Files

Kubernetes Submit Queue 7181dd4946 Merge pull request #50476 from caesarxuchao/plumb-proxy

Automatic merge from submit-queue (batch tested with PRs 51824, 50476, 52451, 52009, 52237)

Plumbing the proxy dialer to the webhook admission plugin

* Fixing https://github.com/kubernetes/kubernetes/issues/49987. Plumb the `Dial` function to the `transport.Config`
* Fixing https://github.com/kubernetes/kubernetes/issues/52366. Let the webhook admission plugin sets the `TLSConfg.ServerName`.

I tested it in my gke setup. I don't have time to implement an e2e test before 1.8 release. I think it's ok to add the test later, because *i)* the change only affects the alpha webhook admission feature, and *ii)* the webhook feature is unusable without the fix. That said, it's up to my reviewer to decide.

Filed https://github.com/kubernetes/kubernetes/issues/52368 for the missing e2e test.

( The second commit is https://github.com/kubernetes/kubernetes/pull/52372, which is just a cleanup of client configuration in e2e tests. It removed a function that marshalled the client config to json and then unmarshalled it. It is a prerequisite of this PR, because this PR added the `Dial` function to the config which is not json marshallable.)

```release-note
Fixed the webhook admission plugin so that it works even if the apiserver and the nodes are in two networks (e.g., in GKE).
Fixed the webhook admission plugin so that webhook author could use the DNS name of the service as the CommonName when generating the server cert for the webhook.

Action required:
Anyone who generated server cert for admission webhooks need to regenerate the cert. Previously, when generating server cert for the admission webhook, the CN value doesn't matter. Now you must set it to the DNS name of the webhook service, i.e., `<service.Name>.<service.Namespace>.svc`.
```

2017-09-15 01:08:01 -07:00

src/k8s.io

Merge pull request #50476 from caesarxuchao/plumb-proxy

2017-09-15 01:08:01 -07:00

BUILD

Merge pull request #50708 from DirectXMan12/versions/autoscaling-v2beta1

2017-09-06 15:46:24 -07:00

godeps-json-updater.go

Clean up staging/godeps-json-updater.go

2017-04-06 09:32:57 +02:00

OWNERS

Add OWNERS for staging and api

2017-04-19 15:58:09 -04:00

prime-apimachinery.sh

Fixup after k8s.io/{kube-gen -> code-generator} rename

2017-08-17 17:55:12 +02:00

README.md

Fixup after k8s.io/{kube-gen -> code-generator} rename

2017-08-17 17:55:12 +02:00

README.md

External Repository Staging Area

This directory is the staging area for packages that have been split to their own repository. The content here will be periodically published to respective top-level k8s.io repositories.

Repositories currently staged here:

k8s.io/apiextensions-apiserver
k8s.io/api
k8s.io/apimachinery
k8s.io/apiserver
k8s.io/client-go
k8s.io/kube-aggregator
k8s.io/code-generator (about to be published)
k8s.io/metrics
k8s.io/sample-apiserver

The code in the staging/ directory is authoritative, i.e. the only copy of the code. You can directly modify such code.

Using staged repositories from Kubernetes code

Kubernetes code uses the repositories in this directory via symlinks in the vendor/k8s.io directory into this staging area. For example, when Kubernetes code imports a package from the k8s.io/client-go repository, that import is resolved to staging/src/k8s.io/client-go relative to the project root:

// pkg/example/some_code.go
package example

import (
  "k8s.io/client-go/dynamic" // resolves to staging/src/k8s.io/client-go/dynamic
)

Once the change-over to external repositories is complete, these repositories will actually be vendored from k8s.io/<package-name>.