Flocker storage plugin removed from k8s codebase.
Flocker, an early external storage plugin in k8s,
has not been in maintenance and their business is
down. As far as I know, the plugin is not being
used anymore.
This PR removes the whole flocker dependency and
codebase from core k8s to reduce potential security
risks and reduce maintenance work from the sig-storage community.
Full stack traces are on by default. The approach for collecting results is
different. Tests run in their own goroutine, therefore runTests is no longer
part of their callstack. To cover stack traces with more than one entry, a new
test case gets added with a separate helper function.
Gomega object formatting now includes the type.
This removes the last remaining reference to Ginkgo v1.
Co-authored-by: Patrick Ohly <patrick.ohly@intel.com>
Signed-off-by: Dave Chen <dave.chen@arm.com>
- update all the import statements
- run hack/pin-dependency.sh to change pinned dependency versions
- run hack/update-vendor.sh to update go.mod files and the vendor directory
- update the method signatures for custom reporters
Signed-off-by: Dave Chen <dave.chen@arm.com>
This updates vendored runc/libcontainer to 1.1.0,
and google/cadvisor to a version updated to runc 1.1.0
(google/cadvisor#3048).
Changes in vendor are generated by (roughly):
./hack/pin-dependency.sh github.com/google/cadvisor v0.44.0
./hack/pin-dependency.sh github.com/opencontainers/runc v1.1.0
./hack/update-vendor.sh
./hack/lint-dependencies.sh # And follow all its recommendations.
./hack/update-vendor.sh
./hack/update-internal-modules.sh
./hack/lint-dependencies.sh # Re-check everything again.
Co-Authored-By: Kir Kolyshkin <kolyshkin@gmail.com>
Goal of this commit is to add some missing features when the
Kubernetes API is accessed through a SOCKS5 proxy. That's for
example the case when port-forwarding is used (`kubectl port-forward`)
or when exec'ing inside a container (`kubectl exec`), with this
commit it'll now be possible to use both.
Signed-off-by: Romain Aviolat <romain.aviolat@kudelskisecurity.com>
Signed-off-by: Romain Jufer <romain.jufer@kudelskisecurity.com>
This replaces the experimental logr v0.4 with the stable v1.1.0
release. This is a breaking API change for some users because:
- Comparing logr.Logger against nil is not possible anymore:
it's now a struct instead of an interface. Code which
allows a nil logger should switch to *logr.Logger as type.
- Logger implementations must be updated in lockstep.
Instead of updating the forked zapr code in json.go, directly using
the original go-logr/zapr is simpler and avoids duplication of effort.
The updated zapr supports logging of numeric verbosity. Error messages
don't have a verbosity (= always get logged), so "v" is not getting
added to them anymore.
Source code logging for panic messages got fixed so that it references
the code with the invalid log call, not the json.go implementation.
Finally, zapr includes additional information in its panic
messages ("zap field", "ignored key", "invalid key").
This is to check if runc 1.0.0 (to be released shortly) works with k8s.
The commands used were (roughly):
hack/pin-dependency.sh github.com/opencontainers/runc v1.0.0
hack/lint-dependencies.sh
# Follow its recommendations.
hack/pin-dependency.sh github.com/cilium/ebpf v0.6.1
hack/pin-dependency.sh github.com/opencontainers/selinux v1.8.2
hack/pin-dependency.sh github.com/sirupsen/logrus v1.8.1
# Recheck.
hack/lint-dependencies.sh
GO111MODULE=on go mod edit -dropreplace github.com/willf/bitset
hack/update-vendor.sh
# Recheck.
hack/lint-dependencies.sh
hack/update-internal-modules.sh
# Recheck.
hack/lint-dependencies.sh
[v2: rebased, updated runc 3a0234e1fe2e82 -> 2f8e8e9d977500]
[v3: testing master + runc pr 3019]
[v4: updated to 93a01cd4d0b7a0f08a]
[v5: updated to f093cca13d3cf8a484]
[v6: rebased]
[v7: updated to runc v1.0.0]
[v8: rebased]
Signed-off-by: Kir Kolyshkin <kolyshkin@gmail.com>
heketi that is dependency for glusterfs was updated to import a fork of jwt-go that fixes
a high severity CVE-2020-26160 by importing a forked repo (form3tech-oss/jwt-go) that fixes
the CVE as the original repo (dgrijalva/jwt-go) has a fix with breaking changes and
the repo is generally loosely maintained.
This fork is already being used in other places in kubernetes. Heketi 10.3.0 includes this fix.
NOTE: The vulnerable function is not used by heketi or kubernetes. So the vulnerable package is a
transitive dependency and this fix will reduce false postive CVE alerts on kubernetes
Bumped github.com/auth0/go-jwt-middleware to v1.0.0 which removes dgrijalva/jwt-go cleanly
Fixing test failures: pull-kubernetes-dependencies
Removing unused dependencies in replace block to fix test failures: pull-kubernetes-dependencies
Bump go-jwt-middleware to v1.0.1 to *not* pull in examples only deps
The coredns/corefile-migration project switched to a fork of
coredns/caddy to remove dependencies it doesn't actually need. Picking
up this update here in k/k results in a significantly smaller go.mod.
Signed-off-by: Dan Lorenc <dlorenc@google.com>
