 MiB
652f52b51c
Commit Graph

9209 Commits

Author SHA1 Message Date
Kubernetes Prow Robot
abe6321296 Merge pull request #87952 from mikedanese/opts 
add *Options to Create, Update, and Patch in generated clientsets
 2020-02-08 20:43:53 -08:00
Kubernetes Prow Robot
86fcb30e53
Merge pull request #87908 from jpbetz/enable-smd-reflector 
Bump to latest SMD to pick up performance optimizations
 2020-02-08 18:11:52 -08:00
Kubernetes Prow Robot
2e2c12951e
Merge pull request #87941 from andyzhangx/non-retriable-err 
fix: add non-retriable errors in azure clients
 2020-02-08 14:46:30 -08:00
Kubernetes Prow Robot
7c1dfd1b83 Merge pull request #83546 from Asalle/fix-golint-passwordfile 
Fix golint in staging/src/k8s.io/apiserver/plugin/pkg/authenticator/password/passwordfile
 2020-02-08 10:15:54 -08:00
Mike Danese
bfc75d9a5c manual fixes 2020-02-08 12:32:33 -05:00
Mike Danese
1dcd1fb3b7 generated: update clients 2020-02-08 12:32:30 -05:00
Mike Danese
25651408ae generated: run refactor 2020-02-08 12:30:21 -05:00
Mike Danese
6c274ea72d update client gen 2020-02-08 12:01:19 -05:00
Kubernetes Prow Robot
334d788f08 Merge pull request #87299 from mikedanese/ctx 
context in client-go
 2020-02-08 06:43:52 -08:00
andyzhangx
142778ac6c fix: add non-retriable errors in azure clients 2020-02-08 04:26:57 +00:00
Kubernetes Prow Robot
ed74b7cc02
Merge pull request #87633 from brianpursley/kubectl-792 
Prevent error message from being displayed during plugin list when path includes empty string
 2020-02-07 18:33:09 -08:00
Kubernetes Prow Robot
a2161c1349
Merge pull request #86921 from mikedanese/metics 
token cache: make fetch_total a counter
 2020-02-07 18:32:27 -08:00
Kubernetes Prow Robot
37961763c0
Merge pull request #85889 from oke-py/kubectl/726 
`kubectl create clusterrolebinding` creates rbac.authorization.k8s.io/v1 object
 2020-02-07 18:32:12 -08:00
Mike Danese
2637772298 some manual fixes 2020-02-07 18:17:40 -08:00
Mike Danese
9443a38144 generated: update clients 2020-02-07 18:17:36 -08:00
Mike Danese
3aa59f7f30 generated: run refactor 2020-02-07 18:16:47 -08:00
Mike Danese
7e88d8db66 update generators 2020-02-07 18:15:46 -08:00
Joe Betz
d9faaca647 Bump to latest SMD to pick up performance optimizations 2020-02-07 16:11:06 -08:00
Kubernetes Prow Robot
9617322727
Merge pull request #87904 from alculquicondor/rm_v1alpha2_deprecated 
Remove deprecated fields from kubescheduler.config.k8s.io/v1alpha2
 2020-02-07 15:20:32 -08:00
Kubernetes Prow Robot
67ae5c8dac
Merge pull request #87881 from wojtek-t/limit_add_instances_calls 
Limit number of instances in single update to GCE target pool
 2020-02-07 15:20:21 -08:00
Kubernetes Prow Robot
2c0fad1bc7
Merge pull request #87503 from liggitt/remove-alpha-node-api 
Drop k8s.io/node-api packages
 2020-02-07 15:20:12 -08:00
Kubernetes Prow Robot
15bf6416eb
Merge pull request #85445 from shaloulcy/storage_indexer 
add indexer for storage cacher
 2020-02-07 15:19:45 -08:00
Kubernetes Prow Robot
64ba0bf3d6
Merge pull request #87892 from wojtek-t/manual_fake_kubectl_conversions 
Register conversions for kubectl testing types
 2020-02-07 07:38:01 -08:00
Jordan Liggitt
0b32e142d4 Drop k8s.io/node-api packages 2020-02-07 10:07:14 -05:00
Kubernetes Prow Robot
87f27638af
Merge pull request #87896 from apelisse/fieldmanager-benchmark-updatetwice 
Add UpdateTwice and UpdateApply benchmarks for fieldmanager
 2020-02-07 05:57:56 -08:00
Kubernetes Prow Robot
f6abf820fd
Merge pull request #87874 from 928234269/fix_staticcheck07 
fix staticcheck errors in vendor/k8s.io/legacy-cloud-providers/aws.
 2020-02-07 05:57:30 -08:00
Kubernetes Prow Robot
913c9ef150
Merge pull request #87630 from weinong/feat-87541 
add a flag in azure auth module to omit spn: prefix in audience claim
 2020-02-07 05:56:27 -08:00
Kubernetes Prow Robot
e128f6f4c9
Merge pull request #87559 from daohoangson/openapi/delete_return_type 
Openapi/delete return type
 2020-02-07 05:56:12 -08:00
wojtekt
8ec193ba9c Limit number of instances in single update to GCE target pool 2020-02-07 10:29:06 +01:00
Kubernetes Prow Robot
1f147a4cf5
Merge pull request #87734 from mikedanese/ctxsnap 
snapshot clientsets pending context migration
 2020-02-07 00:08:10 -08:00
Kubernetes Prow Robot
c5bf3fbdf0
Merge pull request #87612 from enj/enj/i/oidc_audience_token_review 
Make oidc authenticator audience agnostic
 2020-02-07 00:07:56 -08:00
wojtekt
ea140f5e1a Register conversions for kubectl testing types 2020-02-07 08:12:42 +01:00
Kubernetes Prow Robot
e4061baeac
Merge pull request #87830 from dims/update-sigs.k8s.io/yaml-to-v1.2.0 
Updating dependency sigs.k8s.io/yaml to version v1.2.0
 2020-02-06 17:48:01 -08:00
Kubernetes Prow Robot
f0bd622e35
Merge pull request #87829 from zhan849/harry/backoff-manager 
implement backoff manager
 2020-02-06 17:47:51 -08:00
Kubernetes Prow Robot
9c1e124b15
Merge pull request #87823 from tallclair/test-tokens 
Ensure testing credentials are labeled as such
 2020-02-06 17:47:29 -08:00
Kubernetes Prow Robot
8d80a44177
Merge pull request #87813 from sttts/sttts-schema-aggregation-logging 
kube-aggregator: increase log level of AggregationController API group logging
 2020-02-06 17:47:01 -08:00
Kubernetes Prow Robot
91d2088f24
Merge pull request #87778 from p0lyn0mial/improve-unavailableGauge 
makes unavailableGauge metric to always reflect the current state of a service
 2020-02-06 17:46:38 -08:00
Aldo Culquicondor
1071eb89f3 Remove deprecated fields from kubescheduler.config.k8s.io/v1alpha2 
Signed-off-by: Aldo Culquicondor <acondor@google.com>
 2020-02-06 16:22:30 -05:00
Antoine Pelisse
a52776fbfb Add UpdateTwice and UpdateApply benchmarks for fieldmanager 
I've also moved the deserialization of the object outside the benchmark
since we're not trying to benchmark the yaml parser.
 2020-02-06 09:25:52 -08:00
Sakura
d5edfc9817
fix staticcheck errors in vendor/k8s.io/legacy-cloud-providers/aws. 
Signed-off-by: Sakura <longfei.shang@daocloud.io>
 2020-02-06 11:08:45 +08:00
Weinong Wang
c08db5feac add a flag in azure auth module to omit spn: prefix in audience claim 2020-02-05 14:17:59 -08:00
Kubernetes Prow Robot
9f6f608816
Merge pull request #87492 from 928234269/fix_staticcheck05 
fix static check errors in vendor/k8s.io/apimachinery/pkg/api/resource
 2020-02-05 12:11:55 -08:00
shaloulcy
fa9ba80a67 validate storage cache indexers 
Signed-off-by: shaloulcy <lcy041536@gmail.com>
 2020-02-05 17:37:56 +08:00
Kubernetes Prow Robot
7e8f31b313
Merge pull request #87809 from mfojtik/kubectl-logs-preselect 
kubectl: allow to preselect interesting container in logs
 2020-02-05 01:09:20 -08:00
Kubernetes Prow Robot
85ffc9dbd7
Merge pull request #87791 from mikedanese/authexp 
remove authn/z expansions
 2020-02-05 01:08:48 -08:00
Harry Zhang
fc8a39d439 implement backoff manager 2020-02-04 14:23:15 -08:00
Monis Khan
9b23f22472
Make oidc authenticator audience agnostic 
This change removes the audience logic from the oidc authenticator
and collapses it onto the same logic used by other audience unaware
authenticators.

oidc is audience unaware in the sense that it does not know or
understand the API server's audience.  As before, the authenticator
will continue to check that the token audience matches the
configured client ID.

The reasoning for this simplification is:

1. The previous code tries to make the client ID on the oidc token
a valid audience.  But by not returning any audience, the token is
not valid when used via token review on a server that is configured
to honor audiences (the token works against the Kube API because the
audience check is skipped).

2. It is unclear what functionality would be gained by allowing
token review to check the client ID as a valid audience.  It could
serve as a proxy to know that the token was honored by the oidc
authenticator, but that does not seem like a valid use case.

3. It has never been possible to use the client ID as an audience
with token review as it would have always failed the audience
intersection check.  Thus this change is backwards compatible.

It is strange that the oidc authenticator would be considered
audience unaware when oidc tokens have an audience claim, but from
the perspective of the Kube API (and for backwards compatibility),
these tokens are only valid for the API server's audience.

This change seems to be the least magical and most consistent way to
honor backwards compatibility and to allow oidc tokens to be used
via token review when audience support in enabled.

Signed-off-by: Monis Khan <mok@vmware.com>
 2020-02-04 13:24:49 -08:00
Davanum Srinivas
5bb1838c5c
Updating dependency sigs.k8s.io/yaml to version v1.2.0 2020-02-04 15:45:47 -05:00
Tim Allclair
9d3670f358 Ensure testing credentials are labeled as such 2020-02-04 10:36:05 -08:00
Brian Pursley
2d21f16c38 Fixed code formatting issues discovered by verify-gofmt 2020-02-04 10:16:06 -05:00