Automatic merge from submit-queue (batch tested with PRs 61904, 61565, 61401, 61432, 61772). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Remove rktnetes code
**What this PR does / why we need it**:
rktnetes is scheduled to be deprecated in 1.10 (#53601). According to the deprecation policy for beta CLI and flags, we can remove the feature in 1.11.
**Which issue(s) this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close the issue(s) when PR gets merged)*:
Fixes#58721
**Special notes for your reviewer**:
**Release note**:
```release-note
Removed rknetes code, which was deprecated in 1.10.
```
/assign @yujuhong
/hold
Hold until the end of the freeze.
Automatic merge from submit-queue (batch tested with PRs 61904, 61565, 61401, 61432, 61772). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Allow curl --max-time to be configurable
**What this PR does / why we need it**:
In nested virutalized environments, the 1 second max-time is too
low. Just bumping up WAIT_FOR_URL_API_SERVER does not work unless
we bump up the max-time too.
**Which issue(s) this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close the issue(s) when PR gets merged)*:
Fixes #
**Special notes for your reviewer**:
**Release note**:
```release-note
NONE
```
Automatic merge from submit-queue (batch tested with PRs 61842, 61477, 61777). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Turn server-print on by default in kubectl
**What this PR does / why we need it**:
#55637 introduced `-experimental-server-print` that enabled users to opt-in to user server-side printing. This is a followup which enables this functionality by default, with the ability to fallback not to do it with `--server-print=false`.
/assign @smarterclayton @juanvallejo
**Release note**:
```release-note
Enable server-side print in kubectl by default, with the ability to turn it off with --server-print=false
```
Automatic merge from submit-queue (batch tested with PRs 61790, 61808, 60339, 61615, 61757). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Ensure -o yaml populates kind/apiVersion
Fixes#61780
```release-note
kubectl: fixes issue with `-o yaml` and `-o json` omitting kind and apiVersion when used with `--dry-run`
```
In nested virutalized environments, the 1 second max-time is too
low. Just bumping up WAIT_FOR_URL_API_SERVER does not work unless
we bump up the max-time too. Let us just make it configurable like
so folks can customize to their environment.
rktnetes is scheduled to be deprecated in 1.10 (#53601). According to
the deprecation policy for beta CLI and flags, we can remove the feature
in 1.11.
Fixes#58721
Automatic merge from submit-queue (batch tested with PRs 60519, 61099, 61218, 61166, 61714). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Automatically add system critical priority classes at cluster boostrapping
**What this PR does / why we need it**:
We had two PriorityClasses that were hardcoded and special cased in our code base. These two priority classes never existed in API server. Priority admission controller had code to resolve these two names. This PR removes the hardcoded PriorityClasses and adds code to create these PriorityClasses automatically when API server starts.
**Which issue(s) this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close the issue(s) when PR gets merged)*:
Fixes#60178
ref/ #57471
**Special notes for your reviewer**:
**Release note**:
```release-note
Automatically add system critical priority classes at cluster boostrapping.
```
/sig scheduling
Automatic merge from submit-queue (batch tested with PRs 61546, 61038, 61575, 60779, 61496). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
prune Bazel build files from imported go deps and update to gazelle 0.10.1
**What this PR does / why we need it**: updates the `hack/godep-save.sh` script to prune any imported `BUILD`, `BUILD.bazel`, or `WORKSPACE` files.
We assume anything imported through godep doesn't need Bazel, but a Bazel-enabled Go project may include `BUILD` files with missing dependencies not imported by godep. To prevent this from breaking the Bazel build, remove these. (Gazelle will then regenerate the `BUILD` files based on the go build metadata.)
Additionally, there seems to be a bug in gazelle where it follows the `vendor/k8s.io` staging symlinks only when run through `hack/run-in-gopath.sh`. Updating to gazelle 0.10.1 fixes this bug.
A similar PR was recently merged in kubernetes/test-infra: https://github.com/kubernetes/test-infra/pull/7366
**Release note**:
```release-note
NONE
```
/assign @thockin
cc @jayconrod
The file was analyzed with shellcheck, and various issues fixed. Most of
the problems were just cleanups, but also potential bugs were fixed.
Many variables were quoted with double quotes to prevent globbing. The
local_files array expansion was quoted so that any file names with
potential spaces in the filename would not be re-split. The empty
default value was removed from the list processing. POSIX standard "grep
-E" was used instead of egrep.
In code "popd 2>&1 > /dev/null" the stderr output goes to the terminal
instead of /dev/null, which is clearly the intention. Change the order
to fix this in four places. Also, while at it, change one incorrect
comparison to use "-gt" instead of ">" in the same file.
Automatic merge from submit-queue (batch tested with PRs 61453, 61393, 61379, 61373, 61494). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Make `test-cmd` work with OS-X tooling
OS-X thips with the BSD versions of `date` and `grep`. Those don't have
certain features the script relies on:
- BSD date does not support nanoseconds (`%N`)
- BSD grep does not support perl RegEx (`-P`)
As we use `bash` specifically in the hashbang anyway it is probably fine
to rely on the `$RANDOM` bashism here.
**What this PR does / why we need it**:
Currently `make test-cmd` doesn't work on OSX. This PR makes `make test-cmd` work on OSX.
**Release note**:
```release-note
`make test-cmd` now works on OSX.
```
cc: @apelisse
Automatic merge from submit-queue (batch tested with PRs 61396, 61321, 61443, 60911, 61461). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Add COPYING file name as valid license file
**What this PR does / why we need it**:
Some valuable libraries such as https://github.com/google/shlex which could be integrated into Kubernetes use COPYING for their License file name. This would be helpful in getting pull requests such as https://github.com/kubernetes/kubernetes/pull/59700 merged.
**Which issue(s) this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close the issue(s) when PR gets merged)*:
Fixes #
**Special notes for your reviewer**:
**Release note**:
```release-note
NONE
```
Automatic merge from submit-queue (batch tested with PRs 60980, 61273, 60811, 61021, 61367). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
prevent conformance test failure in DIND scenario
**What this PR does / why we need it**:
in the "ci-kubernetes-local-e2e" job, we are running local-up-cluster.sh
using DIND. We see failure for "HostPath should give a volume the
correct mode [Conformance]" test. The failure looks as follows:
linux mounts: path /tmp is mounted on / but it is not a shared or slave
mount
**Which issue(s) this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close the issue(s) when PR gets merged)*:
Fixes #
**Special notes for your reviewer**:
https://github.com/kubernetes/kubernetes/issues/61058#issuecomment-372764783
**Release note**:
```release-note
NONE
```
Automatic merge from submit-queue (batch tested with PRs 60373, 61098, 61352, 61359, 61362). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Use mktemp instead of static temporary file path in scripts.
**What this PR does / why we need it**:
Using static file names in `/tmp` is considered to be a security anti-pattern, even if the modern Linux distributions make it difficult for the attacker to use symbolic link attacks against the `/tmp` directory. We should consider changing to the pattern of safely creating a temporary directory which only the user can access and placing the temporary files there. This assumes that `mktemp` command is installed -- it should be a safe assumption since the command is already widely used in the kubernetes scripts.
**Which issue(s) this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close the issue(s) when PR gets merged)*:
Fixes #
**Special notes for your reviewer**:
**Release note**:
```release-note
NONE
```
Automatic merge from submit-queue (batch tested with PRs 60793, 61181, 61267, 61252, 61334). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
--show-all is inert in v1.11
**What this PR does / why we need it**:
`--show-all` is inert in v1.11
ref: #60210
**Special notes for your reviewer**:
/assign @deads2k
**Release note**:
```release-note
`--show-all` (which only affected pods and only for human readable/non-API printers) is inert in v1.11, and will be removed in a future release.
```
Automatic merge from submit-queue. If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Remove YEAR field of all generated files and fix kubernetes boilerplate checker
**What this PR does / why we need it**:
Remove YEAR field of all generated files and fix kubernetes boilerplate checker
xref: [remove YEAR fileds in gengo #91](https://github.com/kubernetes/gengo/pull/91)
**Which issue(s) this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close the issue(s) when PR gets merged)*:
Fixes [#gengo/issues/24](https://github.com/kubernetes/gengo/issues/24)
**Special notes for your reviewer**:
/cc @thockin @lavalamp @sttts
**Release note**:
```release-note
NONE
```
Automatic merge from submit-queue (batch tested with PRs 61124, 59537, 61235, 61258, 61114). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
remove outdated waiting apiserver comments in local-up-cluster.sh
**What this PR does / why we need it**:
Now secure port is used, remove outdated waiting for apiserver healthy comments in local-up-cluster.sh.
**Release note**:
```release-note
NONE
```
Automatic merge from submit-queue (batch tested with PRs 61087, 61075, 61213, 61149, 60826). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Add support for --dry-run to kubectl create job
**What this PR does / why we need it**:
Create job subcommand lacks dry-run flag, this patch fix this.
**Which issue(s) this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close the issue(s) when PR gets merged)*:
Fixes #
**Special notes for your reviewer**:
**Release note**:
```release-note
NONE
```
Automatic merge from submit-queue (batch tested with PRs 57871, 61094, 60459, 61089, 61105). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
remove hack/test-cmd.sh: make is the main build tool
The script suggests to use `make test-cmd` and we don't use this script anywhere.
**Release note**:
```release-note
NONE
```
/kind cleanup
/assign sttts cblecker
Automatic merge from submit-queue (batch tested with PRs 60919, 60953, 61085, 61083, 60971). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
remove unused `pkg/api/unversioned`
**What this PR does / why we need it**:
clean code, see #61084
**Which issue(s) this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close the issue(s) when PR gets merged)*:
Fixes#61084
**Special notes for your reviewer**:
**Release note**:
```release-note
NONE
```
1.add dry-run flag for create job subcommand
2.add cmd-util test for create job subcommand
modified: pkg/kubectl/cmd/create_job.go
modified: hack/make-rules/test-cmd-util.sh
Automatic merge from submit-queue (batch tested with PRs 60696, 60876, 60901, 60925, 60428). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
remove unused hack/lookup_pull.py
This script is not used anywhere.
**What this PR does / why we need it**:
**Which issue(s) this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close the issue(s) when PR gets merged)*:
Fixes #
**Special notes for your reviewer**:
**Release note**:
```release-note
NONE
```
Automatic merge from submit-queue. If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Add myself for sig-cli related stuff as approver
This is adding me as an approver for sig-cli related things.
/assign @pwittrock
**Release note**:
```release-note
None
```
Automatic merge from submit-queue (batch tested with PRs 60710, 60855, 60873, 60895, 60862). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
translate hack/e2e.go -v to --verbose-commands
**What this PR does / why we need it**: translates the old `go run hack/e2e.go` `-v` flag to `--verbose-commands` for kubetest. kubetest now imports client-go, which imports `glog`, which registers an incompatible `-v level` flag so kubetest now uses `--verbose-commands` instead.
This should fix existing workflows.
**Which issue(s) this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close the issue(s) when PR gets merged)*:
Fixes #
**Special notes for your reviewer**: See also: https://github.com/kubernetes/community/pull/1901
**Release note**:
```release-note
NONE
```
Automatic merge from submit-queue (batch tested with PRs 60710, 60855, 60873, 60895, 60862). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Fix local cluster leaking memory.
**What this PR does / why we need it**:
Local cluster is leaking memory due to mutation detector being enabled.
In addition there is no warning in the logs that this could be the
issue.
Added a log warning when this feature is enabled to make debugging this
issue easier for other cases of this.
**Which issue(s) this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close the issue(s) when PR gets merged)*:
Fixes#60854
**Special notes for your reviewer**:
**Release note**:
```release-note
None
```
Automatic merge from submit-queue (batch tested with PRs 60710, 60855, 60873, 60895, 60862). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Move `persistentvolume` into `storage` package under `plugin/pkg/admission`
Sorry for omitting this in the previous PR #60367
**What this PR does / why we need it**:
**Which issue(s) this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close the issue(s) when PR gets merged)*:
Following #60367
**Special notes for your reviewer**:
**Release note**:
```release-note
NONE
```
/assign @jsafrane @thockin
Automatic merge from submit-queue (batch tested with PRs 60574, 60666, 60831, 60877, 60357). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
remove some not used imports from python codes
remove some not used imports from python codes
/assign @sttts
**Release note**:
```release-note
NONE
```
OS-X thips with the BSD versions of `date` and `grep`. Those don't have
certain features the script relies on:
- BSD date does not support nanoseconds (`%N`)
- BSD grep does not support perl RegEx (`-P`)
As we use `bash` specifically in the hashbang anyway it is probably fine
to rely on the `$RANDOM` bashism here.
in the "ci-kubernetes-local-e2e" job, we are running local-up-cluster.sh
using DIND. We see failure for "HostPath should give a volume the
correct mode [Conformance]" test. The failure looks as follows:
linux mounts: path /tmp is mounted on / but it is not a shared or slave
mount
Using static paths for temporary files has been a security problem in
the past. Use kube::util::ensure-temp-dir to create a safe temporary
directory and place the temporary file there.
Automatic merge from submit-queue. If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Bump to etcd 3.1.12 to pick up critical fix
etcd [3.1.12](https://github.com/coreos/etcd/releases/tag/v3.1.12) (as well as 3.2.17 and 3.3.2) was released yesterday to fix a bug critical to kubernetes:
Fix [mvcc "unsynced" watcher restore operation](https://github.com/coreos/etcd/pull/9297).
- "unsynced" watcher is watcher that needs to be in sync with events that have happened.
- That is, "unsynced" watcher is the slow watcher that was requested on old revision.
- "unsynced" watcher restore operation was not correctly populating its underlying watcher group.
- Which possibly causes [missing events from "unsynced" watchers](https://github.com/coreos/etcd/issues/9086).
This will be backported to 1.9 as well.
Release note:
```release-note
Upgrade the default etcd server version to 3.1.12 to pick up critical etcd "mvcc "unsynced" watcher restore operation" fix.
```
cc @gyuho @wojtek-t @shyamjvs @timothysc @jdumars
Kubernetes Submit Queue