github/kubernetes
4
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
123,012 Commits 1 Branch 31 Tags
ae5543e4c8f99cb1555102a8ebc310aed3c82596
Commit Graph

4655 Commits

Author SHA1 Message Date
Michal Wozniak
115dc90633 Increase accuracy of the pods_creation_total metric and improve test exec time 2024-02-15 10:59:01 +01:00
Anish Ramasekar
0feb1d5173 Add integration test for multiple audience in structured authn 
Signed-off-by: Anish Ramasekar <anish.ramasekar@gmail.com>
 2024-02-14 18:50:46 -08:00
Kubernetes Prow Robot
72c3c7c924 Merge pull request #123282 from enj/enj/i/authn_config_algs 
Support all key algs with structured authn config
 2024-02-14 18:08:32 -08:00
Kubernetes Prow Robot
ba450636a4 Merge pull request #123165 from aramase/aramase/f/kep_3331_audience_match_policy 
Add `AudienceMatchPolicy` and support multiple audiences in AuthenticationConfiguration
 2024-02-14 17:00:04 -08:00
Jordan Liggitt
5dc92ada06 Implement authz config file reloading 2024-02-14 18:09:15 -05:00
Anish Ramasekar
18c563546a support multiple audiences with jwt authenticator 
Signed-off-by: Anish Ramasekar <anish.ramasekar@gmail.com>
 2024-02-14 10:47:07 -08:00
Monis Khan
b5e0068325 Support all key algs with structured authn config 
Signed-off-by: Monis Khan <mok@microsoft.com>
 2024-02-14 09:40:25 -05:00
Monis Khan
b8a59346fe test/oidc: extract key type to allow testing different algs 
Signed-off-by: Monis Khan <mok@microsoft.com>
 2024-02-13 17:05:33 -05:00
Anish Ramasekar
77241d3125 Add apiserver_encryption_config_controller_automatic_reloads_total 
metric

- Adds `apiserver_encryption_config_controller_automatic_reloads_total`
  metric with status label for encryption config reload success/failure.
- Deprecated `apiserver_encryption_config_controller_automatic_reload_failures_total` and `apiserver_encryption_config_controller_automatic_reload_success_total`

Signed-off-by: Anish Ramasekar <anish.ramasekar@gmail.com>
 2024-02-12 21:47:46 -08:00
Kubernetes Prow Robot
3bf9477b52 Merge pull request #122472 from pacoxu/flowcontrolv1 
flowcontrol: set the serialization version to v1
 2024-02-12 13:17:48 -08:00
Patrick Ohly
da0c9a93ae scheduler_perf: use dynamic client to create arbitrary objects 
With a dynamic client and a rest mapper it is possible to load arbitrary YAML
files and create the object defined by it. This is simpler than adding specific
Go code for each supported type.

Because the version now matters, the incorrect version in the DRA YAMLs were
found and fixed.
 2024-02-11 10:51:38 +01:00
Patrick Ohly
c46ae1b26a scheduler_perf: use ktesting.TContext + staging StartTestServer 
ktesting.TContext combines several different interfaces. This makes the code
simpler because less parameters need to be passed around.

An intentional side effect is that the apiextensions client interface becomes
available, which makes it possible to use CRDs. This will be needed for future
DRA tests.

Support for CRDs depends on starting the apiserver via
k8s.io/kubernetes/cmd/kube-apiserver/app/testing because only that enables the
CRD extensions. As discussed on Slack, the long-term goal is to replace the
in-tree StartTestServer with the one in staging, so this is going in the right
direction.
 2024-02-11 10:51:38 +01:00
James Munnelly
105ec3d48f fix linter failures 2024-02-07 12:57:05 +00:00
James Munnelly
852c03a49b check key is set before deleting from map 2024-02-07 12:31:42 +00:00
James Munnelly
4d8c3530f5 fix regular bound service account token test 2024-02-07 12:30:33 +00:00
James Munnelly
dfc20d19c8 fix integration tests now JTI feature is enabled by default 2024-02-05 18:11:50 +00:00
Kubernetes Prow Robot
42941cb88a Merge pull request #122635 from carlory/KEP-2799 
Promote LegacyServiceAccountTokenCleanUp to GA
 2024-02-02 12:47:23 -08:00
Alexander Zielenski
b636984004 test: remove unnecessary skip healthz check from test 
snuck in there while I was working on the test, but is ultimately not necessary to test the functionality.

skipping healthz check resulted in leaking goroutines from poststarthooks.
 2024-02-01 14:50:54 -08:00
Alexander Zielenski
71559bd026 bugfix: dont skip reconcile for unchanged policy if last sync failed 2024-01-29 11:16:59 -08:00
Lukasz Szaszkiewicz
41e706600a client-go/reflector: make UseWatchList a pointer 
until #115478(use streaming against the etcd storage)
is resolved the cacher need a way to disable the streaming.
 2024-01-19 14:40:18 +01:00
Patrick Ohly
8f4c9c7605 k8s.io/component-base/logs: replace klog text implementation 
This replaces the klog formatting and message routing with a simpler
implementation that uses less code. The main difference is that we skip the
entire unused message routing.

Instead, the same split output streams as for JSON gets implemented in the
io.Writer implementation that gets passed to the textlogger.
 2024-01-17 13:50:03 +01:00
Kensei Nakada
f29d6970c9 doc(scheduler_perf): enrich the documentation 2024-01-15 08:50:08 +00:00
Patrick Ohly
04b772c661 logs benchmark: really write through pipe 
While the benchmark is focused on encoding, it becomes a bit more realistic
when actually passing the encoded data to the Linux kernel. Features like
output buffering are more likely to have a visible effect when invoking
syscalls.
 2024-01-12 07:49:17 +01:00
Patrick Ohly
7f1a30f8d5 logs benchmark: fix config handling 
The logs config must be reset explicitly now when changing it multiple times
per process.
 2024-01-12 07:49:17 +01:00
carlory
0fc1b9c9aa Promote LegacyServiceAccountTokenCleanUp to GA 2024-01-08 10:58:49 +08:00
Davanum Srinivas
7a236bd7e0 Add providerless tags appropriately in test/ 
Signed-off-by: Davanum Srinivas <davanum@gmail.com>
 2024-01-07 08:16:05 -05:00
armstrongli
5c196ddaef add patch integration test to disable nodeport for LB type service 2024-01-07 20:04:09 +08:00
Kubernetes Prow Robot
60dcf7fd8d Merge pull request #119079 from sanposhiho/decouple-scheduler-perf-from-kk 
make scheduler_perf usable from other repositories
 2024-01-07 12:12:13 +01:00
armstrongli
4a18b4e9fe allow service NodePort to be updated to 0 in case AllocateLoadBalancerNodePorts=false 
the original logic always guarantee the NodePort's value if it was there. the NodePort should be allowed to set 0 if the Service has LB type with AllocateLoadBalancerNodePorts=false
 2024-01-07 10:21:35 +08:00
Kubernetes Prow Robot
9bd0ef5f17 Merge pull request #122558 from linxiulei/webhook-http2 
Use http/2 for localhost webhook
 2024-01-04 19:11:26 +01:00
Eric Lin
246e69fb99 Use http/2 for localhost webhook 
Signed-off-by: Eric Lin <exlin@google.com>
 2024-01-04 09:09:10 +00:00
Kubernetes Prow Robot
a7af34e1b8 Merge pull request #122347 from aramase/aramase/c/move_kms_apis 
kmsv2: move encryption config types to standard API server config location
 2024-01-03 16:16:18 +01:00
Paco Xu
f73bba51c9 flowcontrol: set the serialization version to v1 2023-12-25 14:24:50 +08:00
Kubernetes Prow Robot
f68a965e5a Merge pull request #122032 from carlory/remove-fg-APISelfSubjectReview 
remove feature-gate APISelfSubjectReview in 1.30
 2023-12-20 16:46:53 +01:00
Anish Ramasekar
75695dae10 move encryption config types to standard API server config location 
Signed-off-by: Anish Ramasekar <anish.ramasekar@gmail.com>
 2023-12-18 20:54:24 +00:00
AxeZhan
be48c93689 Sched framework: expose NodeInfo in all functions of PluginsRunner interface 2023-12-15 11:30:06 +08:00
Kubernetes Prow Robot
4189053453 Merge pull request #121755 from kerthcet/fix/node-update-event 
Fix nodeUpdate event missing some potential changes
 2023-12-13 22:36:03 +01:00
Kubernetes Prow Robot
bd4c29b7e3 Merge pull request #115502 from pwschuurman/speedup-autodelete-sts-integration-tests 
Reduce running time of TestAutodeleteOwnerRefs StatefulSet Integration Tests
 2023-12-13 22:33:57 +01:00
Kubernetes Prow Robot
c5473f1710 Merge pull request #117667 from carlory/fix-009 
Remove ability to re-enable serving deprecated storage APIs
 2023-12-13 21:25:15 +01:00
Peter Schuurman
16aad468b6 Replace test.name with test.namespace 2023-12-13 10:28:26 -08:00
Peter Schuurman
a3a4192eb9 Move expensive test setup (apiserver and running controller) to be run once in TestAutodeleteOwnerRefs parameterized tests 2023-12-13 10:28:24 -08:00
Kensei Nakada
3b8f25dfdd fix: disable SchedulerQueueingHints feature flag by default 2023-12-13 04:16:43 +00:00
Kensei Nakada
74a6a4581f fix by linters 2023-12-02 09:58:34 +00:00
Kensei Nakada
5310abe14a make scheduler_perf usable from other repositories 2023-12-01 12:43:08 +00:00
Jordan Liggitt
233949e05d Add an integration test to verify root path cleanup 2023-11-30 14:57:21 -05:00
kerthcet
e5b86c1034 Fix node update event will miss some potential changes 
Signed-off-by: kerthcet <kerthcet@gmail.com>
 2023-11-27 15:33:47 +08:00
carlory
57a5db8da3 remove feature-gate APISelfSubjectReview 2023-11-24 16:59:21 +08:00
Kubernetes Prow Robot
5ce0bd95cc Merge pull request #121677 from kerthcet/cleanup/remove-evnet 
Unregister events in schedulingGates for performance
 2023-11-10 05:03:33 +01:00
Jordan Liggitt
b53134f129 Test anonymous and RBAC handling via config file 2023-11-08 14:36:05 -06:00
kerthcet
f77a4543d1 Unregister events in schedulingGates plugin 
Signed-off-by: kerthcet <kerthcet@gmail.com>
 2023-11-06 10:01:13 +08:00