github/kubernetes
4
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
122,541 Commits 1 Branch 31 Tags
b421bde1de40530b51b4b88c736bb007ed9afb17
Commit Graph

20744 Commits

Author SHA1 Message Date
Tim Allclair
0eb5f52d06 Rename AppArmor annotation constants with Deprecated 2024-03-06 10:46:31 -08:00
Jefftree
8373f3035a fix aggregator path filtering to include / 2024-03-06 13:33:33 -05:00
cpanato
70221e8405 [go] Bump images, dependencies and versions to go 1.22.1 and distroless iptables 
Signed-off-by: cpanato <ctadeu@gmail.com>
 2024-03-06 13:09:17 -05:00
Jordan Liggitt
c6673d2346 Bump github.com/golang/protobuf v1.5.4, google.golang.org/protobuf v1.33.0 2024-03-06 09:47:28 -05:00
Kubernetes Prow Robot
2b521e5f8e Merge pull request #123405 from cici37/vapGA 
[KEP-3488]Promote ValidatingAdmissionPolicy to GA
 2024-03-05 18:29:53 -08:00
Kubernetes Prow Robot
87f9b3891e Merge pull request #123385 from HirazawaUi/allow-special-characters 
Allow almost all printable ASCII characters in environment variables
 2024-03-05 17:31:06 -08:00
Kubernetes Prow Robot
3686ceb5b8 Merge pull request #122745 from kannon92/swap-no-swap-default 
[KEP-2400] add no swap as the default option for swap
 2024-03-05 16:32:40 -08:00
cici37
5d83282823 Auto updates 2024-03-05 16:00:21 -08:00
cici37
de506ce7ac Promote ValidatingAdmissionPolicy to GA. 2024-03-05 16:00:21 -08:00
Kubernetes Prow Robot
262399065d Merge pull request #123729 from seans3/streaming-owners 
Adds OWNERS files to client-go streaming dirs
 2024-03-05 14:46:02 -08:00
Kubernetes Prow Robot
751e3e9745 Merge pull request #123713 from aojea/missing_providerid 
node-controller require providerID to initialize a node
 2024-03-05 14:45:53 -08:00
Kubernetes Prow Robot
df1eccae38 Merge pull request #123543 from jiahuif-forks/feature/validating-admission-policy/excluded-resources 
ValidatingAdmissionPolicy: exclude brink-able resources.
 2024-03-05 13:45:01 -08:00
Kevin Hannon
6a4e19a4ec add no swap as the default option for swap 2024-03-05 16:10:42 -05:00
Kubernetes Prow Robot
7a20def5ba Merge pull request #123721 from enj/enj/i/authn_config_doc_nesting 
Fix AuthenticationConfiguration docs around nested claims via CEL
 2024-03-05 12:41:51 -08:00
Kubernetes Prow Robot
6efef796f6 Merge pull request #122998 from MikeSpreitzer/add-deletion-handling 
Add DeletionHandlingObjectToName
 2024-03-05 12:41:45 -08:00
Tim Allclair
d25b1ded76 PodSecurity check for AppArmor fields 2024-03-05 12:22:50 -08:00
Tim Allclair
24537a9131 Stop appending AppArmor status to node ready condition 2024-03-05 12:22:50 -08:00
Tim Allclair
b7f620c12b Generated code 2024-03-05 12:22:50 -08:00
Sean Sullivan
855bc74023 Adds OWNERS files to client-go streaming dirs 2024-03-05 20:21:48 +00:00
Tim Allclair
94927afb50 AppArmor API changes 2024-03-05 12:02:43 -08:00
Jiahui Feng
6b03166bed update to inject only the list of excluded resources. 2024-03-05 11:11:10 -08:00
Kubernetes Prow Robot
b0ee334374 Merge pull request #123708 from p0lyn0mial/upstream-const-watchlist-bookmark-event 
apimachinery/meta/types.go: define InitialEventsAnnotationKey const
 2024-03-05 10:40:51 -08:00
Michał Woźniak
e568a77a93 Support for the Job managedBy field (alpha) (#123273) 
* support for the managed-by label in Job

* Use managedBy field instead of managed-by label

* Additional review remarks

* Review remarks 2

* review remarks 3

* Skip cleanup of finalizers for job with custom managedBy

* Drop the performance optimization

* imrpove logs
 2024-03-05 09:25:15 -08:00
Anish Ramasekar
b502aa6f31 Duplicate v1alpha1 AuthenticationConfiguration to v1beta1 
Signed-off-by: Anish Ramasekar <anish.ramasekar@gmail.com>
 2024-03-05 09:10:34 -08:00
Monis Khan
290f2a7e1b Fix AuthenticationConfiguration docs around nested claims via CEL 
Signed-off-by: Monis Khan <mok@microsoft.com>
 2024-03-05 12:01:11 -05:00
Monis Khan
bc7aa13bf7 Mark StructuredAuthenticationConfiguration feature gate as beta 
Signed-off-by: Monis Khan <mok@microsoft.com>
 2024-03-05 11:34:30 -05:00
Kubernetes Prow Robot
4369fcb00f Merge pull request #123684 from hakuna-matatah/123570 
Addd negative case for the fix in #123570
 2024-03-05 08:24:39 -08:00
Antonio Ojea
53d38a3161 node-controller require providerID to initialize a node 
Since the migration to the external cloud providers, the node
controller in the cloud controller manager is responsible of
initializing the nodes.

There is a strong assumption across the ecosystem that the nodes has
set the node.spec.providerID value, however, the node controller does
not check if this value is set during the initialization  of the node,
and if there are some failures on the cloud provider API calls, the
node can be untainted without the value and never reconciled.

In addition, it seems that is possible for some cloud provider to not
implement the providerID value, though is not likely this is going to
happen, but for backward compatibility purposes we should allow this case.

The node controller will require the providerID to untain the Nodes,
except when the cloud provider does not use InstancesV2 and does implement it.

ProviderID is inmutable once set, so that value has preferences,
otherwise InstancesV2 is preferred over Instances.

Change-Id: Ic41cf7ebcca1ff0fbd8daafc036166f19fc37251
Signed-off-by: Antonio Ojea <aojea@google.com>
 2024-03-05 16:19:52 +00:00
Kubernetes Prow Robot
777070c9a5 Merge pull request #123702 from p0lyn0mial/upstream-clean-up-after-123190 
storage/cacher: mark the addition of a metric for waitUntilFreshAndBlock as completed
 2024-03-05 04:41:15 -08:00
Kubernetes Prow Robot
d826407152 Merge pull request #122653 from ardaguclu/interactive-delete-e2e-test 
Add e2e test for kubectl interactive delete
 2024-03-05 03:08:59 -08:00
Kubernetes Prow Robot
835ad2bccd Merge pull request #120346 from ardaguclu/custom-debug-profile 
kubectl debug: Add custom debug profiles on top of static profiles
 2024-03-05 03:08:45 -08:00
Lukasz Szaszkiewicz
3f7d4b787b apimachinery/meta/types.go: define InitialEventsAnnotationKey const 
InitialEventsAnnotationKey the name of the key
under which an annotation marking the end of
a watchlist stream is stored.
The annotation is added to a "Bookmark" event.

The const will be immediately used in client-go and apiserver packages.
 2024-03-05 11:52:25 +01:00
Lukasz Szaszkiewicz
221ad9f7c2 storage/cacher: mark the addition of a metric for waitUntilFreshAndBlock as completed 2024-03-05 10:23:23 +01:00
Kubernetes Prow Robot
dc3f5ec6cc Merge pull request #112957 from mxpv/log-dir 
Allow changing pod log directory
 2024-03-04 21:07:06 -08:00
HirazawaUi
96a16a7bc9 add relaxed env var name function 2024-03-05 12:51:54 +08:00
Arda Güçlü
af2dadcb18 Add custom debug profiles on top of static profiles 
This PR adds `custom` flag to let user customizes debug resources.
`custom` flag accepts partial container spec in json format.
 2024-03-05 07:47:41 +03:00
Kubernetes Prow Robot
50f4b1ea47 Merge pull request #123568 from enj/enj/i/jwt_username_required 
jwt: fail on empty username via CEL expression
 2024-03-04 20:07:33 -08:00
Kubernetes Prow Robot
26600b17ab Merge pull request #123561 from enj/enj/i/validate_jwt_sa_iss 
Prevent conflicts between service account and jwt issuers
 2024-03-04 20:07:24 -08:00
Kubernetes Prow Robot
a76a3e031f Merge pull request #123487 from gauravkghildiyal/kep-4444 
Introduce trafficDistribution field for Kubernetes Services
 2024-03-04 20:07:15 -08:00
Kubernetes Prow Robot
0bcf6e3dde Merge pull request #123679 from seans3/remotecommand-extend-deadlines 
Extend deadlines to one minute
 2024-03-04 18:38:32 -08:00
Kubernetes Prow Robot
699984f25a Merge pull request #123641 from liggitt/authz-config-beta-gate 
Promote StructuredAuthorizationConfiguration feature gate to beta
 2024-03-04 18:38:23 -08:00
Kubernetes Prow Robot
5b6d8a4293 Merge pull request #123532 from serathius/separate-rpc 
Move cacher watch to separate rpc preventing starvation
 2024-03-04 18:38:14 -08:00
Kubernetes Prow Robot
6929a11f69 Merge pull request #123481 from sanposhiho/mindomain-stable 
graduate MinDomainsInPodTopologySpread to stable
 2024-03-04 17:18:53 -08:00
Kubernetes Prow Robot
f745503112 Merge pull request #123413 from seans3/tunneling-spdy-websockets 
PortForward: Tunnel SPDY through WebSockets
 2024-03-04 17:18:44 -08:00
Harish Kuna
4a5fe2deca Addd negative case for the fix in #123570 2024-03-05 01:00:50 +00:00
Kubernetes Prow Robot
1c789a9d46 Merge pull request #122422 from neolit123/1.30-update-hostaliases-note 
core/v1: remove note about hostAliases not working with hostNetwork
 2024-03-04 16:21:21 -08:00
Gaurav Ghildiyal
ec6fd2befa Add options construct to EndpointSlice NewReconciler for the new trafficDistributionEnabled field 2024-03-04 15:40:22 -08:00
Kubernetes Prow Robot
46a2137c1b Merge pull request #123639 from liggitt/authz-metrics 
Add authorization webhook duration/count/failopen metrics
 2024-03-04 14:09:30 -08:00
Sean Sullivan
b04d1177ef extend deadlines to one minute 2024-03-04 11:31:56 -08:00
Kubernetes Prow Robot
4ed7f6b4c4 Merge pull request #123583 from saschagrunert/image-id-container-status 
Add `image_id` to CRI `ContainerStatus` message
 2024-03-04 11:23:41 -08:00