github/kubernetes
4
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
113,250 Commits 1 Branch 31 Tags 1,019 MiB
b201c08cea
Commit Graph

3006 Commits

Author SHA1 Message Date
HirazawaUi
3b18e80fb4 delete unused functions in pkg directory 2023-01-16 21:43:36 +08:00
Kubernetes Prow Robot
696701b9fd
Merge pull request #114086 from xmcqueen/113935 
block ephemeral container addition to static pods
 2023-01-13 07:36:28 -08:00
Kubernetes Prow Robot
6ce055d62d
Merge pull request #114947 from saschagrunert/seccomp-ga-cleanup 
Make seccomp annotations non-functional
 2023-01-12 13:48:54 -08:00
Sascha Grunert
af1f6a230b
Make seccomp annotations non-functional 
This cleanup has been planned to finish the corresponding KEP:
https://github.com/kubernetes/kubernetes/issues/91286

As follow-up on the partly removal of the seccomp annotations in
https://github.com/kubernetes/kubernetes/pull/109819, we now drop
the version skew handling completely, but still warn as well as keep
the validation in place if both (annotation and field) are set.

The Pod Security Admission code has been already changed in
https://github.com/kubernetes/kubernetes/pull/114846.

Signed-off-by: Sascha Grunert <sgrunert@redhat.com>
 2023-01-12 17:11:52 +01:00
Kubernetes Prow Robot
08d9a0ef5b
Merge pull request #113467 from pacoxu/psp-cleanup 
Remove PodSecurityPolicy related code except client-go & API type
 2023-01-11 14:28:07 -08:00
Kubernetes Prow Robot
564f438892
Merge pull request #114691 from thockin/fix-pod-warning-string 
Make the warning about pod name clearer
 2023-01-10 13:47:38 -08:00
Kubernetes Prow Robot
5a896bf379
Merge pull request #114677 from kl52752/epd-warning-address-type 
Generate warning for EndpointSlice AddressType FQDN
 2023-01-10 13:47:27 -08:00
Paco Xu
e0bc0693e9 registry/storage: remove psp support 2023-01-06 17:07:02 +08:00
Kubernetes Prow Robot
ac889a0251
Merge pull request #113581 from aimuz/verify-tls-secret 
Verify that the key matches the cert
 2023-01-04 14:29:58 -08:00
TommyStarK
e2d8fc3f62 pkg/registry: Replace deprecated pointer function 
Signed-off-by: TommyStarK <thomasmilox@gmail.com>
 2023-01-04 10:38:09 +01:00
Kubernetes Prow Robot
12c71fdf1c
Merge pull request #113542 from ardaguclu/fix-shortname-disperancy 
Set singular names for core types to pass to discovery
 2023-01-03 09:29:43 -08:00
Katarzyna Lach
249f763c7e Generate warning for EndpointSlice AddressType FQDN 
Change-Id: Ibc213acdffa741e630821f371ea25e2b5187a011
 2023-01-02 10:00:01 +00:00
Antonio Ojea
29ea5076ea refactor current ipallocator 
- rename files to match the allocator backend
- use t.Run for tests and cover large ranges
- add benchmarks
- check that thebitmap ip allocator satisfies the interface

goos: linux
goarch: amd64

pkg: k8s.io/kubernetes/pkg/registry/core/service/ipallocator
cpu: Intel(R) Xeon(R) CPU E5-2678 v3 @ 2.50GHz
BenchmarkAllocateNextIPv4Size1048574
BenchmarkAllocateNextIPv4Size1048574-24    	 1517683
7373 ns/op	     135 B/op	       8 allocs/op
BenchmarkAllocateNextIPv6Size65535
BenchmarkAllocateNextIPv6Size65535-24      	 5607438
193.9 ns/op	      18 B/op	       2 allocs/op
PASS
 2022-12-31 12:48:50 +00:00
Tim Hockin
7c7d79b058
Make the warning about pod name clearer 
Previously this was cut-paste from deployment.  It didn't make much
sense for pod.
 2022-12-25 14:20:55 -08:00
Tim Hockin
ed3ebbaaa7
Remove TODO about API proxy checking for svc 2022-12-23 12:32:17 -08:00
Kubernetes Prow Robot
038d983769
Merge pull request #114505 from aojea/service_warnings 
Services API: warnings on IP addresses
 2022-12-16 18:07:52 -08:00
Tim Hockin
8f62b94991
cronjob: API warn when name is not DNS label 2022-12-16 13:08:08 -08:00
Tim Hockin
fec8e721b2
job: API warn when name is not DNS label 2022-12-16 13:07:42 -08:00
Tim Hockin
b65cec86eb
deployment: API warn when name is not DNS label 2022-12-16 13:07:13 -08:00
Tim Hockin
820e2fff0d
rs: API warn when name is not DNS label 2022-12-16 13:06:43 -08:00
Tim Hockin
e27cf75094
rc: API warn when name is not DNS label 2022-12-16 13:06:10 -08:00
Tim Hockin
c555d290c1
pod: API warn when name is not DNS label 2022-12-16 13:05:17 -08:00
Antonio Ojea
1b804fc87c Services API: warnings 
The Services API should warn users about some IP addresses
representations, mainly because some of them are not allowed
by the golang std parsers since go 1.17

Specifically:

- IPv4 addresses with leading zeros, that may cause security risks
- IPv6 addresses in non canonical format, that may cause problems
with controllers hotlooping or cause security issues

Change-Id: Ife50a651d1b22dc4c318e42bd3e5f2e5f88ecbcd
 2022-12-16 11:54:05 +00:00
Kubernetes Prow Robot
4b27077eb2
Merge pull request #114428 from SataQiu/clean-rest-20221212 
apiserver: cleanup unused StrategyExceptions
 2022-12-14 06:47:34 -08:00
aimuz
4a7ab7fd75
Verify that the key matches the cert 
Signed-off-by: aimuz <mr.imuz@gmail.com>
 2022-12-13 10:43:58 +08:00
SataQiu
090c36027f apiserver: cleanup unused StrategyExceptions 2022-12-12 23:56:24 +08:00
Tim Hockin
dd0a50336e
ServiceInternalTrafficPolicyType: s/Type// 
Rename ServiceInternalTrafficPolicyType => ServiceInternalTrafficPolicy
 2022-12-11 13:48:31 -08:00
Tim Hockin
d0e2b06850
ServiceExternalTrafficPolicyType: s/Type// 
Rename ServiceExternalTrafficPolicyType => ServiceExternalTrafficPolicy
 2022-12-11 13:48:27 -08:00
Kubernetes Prow Robot
4106b10d9c
Merge pull request #112799 from kerthcet/cleanup/strategy-test 
optimize testcases arrangement
 2022-12-09 15:43:29 -08:00
Kubernetes Prow Robot
6f6bf42ee5
Merge pull request #113768 from lojies/codecleanupforkubeleteviction 
cleanup:Omit comparison with boolean constant
 2022-12-09 14:34:26 -08:00
Brian McQueen
25e990f738 added validation check to block adding an ephemeral container to a static pod and test cases 2022-12-02 15:39:11 -08:00
Arda Güçlü
43a889fc65 Add integration test to test singularnames for all resources 2022-11-21 09:59:37 +03:00
Arda Güçlü
1f54f610e4 minor integration test fixes and more singular resource 2022-11-18 13:11:16 +03:00
Arda Güçlü
23e2899556 Implement GetSingularName for LegacyBindingREST 
LegacyBindingREST is only used for `bindings` resource. It is not
a subresource and that's why it is required to implement
`GetSingularName` function. However, there is no need to implement
this function for BindingREST because it is only used for binding
subresource.

That's why, this function statically adds GetSingularName for
LegacyBindingREST.
 2022-11-18 12:21:19 +03:00
Arda Güçlü
d14b7781e2 Use casted SingularName for rbac types 2022-11-18 12:21:19 +03:00
Arda Güçlü
1abf94bec3 Remove GetSingularName for subresources 2022-11-18 12:21:19 +03:00
Arda Güçlü
672e0b1e01 Use correct singular name format for subresources 2022-11-18 12:21:19 +03:00
Arda Güçlü
578ddde80e Add singular name for the rest of types 2022-11-18 12:21:13 +03:00
Arda Güçlü
0990ba1cc9 Introduce singularNameProvider for core types 
This introduces `singularNameProvider`. This provider will be used
by core types to have their singular names are defined in discovery
endpoint. Thanks to that, core resources singular name always have
higher precedence than CRDs shortcuts or singular names.
 2022-11-18 12:21:07 +03:00
Kubernetes Prow Robot
d1c0171aed
Merge pull request #111023 from pohly/dynamic-resource-allocation 
dynamic resource allocation
 2022-11-11 16:21:56 -08:00
Kubernetes Prow Robot
cc704f9778
Merge pull request #113375 from atiratree/PodHealthyPolicy-api 
api: add unhealthyPodEvictionPolicy for PDBs
 2022-11-11 04:02:10 -08:00
Filip Křepinský
a429797f2e api: add UnhealthyPodEvictionPolicy for PDBs 2022-11-10 23:25:42 +01:00
Patrick Ohly
5cca60f0b8 api: dynamic resource allocation API 
This adds a new resource.k8s.io API group with v1alpha1 as version. It contains
four new types: resource.ResourceClaim, resource.ResourceClass, resource.ResourceClaimTemplate, and
resource.PodScheduling.
 2022-11-10 20:08:24 +01:00
Takafumi Takahashi
87c1ca88d4 Add API and validation for CrossNamespaceVolumeDataSource 2022-11-09 20:58:25 +00:00
Kubernetes Prow Robot
ff19efdf9b
Merge pull request #112744 from pwschuurman/statefulset-slice-impl 
Add implementation of KEP-3335, StatefulSetSlice
 2022-11-09 11:12:28 -08:00
Kubernetes Prow Robot
7e0e0c8ec3
Merge pull request #113360 from mimowo/handling-pod-failures-beta-enable 
Enable the "Retriable and non-retriable pod failures for jobs" feature into beta
 2022-11-09 08:30:24 -08:00
Michal Wozniak
c803892bd8 Enable the feature into beta 2022-11-09 09:02:40 +01:00
lojies
e2a4565a2b cleanup:Omit comparison with boolean constant 2022-11-09 09:54:41 +08:00
Abu Kashem
424b23bb15 apiserver: fix defaulting for apf bootstrap configuration 2022-11-08 13:23:09 -08:00
Peter Schuurman
366997951b Update doc comments and change name of feature gate 2022-11-08 07:48:10 -08:00