scottk/kubernetes
1
0
Fork 0
mirror of https://github.com/optim-enterprises-bv/kubernetes.git synced 2025-11-02 19:28:16 +00:00
Code Issues Packages Projects Releases Wiki Activity
128,672 Commits 1 Branch 0 Tags
309c4c17fb1dec52328f3e6b4482bc2a4037c45a
Commit Graph

6769 Commits

Author SHA1 Message Date
Kubernetes Prow Robot
309c4c17fb Merge pull request #128499 from stlaz/ctb_betav1 
ClusterTrustBundles - move to beta
 2025-03-11 12:47:45 -07:00
Kubernetes Prow Robot
652f681c2b Merge pull request #130650 from natasha41575/pod-conditions-controller 
[FG:PodObservedGenerationTracking] controller sets observedGeneration on pod conditions
 2025-03-11 11:27:54 -07:00
Stanislav Láznička
5b3b68a3a1 KCM: CTBPublisher: use generics to handle both alpha/beta APIs 2025-03-11 18:07:29 +01:00
Stanislav Láznička
e0f536bf1f use the ClusterTrustBundles beta API 2025-03-11 18:07:24 +01:00
Keisuke Ishigami
efac8fdea2 Delete todo comment to ignore update where 'old' is equivalent to 'cur' (#130322) 
* use resource version to ignore updating pdb

* delete todo comment
 2025-03-11 07:13:46 -07:00
Kubernetes Prow Robot
3782b558a2 Merge pull request #128786 from danwinship/bad-ip-warnings 
warn on bad IPs in objects
 2025-03-11 00:11:47 -07:00
Natasha Sarkar
af9ac325b1 controller sets observedGeneration on pod conditions 2025-03-10 16:37:55 +00:00
Tim Hockin
e54719bb66 Use randfill, do API renames 2025-03-08 15:18:00 -08:00
Kubernetes Prow Robot
2effa5e3cf Merge pull request #130352 from natasha41575/kubelet-pod-observedgen 
[FG:PodObservedGenerationTracking] Kubelet sets pod `status.observedGeneration` when updating the pod status
 2025-03-07 13:33:45 -08:00
Dan Winship
d4c55d06cf Export endpoints, endpointslice, mirroring controller names 2025-03-07 10:52:54 -05:00
Kubernetes Prow Robot
9d45ea8b9d Merge pull request #128586 from mortent/DRAPrioritizedList 
Prioritized Alternatives in Device Requests
 2025-03-06 21:01:44 -08:00
Natasha Sarkar
701b76f10d pod gc controller sets status.observedGeneration upon pod failure 2025-03-06 22:31:15 +00:00
Cici Huang
6645022d8b Update status before returning err 2025-03-06 10:54:45 -08:00
Kubernetes Prow Robot
50927130ff Merge pull request #130582 from tenzen-y/use-suspended-job-util 
Job: Use jobSuspended util for suspended detection
 2025-03-05 15:49:51 -08:00
Kubernetes Prow Robot
8873c7e875 Merge pull request #130564 from danwinship/label-endpoints 
Add "endpoints.kubernetes.io/managed-by" label to Endpoints
 2025-03-05 13:29:45 -08:00
Yuki Iwai
8202b791e9 Job: Use jobSuspended util for suspended detection 
Signed-off-by: Yuki Iwai <yuki.iwai.tz@gmail.com>
 2025-03-05 18:12:59 +09:00
Kubernetes Prow Robot
76b80b1c15 Merge pull request #130507 from cici37/updateFG 
Update OrderedNamespaceDeletion feature gate on by default
 2025-03-04 14:49:52 -08:00
Dan Winship
c4ea350ef6 Add "endpoints.kubernetes.io/managed-by" label to Endpoints 
Add a label to allow us to recognize endpoint-controller-generated
Endpoints in the future. (In particular, to allow us to recognize
stale Endpoints whose Service gets deleted while the Endpoints
controller is not running.)

Unlike the corresponding EndpointSlice label, this is not defined as
part of the public API, because we have no interest in getting other
controllers to use it. (They should switch to creating EndpointSlices
instead.)
 2025-03-04 11:06:10 -05:00
Cici Huang
9598e5a1a5 Mark the feature gate on by default since it's a security fix. 2025-03-03 14:44:17 -08:00
Kubernetes Prow Robot
df030f3851 Merge pull request #130472 from jsafrane/selinux-controller-ignore-recursive 
selinux: Ignore pods with Recursive policy
 2025-03-03 14:29:56 -08:00
Kubernetes Prow Robot
d04883c90c Merge pull request #130061 from mimowo/make-backoffperindex-stable 
Graduate Backoff Limit Per Index as stable
 2025-02-28 13:37:02 -08:00
Morten Torkildsen
36d8a44b9c DRA: Update controller for Prioritized Alternatives in Device Requests 2025-02-28 19:32:59 +00:00
Jan Safranek
052f1fe820 Update tests 2025-02-28 16:42:20 +01:00
carlory
28d359beec promote HonorPVReclaimPolicy to GA 
Signed-off-by: carlory <baofa.fan@daocloud.io>
 2025-02-27 14:01:22 +08:00
Kubernetes Prow Robot
b38bf6c312 Merge pull request #130035 from cici37/nsDeletion 
[KEP-5080]Ordered Namespace Deletion
 2025-02-26 10:16:30 -08:00
Michal Wozniak
a91ed902fe Graduate Backoff Limit Per Index as stable 
Reenable the JobBackoffLimitPerIndex_Reenabling integration test
 2025-02-26 17:06:37 +01:00
Kubernetes Prow Robot
81f03c2f5b Merge pull request #124137 from ratnadeepb/testForceDetachMetric_invoke 
fix: Ensure testForceDetachMetric works on the delta of ForceDetachMetricCounter
 2025-02-25 09:40:29 -08:00
Jan Safranek
eeabc3ac6c selinux: Ignore pods with Recursive policy 
Pod that explicitly opted into "seLinuxChangePolicy: Recursive" should not
report conflicts with another SELinux labels. They will only report a
conflict with other Pods using the same volume with "seLinuxChangePolicy:
Mount" (or nil).
 2025-02-25 16:34:02 +01:00
Cici Huang
06fa6158a0 Update namespace deletion process when feature gate OrderedNamespaceDeletion enabled. 2025-02-20 20:33:46 -08:00
Kubernetes Prow Robot
5822bb5232 Merge pull request #130101 from danwinship/controller-ip-canonicalization 
Canonicalize IPs written out by controllers
 2025-02-20 19:48:26 -08:00
Jan Safranek
2050d6fc69 selinux: add a new SELinux translator to the controller 
A real SELinuxOptionsToFileLabel function needs access to host's
/etc/selinux to read the defaults. This is not possible in
kube-controller-manager that often runs in a container and does not have
access to /etc on the host. Even if it had, it could run on a different
Linux distro than worker nodes.

Therefore implement a custom SELinuxOptionsToFileLabel that does not
default fields in SELinuxOptions and uses just fields provided by the Pod.

Since the controller cannot default empty SELinux label components,
treat them as incomparable.
Example: "system_u:system_r:container_t:s0:c1,c2" *does not* conflict with ":::s0:c1,c2",
because the node that will run such a Pod may expand "":::s0:c1,c2" to "system_u:system_r:container_t:s0:c1,c2".
However, "system_u:system_r:container_t:s0:c1,c2" *does* conflict with ":::s0:c98,c99".
 2025-02-17 13:32:10 +01:00
Dan Winship
6512de76ce Make EndpointSlice mirroring controller always canonicalize the IPs it writes out 
(Also rearrange some code to avoid parsing the IP twice.)
 2025-02-11 21:46:15 -05:00
Dan Winship
29be52b3f7 Make EndpointSlice controller always canonicalize the IPs it writes out 2025-02-11 21:46:15 -05:00
Dan Winship
7259742e23 Make Endpoints controller always canonicalize the IPs it writes out 
Also, fix the unit tests to not sometimes generate alleged pod IPs
like "1.2.3.999".
 2025-02-11 21:46:13 -05:00
Dan Winship
1bd3d34d6f Remove some dead code in the Endpoints controller 
There was code to deal with upgrades from pre-dual-stack-aware
apiservers, with a note to "remove when the possibility of upgrading
from a cluster that does not support dual stack is nil".

(This requires fixing the unit tests to fill in
service.Spec.IPFamilies like a modern apiserver would do.)
 2025-02-11 18:11:56 -05:00
Gunju Kim
0bee0bcaa7 Promote SidecarContainers feature to GA 2025-02-02 17:45:36 +09:00
Kubernetes Prow Robot
586f0fad5c Merge pull request #125046 from tklauser/min-max-builtins 
Use Go 1.21 min/max builtins
 2025-01-30 07:33:23 -08:00
Davanum Srinivas
4e05bc20db Linter to ensure go-cmp/cmp is used ONLY in tests 
Signed-off-by: Davanum Srinivas <davanum@gmail.com>
 2025-01-24 20:49:14 -05:00
Filip Křepinský
e263b878ee Deployment controller should count terminating pods in the status 2025-01-23 22:37:05 +01:00
Filip Křepinský
dc1914c61c ReplicaSet controller should count terminating pods in the status 2025-01-23 22:26:34 +01:00
Kubernetes Prow Robot
a444a5bfed Merge pull request #129732 from dims/switch-to-v2.6.3-of-gopkg.in/go-jose/go-jose.v2 
Switch to gopkg.in/go-jose/go-jose.v2 @ v2.6.3 and github.com/coreos/go-oidc @ v2.3.0
 2025-01-22 13:40:38 -08:00
Davanum Srinivas
c9e81cd84c Switch to gopkg.in/go-jose/go-jose.v2 @ v2.6.3 
Signed-off-by: Davanum Srinivas <davanum@gmail.com>
 2025-01-21 09:21:27 -05:00
Antonio Ojea
7721590b9e update controller manager 2025-01-20 13:01:53 +00:00
Kubernetes Prow Robot
4766d191f4 Merge pull request #129577 from ning0515/fix-125332 
Only set worker to nil when the key exists.
 2025-01-20 01:14:36 -08:00
XiangNing Xia
25a6fa144f There is no need to set the worker to nil to avoid potential timing issues. 2025-01-17 10:10:58 +00:00
jasondrogba
94d90fafee fix name 2025-01-15 18:14:32 +08:00
xigang
0e55e47cff Remove unnecessary logging in FilterActivePods 
Signed-off-by: xigang <wangxigang2014@gmail.com>
 2025-01-11 10:44:00 +08:00
Adrian Moisey
42a5e5f425 Pass context down to wait.PollUntilContextTimeout 2025-01-07 16:25:55 +02:00
Adrian Moisey
6168143386 Remove use of deprecated functions 
Removes use of deprecated functions in k8s.io/utils/pointer and k8s.io/apimachinery/pkg/util/sets
 2024-12-31 15:11:38 +02:00
Arda Güçlü
a88e08c397 Do not attempt to truncate revision history if revisionHistoryLimit is negative 2024-12-19 11:35:29 +03:00