github/kubernetes
4
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
102,324 Commits 1 Branch 31 Tags
995278c9fbb80cb15136c68970b384cc91030397
Commit Graph

13709 Commits

Author SHA1 Message Date
Jordan Liggitt
ea54b1b152 PodSecurity: Make check-specific passing fixtures optional 2021-07-06 12:43:56 -04:00
Kubernetes Prow Robot
2423842549 Merge pull request #103514 from soltysh/format_string 
Hide long and multiline strings when printing
 2021-07-06 09:35:02 -07:00
Kubernetes Prow Robot
7752b195f2 Merge pull request #103504 from tkashem/apf-add-additional-latency 
apf: refactor width into its own struct
 2021-07-06 09:34:43 -07:00
Kubernetes Prow Robot
c93e509e6f Merge pull request #103435 from dashpole/rename_service 
Change tracing service from kube-apiserver to apiserver
 2021-07-06 09:34:31 -07:00
Dave Chen
9a5237ca63 Custom plugin config should take precedence over default plugin config 
Signed-off-by: Dave Chen <dave.chen@arm.com>
 2021-07-06 23:16:28 +08:00
Kubernetes Prow Robot
61e30f1355 Merge pull request #102520 from coderanger/patch-3 
nit: Update comment to match headers change.
 2021-07-06 07:48:30 -07:00
Kubernetes Prow Robot
7d9f476337 Merge pull request #102155 from lauchokyip/addTop 
Added field-selector option for kubectl top pod
 2021-07-06 07:48:18 -07:00
Abu Kashem
24e1922910 apf: add additional latency into width 2021-07-06 09:49:56 -04:00
Andrew Keesler
20e1c4d754 exec credential provider: update tests+metadata for v1 
Signed-off-by: Andrew Keesler <akeesler@vmware.com>
 2021-07-06 09:48:35 -04:00
Kubernetes Prow Robot
6d11f22fde Merge pull request #102998 from tkashem/apf-width-list 
apiserver: add callback to get notified of object count
 2021-07-06 06:16:18 -07:00
Maciej Szulik
d0c422fd9c Hide long and multiline strings when printing 
Currently both long strings and multiline strings can potentially
"break" printing. I'm adding extra formatting to ensure we cut strings
either at newline or at 100 chars with information that more information
is available.
 2021-07-06 15:07:13 +02:00
caodonghui
a2c1b284da update url 2021-07-06 14:55:38 +08:00
Abu Kashem
1002b0d163 apiserver: add callback to get notified of object count 2021-07-05 23:57:46 -04:00
atiratree
194ed1408d update translations 
- update template.pot
- reformat .po files
- regenerate .mo files
- regenarate and mark obsolete translations
- remove obsolete default/english translations
 2021-07-05 22:55:26 +02:00
atiratree
079d8aeb1e fix update-translations.sh 2021-07-05 22:39:07 +02:00
Lee Verberne
06124c1d1c Add backwards compatibility for kubectl debug 
The ephemeral containers API changed in 1.22. As a result, kubectl
debug (currently) cannot create ephemeral containers in clusters prior
to 1.22.

This change causes kubectl to retry the request using the old API when
it receives a specific error message from the server.
 2021-07-05 20:49:13 +02:00
Kubernetes Prow Robot
26bdfbc0ab Merge pull request #103437 from p0lyn0mial/readyz-signal 
genericapiserver: adds HasBeenReady lifecycle signal
 2021-07-05 08:02:55 -07:00
Odin Ugedal
61d88af9e4 Revert "Update runc to 1.0.0" 2021-07-05 14:03:04 +02:00
Kubernetes Prow Robot
77aa52a09a Merge pull request #92372 from breunigs/vsphere-consider-not-found-success-on-delete 
ignore "vmdk not found" vsphere errors during unmount (assume success)
 2021-07-05 03:22:53 -07:00
Kubernetes Prow Robot
687f0aa35b Merge pull request #101296 from Miciah/fix-RollingUpdateDaemonSet-godoc-regarding-rounding 
Fix RollingUpdateDaemonSet godoc regarding rounding
 2021-07-05 02:14:54 -07:00
Kubernetes Prow Robot
a3c2028cf4 Merge pull request #103039 from tkashem/fix-102973 
apf: calculation of dR/dt should use seats in use
 2021-07-05 00:14:54 -07:00
Qi Ni
28152a26fe fix: return empty VMAS name if using standalone VM 2021-07-05 09:28:09 +08:00
Kubernetes Prow Robot
39e951a08d Merge pull request #101624 from tilt-dev/nicks/go-to-protobuf 
go-to-protobuf: small fixes to improve debuggability
 2021-07-04 14:22:18 -07:00
brianpursley
ad8275f294 Added unit tests for ExpandPathsToFileVisitors 2021-07-03 17:57:47 -04:00
Sergey Kanzhelev
dffc2a60a2 deprecate and disable by default DynamicKubeletConfig feature flag 2021-07-02 23:53:11 +00:00
Kubernetes Prow Robot
c246b03d74 Merge pull request #101074 from verb/1.22-kubectl-target-warning 
Warn user for runtime support of debug targeting
 2021-07-02 13:38:26 -07:00
David Ashpole
8972efc65f change tracing service from kube-apiserver to apiserver 2021-07-02 07:04:26 -07:00
Lukasz Szaszkiewicz
58b91ffca9 adds HasBeenReady signal that fires when the readyz endpoint succeeds 2021-07-02 15:46:54 +02:00
Lukasz Szaszkiewicz
ca108d109d readyz signals when the handler succeeds for the first time. 
Co-authored-by: Dr. Stefan Schimanski <stefan.schimanski@gmail.com>
 2021-07-02 15:46:54 +02:00
Lee Verberne
968185e1f7 Warn user for runtime support of debug targeting 
Add a warning message to `kubectl debug` when using the `--target`
option as many runtimes don't support it yet.
 2021-07-02 14:23:00 +02:00
Lukasz Szaszkiewicz
6c88a62cb4 remove logging from the Signal method 2021-07-02 12:50:20 +02:00
Lukasz Szaszkiewicz
dae08bc3a7 rename terminationSignals to lifecycleSignals 2021-07-02 12:40:58 +02:00
Kubernetes Prow Robot
defcc916ed Merge pull request #103382 from liggitt/podsecurity-hostprocess 
[PodSecurity] hostProcess baseline check
 2021-07-02 01:16:24 -07:00
Kubernetes Prow Robot
659c7e709f Merge pull request #99494 from enj/enj/i/not_after_ttl_hint 
csr: add expirationSeconds field to control cert lifetime
 2021-07-01 23:02:12 -07:00
Monis Khan
29b3fa7826 Generated 
Signed-off-by: Monis Khan <mok@vmware.com>
 2021-07-01 23:38:16 -04:00
Monis Khan
cd91e59f7c csr: add expirationSeconds field to control cert lifetime 
This change updates the CSR API to add a new, optional field called
expirationSeconds.  This field is a request to the signer for the
maximum duration the client wishes the cert to have.  The signer is
free to ignore this request based on its own internal policy.  The
signers built-in to KCM will honor this field if it is not set to a
value greater than --cluster-signing-duration.  The minimum allowed
value for this field is 600 seconds (ten minutes).

This change will help enforce safer durations for certificates in
the Kube ecosystem and will help related projects such as
cert-manager with their migration to the Kube CSR API.

Future enhancements may update the Kubelet to take advantage of this
field when it is configured in a way that can tolerate shorter
certificate lifespans with regular rotation.

Signed-off-by: Monis Khan <mok@vmware.com>
 2021-07-01 23:38:15 -04:00
yuzhiquan
0a38b2804d add deprecated message for igonre-errors flag, and fix unsafety http link 2021-07-02 11:01:32 +08:00
Kubernetes Prow Robot
2627808e93 Merge pull request #103378 from n4j/feature/podSecurityApparmor_v2 
[PodSecurity] baseline - apparmor
 2021-07-01 19:20:24 -07:00
Kubernetes Prow Robot
df95052de3 Merge pull request #103218 from dashpole/otel_clientgo 
Add tracing to apiserver client-go requests
 2021-07-01 19:20:12 -07:00
Kubernetes Prow Robot
8fb67473ce Merge pull request #103323 from sejr/podsecurity-restricted-volumes 
[Pod Security] Restricted volume type check
 2021-07-01 18:12:11 -07:00
Natasha Sarkar
6d4096cc69 Upgrade kustomize-in-kubectl to v4.2.0 2021-07-01 18:01:44 -07:00
Natasha Sarkar
a46b42a92b Manually update kustomize attachment points. 2021-07-01 17:10:28 -07:00
Kubernetes Prow Robot
25bbe2ebc5 Merge pull request #99594 from cofyc/kep1845-api 
Prioritizing nodes based on volume capacity: API changes
 2021-07-01 15:35:51 -07:00
Samuel Roth
13a1804a5f podsecurity: add restricted volume type check 
podsecurity: restricted volumes check
 2021-07-01 17:51:56 -04:00
Jordan Liggitt
ac4bb885be hostProcess test fixture data 2021-07-01 15:49:33 -04:00
Jordan Liggitt
49d31c45b1 PodSecurity: baseline hostProcess check 2021-07-01 15:49:33 -04:00
Neeraj Shah
8049448113 [PodSecurity] baseline - apparmor 
Implement the "AppArmor" check from https://kubernetes.io/docs/concepts/security/pod-security-standards/#baseline

- AppArmor check
- Fixtures
- UnitTest case
 2021-07-01 23:36:55 +05:30
David Ashpole
b0ffaa93f5 move tracing instantiation further up, and check for nil 2021-07-01 10:42:11 -07:00
Kubernetes Prow Robot
e5135985fa Merge pull request #103340 from MadhavJivrajani/proc-mount-baseline 
Add baseline check for procMount type
 2021-07-01 09:50:07 -07:00
Kubernetes Prow Robot
b0af328e6e Merge pull request #103326 from pacoxu/safe-sysctls 
Mark net.ipv4.ip_unprivileged_port_start as a safe sysctl
 2021-07-01 09:49:55 -07:00