github
/
k3s
mirror of https://github.com/k3s-io/k3s
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
72,476 Commits
32 Branches
881 Tags
633 MiB
Commit Graph

2743 Commits (8916bfabab863cd271a3464445a47845714675bb)

Author SHA1 Message Date
WanLinghao 0bab5ee5ad Currently the root-ca-cert-publisher was shadowed by BoundServiceAccountTokenVolume feature gate. 
But its corresponding bootstrap RBAC policy was shadowed by TokenRequest feature gate.
This patch fix it.
 2018-11-27 11:44:35 +08:00
k8s-ci-robot ca696fef26
Merge pull request #69848 from mikedanese/projadmission 
migrate service account volume to a projected volume when BoundServiceAccountTokenVolumes are enabled
 2018-11-16 22:46:23 -08:00
Mike Danese 1244ee6651 migrate service account volume to a projected volume 
When BoundServiceAccountTokenVolume feature is enabled.
 2018-11-16 19:32:44 +00:00
Jordan Liggitt 733dd9dfd7 Add tests to ensure feature gate changes don't escape kubelet/scheduler packages 2018-11-16 10:52:53 -05:00
Jordan Liggitt de8bf9b63d fix scheduler and kubelet unit tests leaking feature flag changes 2018-11-16 10:52:53 -05:00
Jordan Liggitt 248d661327 Add tests to ensure storage feature gate changes don't escape packages 2018-11-16 10:52:53 -05:00
Jordan Liggitt 358c092abe fix storage unit tests leaking feature flag changes 2018-11-16 10:52:52 -05:00
Michelle Au fd64c08240 Fix storage feature gate test setting 2018-11-16 10:49:40 -05:00
k8s-ci-robot 1a54fd4319
Merge pull request #71021 from liggitt/node-self-deletion 
Remove self-deletion permissions from kubelets
 2018-11-16 01:53:31 -08:00
Jordan Liggitt 8d7cc39031 Remove self-deletion permissions from kubelets 2018-11-14 00:42:06 -05:00
Jordan Liggitt 9fb2dcad5e Limit kubelets from updating their own labels 2018-11-13 23:48:47 -05:00
k8s-ci-robot 94c5953904
Merge pull request #70699 from liggitt/controllerrevisions 
Include read access to controllerrevisions for admin/edit/view roles
 2018-11-11 21:17:39 -08:00
Davanum Srinivas 954996e231
Move from glog to klog 
- Move from the old github.com/golang/glog to k8s.io/klog
- klog as explicit InitFlags() so we add them as necessary
- we update the other repositories that we vendor that made a similar
change from glog to klog
  * github.com/kubernetes/repo-infra
  * k8s.io/gengo/
  * k8s.io/kube-openapi/
  * github.com/google/cadvisor
- Entirely remove all references to glog
- Fix some tests by explicit InitFlags in their init() methods

Change-Id: I92db545ff36fcec83afe98f550c9e630098b3135
 2018-11-10 07:50:31 -05:00
k8s-ci-robot e133ab274d
Merge pull request #70515 from davidz627/feature/csiNodeInfo 
Add explicit "Installed" field to CSINodeInfo and change update semantics
 2018-11-09 06:42:09 -08:00
David Zhu 4621887037 Updated test files with new fields 2018-11-08 19:45:01 -08:00
k8s-ci-robot f212b9db23
Merge pull request #70598 from dims/switch-from-sigs.k8s.io/yaml-to-ghodss/yaml 
Switch to sigs.k8s.io/yaml from ghodss/yaml
 2018-11-08 10:57:36 -08:00
k8s-ci-robot 3f5db92840
Merge pull request #68812 from WanLinghao/token_projection_ca_secret_create 
Create Ca-certificate configmap  used by token projected volume
 2018-11-08 10:57:25 -08:00
WanLinghao efac533f92 To inject ca.crt into container when projected volume was specified, configmap should be created in each namespace. 
This patch add a controller called "root-ca-cert-publisher" to complete above job as well as some bootstrap rbac policies.
 2018-11-08 11:33:47 +08:00
Davanum Srinivas 43f523d405
Switch to sigs.k8s.io/yaml from ghodss/yaml 
Change-Id: Ic72b5131bf441d159012d67a6a3d87088d0e6d31
 2018-11-07 13:17:32 -05:00
k8s-ci-robot 7e097cf243
Merge pull request #70355 from yue9944882/flake/fixes-improper-test-gc-admission 
Fixes unnecessary legacy scheme dry import for gc admission test regression
 2018-11-07 09:06:08 -08:00
Jordan Liggitt 001627000f Include read access to controllerrevisions for admin/edit/view roles 2018-11-06 10:23:39 -05:00
Jordan Liggitt 360a890c58 serviceaccount subproject approvers/reviewers 2018-11-06 00:57:39 -05:00
Jordan Liggitt 35178d352d auth policy subproject approvers/reviewers 2018-11-06 00:57:39 -05:00
Jordan Liggitt 4cbdc98df3 node-isolation approvers/reviewers 2018-11-06 00:57:39 -05:00
Jordan Liggitt 9ae79f9653 authorizers subproject approvers/reviewers 2018-11-06 00:57:38 -05:00
Jordan Liggitt 4fa2a0cc8a authenticators subproject approvers/reviewers 2018-11-06 00:57:38 -05:00
zuoxiu.jm 965448ff83 fixes unnecessary dry import for test regression 2018-11-03 11:41:59 +08:00
k8s-ci-robot 4351cea80c
Merge pull request #70046 from cheftako/lintCleanGce 
Fixed lint errors for pkg/cloudprovider/providers/gce.
 2018-11-01 13:44:06 -07:00
k8s-ci-robot bf5c862889
Merge pull request #70389 from caesarxuchao/gc-admission-cluster-scoped-owner 
make gc admission set attribute namespace correctly for owners
 2018-10-31 14:48:07 -07:00
Chao Xu db3c84a97c make gc admission set attribute namespace correctly for owners 2018-10-29 15:00:11 -07:00
walter 735ad9ed63 Fixed lint errors for pkg/cloudprovider/providers/gce. 
Fixed minor issues.
Cleaned up from merge errors.
 2018-10-29 11:52:24 -07:00
Samuel Davidson 3558f83957 Revert "Improve multi-authorizer errors" 
This reverts commit 1c012f1c49.
 2018-10-29 11:05:45 -07:00
Kim Min 79599ac419 Prune internal clientset/informer from kubeapiserver admission initializer (#70167) 
* externalize pv resize admission controller

* externalize podtolerationrestriction admission controller

* externalize podnodeselector admission controller

* remove internal clientset/informer from kubeapiserver admission initializer

* minor change: fixes scheduler integration test compiliation
 2018-10-24 14:47:16 -07:00
zuoxiu.jm e3b61ea9cf switch informer in token authn 2018-10-24 15:46:55 +08:00
k8s-ci-robot 753dfbe8fd
Merge pull request #69685 from yue9944882/externalize-psp-admission-controller 
Externalize PSP admission controller
 2018-10-23 12:29:38 -07:00
yue9944882 e2c61169b1 externalize psp admission controller 2018-10-24 00:22:07 +08:00
Mike Danese e5227216c0 rebase authenticators onto new interface. 2018-10-22 10:16:59 -07:00
Slava Semushin 14c969b604 Remove myself from OWNERS files. 2018-10-16 22:47:44 +01:00
k8s-ci-robot a1d1385f40
Merge pull request #66854 from k82cn/k8s_66853 
Set PriorityClassName when there's a default PirorityClass.
 2018-10-13 01:33:02 -07:00
tanshanshan b7c7966b9f Move pkg/scheduler/algorithm/well_known_labels.go out 2018-10-13 09:10:00 +08:00
k8s-ci-robot 53e85280f4
Merge pull request #69714 from ericchiang/owners 
Remove ericchiang from OWNERS files
 2018-10-12 16:01:52 -07:00
k8s-ci-robot e23a3af013
Merge pull request #67802 from krmayankk/dockershimtests 
Implement RunAsGroup Strategy in PSP
 2018-10-12 11:19:39 -07:00
k8s-ci-robot b3033a7278
Merge pull request #67934 from tanshanshan/typo828 
fix spelling mistakes
 2018-10-11 18:26:24 -07:00
Eric Chiang 766f5875bf Remove ericchiang from OWNERS files 
Kept myself in the OpenID Connect ones for now.
 2018-10-11 18:11:15 -07:00
Mayank Kumar bc3e3afc46 api changes for psp runasgroup policy 2018-10-09 17:32:09 -07:00
k8s-ci-robot 0f17e9ade6
Merge pull request #69386 from cblecker/go-1.11 
Update to go1.11.1
 2018-10-05 17:35:51 -07:00
Christoph Blecker 563734faf7
fix vet error in plugin/pkg/admission/storage/persistentvolume/label/admission.go 
plugin/pkg/admission/storage/persistentvolume/label/admission.go:173: Verbose.Info call has possible formatting directive %v
 2018-10-05 15:54:23 -07:00
Christoph Blecker 97b2992dc1
Update gofmt for go1.11 2018-10-05 12:59:38 -07:00
Walter Fender f3f46d5f5a Moving the cloudprovider interface to staging. 
Individual implementations are not yet being moved.
Fixed all dependencies which call the interface.
Fixed golint exceptions to reflect the move.
Added project info as per @dims and
https://github.com/kubernetes/kubernetes-template-project.
Added dims to the security contacts.
Fixed minor issues.
Added missing template files.
Copied ControllerClientBuilder interface to cp.
This allows us to break the only dependency on K8s/K8s.
Added TODO to ControllerClientBuilder.
Fixed GoDeps.
Factored in feedback from JustinSB.
 2018-10-04 14:41:20 -07:00
k8s-ci-robot f14271b27d
Merge pull request #69133 from yue9944882/refactor/externalize-namespace-admission-controller 
Externalize namespace admission controller
 2018-10-03 04:43:49 -07:00