github/kubernetes
4
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
104,637 Commits 1 Branch 31 Tags
ef190f860a90df36b415e16f0de16bfeedc17d21
Commit Graph

14555 Commits

Author SHA1 Message Date
Antonio Ojea
ef190f860a client-go token source transport implement RoundTripperWrapper interface 2021-11-05 12:22:23 +01:00
Kubernetes Prow Robot
451e1addd8 Merge pull request #105960 from ueokande/max-unavailable-pdb-tests 
test: Assert max unavailable for PDB test cases
 2021-11-04 13:36:22 -07:00
Kubernetes Prow Robot
1d8966f4f9 Merge pull request #106140 from jonyhy96/fix-flake 
component-base: npe when renew hiddenCollectors
 2021-11-04 12:34:43 -07:00
Kubernetes Prow Robot
dc93951ad0 Merge pull request #106090 from pohly/log-v-flags 
component-base: move v/vmodule/log-flush-frequency into LoggingConfiguration
 2021-11-04 12:34:34 -07:00
Kubernetes Prow Robot
2af34cf54d Merge pull request #105940 from dobsonj/kep-1682-ga 
Move CSIVolumeFSGroupPolicy feature to GA
 2021-11-04 12:34:23 -07:00
Kubernetes Prow Robot
ce1f5af849 Merge pull request #105541 from pohly/component-base-owners 
component-base: avoid accumulating default labels
 2021-11-04 11:22:23 -07:00
Kubernetes Prow Robot
4c659c5342 Merge pull request #105648 from kkkkun/kkkkun/fix-metric 
GET should be transformed to watch in kube-Apiserver
 2021-11-04 07:48:04 -07:00
Shin'ya UEOKA
5c76507c3f test: Assert max unavailable for PDB test cases 2021-11-04 22:49:45 +09:00
kkkkun
5f98d8f798 Fix bug: Specical GET should be transformed to WATCH 2021-11-04 21:33:30 +08:00
Kubernetes Prow Robot
f1b000db7c Merge pull request #106146 from pohly/json-output-default 
component-base: use stderr as default output stream for JSON
 2021-11-04 04:22:04 -07:00
Patrick Ohly
b4988a4259 component-base: use stderr as default output stream for JSON 
This makes it consistent with klog's text output and avoids polluting the
programs normal output with log messages. This may become relevant for command
line tools like "kubectl".
 2021-11-04 10:24:01 +01:00
haoyun
1a21a53f7e fix: npe when renew hiddenCollectors 
Signed-off-by: haoyun <yun.hao@daocloud.io>
 2021-11-04 11:10:07 +08:00
Kubernetes Prow Robot
904e97281f Merge pull request #94986 from tkashem/audit-drop-managed-fields 
drop managed fields from audit entries
 2021-11-03 16:24:03 -07:00
Kubernetes Prow Robot
8e2d7a3d64 Merge pull request #105983 from jiahuif-forks/dep/bump-smd 
Upgrade sigs.k8s.io/structured-merge-diff/v4 to v4.2.0
 2021-11-03 15:24:32 -07:00
Kubernetes Prow Robot
f28881de25 Merge pull request #106106 from liggitt/podsecurity-beta-webhook 
PodSecurity: update webhook manifest for beta
 2021-11-03 14:20:45 -07:00
Kubernetes Prow Robot
a65bb64c09 Merge pull request #104372 from astraw99/fix_label_msg 
Fix `kubectl unlabel` response msg
 2021-11-03 14:20:32 -07:00
Jordan Liggitt
9f92fb0d7e PodSecurity: update webhook manifest to use named port 2021-11-03 15:04:04 -04:00
Jordan Liggitt
f6456d098e PodSecurity: update webhook manifest to target linux/amd64 node 2021-11-03 15:04:04 -04:00
Jordan Liggitt
d92e0dbea6 PodSecurity: update webhook manifest to label namespace as restricted 2021-11-03 15:04:03 -04:00
Jordan Liggitt
4986780da3 PodSecurity: update webhook manifest for beta 2021-11-03 15:04:03 -04:00
Kubernetes Prow Robot
63c4a22ae9 Merge pull request #105819 from tosi3k/client-go-traces 
Add more info to the ListAndWatch trace
 2021-11-03 11:48:44 -07:00
Kubernetes Prow Robot
0b8ac0c0fc Merge pull request #106121 from wojtek-t/pf_watch_10 
P&F fix watch tracker bug
 2021-11-03 10:43:34 -07:00
Wojciech Tyczyński
b1d0fde370 P&F fix watch tracker bug 2021-11-03 15:02:51 +01:00
Jordan Liggitt
2567165182 PodSecurity: trim path when building webhook binary 
Change-Id: I76650e2fab2186671f0534109d04846134e7525d
 2021-11-03 13:00:11 +00:00
Patrick Ohly
4df70dfd41 component-base: initialize logging as soon as possible 
In various places log messages where emitted as part of validation or even
before it (for example, cli.PrintFlags). Those log messages did not use the
final logging configuration, for example text output instead of JSON or not the
final verbosity. The last point became more obvious after moving the setup of
verbosity into logs.Options.Apply because PrintFlags never printed anything
anymore.

In order to force applications to deal with logging as soon as possible, the
Options.Validate and Options.Apply methods are now private. Applications should
use the new Options.ValidateAndApply directly after parsing.
 2021-11-03 11:55:54 +01:00
Patrick Ohly
3948cb8d1b component-base: move v/vmodule/log-flush-frequency into LoggingConfiguration 
These three options are the ones from logs.AddFlags which are not deprecated.
Therefore it makes sense to make them available also via the configuration file
support in the one command which currently supports that (kubelet).

Long-term, all commands should use LoggingConfiguration, either with a
configuration file (as in kubelet) or via flags (kube-scheduler,
kube-apiserver, kube-controller-manager).

Short-term, both approaches have to be supported. As the majority of the
commands only use logs.AddFlags, that function by default continues to register
the flags and only leaves that to Options.AddFlags when explicitly requested.

A drive-by bug fix is done for log flushing: the periodic flushing called
klog.Flush and therefore missed explicit flushing of the newer logr
backend. This bug was never present in any release Kubernetes and therefore the
fix is not submitted in a separate PR.
 2021-11-03 07:41:46 +01:00
Kubernetes Prow Robot
9af2ece18a Merge pull request #106089 from liggitt/podsecurity-beta 
PodSecurity: promote config and feature gate to beta
 2021-11-02 22:22:57 -07:00
Kubernetes Prow Robot
e48cb8adb0 Merge pull request #106017 from tallclair/unit-test 
[PodSecurity] Expand unit test coverage and fix error cases
 2021-11-02 18:00:19 -07:00
Kubernetes Prow Robot
c2c0f91385 Merge pull request #101004 from lojies/cleanupforkubectl 
code cleanup for kubectl
 2021-11-02 17:58:58 -07:00
Tim Allclair
81661d5a34 [PodSecurity] Add metrics test coverage 2021-11-02 14:56:43 -07:00
Tim Allclair
c3398729e0 [PodSecurity] Include error audit annotation on all non-forbidden errors 2021-11-02 14:56:43 -07:00
Tim Allclair
98c86b350c [PodSecurity] Errors validating PodControllers are non blocking 2021-11-02 14:56:42 -07:00
Tim Allclair
e1c4e85b52 [PodSecurity] Add ValidatePod unit test 2021-11-02 14:56:40 -07:00
Kubernetes Prow Robot
47c63a39ed Merge pull request #106097 from liggitt/feature/pod-security/unique-controller-pods-validation 
Update pods validation based on uniqueness of controller
 2021-11-02 14:28:13 -07:00
Jonathan Dobson
082cb15648 Move CSIVolumeFSGroupPolicy feature to GA 2021-11-02 15:22:33 -06:00
Jordan Liggitt
34463dc71a PodSecurity: update pod prioritization to skip exempt pods, add unit tests 2021-11-02 13:37:09 -04:00
Akshit Grover
2a2758d14e PodSecurity: prioritize unique pods over replicated pods when validating a namespace 2021-11-02 13:29:11 -04:00
wongearl
50e4f24ea8 reuse previous evaluation 2021-11-02 12:53:17 -04:00
Jordan Liggitt
1f8f996dc9 PodSecurity: register/test v1beta1 config 2021-11-02 12:46:55 -04:00
Jordan Liggitt
d997607eb9 PodSecurity: find/replace v1alpha1 -> v1beta1 2021-11-02 11:42:31 -04:00
Jordan Liggitt
23e2f1a378 PodSecurity: copy v1alpha1 config to v1beta1 2021-11-02 11:35:18 -04:00
Abu Kashem
bbc5934831 drop managed fields from audit entries 
drop the managed fields of the objects from the audit entries when we
are logging request and response bodies.
 2021-11-02 11:34:48 -04:00
Kubernetes Prow Robot
9be67806cd Merge pull request #102945 from chenchun/fake 
Pass DeleteOptions down to the Reactor
 2021-11-02 07:14:58 -07:00
Kubernetes Prow Robot
07d3a92ce6 Merge pull request #105653 from p0lyn0mial/crd-503-refactor 
apiextentionserver: refactor returning 503 for custom resource requests during server start
 2021-11-02 06:12:58 -07:00
Kubernetes Prow Robot
2a821d787b Merge pull request #105525 from damemi/wire-contexts-core 
Wire contexts to Core controllers
 2021-11-02 03:32:58 -07:00
Kubernetes Prow Robot
6ebd6f38b9 Merge pull request #104909 from pacoxu/kubectl-qos 
kubectl: include init containers when determining pod QoS
 2021-11-01 20:00:58 -07:00
Chun Chen
888c049df6 Auto generated 2021-11-02 10:04:53 +08:00
Chun Chen
621970476f Pass DeleteOptions down to the Reactor 
Co-authored-by: Mo Khan <theenjeru@gmail.com>
 2021-11-02 10:04:48 +08:00
Kubernetes Prow Robot
349758d65d Merge pull request #105898 from tallclair/ps-metrics 
[PodSecurity] Metrics improvements
 2021-11-01 18:12:58 -07:00
Kubernetes Prow Robot
88f8974c8a Merge pull request #105974 from wojtek-t/pf_watch_support_8 
P&F: Enable support for indexes in watch tracker
 2021-11-01 17:12:58 -07:00