Automatic merge from submit-queue (batch tested with PRs 36229, 39450)
Bump etcd to 3.0.14 and switch to v3 API in etcd.
Ref #20504
**Release note**:
```release-note
Switch default etcd version to 3.0.14.
Switch default storage backend flag in apiserver to `etcd3` mode.
```
Automatic merge from submit-queue (batch tested with PRs 39408, 38981)
Remove RBAC UserAll
* Removes special handling of User * subjects in rolebinding matching evaluation
* Converts v1alpha1 rolebindings to `User *` subjects to `Group system:authenticated` subjects for backwards compatibility
```release-note
RBAC's special handling of the User subject named "*" in RoleBinding and ClusterRoleBinding objects is being deprecated and will be removed in v1beta1. Existing v1alpha1 role bindings to User "*" will be converted to the group "system:authenticated". To match unauthenticated requests, RBAC role bindings must explicitly bind to the group "system:unauthenticated".
```
Automatic merge from submit-queue
Ensure invalid token returns 401 error, not 403
fixes#39267
If a user attempts to use a bearer token, and the token is rejected, the authenticator should return an error. This distinguishes requests that did not provide a bearer token (and are unauthenticated without error) from ones that attempted to, and failed.
Automatic merge from submit-queue
Start moving genericapiserver to staging
This moves `pkg/auth/user` to `staging/k8s.io/genericapiserver/pkg/authentication/user`. I'll open a separate pull into the upstream gengo to support using `import-boss` on vendored folders to support staging.
After we agree this is the correct approach and see everything build, I'll start moving other packages over which don't have k8s.io/kubernetes deps.
@kubernetes/sig-api-machinery-misc @lavalamp
@sttts @caesarxuchao ptal
Automatic merge from submit-queue
pkg/labels: fix the godoc for Parse()
previously the formatting was broken for labels.Parse() function. I
fixed the spacing so it will format correctly for the generated go docs.
There was also a dangling "]" at the end of the first line so i deleted
it.
**What this PR does / why we need it**:
This fixes a formatting issue with the generated go documentation.
**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*:
**Special notes for your reviewer**:
**Release note**:
```release-note
NONE
```
Automatic merge from submit-queue
add some specifications on the top command
**What this PR does / why we need it**:
the top command is available when heapster works fine on the server, but the specifications doesn't mention about this. So I added some specifications here.
Automatic merge from submit-queue (batch tested with PRs 38084, 39306)
Small improve for GetContainerOOMScoreAdjust
In `GetContainerOOMScoreAdjust`, make logic more clear for the case `oomScoreAdjust >= besteffortOOMScoreAdj`. If `besteffortOOMScoreAdj` is defined to another value(e.g. 996), suppose `oomScoreAdjust` is 999, the function will return 998(which equals 999 - 1) instead of 995(996 -1).
Automatic merge from submit-queue
Remove jobs that do not exist from active list of CronJob
**What this PR does / why we need it**: This PR modifies the controller for CronJob to remove from the active job list any job that does not exist anymore, to avoid staying blocked in active state forever. See #37957.
**Which issue this PR fixes**: fixes#37957
**Special notes for your reviewer**:
**Release note**:
```
```
Automatic merge from submit-queue (batch tested with PRs 38433, 36245)
Allow pods to define multiple environment variables from a whole ConfigMap
Allow environment variables to be populated from ConfigMaps
- ConfigMaps represent an entire set of EnvVars
- EnvVars can override ConfigMaps
fixes#26299
Automatic merge from submit-queue (batch tested with PRs 39284, 39367)
Remove HostRecord annotation (beta feature)
The annotation has made it to GA so this code should be deleted.
**Release note**:
```release-note
The 'endpoints.beta.kubernetes.io/hostnames-map' annotation is no longer supported. Users can use the 'Endpoints.subsets[].addresses[].hostname' field instead.
```
Automatic merge from submit-queue (batch tested with PRs 39280, 37350, 39389, 39390, 39313)
delete meaningless judgments
What this PR does / why we need it:
Whether "err" is nil or not, "err" can be return, so the judgment "err !=nil " is unnecessary
Automatic merge from submit-queue (batch tested with PRs 39001, 39104, 35978, 39361, 39273)
delete SetNodeStatus() function and fix some function notes words
Automatic merge from submit-queue (batch tested with PRs 39001, 39104, 35978, 39361, 39273)
Allow PATCH in an API CORS setup
Allows the PATCH method to be used in a REST API CORS setup.
**Release note**:
```release-note
NONE
```
Automatic merge from submit-queue (batch tested with PRs 39001, 39104, 35978, 39361, 39273)
refactored admission to avoid internal client references
Refactored admission to avoid internal client references. This required switching to plugin initializers for them. And that required some rewiring of the plugin initializers.
Technically I can decouple from the other two commits, but I'm optimistic that those will go through easy. This is slightly move invasive, but I'd like to shoot for pre-christmas to avoid new admission plugins coming through and breaking bits.
@sttts @derekwaynecarr
