Automatic merge from submit-queue. If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Tag pkg_rpm rules as manual
**What this PR does / why we need it**: Mitigation step for #63108. Nothing depends on these rules yet, and tagging as manual prevents `make bazel-build` from building them, too.
**Release note**:
```release-note
NONE
```
/assign @BenTheElder
/cc @sigma
Automatic merge from submit-queue (batch tested with PRs 62495, 63003, 62829, 62151, 62002). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Build cleanup with go 1.10
Simplify our build/test scripts now that go 1.10 is in play. It has caching that seems to actually work.
**Release note**:
```release-note
NONE
```
Automatic merge from submit-queue (batch tested with PRs 62495, 63003, 62829, 62151, 62002). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Add a GCS mirror to WORKSPACE URLs, along with a script to update them.
**What this PR does / why we need it**:
We get occasional flakes when WORKSPACE downloads fail. This should make that much more unlikely, by having two independent endpoints to try.
**Release note**:
```release-note
NONE
```
Automatic merge from submit-queue (batch tested with PRs 63007, 62919, 62669, 62860). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Add unit test for configure-helper.sh.
**What this PR does / why we need it**:
Add a framework for unit-testing configure-helper.sh.
configure-helper.sh plays a critical role in initializing clusters both on GCE and GKE. It is currently, over 2K lines of code, yet it has no unit test coverage.
This PR proposes a framework/approach on how to provide test coverage for this component.
Notes:
1. Changes to configure-helper.sh itself were necessary to enable sourcing of this script for the purposes of testing.
2. As POC api_manifest_test.go covers the logic related to the initialization of apiserver when integration with KMS was requested. The hope is that the same approach could be extended to the rest of the script.
**Which issue(s) this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close the issue(s) when PR gets merged)*:
Fixes #
**Special notes for your reviewer**:
**Release note**:
```release-note
NONE
```
Automatic merge from submit-queue. If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
add test file for pkg/kubectl/cmd/rollout/rollout_pause.go file
new: pkg/kubectl/cmd/rollout/rollout_pause_test.go
modified: pkg/kubectl/cmd/rollout/BUILD
**What this PR does / why we need it**:
**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes #
**Special notes for your reviewer**:
**Release note**:
```release-note
```
This will help avoid flakes when initializing WORKSPACE, since there are
two sources for each file. Any errors downloading or failed hashes cause
bazel to try the next url in the series.
Change #61633 doesn't seem quite correct, and breaks bazel builds.
This patch makes sure that:
- there is no conflict between directory files and build targets
- rpm files are properly packaged after being installed
Automatic merge from submit-queue (batch tested with PRs 62694, 62569, 62646, 61633, 62433). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Patch for #61632, add `/etc/sysconfig/kublet` and supporting wiring.
**What this PR does / why we need it**:
These are just simple config structure changes to better meet expectations for RHEL users. Helps `KUBELET_EXTRA_ARGS` parameters more easily survive across version upgrades without requiring manual merge of the service file.
**Which issue(s) this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close the issue(s) when PR gets merged)*:
Fixes#61632
**Special notes for your reviewer**:
It may be beneficial to give this treatment to other `systemd`-based systems, but I do not have the intellectual authority to do so.
**Release note**:
```NONE
```
Automatic merge from submit-queue (batch tested with PRs 62748, 60536, 62300, 62661, 62731). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
bzl: build --config unit should build with race enabled
This allows preheating unit test runs with:
bazel build -k --config unit -- //... -//vendor/...
```release-note
NONE
```
Automatic merge from submit-queue (batch tested with PRs 62748, 60536, 62300, 62661, 62731). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Wire PrintFlags through delete, replace, run commands
**Release note**:
```release-note
NONE
```
Wires PrintFlags through the `delete`, `replace`, and `run` commands.
All three commands grouped in this patch as they depend on DeleteOptions.
~~Tagged as WIP for now, as I still need to update tests.~~
cc @soltysh @deads2k
Automatic merge from submit-queue (batch tested with PRs 62436, 62499, 62664, 62685, 62660). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
kazel: skip third_party/etcd.*
**What this PR does / why we need it**: fixes the issue encountered in https://github.com/kubernetes/kubernetes/pull/62151#discussion_r179322174.
Basically, we git ignore anything under `third_party/etcd.*`, but if a `BUILD` file ends up in there somehow, it'll confuse kazel and generate invalid entries in top-level `BUILD` files that we do check in. We can avoid this issue by instructing kazel to ignore these directories.
**Release note**:
```release-note
NONE
```
/assign @mikedanese @thockin @BenTheElder
Automatic merge from submit-queue (batch tested with PRs 62192, 61866, 62206, 62360). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Remove rkt references in the codebase
```release-note
None
```
Automatic merge from submit-queue. If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Add documentation around build reproducibility and SOURCE_DATE_EPOCH
**What this PR does / why we need it**: makes some of our notes about reproducibility a bit more discoverable.
**Release note**:
```release-note
NONE
```
/assign @BenTheElder
Mac OS X was renamed to OS X in 2012, and then renamed again to macOS in 2016.
I suggest that the current name should be used when referencing the Apple OS.
Automatic merge from submit-queue (batch tested with PRs 61096, 61955, 61542, 60597). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Update to use go1.10.1
**What this PR does / why we need it**:
Update to use go1.10.1
**Release note**:
```release-note
Update to use go1.10.1
```
Automatic merge from submit-queue (batch tested with PRs 61848, 61188, 56363, 61357, 61838). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
add udev to hyperkube and bump versions
**What this PR does / why we need it**: Adds udev to the hyperkube to fix GCE and OpenStack volume mounts.
**Which issue(s) this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close the issue(s) when PR gets merged)*:
Fixes#61356Fixes#43515
Fixes https://github.com/coreos/bugs/issues/2385
**Special notes for your reviewer**:
/cc @kubernetes/sig-node-bugs @kubernetes/sig-node-pr-reviews
/cc @ixdy
**Release note**:
```release-note
NONE
```
Automatic merge from submit-queue (batch tested with PRs 61378, 60915, 61499, 61507, 61478). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
remove unused htpasswd
This file is not used anywhere.
Further more, this is an error in this file:
```
$ flake8 third_party/htpasswd/htpasswd.py --select=F
third_party/htpasswd/htpasswd.py:46:13: F821 undefined name 'time'
```
**Release note**:
```release-note
NONE
```
Automatic merge from submit-queue (batch tested with PRs 60759, 60531, 60923, 60851, 58717). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Fix build scripts to work in case there are spaces in directory names.
**What this PR does / why we need it**:
Fix kubernetes build scripts to work in case the source directory is in a directory path which contains a space.
You can prepare such a directory like this:
```
$ mkdir '/tmp/test dir/'
$ cd '/tmp/test dir/'
$ git clone https://github.com/kubernetes/kubernetes.git
$ cd kubernetes
```
Then, without the fix:
```
$ KUBE_FASTBUILD=true KUBE_RELEASE_RUN_TESTS=n build/release.sh
cat: /tmp/test: No such file or directory
cat: dir/kubernetes/build/build-image/cross/VERSION: No such file or directory
cat: /tmp/test: No such file or directory
cat: dír/kubernetes/build/build-image/VERSION: No such file or directory
+++ [0307 18:10:33] Verifying Prerequisites....
cp: target '/tmp/test dir/kubernetes/_output/images/kube-build:build-7c7cd10a18--/Dockerfile' is not a directory
!!! [0307 18:10:33] Call tree:
!!! [0307 18:10:33] 1: build/release.sh:35
kube::build::build_image(...)
!!! Error in build/../build/common.sh:454
Error in build/../build/common.sh:454. '((i<3-1))' exited with status 1
Call stack:
1: build/../build/common.sh:454 kube::build::build_image(...)
2: build/release.sh:35 main(...)
Exiting with status 1
```
With the fix the compilation succeeds. The fix is done adding double quotes to required places (and also just in case to other places where shellcheck recommended adding them).
Note that this fix doesn't as such help with the official make-based build: it's tricky to make makefiles work with targets with spaces in their names.
**Which issue(s) this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close the issue(s) when PR gets merged)*:
**Special notes for your reviewer**:
This PR needs pretty thorough review since this touches the core build scripts.
**Release note**:
```release-note
NONE
```
Fix kubernetes build scripts to work in case the source directory is in
a directory path which contains a space.
You can prepare such a directory like this:
$ mkdir '/tmp/test dir/'
$ cd '/tmp/test dir/'
$ git clone https://github.com/kubernetes/kubernetes.git
$ cd kubernetes
Then, without the fix:
$ KUBE_FASTBUILD=true KUBE_RELEASE_RUN_TESTS=n build/release.sh
cat: /tmp/test: No such file or directory
cat: dir/kubernetes/build/build-image/cross/VERSION: No such file or directory
cat: /tmp/test: No such file or directory
cat: dír/kubernetes/build/build-image/VERSION: No such file or directory
+++ [0307 18:10:33] Verifying Prerequisites....
cp: target '/tmp/test dir/kubernetes/_output/images/kube-build:build-7c7cd10a18--/Dockerfile' is not a directory
!!! [0307 18:10:33] Call tree:
!!! [0307 18:10:33] 1: build/release.sh:35
kube::build::build_image(...)
!!! Error in build/../build/common.sh:454
Error in build/../build/common.sh:454. '((i<3-1))' exited with status 1
Call stack:
1: build/../build/common.sh:454 kube::build::build_image(...)
2: build/release.sh:35 main(...)
Exiting with status 1
With the fix the compilation succeeds. The fix is done adding double
quotes to required places (and also just in case to other places where
shellcheck recommended adding them).
Note that this fix doesn't help with the official make-based build:
it's tricky to make makefiles work with targets with spaces in their
names.
This file is not used anywhere.
Further more, this is an error in this file:
```
$ flake8 third_party/htpasswd/htpasswd.py --select=F
third_party/htpasswd/htpasswd.py:46:13: F821 undefined name 'time'
```
Automatic merge from submit-queue. If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Add //test/e2e/... and //test/integration/... to //build/visible_to:COMMON_testing
**What this PR does / why we need it**: adds the common test packages `//test/e2e/...` and `//test/integration/...` to the `COMMON_testing` package group.
The immediate need for this is that #60580 unintentionally broke the integration tests under bazel since it added a new dependency on `//pkg/kubectl/cmd/util` without adding an appropriate entry to `//build/visible_to:COMMON_testing`, and the integration tests aren't currently run under bazel for PRs.
This PR fixes this breakage and proactively fixes future breakages by adding all packages under `//test/e2e` or `//test/integration` to `COMMON_testing`.
**Release note**:
```release-note
NONE
```
/assign @BenTheElder @monopole
/kind bug
/priority important-soon
/sig testing
cc @kad
Automatic merge from submit-queue (batch tested with PRs 60530, 60618). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Add support for `make verify WHAT=typecheck`
This will be used to make the typecheck job emit junit and avoids duplicating the rest of the verify logic.
**Release note**:
```release-note
NONE
```
Automatic merge from submit-queue (batch tested with PRs 60157, 60337, 60246, 59714, 60467). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
don't (remote) cache release-tars
**What this PR does / why we need it**: Disables Bazel *remote* caching for release tarballs. These are large, low hit rate build outputs. Before we enable remote caching for *builds* we should tag these type of outputs. `pull-kubernetes-bazel-test` already has this enabled and dropped in execution time by 70-80%
**Which issue(s) this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close the issue(s) when PR gets merged)*:
Fixes #
**Special notes for your reviewer**: See https://github.com/kubernetes/test-infra/issues/6808 for details on the remote caching. This should not affect local builds. See the following for docs on this change: https://docs.bazel.build/versions/master/remote-caching.html#exclude-specific-targets-from-using-the-remote-cache
**Release note**:
```release-note
NONE
```
Automatic merge from submit-queue (batch tested with PRs 50724, 59025, 59710, 59404, 59958). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Require boilerplate on Bazel Skylark source files
**What this PR does / why we need it**: `.bzl` files are also source code, so they should probably have the boilerplate text too.
**Release note**:
```release-note
NONE
```
Automatic merge from submit-queue. If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Add ipset binary for IPVS, context: Fixes#57321
**What this PR does / why we need it**: Add ipset binary in debian-hyperkube-base which fixes issue 57321
**Which issue(s) this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close the issue(s) when PR gets merged)*:
Fixes#57321
**Special notes for your reviewer**:
**Release note**:
```release-note
Add ipset binary for IPVS to hyperkube docker image
```
We originally seperated build and test so that only 4 integration tests
would be run at a time, but we didn't want to slow down build, however
we didn't know --local_test_jobs existed. This achieves the same result
but more efficiently.
Automatic merge from submit-queue (batch tested with PRs 59705, 59207, 59677). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
build: fix a logic error in shell script.
**What this PR does / why we need it**: It looks like that there's a logic error in `build/common.sh`. The return value of a `docker inspect` command is not checked properly, since the value being assigned is actually the previous command's return value (a `0`, because `local` always returns `0` when used like this).
**Which issue(s) this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close the issue(s) when PR gets merged)*:
Fixes #
**Special notes for your reviewer**:
**Release note**:
```release-note
NONE
```
Automatic merge from submit-queue (batch tested with PRs 57824, 58806, 59410, 59280). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
2nd try at using a vanity GCR name
The 2nd commit here is the changes relative to the reverted PR. Please focus review attention on that.
This is the 2nd attempt. The previous try (#57573) was reverted while we
figured out the regional mirrors (oops).
New plan: k8s.gcr.io is a read-only facade that auto-detects your source
region (us, eu, or asia for now) and pulls from the closest. To publish
an image, push k8s-staging.gcr.io and it will be synced to the regionals
automatically (similar to today). For now the staging is an alias to
gcr.io/google_containers (the legacy URL).
When we move off of google-owned projects (working on it), then we just
do a one-time sync, and change the google-internal config, and nobody
outside should notice.
We can, in parallel, change the auto-sync into a manual sync - send a PR
to "promote" something from staging, and a bot activates it. Nice and
visible, easy to keep track of.
xref https://github.com/kubernetes/release/issues/281
TL;DR:
* The new `staging-k8s.gcr.io` is where we push images. It is literally an alias to `gcr.io/google_containers` (the existing repo) and is hosted in the US.
* The contents of `staging-k8s.gcr.io` are automatically synced to `{asia,eu,us)-k8s.gcr.io`.
* The new `k8s.gcr.io` will be a read-only alias to whichever regional repo is closest to you.
* In the future, images will be promoted from `staging` to regional "prod" more explicitly and auditably.
```release-note
Use "k8s.gcr.io" for pulling container images rather than "gcr.io/google_containers". Images are already synced, so this should not impact anyone materially.
Documentation and tools should all convert to the new name. Users should take note of this in case they see this new name in the system.
```
This is the 2nd attempt. The previous was reverted while we figured out
the regional mirrors (oops).
New plan: k8s.gcr.io is a read-only facade that auto-detects your source
region (us, eu, or asia for now) and pulls from the closest. To publish
an image, push k8s-staging.gcr.io and it will be synced to the regionals
automatically (similar to today). For now the staging is an alias to
gcr.io/google_containers (the legacy URL).
When we move off of google-owned projects (working on it), then we just
do a one-time sync, and change the google-internal config, and nobody
outside should notice.
We can, in parallel, change the auto-sync into a manual sync - send a PR
to "promote" something from staging, and a bot activates it. Nice and
visible, easy to keep track of.
Automatic merge from submit-queue (batch tested with PRs 58562, 56937). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Add xfsprogs to hyperkube baseimage
**What this PR does / why we need it**:
adds `xfsprogs` to hyperkube image, so that XFS filesystem can be created on unformatted volumes.
```release-note
NONE
```
/sig node
/sig storage
The right place to assign the "docker inspect" return value is outside
of the subshell. The last return value was coming from something else
than the expected command.
Automatic merge from submit-queue. If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Build using go1.9.3
**What this PR does / why we need it**: more minor bugfixes, which I guess we probably want. https://github.com/golang/go/issues?q=milestone%3AGo1.9.3
**Special notes for your reviewer**: I haven't built/pushed the crossbuild image yet, but will do so if we think this is a good idea. I don't have plans to rebuild the test images.
**Release note**:
```release-note
Build using go1.9.3.
```
Who are good people to review this?
/assign @cblecker @luxas
(for lack of better ideas)
Automatic merge from submit-queue (batch tested with PRs 57322, 57723, 58706, 59004, 58857). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Make the pause image a manifest list
**What this PR does / why we need it**:
Build and push manifest for kubernetes images
**Which issue(s) this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close the issue(s) when PR gets merged)*:
Fixes https://github.com/kubernetes/kubernetes/issues/57869
**Special notes for your reviewer**:
**Release note**:
```
NONE
```
Automatic merge from submit-queue (batch tested with PRs 54071, 58393). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Optionally launch build containers inside a specific parent cgroup
**What this PR does / why we need it**: Adds support to the build process for launching containers inside a specific parent cgroup via the `--cgroup-parent` docker arg. We needed this to enforce resource usage when building Kubernetes in our CI environment.
**Special notes for your reviewer**: None
**Release note**:
```release-note
NONE
```
basically just:
* move all manifests into the new gce/manifests dir
* move limit-range into gce/addons/limit-range
* move abac jsonl into gce/manifests. this is gross but we will
hopefully be able to delete this config soon. it only exists to support
a deprecated feature.
* fix build, release, deploy to look for everything in its new home
Automatic merge from submit-queue. If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
fix error when run release.sh not in {KUBE_ROOT}
**What this PR does / why we need it**:
add `${KUBE_ROOT}/` in directory, otherwise run
```shell
cd kubernetes/build
./release.sh
```
will exit:
```shell
+++ [0112 18:18:48] Verifying Prerequisites....
cp: cannot stat ‘build/build-image/Dockerfile’: No such file or directory
!!! [0112 18:18:48] Call tree:
!!! [0112 18:18:48] 1: ./release.sh:35 kube::build::build_image(...)
!!! Error in ./../build/common.sh:454
Error in ./../build/common.sh:454. '((i<3-1))' exited with status 1
Call stack:
1: ./../build/common.sh:454 kube::build::build_image(...)
2: ./release.sh:35 main(...)
Exiting with status 1
```
**Which issue(s) this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close the issue(s) when PR gets merged)*:
Fixes #
**Special notes for your reviewer**:
**Release note**:
```release-note
NONE
```
Automatic merge from submit-queue (batch tested with PRs 58216, 58193, 53033, 58219, 55921). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Use the bazel version check function from bazel-skylib
**What this PR does / why we need it**: fixes a bug in parsing the bazel version when a component has more than one digit, e.g. "0.10.0".
**Which issue(s) this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close the issue(s) when PR gets merged)*:
x-ref https://github.com/bazelbuild/bazel/issues/4425
**Special notes for your reviewer**: we also need to update rules_go, but that's a more invasive change, so I've saved that for another PR.
**Release note**:
```release-note
NONE
```
/assign @BenTheElder @mikedanese
This moves plugin/pkg/scheduler to pkg/scheduler and
plugin/cmd/kube-scheduler to cmd/kube-scheduler.
Bulk of the work was done with gomvpkg, except for kube-scheduler main
package.
Automatic merge from submit-queue (batch tested with PRs 56894, 56940, 55223, 56554, 54985). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Fix Makefile doc for quick-release
**What this PR does / why we need it**: Fix Makefile doc for quick-release
In the Makefile doc for quick-release target, it says:
KUBE_FASTBUILD: Whether to cross-compile for other architectures. Set to 'true' to do so.
**Which issue(s) this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close the issue(s) when PR gets merged)*:
Fixes #
**Special notes for your reviewer**:
**Release note**:
```release-note
NONE
```
Looks like 0.6, we ended up with dash as the default shell, with
/bin/sh as well as /bin/dash ending up invoking dash.
We should not change the contract by faking a link to /bin/bash.
Let's install the actual bash package and make sure /bin/sh is
linked to /bin/bash as well.
Automatic merge from submit-queue (batch tested with PRs 56094, 52910, 55953, 56405, 56415). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Update debian-hyperkube-base to 0.7
**What this PR does / why we need it**: this was supposed to be a part of #52744 but was missed in a rebase, I think. Bazel was already using the correct version, but the dockerized releases were not.
**Release note**:
```release-note
NONE
```
/kind bug
/priority important-soon
/assign @rphillips
/cc @luxas @dims
Automatic merge from submit-queue (batch tested with PRs 52049, 56176). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Install kmod instead of module-init-tools in iptables image
**What this PR does / why we need it**: another bit of #52744 that was inadvertently missed.
The debian-iptables image that was pushed already had this fix, but it got lost in rebase, I think.
`module-init-tools` was an alias for `kmod` in debian:jessie, but debian:stretch removed the former.
**Release note**:
```release-note
NONE
```
Automatic merge from submit-queue. If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
kubectl explain: ignore trailing period
Fixes#54891
Ignores trailing period for kubectl explain i.e. `kubectl explain ingress.spec.rules.http.paths.` is valid and defaults to `kubectl explain ingress.spec.rules.http.paths`.
**Release note**:
```release-note
NONE
```
Automatic merge from submit-queue (batch tested with PRs 54773, 52523, 47497, 55356, 49429). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
don't check in mounter binary
```release-note
GCI mounter is moved from the manifests tarball to the server tarball.
```
In the Makefile doc for quick-release target, it says:
KUBE_FASTBUILD: Whether to cross-compile for other architectures. Set to 'true' to do so.
If should be "Set to false"
Automatic merge from submit-queue. If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Kubeadm - Added initial support for Windows worker nodes to join cluster using kubeadm
**What this PR does / why we need it**:
This PR adds initial support for adding a Windows worker node to a Kubernetes cluster with kubeadm. Also adds Windows build of kubeadm to node build targets.
**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes https://github.com/kubernetes/kubeadm/issues/364
**Special notes for your reviewer**:
Depends on #53730
**Release note**:
```release-note
kubeadm: Add support for adding a Windows node
```
Automatic merge from submit-queue (batch tested with PRs 54446, 54202). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Create a new package for generic commands like get
This is in preparation for cleaning up the structure of `kubectl get` to ease implementing serverside get and streaming API responses. Moves a hardcoded constant into a method in preparation for a future serverside implementation. Also improves some existing description text.
Automatic merge from submit-queue. If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Introduce GCE-specific addons directory
**What this PR does / why we need it**:
GCE & GKE currently rely on the cluster bringup defined in the `cluster/gce` directory, but there isn't a good way of deploying GCE specific manifests. Currently the 2 approaches are, put it in `/cluster/addons`, which implies it should be generally useful (not GCE specific), or it is synthesized by one of the bash scripts in `cluster/gce`.
This PR introduces a straightforward way to have GCE-specific manifests deployed for GCE & GKE, without the need to pollute the general addon space.
**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes#53032
**Special notes for your reviewer**:
**Release note**:
```release-note
NONE
```
Automatic merge from submit-queue (batch tested with PRs 54635, 54250, 54657, 54696, 54700). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Add openssh-client back into the debian-hyperkube-base image
**What this PR does / why we need it**: adds `openssh-client` back into the `debian-hyperkube-base` image. This was removed in #48365, but is apparently needed by the gitRepo volume plugin.
**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes#54129
**Special notes for your reviewer**:
I haven't yet pushed this image, so builds will fail. If this looks good, I'll push and re-trigger tests.
**Release note**:
```release-note
Add openssh-client back into the hyperkube image. This allows the gitRepo volume plugin to work properly.
```
/assign @luxas @tallclair
Automatic merge from submit-queue (batch tested with PRs 54336, 54470, 54334, 54175). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Update openapi bazel build to support vendored build
This is one part (see #54335) of enabling vendoring projects like federation to generate openapi code for k8s.io/kubernetes.
edit: These changes are necessary for a project to correctly generate ``vendor/k8s.io/kubernetes/pkg/generated/openapi/zz_generated.openapi.go`` for vendored ``k8s.io/kubernetes``. Without the changes, the vendored output location for ``zz_generated.openapi.go`` would be ``k8s.io/kubernetes`` instead of ``vendor/k8s.io/kubernetes`` and the input files would similarly be from ``k8s.io/kubernetes`` instead of ``k8s.io/myproject``.
/sig testing
/release-note-none
Automatic merge from submit-queue (batch tested with PRs 54545, 54573). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Fix kubeadm e2e CI build
**What this PR does / why we need it**:
This fixes kubeadm e2e tests; the tarfile was extracted to the wrong directory in #51250.
**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes #
fixes: https://github.com/kubernetes/kubernetes/issues/54330
**Special notes for your reviewer**:
**Release note**:
```release-note
NONE
```
@ixdy @pipejakob @kubernetes/sig-cluster-lifecycle-bugs @medinatiger @dims @cmluciano @dixudx
Automatic merge from submit-queue (batch tested with PRs 54045, 51375). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Upgrade to go1.9
**What this PR does / why we need it**:
Upgrade to go1.9. Upgrading is good. It's "the best golang release ever"!
**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes#49484
**Special notes for your reviewer**:
**Release note**:
```release-note
Upgrade to go1.9
```
/assign @luxas @ixdy @wojtek-t
Automatic merge from submit-queue (batch tested with PRs 53106, 52193, 51250, 52449, 53861). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
bump CNI to v0.6.0
**What this PR does / why we need it**:
**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes#49480
**Special notes for your reviewer**:
/assign @luxas @bboreham @feiskyer
**Release note**:
```release-note
bump CNI to v0.6.0
```
Automatic merge from submit-queue (batch tested with PRs 52959, 53790). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Dynamically determine default docker machine memory
**What this PR does / why we need it**:
Currently, if using `docker-machine` for k8s docker operations on a Mac,
we'll create a VM with 4096MB of memory. The machine's RAM will be the
same regardless of the memory available on the local machine. For
example, if the user has 16GB on their local machine, the VM will still
only have 4GB of RAM.
Update the method for defining the `kube-dev` VM with `docker-machine`,
so we give it access to 50% of the total RAM.
**Release note**:
```release-note
NONE
```
Automatic merge from submit-queue. If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Create new targets for running in existing containers (GCB).
Create new targets for running in existing containers (GCB).
1. release-in-a-container - Like 'make release' but in a container.
2. cross-in-a-container - Like 'make cross' but in a container.
3. package-tarballs - (NEW) To package tarballs with a docker dependency
'release-in-a-container' is currently only for testing and is not slated to
be used, but may be useful for testing in some scenarios.
'cross-in-a-container' is meant to be run from the kube-cross image alone.
'package-tarballs' is a companion target that runs from a docker image
to package up the tarballs and images (from cross-in-a-container) for a release.
This is an early step to being able to build releases in Container Builder.
This simple solution to a complex problem brought to you by @javier-b-perez.
ref kubernetes/test-infra/issues/4958
ref kubernetes/test-infra/issues/3356
1. release-in-a-container - Like 'make release' but in a container.
2. cross-in-a-container - Like 'make cross' but in a container.
3. package-tarballs - (NEW) To package tarballs with a docker dependency
'release-in-a-container' is currently only for testing and is not slated to
be used, but may be useful for testing in some scenarios.
'cross-in-a-container' is meant to be run from the kube-cross image alone.
'package-tarballs' is a companion target that runs from a docker image
to package up the tarballs and images (from cross-in-a-container) for a release.
Automatic merge from submit-queue. If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
common.sh fix to detect ip instead of ifconfig
**What this PR does / why we need it**: The IP address detection recently [added](https://github.com/kubernetes/kubernetes/commit/ca76002) to build/common.sh to whitelist the host IP will error if ifconfig is not installed. This patch detects if `ip` is installed and then uses `ip` instead of `ifconfig`.
**Which issue this PR fixes**
**Special notes for your reviewer**:
**Release note**:
/cc @zhouhaibing089
Automatic merge from submit-queue. If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Build hyperkube image using Bazel
**What this PR does / why we need it**: Before we had the hyperkube base image, it was difficult to build the hyperkube with Bazel. Now that we have the base image with all the necessary dependencies, this has become trivial.
This will enable federation jobs etc on prow.
**Special notes for your reviewer**:
**Release note**:
```release-note
NONE
```
/assign @BenTheElder @mikedanese @spxtr
cc @luxas @pipejakob
Automatic merge from submit-queue. If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Move make clean to a static list
**What this PR does / why we need it**:
#51911 changed the functionality of `make clean` to use `git clean` to remove ignored files. This had unintended consequences, wiping things out like etcd. This changes it back to a static list, managed via a bash script. It's not optimal, but the static list of patterns is more up to date then it was keeping it in the make file.
**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes#52271
**Special notes for your reviewer**:
**Release note**:
```release-note
NONE
```
Currently, if using `docker-machine` for k8s docker operations on a Mac,
we'll create a VM with 4096MB of memory. The machine's RAM will be the
same regardless of the memory available on the local machine. For
example, if the user has 16GB on their local machine, the VM will still
only have 4GB of RAM.
Update the method for defining the `kube-dev` VM with `docker-machine`,
so we give it access to 50% of the total RAM.
Automatic merge from submit-queue. If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
bazel: make //cmd/kubectl:kubectl binary publicly visible
**What this PR does / why we need it**: making the `kubectl` binary visible to the release rules only seems unnecessarily restrictive (x-ref https://github.com/bazelbuild/bazel/issues/3744) - I think making this publicly visible should be fine.
**Release note**:
```release-note
NONE
```
/assign @monopole
cc @achew22
Automatic merge from submit-queue (batch tested with PRs 44596, 52708, 53163, 53167, 52692). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Improve deb and rpm packaging in bazel build
**What this PR does / why we need it**:
- kubernetes-cni package now has proper version (0.5.1)
- Synchronize post-1.8 version of 10-kubeadm.conf file from release
repository.
- Fix dependencies
- Improve descriptions in produced packages
**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes #
**Special notes for your reviewer**:
This PR will be safe to cherry-pick to 1.8 branch. After that we will be able to generate from bazel automatically usable packages for both 1.8 and master branch out of bazel builds.
cc @ixdy @mikedanese @luxas
**Release note**:
```release-note
- Improved generation of deb and rpm packages in bazel build
```
- kubernetes-cni package now has proper version (0.5.1)
- Synchronize post-1.8 version of 10-kubeadm.conf file from release
repository.
- Fix dependencies
- Improve descriptions in produced packages
Automatic merge from submit-queue. If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
federation: Remove manifests which are no longer used
Federation manifests files which are meant to be used by CI jobs are no longer used and are out-dated and no longer maintained. So removing them.
**Release note**:
```release-note
NONE
```
/cc @kubernetes/sig-federation-pr-reviews @madhusudancs
Automatic merge from submit-queue. If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>..
bazel: build/test almost everything
**What this PR does / why we need it**: Miscellaneous cleanups and bug fixes. The main motivating idea here was to make `bazel build //...` and `bazel test //...` mostly work. (There's a few reasons these still don't work, but we're a lot closer.)
**Special notes for your reviewer**:
**Release note**:
```release-note
NONE
```
/assign @BenTheElder @mikedanese @spxtr
Automatic merge from submit-queue (batch tested with PRs 52485, 52443, 52597, 52450, 51971). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>..
Enable go race detection for bazel tests.
Testing if setting `features = ["-race"]` fixes the breaks in #50792.
**Release note**:
```release-note
NONE
```
Automatic merge from submit-queue (batch tested with PRs 52477, 52790, 52798). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>..
restore e2fsprogs in hyperkube image
**What this PR does / why we need it**:
Kubernetes defaults to the ext4 filesystem if no filesystem is specified. Unformatted filesystems are not able to be mounted without these tools.
The default ext{2,3,4} tools and mkfs.* utilities should be included in the hyperkube image.
**Which issue this PR fixes**: Fixes#52789#50802
**Special notes for your reviewer**:
**Release note**:
```release-note
NONE
```
Automatic merge from submit-queue (batch tested with PRs 52477, 52790, 52798). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>..
conversion-gen: make staging dirs independent of living in vendor/
The `+k8s:conversion-gen` tags included the package directory inside of kube's vendor dir. This
makes them invalid when we publish staging repos.
Without this PR our sample-apiserver example code-generation is broken once published.
Automatic merge from submit-queue
Add OWNERS for build/debs
**What this PR does / why we need it**:
Makes this directory reflect the actual ownership over this file.
@mikedanese, @pipejakob and myself have worked on the kubeadm e2e CI and the building of debs using bazel, which this folder is responsible for.
@jbeda is already implicitely an owner here
**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes #
**Special notes for your reviewer**:
**Release note**:
```release-note
NONE
```
@kubernetes/sig-cluster-lifecycle-pr-reviews
Automatic merge from submit-queue (batch tested with PRs 52007, 52196, 52169, 52263, 52291)
kubeadm: Enable certificate rotation
**What this PR does / why we need it**:
Enables cert rotation as planned for the v1.8 cycle in https://github.com/kubernetes/kubeadm/issues/386
Can now be done as everything's in place in the code now that beta.1 is released with all the necessary features (Kubelet clientcert rotation now beta, woot!)
**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes #
fixes: https://github.com/kubernetes/kubeadm/issues/386
**Special notes for your reviewer**:
This file does _ONLY_ affect the kubeadm e2e CI.
What will actually end up in the debs/rpms is going into kubernetes/release right before v1.8 is released (due to how those scripts work, not optimal :/ )
**Release note**:
```release-note
kubeadm: Enable kubelet client certificate rotation
```
@kubernetes/sig-cluster-lifecycle-pr-reviews @kubernetes/sig-auth-pr-reviews
Automatic merge from submit-queue
bump QEMU version to v2.9.1
**What this PR does / why we need it**:
**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes #
xref #38067
**Special notes for your reviewer**:
/assign @luxas
**Release note**:
```release-note
update QEMU version to v2.9.1
```
Automatic merge from submit-queue (batch tested with PRs 50602, 51561, 51703, 51748, 49142)
Use arm32v7|arm64v8 images instead of the deprecated armhf|aarch64 image organizations
**What this PR does / why we need it**:
**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes#50601
**Special notes for your reviewer**:
/assign @ixdy @jbeda @zmerlynn
**Release note**:
```release-note
Use arm32v7|arm64v8 images instead of the deprecated armhf|aarch64 image organizations
```
Automatic merge from submit-queue (batch tested with PRs 51666, 49829, 51058, 51004, 50938)
add the caller ip into rsync hosts allow list
fixes https://github.com/kubernetes/kubernetes/issues/51003.
This patch allows running build in pods.
```release-note
NONE
```
Automatic merge from submit-queue (batch tested with PRs 51666, 49829, 51058, 51004, 50938)
Add debugging to the codegen process
This was useful when debugging a different problem.
Automatic merge from submit-queue (batch tested with PRs 51583, 51283, 51374, 51690, 51716)
bazel: Generate deb and rpms package with correct versions
**What this PR does / why we need it**: Currently deb packages generated by bazel build have hardcoded version which does not correspond to actual content. This PR allows to set versions for debian packages similar to rpms.
Another issue that currently versions have underscores in the version field which is not acceptable by many of packaging guidelines. After this PR it will generate versions like:
```
1.6.9
1.7.0~alpha.1
1.7.0~beta.0
1.7.0~rc.1
1.7.0
1.7.1~beta.0
1.7.1
1.7.6~beta.0
1.8.0~alpha.0
1.8.0~alpha.3.602+5f8adc0c042843
1.8.0~alpha.3.601+e3210c6ccf77dd+dirty
```
This allows to sort versions correctly both in DPKG and RPM.
(Fedora packaging guidelines don't like ~, but rpm in Fedora, CentOS and OpenSuSE properly support it).
**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes #
**Special notes for your reviewer**:
Depends on kubernetes/repo-infra#38, don't merge yet.
**Release note**:
```release-note
NONE
```
Automatic merge from submit-queue
kubeadm: Cut unnecessary kubectl dependency
**What this PR does / why we need it**:
Removes unnecessary dep
**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes #
**Special notes for your reviewer**:
**Release note**:
```release-note
NONE
```
@kubernetes/sig-cli-pr-reviews
Automatic merge from submit-queue
Fix rsync issue when maintaining data containers
**What this PR does / why we need it**:
When we stopped syncing the full .git dir into the container and created a dummy git tree, an issue arose if you're maintaining a data dir volume. The git tree created in the container wouldn't be updated if we make more commits and sync them in, and would cause a dirty tree.
This PR changes the rsync flags so that "H" filtered files are hidden from rsync on the source side, and if they exist on the destination side, they will be deleted.
**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes a bug introduced in #50417
**Special notes for your reviewer**:
/assign @sttts @dims @ixdy
**Release note**:
```release-note
NONE
```
Automatic merge from submit-queue (batch tested with PRs 50889, 51347, 50582, 51297, 51264)
bazel: use fast docker_pull
**What this PR does / why we need it**: takes advantage of https://github.com/bazelbuild/rules_docker/pull/71.
Faster builds = yay.
**Release note**:
```release-note
NONE
```
/assign @Q-Lee @spxtr @mikedanese
Automatic merge from submit-queue
Always create vendor/BUILD in hack/update-bazel.sh
**What this PR does / why we need it**: makes sure there's always a `vendor/BUILD` file.
When updating `godeps`, the [instructions](https://github.com/kubernetes/community/blob/master/contributors/devel/godep.md) say to recursively remove `vendor/`, which also removes the `vendor/BUILD` file. Unless you manually recreate this file, running `update-bazel.sh` would instead update the `all-srcs` rule in the root `BUILD.bazel` file, which is not desired. `gazelle` and `kazel` won't create `vendor/BUILD` on their own, since there are no go sources directly in `vendor/`.
With this PR, we'll make sure that the `vendor/BUILD` file always exists, creating it if necessary.
**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes#51075
**Release note**:
```release-note
NONE
```
/assign @spxtr @mikedanese
cc @thockin
Automatic merge from submit-queue (batch tested with PRs 50213, 50707, 49502, 51230, 50848)
Refactor CephFS PV spec
**What this PR does / why we need it**:
refactor CephFS Volume Persistent Volume Spec so CephFS PV's SecretRef allows referencing a secret from a persistent volume in any namespace. This allows locating credentials for persistent volumes in namespaces other than the one containing the PVC.
**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes https://github.com/kubernetes-incubator/external-storage/issues/309
**Special notes for your reviewer**:
@kubernetes/sig-storage-api-reviews
**Release note**:
```release-note
Allow CephFS PV to specify a namespace for secret
```
Automatic merge from submit-queue
Bump repo-infra dependency to fix go_genrule without sandboxing
**What this PR does / why we need it**: pulls in https://github.com/kubernetes/repo-infra/pull/35, which fixes the bazel build when sandboxing is not available.
**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes#49569
**Release note**:
```release-note
NONE
```
/assign @spxtr @mikedanese @BenTheElder
Automatic merge from submit-queue (batch tested with PRs 51193, 51154, 42689, 51189, 51200)
Bumped gRPC version to 1.3.0
**What this PR does / why we need it**:
This PR bumps down the version of the vendored version of gRPC from v1.5.1 to v1.3.0
This is needed as part of the Device Plugin API where we expect client and server to use the Keep alive feature in order to detect an error.
Unfortunately I had to also bump the version of `golang.org/x/text` and `golang.org/x/net`.
- Design document: kubernetes/community#695
- PR tracking: [kubernetes/features#368](https://github.com/kubernetes/features/issues/368#issuecomment-321625420)
**Which issue this PR fixes**: fixes#51099
Which was caused by my previous PR updating to 1.5.1
**Special notes for your reviewer**:
@vishh @jiayingz @shyamjvs
**Release note**:
```
Bumped gRPC to v1.3.0
```
Automatic merge from submit-queue (batch tested with PRs 50489, 51070, 51011, 51022, 51141)
Run multiarch/qemu-user-static:register before building cross-arch images
**What this PR does / why we need it**: #48365 inadvertently broke building non-x86 hyperkube images for developers who'd not built non-x86 images before and thus hadn't yet run `multiarch/qemu-user-static:register`. This PR restores that step.
**Release note**:
```release-note
NONE
```
/assign @david-mcmahon @mbohlool @luxas
Automatic merge from submit-queue (batch tested with PRs 49869, 47987, 50211, 50804, 50583)
Bump repo-infra/kazel dependency
**What this PR does / why we need it**: `kazel` shouldn't be looking under skipped paths (like `_output`) for openapi files. This was fixed in https://github.com/kubernetes/repo-infra/pull/32 and now should be included here.
I've tested locally that this now ignores everything under `_output`.
**Release note**:
```release-note
NONE
```
/assign @mikedanese @spxtr
**What this PR does / why we need it**:
Makes functions in validation/schema.go private to kubectl,
further isolating kubectl.
**Which issue this PR fixes**
Part of a series of PRs to address kubernetes/community#598
**Release note**:
```release-note
NONE
```
Automatic merge from submit-queue
kubeadm: Implementing the controlplane phase
**What this PR does / why we need it:**
This contains implementation of controlplane phases in kubeadm, which is part of the wider effort of implementing phases in kubeadm, previously in alpha stage.
The original proposal for this activity can be found [here](https://github.com/kubernetes/kubeadm/pull/156/files) and related comments.
Kubeadm phase implementation checklist is defined [here](https://github.com/kubernetes/kubeadm/issues/267)
Common implementation guidelines and principles for all phases are defined [here](https://docs.google.com/document/d/1VQMyFIVMfRGQPP3oCUpfjiWtOr3pLxp4g7cP-hXQFXc/edit?usp=sharing)
This PR implements:
- [x] kubeadm phase controlplane: wip by @fabriziopandini
- [x] kubeadm phase controlplane all
- [x] kubeadm phase controlplane etcd
- [x] kubeadm phase controlplane apiserver
- [x] kubeadm phase controlplane scheduler
- [x] kubeadm phase controlplane controller-manager
**Which issue this PR fixes:**
https://github.com/kubernetes/kubeadm/issues/349
**Special notes for your reviewer:**
This PR implements the same approach of #49419, thus minimising rework/impacts on existing codebase.
Automatic merge from submit-queue (batch tested with PRs 49129, 50436, 50417, 50553, 47587)
Avoid rsync of .git directory
**What this PR does / why we need it**:
We don't really need the .git directory to be transferred. This
problem was introduced in the PR #46193:
"Run the update-staging-godeps script inside a docker container"
**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes #
**Special notes for your reviewer**:
Fixes#50272
**Release note**:
```release-note
NONE
```
We don't really need the .git directory to be transferred. This
problem was introduced in the PR:
"Run the update-staging-godeps script inside a docker container"
Fixes#50272
Automatic merge from submit-queue
Support exec/attach/portforward in `kubectl proxy`
Use the UpgradeAwareProxy shared code in kubectl proxy. Provide a separate transport for those requests that does not have HTTP/2 enabled. Refactor the code to be a bit cleaner in places and to better separate changes.
Fixes#32026
```release-note
`kubectl proxy` will now correctly handle the `exec`, `attach`, and `portforward` commands. You must pass `--disable-filter` to the command in order to allow these endpoints.
```
Automatic merge from submit-queue (batch tested with PRs 49805, 50052)
remove the temporary file to make the hyperkube image smaller
Remove the temporary file after apt-get install to make the hyperkube image smaller.
Automatic merge from submit-queue (batch tested with PRs 50103, 49677, 49449, 43586, 48969)
Run kazel on the entire tree
**What this PR does / why we need it**: part of #47558: auto-generate `BUILD` files on the entire tree, since this is what `gazelle` does, and it'll make subsequent reviews easier if less is changing.
**Release note**:
```release-note
NONE
```
/assign
/release-note-none
Automatic merge from submit-queue (batch tested with PRs 48365, 49902, 49808, 48722, 47045)
Rebase hyperkube image on debian-hyperkube-base, based on debian-base.
**What this PR does / why we need it**: saves all of the hyperkube image dependencies in a cacheable base image, rather than downloading them for every build (which is slow and flaky).
This way, at build time, we only need to pull down the hyperkube base image and add the hyperkube binary.
I've additionally based the base image on `debian-base` instead of `debian`, though we amusing end up reinstalling a bunch of the things we removed in `debian-base`.
**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes#35058, at least partially
**Special notes for your reviewer**: I'm increasingly convinced that the hyperkube image is a bad pattern, as this image carries the superset of dependencies anyone might need, rather than the limited set of dependencies one needs. hyperkube really needs a proper owner.
**Release note**:
```release-note
```
/assign @timstclair @luxas @philips @nikhiljindal
cc @kubernetes/sig-release-pr-reviews
Jeff Grafton