Commit Graph

432 Commits

Author SHA1 Message Date
Kubernetes Prow Robot
c0ec0c2a31
Merge pull request #108150 from mangoGoForward/refactor/change-isqualifiedname-to-validatequalifiedname
refactor: Change the uses of IsQualifiedName to ValidateQualifiedName
2022-05-03 17:18:55 -07:00
Humble Chirammal
c74b393771 csi: add nodeExpandSecret support for CSI client
CSI spec 1.5 enhanced the spec to add optional secrets field to
NodeExpandVolumeRequest. This commit adds NodeExpandSecret to the
CSI PV source and also derive the expansion secret in csiclient to
send it out as part of the nodeexpand request.

Signed-off-by: Humble Chirammal <hchiramm@redhat.com>
Signed-off-by: zhucan <zhucan.k8s@gmail.com>
2022-04-05 11:36:23 +08:00
zhucan
eb2ebddf61 fix: add unit test
Signed-off-by: zhucan <zhucan.k8s@gmail.com>
2022-04-05 11:35:14 +08:00
Maciej Wyrzuc
1108bed763 Revert "Field status.hostIPs added for Pod (#101566)"
This reverts commit 61b3c028ba.
2022-03-31 12:39:45 +00:00
Shiming Zhang
61b3c028ba
Field status.hostIPs added for Pod (#101566)
* Add FeatureGate PodHostIPs

* Add HostIPs field and update PodIPs field

* Types conversion

* Add dropDisabledStatusFields

* Add HostIPs for kubelet

* Add fuzzer for PodStatus

* Add status.hostIPs in ConvertDownwardAPIFieldLabel

* Add status.hostIPs in validEnvDownwardAPIFieldPathExpressions

* Downward API support for status.hostIPs

* Add DownwardAPI validation for status.hostIPs

* Add e2e to check that hostIPs works

* Add e2e to check that Downward API works

* Regenerate
2022-03-29 11:46:07 -07:00
Kubernetes Prow Robot
c239b406f0
Merge pull request #108929 from gnufied/move-expansion-feature-gate-ga
Move all volume expansion feature gates to GA
2022-03-25 18:08:16 -07:00
Hemant Kumar
9343cce20b remove ExpandPersistentVolume feature gate 2022-03-24 10:02:47 -04:00
Daniel Smith
2831f9a343 remove unneeded references 2022-03-23 15:26:38 +00:00
Kubernetes Prow Robot
5b52c4d127
Merge pull request #107674 from sanposhiho/api-min-domains
Add MinDomains API to TopologySpreadConstraints field
2022-03-14 09:33:57 -07:00
Humble Chirammal
f2473781a3 csi: add validation of secretRef format in CSI spec for PV update
at present the spec.csi.secretRef name has to be DNS1035 label
format and it should fail if we use DNSSubdomain secretRef in
the secretReference field of CSI spec. The newly added test cases
validate this behaviour in validation tests for controllerPublish,
nodePublish and nodeStage secretRef formats.

Additionally csiExpansionEnabled struct field also removed from
the validation function.

Signed-off-by: Humble Chirammal <hchiramm@redhat.com>
2022-03-09 23:01:00 +05:30
sanposhiho
3b13e9445a Add MinDomains API to TopologySpreadConstraints field 2022-03-09 20:57:12 +09:00
Humble Chirammal
d727d7db1a csi: add validation tests for CSIVolumeSource
This commit adds the validation tests for CSIVolumeSource explictly.
Also validate driver,nodePublishSecretRef..etc

Signed-off-by: Humble Chirammal <hchiramm@redhat.com>
2022-03-02 16:10:18 +05:30
Humble Chirammal
1f0d37c082 csi: add unit tests for {controller,node}Publish name & namespace
Extra test conditions are added in CSIPersistentVolumeSource validation
for controllerPublishSecretRef and nodePublishSecretRef name and namespace to check
whether name field or namespace field is missing from the secretRef while
validating CSI PersistentVolumeSource

Signed-off-by: Humble Chirammal <hchiramm@redhat.com>
2022-03-02 16:10:11 +05:30
Humble Chirammal
8ae6e10fd0 csi: correct typo and use strings.Repeat func for long driver name
Signed-off-by: Humble Chirammal <hchiramm@redhat.com>
2022-03-02 15:50:58 +05:30
Abdullah Gharaibeh
8a1c70b48c Graduate PodAffinityNamespaceSelector to GA 2022-02-18 12:07:29 -05:00
mango
f97cdeb419 refactor: Change the users of IsQualifiedName to ValidateQualifiedName 2022-02-16 14:02:11 +08:00
Tim Allclair
5f2b12e0d4 Move AppArmor profile validation to the API validation pkg 2022-02-15 16:17:37 -08:00
Davanum Srinivas
9682b7248f
OWNERS cleanup - Jan 2021 Week 1
Signed-off-by: Davanum Srinivas <davanum@gmail.com>
2022-01-10 08:14:29 -05:00
Kubernetes Prow Robot
a7905d76c7
Merge pull request #106397 from shawnhanx/core_validation
fix S1017 and S1002 in pkg/apis/core/validation/validation.go
2022-01-04 23:02:58 -08:00
Andrew Sy Kim
5d2702b0fd core/v1: add comments about why Service internalTrafficPolicy is not forbidden when type is ExternalName
Signed-off-by: Andrew Sy Kim <kim.andrewsy@gmail.com>
2022-01-04 14:36:19 -05:00
Andrew Sy Kim
99cb5d2f21 core/v1: add unit tests that allow internalTrafficPolicy field when type is ExternalName
Signed-off-by: Andrew Sy Kim <kim.andrewsy@gmail.com>
2022-01-04 14:36:19 -05:00
Andrew Sy Kim
60b38ee180 core/v1: add validation and defaulting unit tests for when internalTrafficPolicy is nil and Service type is ExternalName
Signed-off-by: Andrew Sy Kim <kim.andrewsy@gmail.com>
2022-01-04 14:36:19 -05:00
Andrew Sy Kim
3a927cc6b3 core/v1: stop defaulting Service internalTrafficPolicy when Type=ExternalName
Signed-off-by: Andrew Sy Kim <kim.andrewsy@gmail.com>
2022-01-04 14:36:19 -05:00
lsytj0413
c6bd8d6713 fix(*): display the diff as new-old 2021-12-21 14:00:57 +08:00
Lars Ekman
1ef96752da Mark ServiceLBNodePortControl as GA 2021-12-16 16:48:58 +01:00
Davanum Srinivas
497e9c1971
Cleanup OWNERS files (No Activity in the last year)
Signed-off-by: Davanum Srinivas <davanum@gmail.com>
2021-12-15 10:34:02 -05:00
Davanum Srinivas
9405e9b55e
Check in OWNERS modified by update-yamlfmt.sh
Signed-off-by: Davanum Srinivas <davanum@gmail.com>
2021-12-09 21:31:26 -05:00
Kubernetes Prow Robot
a90f31f85a
Merge pull request #106179 from vivek-koppuru/fix-secret-format
Fix string output format for secret validations
2021-12-07 17:26:10 -08:00
Sergey Kanzhelev
1918ecad04 update the grpc field name for consistency 2021-12-01 18:16:08 +00:00
Sergey Kanzhelev
b7affcced1 implement :grpc probe action 2021-11-17 17:31:23 +00:00
Hemant Kumar
63fffd37b1 Implement API changes necessary for recovery from resize failure 2021-11-15 18:39:30 -05:00
shawnhanx
063e64c4ec fix S1017 and S1002 in pkg/apis/core/validation/validation.go 2021-11-13 17:02:40 +08:00
Kubernetes Prow Robot
5d60c8d857
Merge pull request #102393 from mengjiao-liu/fix-sysctl-regex
Upgrade preparation to verify sysctl values containing forward slashes by regex
2021-11-09 18:23:26 -08:00
Vivek Koppuru
de680aec08 Fix string output format for secret validations 2021-11-05 18:29:48 +05:30
Mengjiao Liu
275d832ce2 Upgrade preparation to verify sysctl values containing forward slashes by regex 2021-11-04 11:49:56 +08:00
Tim Hockin
11a25bfeb6
De-share the Handler struct in core API (#105979)
* De-share the Handler struct in core API

An upcoming PR adds a handler that only applies on one of these paths.
Having fields that don't work seems bad.

This never should have been shared.  Lifecycle hooks are like a "write"
while probes are more like a "read". HTTPGet and TCPSocket don't really
make sense as lifecycle hooks (but I can't take that back). When we add
gRPC, it is EXPLICITLY a health check (defined by gRPC) not an arbitrary
RPC - so a probe makes sense but a hook does not.

In the future I can also see adding lifecycle hooks that don't make
sense as probes.  E.g. 'sleep' is a common lifecycle request. The only
option is `exec`, which requires having a sleep binary in your image.

* Run update scripts
2021-10-29 13:15:11 -07:00
ravisantoshgudimetla
d7d0beb65f api: Handle validation of PodOS field presence 2021-10-28 17:31:52 -04:00
Kubernetes Prow Robot
7fbb384e15
Merge pull request #105682 from pohly/generic-ephemeral-volume-raw-block
storage validation: accept generic ephemeral volumes as volume device
2021-10-22 18:04:50 -07:00
Kubernetes Prow Robot
18104ecf1f
Merge pull request #105405 from verb/1.23-ec-beta
Promote EphemeralContainers to beta
2021-10-20 09:24:10 -07:00
Lee Verberne
d33bbb8940 Allow volumeDevices in ephemeral containers 2021-10-19 23:04:05 -04:00
Lee Verberne
d874cf8ffd List disallowed ephemeral container fields
Listing these explicitly makes it easier to determine whether a new
Container field has been evaluated for use with ephemeral containers.
This does not change the behavior of ephemeral containers.
2021-10-19 23:03:57 -04:00
Lee Verberne
f81c48cd0a Disallow subpath for ephemeral container mounts 2021-10-19 23:01:15 -04:00
Lee Verberne
764859081a Validate ephemeralContainerStatuses during update 2021-10-19 23:00:51 -04:00
Patrick Ohly
a40d2eb18c storage validation: accept generic ephemeral volumes as volume device
Raw block devices are possible with generic ephemeral volumes, so rejecting a
pod with that combination is wrong.
2021-10-19 13:30:32 +02:00
Mark Rossetti
3ddff55fe6 Adding unit test coverage for API validation for emphermal contaienrs in hostprocess pods on Windows
Signed-off-by: Mark Rossetti <marosset@microsoft.com>
2021-10-18 15:46:27 -07:00
Lee Verberne
8b24dc07ff Test ephemeral container/pod conflicting fields
This adds a test case to cover the scenario where the fields of an
ephemeral container conflict with other fields in the pod and must be
detected by full PodSpec validation.
2021-09-30 21:47:19 +02:00
Lee Verberne
4451138bfa Validate PodSpec in EphemeralContainersUpdate
Previously this only validated the ephemeral containers, but it's safer
to validate the entire PodSpec in case other parts of validation add
logic that checks ephemeral containers.
2021-09-27 22:58:08 +02:00
Khaled Henidak (Kal)
a53e2eaeab
move IPv6DualStack feature to stable. (#104691)
* kube-proxy

* endpoints controller

* app: kube-controller-manager

* app: cloud-controller-manager

* kubelet

* app: api-server

* node utils + registry/strategy

* api: validation (comment removal)

* api:pod strategy (util pkg)

* api: docs

* core: integration testing

* kubeadm: change feature gate to GA

* service registry and rest stack

* move feature to GA

* generated
2021-09-24 16:30:22 -07:00
saad-ali
beb17fe10b Remove VolumeSubpath feature gate
Remove the VolumeSubpath feature gate.

Feature gate convention has been updated since this was introduced to
indicate that they "are intended to be deprecated and removed after a
feature becomes GA or is dropped.".
2021-09-17 01:59:23 -07:00
h4ghhh
0734820279
'New' Event namespace validate failed (#100125) 2021-09-16 04:29:45 -07:00