Centralize the creation of the dialer during startup.
Have the dialer then passed in to both APIServer and Aggregator.
Aggregator the sets the dialer on its Transport base.
This should allow the SSTunnel to be used but also allow the Aggregation
Auth to work with it.
Depending on Environment InsecureSkipTLSVerify *may* need to be set to
true.
Fixed as few tests to call CreateDialer as part of start-up.
Automatic merge from submit-queue (batch tested with PRs 46076, 43879, 44897, 46556, 46654)
Use meta.v1 GroupVersionKind with json tags to generate OpenAPI spec
We are using two different GVK struct in generation of OpenAPI extensions. This PR unify that and also add json tags to meta.v1 GVK to comply with json naming system in other serializations. Also the value of Action extension is now lowercase.
ref: https://github.com/kubernetes/kubernetes/pull/46388
Automatic merge from submit-queue (batch tested with PRs 46076, 43879, 44897, 46556, 46654)
Local storage plugin
**What this PR does / why we need it**:
Volume plugin implementation for local persistent volumes. Scheduler predicate will direct already-bound PVCs to the node that the local PV is at. PVC binding still happens independently.
**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*:
Part of #43640
**Release note**:
```
Alpha feature: Local volume plugin allows local directories to be created and consumed as a Persistent Volume. These volumes have node affinity and pods will only be scheduled to the node that the volume is at.
```
Automatic merge from submit-queue (batch tested with PRs 42240, 46100, 46154, 46431, 45755)
Fix api description in swagger
**What this PR does / why we need it**:
**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes #
**Special notes for your reviewer**:
**Release note**:
```release-note
NONE
```
Automatic merge from submit-queue (batch tested with PRs 46489, 46281, 46463, 46114, 43946)
Allow PSP's to specify a whitelist of allowed paths for host volume
**What this PR does / why we need it**:
This PR adds the ability to whitelist paths for the host volume to ensure pods cannot access directories they aren't supposed to. E.g. `/var/lib/kubelet`, `/etc/kubernetes/*`, etc.
**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes#29326
**Special notes for your reviewer**:
**Release note**:
```release-note
Allow PSP's to specify a whitelist of allowed paths for host volume based on path prefixes
```
Adding instructions for out-of-cluster example and making it work without
specifying the -kubeconfig argument if the home directory can be inferred.
This is part of the body of work improving the client library samples.
Signed-off-by: Ahmet Alp Balkan <ahmetb@google.com>
This sample adds sample code for create/list/replace/delete operations for
Deployment resource for client-go library. This patch also contains
documentation explaining what the example application does and how it can be
executed.
This patch is part of the body of work improving the client library samples.
Signed-off-by: Ahmet Alp Balkan <ahmetb@google.com>
Automatic merge from submit-queue (batch tested with PRs 46552, 46608, 46390, 46605, 46459)
Move admission lifecycle to genericapi
**What this PR does / why we need it**: ends the whole sequence of moving some admission plugins to generic api.
**Release note**:
```release-note
NONE
```
Automatic merge from submit-queue (batch tested with PRs 46552, 46608, 46390, 46605, 46459)
Require DeleteStrategy for all registry.Store
**What this PR does / why we need it**:
All `registry.Store` objects already set a non-nil `DeleteStrategy`. This change ensures that all future objects do so as well.
Signed-off-by: Monis Khan <mkhan@redhat.com>
xref: #24153 openshift/origin/issues/14198
cc @deads2k @liggitt @caesarxuchao @lavalamp @smarterclayton @derekmahar
In regards to this, why is the `RESTDeleteStrategy` a useless interface (as far as deletion goes)? We cast it to `GarbageCollectionDeleteStrategy` or `RESTGracefulDeleteStrategy` in an attempt to do operations related to deletion, but we have "default" behavior for both of those cases. It should be possible to make `DeleteStrategy` optional by using the other strategies as the `runtime.ObjectTyper` and then defaulting a `nil` `DeleteStrategy` with the expected behavior.
```go
// RESTDeleteStrategy defines deletion behavior on an object that follows Kubernetes
// API conventions.
type RESTDeleteStrategy interface {
runtime.ObjectTyper
}
type GarbageCollectionPolicy string
const (
DeleteDependents GarbageCollectionPolicy = "DeleteDependents"
OrphanDependents GarbageCollectionPolicy = "OrphanDependents"
)
// GarbageCollectionDeleteStrategy must be implemented by the registry that wants to
// orphan dependents by default.
type GarbageCollectionDeleteStrategy interface {
// DefaultGarbageCollectionPolicy returns the default garbage collection behavior.
DefaultGarbageCollectionPolicy() GarbageCollectionPolicy
}
// RESTGracefulDeleteStrategy must be implemented by the registry that supports
// graceful deletion.
type RESTGracefulDeleteStrategy interface {
// CheckGracefulDelete should return true if the object can be gracefully deleted and set
// any default values on the DeleteOptions.
CheckGracefulDelete(ctx genericapirequest.Context, obj runtime.Object, options *metav1.DeleteOptions) bool
}
```
**Release note**:
```
NONE
```
Automatic merge from submit-queue (batch tested with PRs 43275, 45014, 46449, 46488, 46525)
move CustomResourceDefinitions from alpha to beta
CRDs are built upon the known ThirdPartyResource API with the lessons learned guiding the new shape. Short comings of the old TPR API even have specific tests to ensure that CRDs do not face the same issues. Given that, this API qualifies for beta.
These are straight mechanical changes.
@kubernetes/sig-api-machinery-misc
@ericchiang You asked about this in the original pull.
Automatic merge from submit-queue (batch tested with PRs 43275, 45014, 46449, 46488, 46525)
Export ErrWatchClosed from watch.Until
This is needed so that users of watch.Until may check for this
particular error instead of attempting to match the error string.
Automatic merge from submit-queue
Fix golint error in apimachinery/pkg/{fields,lables}
Also add these two packages to linted packages lists
**What this PR does / why we need it**:
**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes #
**Special notes for your reviewer**:
**Release note**:
```release-note
```
All generic registries expose metadata output, and refactor endpoints to
allow negotiation to handle those responses. Add support for
PartialObjectMetadata being returned for objects as well.
lifecycle plugin: make use of the libraries under k8s.io/client-go/pkg/api and k8s.io/client-go/kubernetes
for the client libraries instead of k8s.io/kubernetes/client/*
move registration to AdmissionOptions
Automatic merge from submit-queue (batch tested with PRs 45699, 46200, 46335, 46599)
apiextensions: add integration test for name conflicts
**What this PR does / why we need it**: Add integration test for name conflicts.
Create 2 CRDs with name conflict. The controller sets the NameConflict condition on the second one. Delete the first one. The second CRD should now get accepted.
Update:
- [x] Add integration test for name conflicts
- [x] Fix naming controller so that when a resource is deleted, other resources in the same group are added to the queue
- [x] Add integration test for self link (cluster scoped resources)
- [x] Add bigger poll interval
- [x] Fix DeleteCustomResourceDefinition poll condition
**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: for #45511
**Special notes for your reviewer**:
**Release note**:
```
NONE
```
@sttts
* add integration test for name conflicts of CRDs
* fix naming controller so that when a resource is deleted,
other resources in the same group are added to the queue
* add integration test for self link (clusterscoped resources)
* fix minor nits
address comments
add comments and fix nits
Bigger poll interval
customResource -> crd
Fix DeleteCustomResourceDefinition condition
