Fix the Unstructured GetDeletionGracePeriodSeconds accessor which was
always returning nil regardless of the underlying stored value. The
field value always appearing nil prevents Custom Resource instances
from being deleted when garbage collection is enabled for CRs and
when DeletePropagationOrphan is used. More generally, this fix means that
delete-on-update now works for CR instances.
Add some test coverage for Unstructured metadata deserialization.
The Unstructured DeletionGracePeriodSeconds field marshals as a value
type from JSON and as a pointer type via SetDeletionGracePeriodSeconds.
The GetDeletionGracePeriodSeconds method now supports handling both
int64 and *int64 values so that either underlying value can be returned.
Add a reflection-based unit test which attempts to exercise all the
Object Get/Set methods for nil handling.
Automatic merge from submit-queue (batch tested with PRs 45610, 47628)
Add Priority to Kubernetes API
**What this PR does / why we need it**: This is the first in a series of PRs to add priority to Kubernetes API. Subsequent PRs will add priority name resolution to admission controller.
**Release note**:
```release-note
Add PriorityClassName and Priority fields to PodSpec.
```
Automatic merge from submit-queue
shows how to wire admission control in a sample api server.
**What this PR does / why we need it**:
This PR shows how to wire admission control in a custom api server
**Release note**:
```release-note
NONE
```
Automatic merge from submit-queue (batch tested with PRs 47484, 47904, 48034)
prioritize messages for long steps
This pull prioritizes the trace messages, so steps that are unusually large come out at the info level and all details come out a v(4) level.
Automatic merge from submit-queue (batch tested with PRs 48012, 47443, 47702, 47178)
Don't bother with a mutable transformer for identity
The default value transformer can safely be the identity transformer - mutability is not required if the caller doesn't need transformation.
Automatic merge from submit-queue (batch tested with PRs 48012, 47443, 47702, 47178)
incluster config will be used when creating external shared informers.
**What this PR does / why we need it**:
Previously the loopback configuration was used to talk to the server.
As a consequence a custom API server was unable to talk to the root API server.
This PR changes the above by using incluster configuration to create shared informers.
**Release note**:
```release-note
NONE
```
Automatic merge from submit-queue
Update custom-resources example in client-go
- Update client-go examples `README.md` to point to the CustomResources example instead of the deprecated TPR one.
- Delete `staging/src/k8s.io/client-go/examples/custom-resources`.
Fixing #47743.
**Release note**:
```release-note
NONE
```
/cc @ahmetb @sttts
Automatic merge from submit-queue (batch tested with PRs 48036, 48022)
apiextensions-apiserver: fix build
Can't build CRD due to this bug. This PR will fix it.
As part of ChooseHostInterface(), it will call a function to try to get the
global IP for the host, by looking at all the system interfaces and select
the first IP that is not a loopback, link-local, or point-to-point IP.
This commit does the following:
- Allows IPv6 non-local IPs to be selected.
- IPv4 takes priority (checks all interfaces for IPv4 addresses and
then checks all interfaces for IPv6), for backward compatibility.
- Adds UTs for code coverage (was no coverage of underlying function),
increasing from 62% to 84%.
- Improved logging and reporting for error conditions.
- Minor renaming of functions and variables for readability.
Automatic merge from submit-queue (batch tested with PRs 46425, 47975)
make proto time precision match json
json readers/writers see second precision, but protobuf readers/writers seen nanosecond precision. This means that a json client can read and write and accidentally mutate fields as seen by protobuf clients.
This makes the precision consistent.
@kubernetes/sig-api-machinery-misc @smarterclayton
```release-note
Update protobuf time serialization for a one second granularity
```
Automatic merge from submit-queue
Removes alpha feature gate for affinity annotations.
**What this PR does / why we need it**:
In 1.5 we added a backstop to support alpha affinity annotations. This PR removes that support in favor of the Beta fields per discussions.
It also serves as a precursor to some of the component config work that @ncdc has done around @mikedanese design proposal.
xref: https://github.com/kubernetes/kubernetes/pull/41617
**Special notes for your reviewer**:
**Release note**:
```
Removes alpha feature gate for pod affinity annotations.
```
/cc @kubernetes/sig-scheduling-pr-reviews @kubernetes/sig-cluster-lifecycle-misc
Automatic merge from submit-queue (batch tested with PRs 47650, 47936, 47939, 47986, 48006)
External dependency of k8s.io/api
Fix https://github.com/kubernetes/kubernetes/issues/48007
It's unfortunate that k8s.io/api has external dependencies.
Most of the dependencies are introduced by "k8s.io/apimachinery/pkg/util/intstr" and ugorji.
Automatic merge from submit-queue
Add token authentication method for websocket browser clients
Closes#47967
Browser clients do not have the ability to set an `Authorization` header programatically on websocket requests. All they have control over is the URL and the websocket subprotocols sent (see https://developer.mozilla.org/en-US/docs/Web/API/WebSocket)
This PR adds support for specifying a bearer token via a websocket subprotocol, with the format `base64url.bearer.authorization.k8s.io.<encoded-token>`
1. The client must specify at least one other subprotocol, since the server must echo a selected subprotocol back
2. `<encoded-token>` is `base64url-without-padding(token)`
This enables web consoles to use websocket-based APIs (like watch, exec, logs, etc) using bearer token authentication.
For example, to authenticate with the bearer token `mytoken`, the client could do:
```js
var ws = new WebSocket(
"wss://<server>/api/v1/namespaces/myns/pods/mypod/logs?follow=true",
[
"base64url.bearer.authorization.k8s.io.bXl0b2tlbg",
"base64.binary.k8s.io"
]
);
```
This results in the following headers:
```
Sec-WebSocket-Protocol: base64url.bearer.authorization.k8s.io.bXl0b2tlbg, base64.binary.k8s.io
```
Which this authenticator would recognize as the token `mytoken`, and if authentication succeeded, hand off to the rest of the API server with the headers
```
Sec-WebSocket-Protocol: base64.binary.k8s.io
```
Base64-encoding the token is required, since bearer tokens can contain characters a websocket protocol may not (`/` and `=`)
```release-note
Websocket requests may now authenticate to the API server by passing a bearer token in a websocket subprotocol of the form `base64url.bearer.authorization.k8s.io.<base64url-encoded-bearer-token>`
```
Automatic merge from submit-queue
include object fieldpath in event key
Fixes https://github.com/kubernetes/kubernetes/issues/47692#47462 exposed a bug where `getEventKey()` only keys on event fields that are common at the pod level. Events generated by different containers in the same pod will yield identical event keys. This results in events with the same message from different containers in a pod being aggregated in error.
This wasn't a problem before as the event message contained container specific information and thus didn't produce the same event key.
@derekwaynecarr @dhilipkumars @dchen1107
Automatic merge from submit-queue (batch tested with PRs 47883, 47179, 46966, 47982, 47945)
add level for print flags
Signed-off-by: sakeven <jc5930@sina.cn>
**What this PR does / why we need it**:
It's ugly to print all flags whenever.
**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*:
fixes#47932
**Special notes for your reviewer**:
**Release note**:
```
NONE
```
Automatic merge from submit-queue (batch tested with PRs 47883, 47179, 46966, 47982, 47945)
Add feature gating to REST Compression
**What this PR does / why we need it**: Adds feature gating to opt out of REST API compression
**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes#46963
**Special notes for your reviewer**: This PR is a fix / addendum to #45666
**Release note**:
```release-note
```
Automatic merge from submit-queue
Lower etcd compacted loglevel
Fixes#47941
When we run apiserver, it will consistently produce logs like:
> I0620 15:27:44.627978 2765 compact.go:159] etcd: compacted rev (7825), endpoints ([http://127.0.0.1:2379])
I0620 15:32:44.632311 2765 compact.go:159] etcd: compacted rev (8193), endpoints ([http://127.0.0.1:2379])
I0620 15:37:44.643658 2765 compact.go:159] etcd: compacted rev (8552), endpoints ([http://127.0.0.1:2379])
...
which does not mean much overall, we may change the loglevel and lower the frequency.
**Release note**:
-->
```release-note
NONE
```
Automatic merge from submit-queue (batch tested with PRs 46151, 47602, 47507, 46203, 47471)
rebase gophercloud to support HTTP status 300 in pagination, so listingng Cinder v1/v2 API versions won't break
**What this PR does / why we need it**:
Since Cinder block v1/v2 support lands in 1.7, we have to ensure Cinder block api list won't fail due to https://github.com/gophercloud/gophercloud/pull/384.
**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes#47651
**Special notes for your reviewer**:
@anguslees @NickrenREN
**Release note**:
```release-note
NONE
```
Automatic merge from submit-queue
Fix link to apiextensions client-go example
Fixes link to client-go example for apiextensions-apiserver.
Fixing #47211.
**Special notes for your reviewer**:
When I run `hack/update-staging-client-go.sh`, I get this error:
```
!!! Error in staging/copy.sh:132
Error in staging/copy.sh:132. 'git commit -q -m "Snapshot" > /dev/null' exited with status 1
Call stack:
1: staging/copy.sh:132 main(...)
Exiting with status 1
```
What am I missing here?
/cc @caesarxuchao @sttts
**Release note**:
```
NONE
```
