github/kubernetes
4
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
121,863 Commits 1 Branch 31 Tags 1,019 MiB
f90461c43e
Commit Graph

1204 Commits

Author SHA1 Message Date
Antonio Ojea
7ab1ef644e
Revert "Implement a field selector for ClusterIP on Services" 2024-03-12 12:20:27 +00:00
Akihiro Suda
8db07446f1
api: validate RecursiveReadOnlyMounts 
Signed-off-by: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp>
 2024-03-10 02:59:30 +09:00
Akihiro Suda
d940886d0a
api: KEP-3857: Recursive Read-only (RRO) mounts 
This commit modifies the following files:

- pkg/apis/core/types.go
- staging/src/k8s.io/api/core/v1/types.go

Other changes were auto-generated by running `make update`.

Signed-off-by: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp>
 2024-03-09 09:48:12 +09:00
Kubernetes Prow Robot
9ad2aabc64
Merge pull request #123520 from haircommander/proc-mount-rely-userns-2 
KEP-4265: Update Unmasked ProcMountType to fail validation without a pod level user namespace
 2024-03-07 18:21:08 -08:00
Peter Hunt
23706cb90c api validation: validate proc mount against user namespace 
fail if container uses proc mount unmasked but pod does not use user namespace

Signed-off-by: Peter Hunt <pehunt@redhat.com>
 2024-03-07 15:56:06 -05:00
HirazawaUi
2867be47b3 followup to allow special characters 2024-03-08 00:08:43 +08:00
Kubernetes Prow Robot
bd25605619
Merge pull request #123435 from tallclair/apparmor-ga 
AppArmor fields API
 2024-03-06 15:35:14 -08:00
Tim Allclair
2d86cbf261 Separate feature-gate for AppArmor fields 2024-03-06 10:46:32 -08:00
Tim Allclair
22068e0cc7 Validate annotation & field match in PodTemplate 2024-03-06 10:46:31 -08:00
Tim Allclair
06caf32ecd Validate localhost profile max length 2024-03-06 10:46:31 -08:00
Tim Allclair
0eb5f52d06 Rename AppArmor annotation constants with Deprecated 2024-03-06 10:46:31 -08:00
Kubernetes Prow Robot
87f9b3891e
Merge pull request #123385 from HirazawaUi/allow-special-characters 
Allow almost all printable ASCII characters in environment variables
 2024-03-05 17:31:06 -08:00
Kubernetes Prow Robot
5b4d97dc5a
Merge pull request #122541 from aojea/headless_selector 
Implement a field selector for ClusterIP on Services
 2024-03-05 17:30:57 -08:00
Tim Allclair
ec325b328d Match annotations against pod AppArmor field 2024-03-05 12:22:50 -08:00
Tim Allclair
289ec02e8b Implement version skew strategy 2024-03-05 12:22:50 -08:00
Tim Allclair
b7f620c12b Generated code 2024-03-05 12:22:50 -08:00
Tim Allclair
94927afb50 AppArmor API changes 2024-03-05 12:02:43 -08:00
Antonio Ojea
0595ec7942 implement field selector for clusterIP on services 
This will allow components that don't need to watch headless services
(heavily used on ai/ml workloads) to filter them server side.

Specially useful for kubelet and kube-proxy

Co-authored-by: Jianbo Ma <sakuranlbj@gmail.com>

Change-Id: I6434d2c8c77aaf725ec5c07acbcda14311f24bfa

Change-Id: Iba9e25afb90712facfb3dee25c500bbe08ef38fc
 2024-03-05 17:16:42 +00:00
HirazawaUi
e56240b2e1 add validation method at the top level 2024-03-05 17:09:10 +08:00
Kubernetes Prow Robot
a76a3e031f
Merge pull request #123487 from gauravkghildiyal/kep-4444 
Introduce trafficDistribution field for Kubernetes Services
 2024-03-04 20:07:15 -08:00
Kubernetes Prow Robot
6929a11f69
Merge pull request #123481 from sanposhiho/mindomain-stable 
graduate MinDomainsInPodTopologySpread to stable
 2024-03-04 17:18:53 -08:00
Kubernetes Prow Robot
e4ee7b005c
Merge pull request #123323 from gjkim42/add-ValidateInitContainerStateTransition 
Validate restartable init container state transition
 2024-03-04 16:21:30 -08:00
Kubernetes Prow Robot
1c789a9d46
Merge pull request #122422 from neolit123/1.30-update-hostaliases-note 
core/v1: remove note about hostAliases not working with hostNetwork
 2024-03-04 16:21:21 -08:00
Gaurav Ghildiyal
646fd200b8 Run 'make update' 2024-03-03 22:46:00 -08:00
Gaurav Ghildiyal
996d11d4e8 Add new field trafficDistribution to Service spec 2024-03-03 22:34:17 -08:00
Kubernetes Prow Robot
e4a14fe0f5
Merge pull request #123575 from Huang-Wei/pod-scheduling-readiness-stable 
Graduate PodSchedulingReadiness to stable
 2024-03-03 22:29:38 -08:00
Tim Hockin
467d5d745c
Get rid of unused API type NodeResources 2024-03-01 15:13:50 -08:00
Kubernetes Prow Robot
56a1b075cd
Merge pull request #122870 from wzshiming/kep-2681 
Promote KEP-2681 to GA in 1.30
 2024-02-29 15:11:33 -08:00
Wei Huang
01db4ae9e7
Graduate PodSchedulingReadiness to stable 2024-02-28 23:18:44 -08:00
Shiming Zhang
d303cec118 Update test 2024-02-29 11:48:18 +08:00
Kensei Nakada
f46df21cad update comments on API 2024-02-28 12:32:32 +00:00
Kubernetes Prow Robot
72c92e975d
Merge pull request #123411 from hunshcn/fix/volume-link 
fix persistent volume docs link
 2024-02-27 16:47:27 -08:00
Gunju Kim
a24f2c1192
Validate restartable init container state transition 
This allows the state of restartable init containers to be transitioned
from terminated to non-terminated even for pods with RestartPolicyNever
or RestartPolicyOnFailure.
 2024-02-26 20:47:40 +09:00
Paco Xu
dc7114fa91 fix default IPMode set in UT 2024-02-26 12:32:01 +08:00
hunshcn
ce6bacb5ac
fix persistent volume docs link 
Signed-off-by: hunshcn <hunsh.cn@gmail.com>
 2024-02-21 16:26:16 +08:00
Kubernetes Prow Robot
91ee30074b
Merge pull request #123174 from danwinship/cidr-validation-cleanup 
Make CIDR validation consistent
 2024-02-15 18:37:20 -08:00
Akihiro Suda
5c825d8a22
core/v1: remove comment about non-existing constants 
`NodeReachable`, `NodeLive`, `NodeSchedulable`, and `NodeRunnable` are mentioned
as "built-in set of conditions" but some of them do not exist in the current API.

Updated `pkgs/apis/core/types.go` too for consistency.

Signed-off-by: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp>
 2024-02-12 23:16:43 +09:00
Dan Winship
593b1c6c63 Do service.spec.LoadBalancerSourceRanges validation inline 
Inline the LoadBalancerSourceRanges parsing to make it more obvious
what it's requiring (and more importantly, *not* requiring), and
change it to use IsValidCIDR as well.
 2024-02-09 10:43:20 -05:00
Dan Winship
d930215794 Update service.Spec.LoadBalancerSourceRanges validation tests 
In preparation for rewriting LoadBalancerSourceRanges validation,
add/update the existing unit tests to cover some of the more exciting
edge cases of the existing validation code:

  - The values in service.Spec.LoadBalancerSourceRanges are allowed to
    have arbitrary whitespace around them.

  - The annotation must be unset for non-LoadBalancer services, but
    for LoadBalancer services, "set but empty" and "whitespace-only"
    are treated the same as "unset".

  - The annotation value is only validated if the field is not set.

Also fix some of the existing tests to be more precise about what they
are testing.

Also fix the CIDR values to actually be valid. Sigh.
 2024-02-09 10:43:20 -05:00
Dan Winship
7a56b6e3f7 Add validation.IsValidCIDR 
Move apivalidation.ValidateCIDR to apimachinery, and rename it and
change its return value to match the other functions.

Also, add unit tests.

(Also, while updating NetworkPolicy validation for the API change, fix
a variable name that implied that IPBlock.Except[] is IP-valued rather
than CIDR-valued.)
 2024-02-07 09:48:01 -05:00
Kubernetes Prow Robot
052bce26f4
Merge pull request #122931 from danwinship/ip-validation-cleanup 
consistently use IsValidIP for IP validation
 2024-02-06 15:58:15 -08:00
Kubernetes Prow Robot
f025a96d2f
Merge pull request #122728 from RomanBednar/pv-phase-transition-time-doc-fix 
Remove alpha reference from PersistentVolumeStatus.lastPhaseTransitionTime docs
 2024-01-24 19:51:51 +01:00
Kubernetes Prow Robot
fc4d6ac8ea
Merge pull request #121731 from Taction/service-account-token-projected-volume-validation 
Fix service account token projected volume validation
 2024-01-24 19:51:43 +01:00
zhangchao
7972f0309c Fix service account token projected volume validation 
Signed-off-by: zhangchao <zchao9100@gmail.com>
 2024-01-23 23:03:37 +08:00
Dan Winship
1d59d6b6c6 Use validation.IsValidIP in a few more places 
Rather than using netutils.ParseIPSloppy directly.

Also fix the field paths in the errors for pod.spec.hostAliases to
include the array index.
 2024-01-23 09:10:35 -05:00
Dan Winship
519dd6887d Make validation.IsValidIP return a field.ErrorList for consistency 2024-01-23 09:08:27 -05:00
Roman Bednar
2ce04fc04b flag PersistentVolumeLastPhaseTransitionTime field as beta 2024-01-17 13:14:09 +01:00
Lubomir I. Ivanov
47ee56a7f2 core/v1: remove note about hostAliases not working with hostNetwork 
Support for this was added in 1.8 by PR 50646.
Local tests confirm that the feature indeed works.
E2e tests seem to be missing.
 2023-12-20 18:09:21 +02:00
Kevin Hannon
7ba546cfeb drop alpha comment on ephemeral storage 2023-11-20 09:58:13 -05:00
Taahir Ahmed
599fdb7add Regenerate for ClusterTrustBundlePEM projected volume API 2023-11-03 11:40:48 -07:00