github/kubernetes
4
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
80,602 Commits 1 Branch 31 Tags 1,019 MiB
e8b369ff3c
Commit Graph

140 Commits

Author SHA1 Message Date
James Sturtevant
e8b369ff3c Windows: Adds RunAsUserName field in WindowsOptions 
Adds the field RunAsUserName in the WindowsSecurityContextOptions type,
which is used in PodSecurityContext and SecurityContext.

This field needs to allow for a valid set of usernames allowed for
Windows containers. It must have the format "U

This commit also validates the runAsUserName field, making sure that it valid,
having the format DOMAIN\USER (case insensitive), where DOMAIN\ is optional and
has to be a valid NetBios or DNS domain name.

For more information about the restrictions on the DOMAIN and USER parts, look here: [1] [2]

Adds the WindowsRunAsUserName alpha feature gate. By default, it is disabled.
If the feature gate is not enabled, the WindowsOptions.RunAsUserName field
will be dropped from both the PodSecurityContext and container
SecurityContext.

Co-Authored-By: Claudiu Belu <cbelu@cloudbasesolutions.com>

[1] https://support.microsoft.com/en-us/help/909264/naming-conventions-in-active-directory-for-computers-domains-sites-and
[2] https://docs.microsoft.com/en-us/powershell/module/microsoft.powershell.localaccounts/new-localuser?view=powershell-5.1
 2019-07-17 15:03:04 +00:00
Khaled Henidak(Kal)
54d42e6a65 types modifications + conversion + conversion testing 2019-07-02 15:39:05 +00:00
draveness
8e9472ba79 feat: cleanup feature gates for CSIPersistentVolume 2019-06-25 09:00:12 +08:00
draveness
ca6003bc75 feat: cleanup PodPriority features gate 2019-06-23 11:57:24 +08:00
Eric Ernst
d0b0c0ae45 pod-overhead: add Overhead to PodSpec internal type 
Update internal PodSpec to make use of Overhead field. Add validation
and validation tests.

Signed-off-by: Eric Ernst <eric.ernst@intel.com>
 2019-06-18 08:05:35 -07:00
Kubernetes Prow Robot
b7fa33ec15
Merge pull request #77703 from ddebroy/inline-mig-1 
API changes to support migration of inline in-tree volumes to CSI
 2019-05-31 12:23:19 -07:00
j-griffith
60d991e59a add comments to validation testcases, and use const in util.go 2019-05-31 06:07:53 -06:00
j-griffith
54154f8ebb rework pvc datasource filter tests 2019-05-31 06:07:53 -06:00
j-griffith
ae4c2a1858 Enable PVC as DataSource for PVC creation 
This enables the ability to specify and existing PVC as a DataSource in
a new PVC Spec (eg "clone" and existing volume).
 2019-05-31 06:07:53 -06:00
j-griffith
a66bb3c63d Update unit tests and feature name 
Update the unit tests to include checks for incorrect APIGroup type in
PVC DataSource and change the name of the feature gate to be more clear:
s/VolumeDataSource/VolumePVCDataSource/
 2019-05-31 06:07:44 -06:00
j-griffith
123f1bac35 Enable PVC as DataSource for PVC creation 
This enables the ability to specify and existing PVC as a DataSource in
a new PVC Spec (eg "clone" and existing volume).
 2019-05-31 06:06:44 -06:00
Deep Debroy
c34309acdf API changes to support CSI migration of inline volumes 
Signed-off-by: Deep Debroy <ddebroy@docker.com>
 2019-05-30 09:34:47 +00:00
Tobias Hintze
8829efaeb0
Allow trailing dot for service.spec.externalName 2019-05-27 11:28:07 +02:00
Jean Rouge
a3e914528a API changes for Windows GMSA support 
This patch comprises the API changes outlined in the Windows GMSA KEP
(https://github.com/kubernetes/enhancements/blob/master/keps/sig-windows/20181221-windows-group-managed-service-accounts-for-container-identity.md)
to add GMSA support to Windows workloads.

It includes validation, as well as dropping fields if the `WindowsGMSA` feature
flag is not set, both with unit tests.

Signed-off-by: Jean Rouge <rougej+github@gmail.com>
 2019-05-16 15:32:59 -07:00
Hemant Kumar
69393291b6 Add a new field for storing volume expansion secrets 
Fix pv secret visitor tests
Allow SecretRef for resizing to be set if not already set
 2019-05-09 13:53:47 -04:00
Andrew Kim
c919139245 update import of generic featuregate code from k8s.io/apiserver/pkg/util/feature -> k8s.io/component-base/featuregate 2019-05-08 10:01:50 -04:00
WanLinghao
d0138ca3fe This commit does two things in pkg package: 
1. Remove unused ptr functions.
2. Replace ptr functions with k8s.io/utils/pointer
 2019-04-09 10:56:35 +08:00
Kubernetes Prow Robot
9c5be7aa5f
Merge pull request #74686 from zhouhaibing089/add-trailing-period 
validation: allow trailing period in dns search
 2019-03-19 20:15:06 -07:00
Xing Yang
bb45b8ee34 Make CSINodeInfo and CSIDriver Core APIs 
This PR is the first step to transition CSINodeInfo and CSIDriver
CRD's to in-tree APIs. It adds them to the existing API group
“storage.k8s.io” as core storage APIs.
 2019-03-02 12:31:05 -08:00
zhouhaibing089
68beadefe4 validation: allow trailing period in dns search 
The trailing period tells the resolver to stop immediately instead
of trying recursively. With that said, trailing period should be
acceptable in searches.
 2019-02-27 14:21:52 -08:00
Kevin Taylor
a64b854137 Implementation of KEP Feature Gate VolumeSubpathEnvExpansion 2019-02-20 01:37:16 +00:00
Kubernetes Prow Robot
017d87dd20
Merge pull request #73657 from krmayankk/service-account 
add positive ut for service account projection
 2019-02-05 15:14:50 -08:00
Kubernetes Prow Robot
dc1244c6cd
Merge pull request #72785 from derekwaynecarr/hugepages-ga 
Graduate HugePages feature to GA
 2019-02-05 13:56:51 -08:00
Kubernetes Prow Robot
f3a6dbceb2
Merge pull request #68925 from casusbelli/fix_65312 
Adding Quobyte Tenant to QuobyteVolumeSource to enable deletion of persistent volumes
 2019-02-05 12:08:37 -08:00
Mayank Kumar
b03d0e31ad add positive ut for service account projection 2019-02-02 01:15:13 -08:00
Derek Carr
deae071d78 Graduate HugePages feature to GA 2019-02-02 00:21:10 -05:00
Silvan Kaiser
cc71b0aebd Adding Tenant to QuobyteVolumeSource 
Adds the tenant id to the QuobyteVolumeSource type and
updates the quobyte api client to support looking up
volume ids.
 2019-01-22 14:42:12 +01:00
Zihong Zheng
f2750dd043 Graduate CustomPodDNS feature to GA 2019-01-11 11:28:26 -08:00
Rajath Agasthya
da6c97f710 Remove ExpandPersistentVolumes feature gate from validation 
Drops new PV Status.Conditions if old PV Status.Conditions was not set.
 2019-01-10 12:43:20 -08:00
Kubernetes Prow Robot
49891cc270
Merge pull request #72698 from rajathagasthya/podsharepsnamespace-72651 
Move PodShareProcessNamespace feature gate out of validation
 2019-01-09 07:40:00 -08:00
Rajath Agasthya
86165ac878 Move pod ReadinessGates feature gate out of validation 2019-01-08 21:37:43 -08:00
Kubernetes Prow Robot
45b54f5c44
Merge pull request #72686 from sbezverk/PersistentLocalVolumes 
Moving PersistentLocalVolumes feature gate check from validation
 2019-01-08 19:22:40 -08:00
Kubernetes Prow Robot
3035edcc36
Merge pull request #72666 from rajathagasthya/pvc-72651 
Move VolumeSnapshotDataSource feature gate check from validation
 2019-01-08 19:22:30 -08:00
Rajath Agasthya
4e1d4caa8f Move PodShareProcessNamespace feature gate out of validation 2019-01-08 14:31:51 -08:00
Serguei Bezverkhi
8915e90398 PersistentLocalVolumes validation and tests 
Signed-off-by: Serguei Bezverkhi <sbezverk@cisco.com>
 2019-01-08 11:00:29 -05:00
Serguei Bezverkhi
d79475c801 add ResourceQuotaSelector validation and tests 
Signed-off-by: Serguei Bezverkhi <sbezverk@cisco.com>
 2019-01-07 23:15:39 -05:00
Rajath Agasthya
88abcb7419 Move VolumeSnapshotDataSource feature gate check from validation 2019-01-07 20:02:01 -08:00
Kubernetes Prow Robot
456ffa0453
Merge pull request #72375 from sbezverk/containers_volumedevices 
VolumeDevices validation and tests
 2018-12-27 17:39:05 -08:00
Kubernetes Prow Robot
66bf481114
Merge pull request #72382 from liggitt/volumescheduling-ga 
Stop checking VolumeScheduling feature gate
 2018-12-27 15:54:18 -08:00
Jordan Liggitt
73dcfe12da Stop checking VolumeScheduling feature gate 2018-12-27 17:45:45 -05:00
Serguei Bezverkhi
5bf84db713 VolumeDevices validation and tests 
Signed-off-by: Serguei Bezverkhi <sbezverk@cisco.com>
 2018-12-27 17:31:10 -05:00
Serguei Bezverkhi
4ad98db3c0 EmptyVolume SizeLimit validation and tests 
Signed-off-by: Serguei Bezverkhi <sbezverk@cisco.com>
 2018-12-27 13:07:26 -05:00
Serguei Bezverkhi
a5d5a174af VolumeMode Validation and tests 
Signed-off-by: Serguei Bezverkhi <sbezverk@cisco.com>
 2018-12-26 14:28:53 -05:00
Jordan Liggitt
c4a0254201 remove subpath feature validation failure 2018-12-18 10:21:22 -05:00
Jordan Liggitt
70ad4dff48 Fix unit tests calling SetFeatureGateDuringTest incorrectly 2018-11-21 11:51:33 -05:00
Jordan Liggitt
4dca07ef7e Fixup incorrect use of DefaultFeatureGate.Set in tests 2018-11-21 11:51:33 -05:00
Matthew Wong
9bbf768ad6 Fix BlockVolume feature gate toggling in validation & defaults unit tests 2018-11-16 13:38:59 -05:00
Matthew Wong
dd517c9ff2 Update all tests to account for BlockVolume enabled by default 2018-11-16 13:38:59 -05:00
Jordan Liggitt
358c092abe fix storage unit tests leaking feature flag changes 2018-11-16 10:52:52 -05:00
Michelle Au
fd64c08240 Fix storage feature gate test setting 2018-11-16 10:49:40 -05:00