github/kubernetes
4
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
122,541 Commits 1 Branch 31 Tags
b421bde1de40530b51b4b88c736bb007ed9afb17
Commit Graph

20744 Commits

Author SHA1 Message Date
cpanato
9e5b8402bb update go.mod 
Signed-off-by: cpanato <ctadeu@gmail.com>
 2023-11-08 09:32:17 -06:00
cpanato
88e124ecaa [go] Bump images, dependencies and versions to go 1.21.4 
Signed-off-by: cpanato <ctadeu@gmail.com>
 2023-11-08 08:25:30 -06:00
Kubernetes Prow Robot
e4b74dd12f Merge pull request #121765 from mimowo/ready-pods-stable-api 
Fix API comment for the Job ready field
 2023-11-07 23:52:12 +01:00
Kubernetes Prow Robot
0193fae084 Merge pull request #121764 from mimowo/backoff-limit-per-index-beta-api 
Fix API comment for the FailIndex Job pod failure policy action
 2023-11-07 23:52:03 +01:00
Patrick Ohly
166b71757b dependencies: zapr v1.3.0, zap v1.26.0 
The new zapr adds support for slog. The new zap has various improvements. It no
longer depends on go.uber.org/atomic which enables dropping it from the
Kubernetes dependencies. github.com/pkg/errors is also no longer needed.
 2023-11-07 20:24:28 +01:00
HirazawaUi
b12db6d9b5 fix test store delete collection function failed 2023-11-08 00:34:53 +08:00
Michal Wozniak
9d5b2a4476 Fix API comment for the Job ready field 2023-11-07 07:38:51 +01:00
Michal Wozniak
1395e2e02c Fix API comment for the FailIndex Job pod failure policy action 2023-11-06 17:47:13 +01:00
xiegangpeng
c26bb7eb85 update util/sets to use standard package cmp 2023-11-06 10:59:46 +08:00
Kubernetes Prow Robot
22866ca5eb Merge pull request #121034 from alexzielenski/apiserver/apiextensions/ratcheting-oldself-create 
KEP-4008: CRDValidationRatcheting: Add support for optional `oldSelf`
 2023-11-04 02:57:46 +01:00
Alexander Zielenski
42a70cdbd1 codegen 2023-11-03 15:34:13 -07:00
Alexander Zielenski
bba0c9a81e validate defaults across an update from nil to ensure create ratcheting rules work 2023-11-03 15:34:13 -07:00
Alexander Zielenski
eef1515815 ratcheting-cel: use Optional[T] for oldSelf when optionalOldSelf is true 2023-11-03 15:34:13 -07:00
Alexander Zielenski
5edb27aa38 ratcheting-cel: add optionalOldSelf field 2023-11-03 15:23:23 -07:00
Taahir Ahmed
e83baddbb1 LRUExpireCache: Allow removing multiple keys under lock 2023-11-03 11:40:48 -07:00
Taahir Ahmed
599fdb7add Regenerate for ClusterTrustBundlePEM projected volume API 2023-11-03 11:40:48 -07:00
Taahir Ahmed
ecfdc8fda5 Define ClusterTrustBundlePEM projected volume 
This commit defines the ClusterTrustBundlePEM projected volume types.
These types have been renamed from the KEP (PEMTrustAnchors) in order to
leave open the possibility of a similar projection drawing from a
yet-to-exist namespaced-scoped TrustBundle object, which came up during
KEP discussion.

* Add the projection field to internal and v1 APIs.
* Add validation to ensure that usages of the project must specify a
  name and path.
* Add TODO covering admission control to forbid mirror pods from using
  the projection.

Part of KEP-3257.
 2023-11-03 11:40:48 -07:00
Taahir Ahmed
0fd1362782 ClusterTrustBundles: ClusterTrustBundleProjection feature gate 2023-11-03 11:40:48 -07:00
Alexander Constantinescu
9ae1fc366b Store nodes before calling EnsureLoadBalancer 
I am having difficulties convincing myself if this is better or worse.
I didn't implement this originally because I didn't want to store nodes that
we weren't sure we've configured. However: if EnsureLoadBalancer fails we
should retry the call from the service controller. Doing it like this might
save us one update call from the node controller side for calls which have
already started executing from the service controller's side...is this really
that expensive at this point though? Is it really that dangerous to not do
either, given that we retry failed calls? Ahhhhh!!! Opinions, please! Help, please!
 2023-11-03 11:42:53 +01:00
Alexander Constantinescu
60338c79d7 KCCM: fix slow node sync + service update 2023-11-03 11:42:53 +01:00
Alexander Constantinescu
a8673fa5b4 KCCM: add test validating slow node sync issue 2023-11-03 11:42:53 +01:00
Kubernetes Prow Robot
c3eebb233d Merge pull request #121709 from aramase/aramase/f/authn_user_info_fix 
[StructuredAuthn] Ensure empty fields of user object are accessible by CEL
 2023-11-03 03:16:04 +01:00
Kubernetes Prow Robot
fb9c94b3a5 Merge pull request #121705 from liggitt/authz-config-webhook-test 
Add multi-webhook integration test
 2023-11-03 01:29:52 +01:00
Anish Ramasekar
b693f09d54 [StructuredAuthn] Ensure empty fields of user object are accessible by 
CEL

Signed-off-by: Anish Ramasekar <anish.ramasekar@gmail.com>
 2023-11-02 22:53:06 +00:00
Jordan Liggitt
44d89c8cf8 Include empty string attributes for CEL authz evaluation 2023-11-02 16:56:52 -04:00
Jordan Liggitt
2e2f51a441 Plumb failure policy from config to webhook construction 2023-11-02 16:56:51 -04:00
Jordan Liggitt
a000af25ff Require match condition version only if matchConditions are specified 2023-11-02 13:54:39 -04:00
Siyuan Zhang
624169c5b5 k8s.io/apiserver/storage/etcd: refactor etcd GetList. 
Extract the logic to determine withRev to a separate method for better readability.

Signed-off-by: Siyuan Zhang <sizhang@google.com>
 2023-11-02 10:20:52 -07:00
Mohamed Omar Zaian
3c268b7524 etcd: Update to version 3.5.10 2023-11-02 10:30:41 +01:00
Kubernetes Prow Robot
227d1b2357 Merge pull request #119762 from AxeZhan/PollUntilContextCancel 
wait.PollUntilContextCancel immediately executes condition once
 2023-11-02 05:40:03 +01:00
James Sturtevant
2d9128116b Use golang library instead of mklink 
Signed-off-by: James Sturtevant <jstur@microsoft.com>
 2023-11-01 22:30:12 +00:00
John Howard
d96a9858d3 client-go: allow adding indexes after informer starts 2023-11-01 09:32:23 -07:00
Alexander Zielenski
18adc30933 refactor: rename TransitionRule to UsesOldSelf 
not all rules that use OldSelf are transition rules, and this flag was used to check for oldSelf usage anyway, not specifically whether the rule was a transition rule
 2023-11-01 09:31:52 -07:00
Kubernetes Prow Robot
974735854b Merge pull request #121573 from tukwila/bump_etcd_v3.5.10 
bump etcd newest version: v3.5.10
 2023-11-01 15:33:13 +01:00
Patrick Ohly
878d037d3b dependencies: klog v2.110.1 
Dropping a newline at the end of the message when using klog calls is an
intentional improvement (https://github.com/kubernetes/klog/pull/378)
 2023-11-01 09:32:20 +01:00
guangli.bao
bc1df9e7da bump to newest etcd: v3.5.10 
Signed-off-by: guangli.bao <guangli.bao@daocloud.io>
 2023-11-01 11:59:31 +08:00
Humble Chirammal
3890546265 Update APIs and adjust tests 
Signed-off-by: zhucan <zhucan.k8s@gmail.com>
Signed-off-by: Humble Chirammal <humble.devassy@gmail.com>
 2023-11-01 09:28:36 +05:30
Kubernetes Prow Robot
6abff7457e Merge pull request #116516 from aojea/servicecidr 
KEP-1880 Multiple ServiceCIDR ( and IPAddress allocation)
 2023-11-01 03:52:24 +01:00
carlory
083818f9e2 fix wrong condition description in PVC 2023-11-01 10:17:46 +08:00
Kubernetes Prow Robot
593a17d3b6 Merge pull request #121575 from apelisse/update-smd 
Update sigs.k8s.io/structured-merge-diff to v4.4.0
 2023-11-01 01:51:17 +01:00
Kubernetes Prow Robot
257b8c3666 Merge pull request #121046 from danwinship/nftables 
kube-proxy nftables backend
 2023-11-01 01:50:59 +01:00
Kubernetes Prow Robot
fafccc0c9a Merge pull request #121078 from aramase/aramase/f/kep_3331_cel_integration 
Implement CEL for StructuredAuthenticationConfig
 2023-11-01 00:33:21 +01:00
Kubernetes Prow Robot
715cd17c0d Merge pull request #121645 from p0lyn0mial/upstream-fix-race-in-test-forget-watcher 
bring back: cacher: when forgeting a watcher, call stopWatcherLocked multiple times
 2023-10-31 22:57:08 +01:00
Dan Winship
1a6b9b811e Simplify nftables/proxier.go by removing localhost nodeport support 
and related route_localnet setting / anti-martian-packet rule
 2023-10-31 17:33:53 -04:00
Dan Winship
a70653143e Add a dummy nftables kube-proxy backend which is just a copy of iptables 2023-10-31 17:31:42 -04:00
Antonio Ojea
fee07ad608 make update with the new API with arrays 2023-10-31 21:05:58 +00:00
Antonio Ojea
513fdb5422 describer: use new ServiceCIDR API 
Change-Id: Iff11c70f20bab3e55e4e569fb110ef25dd6dd97e
 2023-10-31 21:05:06 +00:00
Antonio Ojea
c3d9b77d94 update ServiceCIDR API: replace IPv4,IPv6 fields by an array of strings 
https: //docs.google.com/document/d/1-CKDPRHsG6XfnGs-Bb7ptWgDtTq9-hj8aJQpGz1CSh8/edit

Change-Id: If7134a5553b4ecc12b1d58ffc52ebb9f8594778a
 2023-10-31 21:05:06 +00:00
Antonio Ojea
8182c4d9ec make update 
Change-Id: I4007d4f6dda24b5c74f602d35191556f315de222
 2023-10-31 21:05:05 +00:00
Antonio Ojea
7e77e8b21d kubectl describe 
Change-Id: I0664e11a3a5549e1cc9602b22dcaf294200792a4
 2023-10-31 21:05:04 +00:00