Automatic merge from submit-queue (batch tested with PRs 57824, 58806, 59410, 59280). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Ability to run an external binary instead of hyperkube cloud-controller-manager
**What this PR does / why we need it**:
Since we want folks to test their own binaries, let's allow
a way for them them to specify a custom binary.
**Which issue(s) this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close the issue(s) when PR gets merged)*:
Fixes #
**Special notes for your reviewer**:
**Release note**:
```release-note
NONE
```
Automatic merge from submit-queue (batch tested with PRs 57824, 58806, 59410, 59280). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
2nd try at using a vanity GCR name
The 2nd commit here is the changes relative to the reverted PR. Please focus review attention on that.
This is the 2nd attempt. The previous try (#57573) was reverted while we
figured out the regional mirrors (oops).
New plan: k8s.gcr.io is a read-only facade that auto-detects your source
region (us, eu, or asia for now) and pulls from the closest. To publish
an image, push k8s-staging.gcr.io and it will be synced to the regionals
automatically (similar to today). For now the staging is an alias to
gcr.io/google_containers (the legacy URL).
When we move off of google-owned projects (working on it), then we just
do a one-time sync, and change the google-internal config, and nobody
outside should notice.
We can, in parallel, change the auto-sync into a manual sync - send a PR
to "promote" something from staging, and a bot activates it. Nice and
visible, easy to keep track of.
xref https://github.com/kubernetes/release/issues/281
TL;DR:
* The new `staging-k8s.gcr.io` is where we push images. It is literally an alias to `gcr.io/google_containers` (the existing repo) and is hosted in the US.
* The contents of `staging-k8s.gcr.io` are automatically synced to `{asia,eu,us)-k8s.gcr.io`.
* The new `k8s.gcr.io` will be a read-only alias to whichever regional repo is closest to you.
* In the future, images will be promoted from `staging` to regional "prod" more explicitly and auditably.
```release-note
Use "k8s.gcr.io" for pulling container images rather than "gcr.io/google_containers". Images are already synced, so this should not impact anyone materially.
Documentation and tools should all convert to the new name. Users should take note of this in case they see this new name in the system.
```
This is the 2nd attempt. The previous was reverted while we figured out
the regional mirrors (oops).
New plan: k8s.gcr.io is a read-only facade that auto-detects your source
region (us, eu, or asia for now) and pulls from the closest. To publish
an image, push k8s-staging.gcr.io and it will be synced to the regionals
automatically (similar to today). For now the staging is an alias to
gcr.io/google_containers (the legacy URL).
When we move off of google-owned projects (working on it), then we just
do a one-time sync, and change the google-internal config, and nobody
outside should notice.
We can, in parallel, change the auto-sync into a manual sync - send a PR
to "promote" something from staging, and a bot activates it. Nice and
visible, easy to keep track of.
experimental-keystone-url and experimental-keystone-ca-file were always
experimental. So we don't need a deprecation period.
KeystoneAuthenticator was on the server side and needed userid/password
to be passed in and used that to authenticate with Keystone. We now
have authentication and authorization web hooks that can be used. There
is a external repo with a webook for keystone which works fine along
with the kubectl auth provider that was added in:
a0cebcb559
So we don't need this older style / hard coded / experimental code
anymore.
Automatic merge from submit-queue. If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Move workload registries to apps package
xref #43214
Starts the process of moving internal types to the apps packages for apps types
```release-note
NONE
```
Automatic merge from submit-queue (batch tested with PRs 59276, 51042, 58973, 59377, 59472). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Update Container Runtime Interface to use enumerated namespace modes
**What this PR does / why we need it**: This updates the CRI as described in the [Shared PID Namespace](https://github.com/kubernetes/community/blob/master/contributors/design-proposals/node/pod-pid-namespace.md#container-runtime-interface-changes) proposal. This change to the alpha API is not backwards compatible: implementations of the CRI will need to update to the new API version.
**Which issue(s) this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close the issue(s) when PR gets merged)*:
WIP #1615
**Special notes for your reviewer**:
/assign @yujuhong
**Release note**:
```release-note
[action-required] The Container Runtime Interface (CRI) version has increased from v1alpha1 to v1alpha2. Runtimes implementing the CRI will need to update to the new version, which configures container namespaces using an enumeration rather than booleans.
```
Automatic merge from submit-queue. If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
remove mapper dependency for cmdutil.Factory#PrintSuccess
**Release note**:
```release-note
NONE
```
Part of a series of patches removing printing stack dependency on mappings the rest mapper
**Before**
```
$ kubectl label pod/my-pod label=label
pod "my-pod" labeled
```
**After**
```
$ kubectl label pod/my-pod label=label
pods "my-pod" labeled
```
cc @deads2k
This also incorporates the version string into the package name so
that incompatibile versions will fail to connect.
Arbitrary choices:
- The proto3 package name is runtime.v1alpha2. The proto compiler
normally translates this to a go package of "runtime_v1alpha2", but
I renamed it to "v1alpha2" for consistency with existing packages.
- kubelet/apis/cri is used as "internalapi". I left it alone and put the
public "runtimeapi" in kubelet/apis/cri/runtime.
Automatic merge from submit-queue (batch tested with PRs 59441, 58264, 59287, 59396, 59439). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Better timeout in slower virtual machines
**What this PR does / why we need it**:
60 seconds seems to work better in slower boxes
**Which issue(s) this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close the issue(s) when PR gets merged)*:
Fixes #
**Special notes for your reviewer**:
**Release note**:
```release-note
```
Automatic merge from submit-queue (batch tested with PRs 51323, 59306, 58991, 59050). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
fix apply --force w/ invalid resource
Fixes https://github.com/kubernetes/kubernetes/issues/58984
- First commit: Fixes cases where `--force` is provided with `kubectl apply`, with an object that is BOTH invalid and will cause a conflict error
- Second commit: Fixes cases where `--force` is provided with `kubectl apply`, with an invalid object
Justification for the first commit here: https://bugzilla.redhat.com/show_bug.cgi?id=1539529#c3
**Release note**:
```release-note
NONE
```
cc @ironcladlou
Automatic merge from submit-queue (batch tested with PRs 55986, 59375, 59334, 59348, 58027). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
add ${KUBE-ROOT} for file directory
**What this PR does / why we need it**:
If we using following command
```shell
cd hack
./test-update-storage-objects.sh
```
it would throw err about unable find file `examples\persistent-volume-provisioning\rbd\rbd-storage-class.yaml`.
I think we should add `${KUBE-ROOT} `for file directory, so that we can run command in relative directory.
**Which issue(s) this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close the issue(s) when PR gets merged)*:
Fixes #
**Special notes for your reviewer**:
**Release note**:
```release-note
NONE
```
Automatic merge from submit-queue (batch tested with PRs 55986, 59375, 59334, 59348, 58027). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Create OWNERS files for remaining subdirs of kubernetes/
**What this PR does / why we need it**:
This adds OWNERS files for the remaining subdirs of kubernetes/
**Which issue(s) this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close the issue(s) when PR gets merged)*:
Fixes#44420
**Special notes for your reviewer**:
- translations: the kubectl specific translations are being handled by sig-cli, but the rest of the files like README and test have been handled and approved mostly by @brendandburns.
- third_party: this is a tricky mix of stuff like forked code.. mostly handled by the likes of @thockin, @lavalamp, or @smarterclayton for approvals.
- Godep/vendor: Right now @thockin mostly approves these as there are some tricky pieces around ensuring the licenses are compliant. For these, I've created a vendor-(reviewers|approvers) aliases, and associated those with both the Godeps and vendor folders. Right now @thockin is the only person in them, but that can easily expand in the future if there is a documented process on what to look for when approving dependency bumps.
**Release note**:
```release-note
NONE
```
/assign thockin
/cc fejta
Automatic merge from submit-queue (batch tested with PRs 59158, 38320, 59059, 55516, 59357). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Promote v1alpha1 meta to v1beta1
No code changes, just renames. We can discuss if there are any field / naming changes here or in a follow-up
Parent #58536Fixes#53224
Prereq to #55637
@kubernetes/sig-api-machinery-pr-reviews @deads2k
```release-note
The `meta.k8s.io/v1alpha1` objects for retrieving tabular responses from the server (`Table`) or fetching just the `ObjectMeta` for an object (as `PartialObjectMetadata`) are now beta as part of `meta.k8s.io/v1beta1`. Clients may request alternate representations of normal Kubernetes objects by passing an `Accept` header like `application/json;as=Table;g=meta.k8s.io;v=v1beta1` or `application/json;as=PartialObjectMetadata;g=meta.k8s.io;v1=v1beta1`. Older servers will ignore this representation or return an error if it is not available. Clients may request fallback to the normal object by adding a non-qualified mime-type to their `Accept` header like `application/json` - the server will then respond with either the alternate representation if it is supported or the fallback mime-type which is the normal object response.
```
Automatic merge from submit-queue (batch tested with PRs 57683, 59116, 58728, 59140, 58976). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Use node-e2e framework for testing cadvisor
**What this PR does / why we need it**:
With cadvisor checked out in your gopath, we can now run cadvisor integration tests: `make test-e2e-node TEST_SUITE=cadvisor`.
This has a number of advantages:
* we can use the same images to test both, configured the same way.
* we will now get cadvisor logs from the integration test.
* we can now use the familiar node-e2e arguments to specify images to test with cadvisor
* no more managing snowflake VMs for cadvisor.
**Special notes for your reviewer**:
cadvisor doesnt currently produce junit* files, so I removed that as a requirement.
This wont actually work until https://github.com/google/cadvisor/pull/1868 is merged as well.
Related issue:
https://github.com/kubernetes/test-infra/issues/190
**Release note**:
```release-note
NONE
```
/assign @Random-Liu
/sig node
/priority important-soon
/kind cleanup
Automatic merge from submit-queue (batch tested with PRs 59106, 58985, 59068, 59120, 59126). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
remove alpha when running cloud-controller-manager with hyperkube
**What this PR does / why we need it**:
We used to use `hyperkube alpha cloud-controller-manager` to run ccm. The alpha was dropped from the command in e48847e6ce (diff-dfaeb837c577bcd60dd9105c43427a35R118)
**Which issue(s) this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close the issue(s) when PR gets merged)*:
Fixes #
**Special notes for your reviewer**:
**Release note**:
```release-note
NONE
```
Automatic merge from submit-queue. If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Only run verify-staging-godeps if staging/godeps are touched
**What this PR does / why we need it**:
I had a lightbulb moment. On presubmit, we only verify godeps if one of the following is changed:
- The godep scripts
- The Godeps/ dir
- The vendor/ dir
The same should apply to verifying the staging godeps, adding in the staging dir itself. The logic being, if we don't touch Godeps/vendor, we don't touch the script that generates stuff, and we don't make changes to the staging dir itself (like adding/removing imports), then we don't need to verify godeps.
Note that post-submit CI jobs will still check these, as I'm copying the same logic that's in verify-godeps
This seems too easy, so *please* point out if I'm missing something.
**Release note**:
```release-note
NONE
```
Automatic merge from submit-queue. If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Fix installation and use of vendored godep
**What this PR does / why we need it**:
Fixes the installation of the vendored godep to ensure that the binary ends up in the path when it's done.
**Which issue(s) this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close the issue(s) when PR gets merged)*:
Fixes#58975
**Special notes for your reviewer**:
It looks like this broke in https://github.com/kubernetes/kubernetes/pull/51766, but didn't matter because our pinned version was the same as the latest version (so we didn't notice). This fixes it in my local env -- hopefully it will in CI too.
**Release note**:
```release-note
NONE
```
Automatic merge from submit-queue. If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
kube-apiserver flag --admision-control is deprecated, use the new --e…
…nable-admission-plugins
**What this PR does / why we need it**:
1. As #58123 mark kube-apiserver flag `admission-control` deprecated, replace it in some places.
**Which issue(s) this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close the issue(s) when PR gets merged)*:
Fixes #
**Special notes for your reviewer**:
**Release note**:
```release-note
NONE
```
/assign @liggitt @deads2k @sttts
Automatic merge from submit-queue (batch tested with PRs 57322, 57723, 58706, 59004, 58857). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Make the pause image a manifest list
**What this PR does / why we need it**:
Build and push manifest for kubernetes images
**Which issue(s) this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close the issue(s) when PR gets merged)*:
Fixes https://github.com/kubernetes/kubernetes/issues/57869
**Special notes for your reviewer**:
**Release note**:
```
NONE
```
Automatic merge from submit-queue (batch tested with PRs 58955, 58968, 58971, 58963, 58298). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
remove --tls-ca-file which had no effect
The flag has had no effect since we started configuring loopback based on the direct cert. I've marked it deprecated this release so we don't break launch scripts right away, but its coming. I think we should remove it in 1.11.
```release-note-action-required
kube-apiserver flag --tls-ca-file has had no effect for some time. It is now deprecated and slated for removal in 1.11. If you are specifying this flag, you must remove it from your launch config before ugprading to 1.11.
```
Automatic merge from submit-queue (batch tested with PRs 56995, 58498, 57426, 58902, 58863). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
kubelet: remove the rktshim directory
This package contains only placeholders without actual implementation.
Since it is not currently under active development, remove it to avoid
unnecessary change needed whenever the interface is changed.
This package contains only placeholders without actual implementation.
Since it is not currently under active development, remove it to avoid
unnecessary change needed whenever the interface is changed.
Automatic merge from submit-queue (batch tested with PRs 58783, 58800, 58846). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Produce junit results for verify job
**What this PR does / why we need it**:
Junit results may make the verify job clearer, and give us better insights into timings
**Release note**:
```release-note
NONE
```
Automatic merge from submit-queue. If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Add binary configmap
Reviving code from https://github.com/kubernetes/kubernetes/pull/33549 submitted by @zreigz
**What this PR does / why we need it**:
Add support for binary files in ConfigMap
**Which issue(s) this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close the issue(s) when PR gets merged)*:
Fixes#32432
**Special notes for your reviewer**:
**Release note**:
```release-note
ConfigMap objects now support binary data via a new `binaryData` field. When using `kubectl create configmap --from-file`, files containing non-UTF8 data will be placed in this new field in order to preserve the non-UTF8 data. Use of this feature requires 1.10+ apiserver and kubelets.
```
Automatic merge from submit-queue (batch tested with PRs 58518, 58771, 58101, 56829). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Increase KUBE_PARALLEL_BUILD_MEMORY to 40G.
**What this PR does / why we need it**:
Memory requirements for parallel builds has grown significantly. Keep the pace with an increase in `KUBE_PARALLEL_BUILD_MEMORY`.
cc @javier-b-perez
Automatic merge from submit-queue. If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Move multizone e2e to e2e/scheduling from e2e/multicluster
afaik these tests should be the responsibility of @kubernetes/sig-scheduling-pr-reviews instead of @kubernetes/sig-multicluster-pr-reviews.
```release-note
NONE
```
Automatic merge from submit-queue. If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Fix kubectl explain for cronjobs
**What this PR does / why we need it**:
`kubectl explain cronjob` was failing with `error: Couldn't find resource for "batch/v1, Kind=CronJob"` the reason for that is that even though we were getting the group and version from the mapper, we always rewrote it with the default value for a specific group, unless user specified the output version.
**Special notes for your reviewer**:
**Release note**:
```release-note
Fix kubectl explain for resources not existing in default version of API group
```
for review:
/assign @juanvallejo
for approval:
/assign @deads2k
Automatic merge from submit-queue (batch tested with PRs 58539, 58685). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Force use of Makefile for update
**What this PR does / why we need it**:
This forces the use of `make update` instead of `hack/update-all.sh`. The main reason for this is ensuring that `make generated_files` runs first, as the files it generates are used in some of the other update scripts. I've seen this a couple times bite contributors where they just haven't regenerated the code yet, so the update-all scripts don't fully do their job.
**Release note**:
```release-note
NONE
```
Automatic merge from submit-queue. If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
dockershim: remove the use of kubelet's internal API
We let dockershim implement the kubelet's internal (CRI) API as an
intermediary step before transitioning fully to communicate using gRPC.
Now that kubelet has been communicating to the runtime over gRPC for
multiple releases, we can safely retire the extra interface in
dockershim.
This PR also moves the legacy functions to a separate file and clean up
the interfaces.
Automatic merge from submit-queue (batch tested with PRs 58300, 58530, 57942, 58543). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
fix provider-id bad param in local-up-cluster
**What this PR does / why we need it**:
mea culpa .. provider-id should be in kubelet not controller manager
**Which issue(s) this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close the issue(s) when PR gets merged)*:
Fixes #
**Special notes for your reviewer**:
**Release note**:
```release-note
NONE
```
Automatic merge from submit-queue. If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Add liggitt to hack approvers
* Authored ~60 commits involving this folder
* Already an approver on things with components in hack (CLI tests, apiserver changes requiring local-up-cluster changes, fixtures and testdata, etc)
```release-note
NONE
```
See the following commit for more information about the
--external-cloud-volume-plugin flag:
070a7b5823
We need this flag for EXTERNAL_CLOUD_PROVIDER flag to work properly with
volume plugins
Also add --provider-id defaulting to hostname as we seem to pick
up the ip address otherwise causing problem with looking up the
node in the cloud provider
Automatic merge from submit-queue (batch tested with PRs 58375, 58306, 58386, 57420, 58035). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
add semver metadata regex
**What this PR does / why we need it**: When building a release tag with optional semver metadata, the minor and major versions are not parsed correctly (empty strings). This fix adds optional support to the regex for the metadata component.
example:
```
~/w/g/s/k/kubernetes ❯❯❯ git tag v1.9.0+stable.0 fixes/semver_metadata ✭
~/w/g/s/k/kubernetes ❯❯❯ hack/print-workspace-status.sh fixes/semver_metadata ✭
STABLE_BUILD_GIT_COMMIT 63e2eacd22
STABLE_BUILD_SCM_STATUS clean
STABLE_BUILD_SCM_REVISION v1.9.0+stable.0
STABLE_BUILD_MAJOR_VERSION 1
STABLE_BUILD_MINOR_VERSION 9
STABLE_DOCKER_TAG v1.9.0_stable.0
gitCommit 63e2eacd22
gitTreeState clean
gitVersion v1.9.0+stable.0
gitMajor 1
gitMinor 9
buildDate 2017-12-19T21:08:48Z
```
**Which issue(s) this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close the issue(s) when PR gets merged)*:
**Special notes for your reviewer**:
**Release note**:
```release-note
NONE
```
Automatic merge from submit-queue. If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Fix update-swagger-spec.sh to always cleanup etcd
**What this PR does / why we need it**:
This PR fixes `hack/update-swagger-spec.sh` so it always cleanup etcd and to noe leave orphaned process after its execution. This process also doesn't allow to run the script again as it detects existing etcd and won't start.
I also made a minor improvement by adding guard against an empty arguments.
**Release note**:
```release-note
NONE
```
CC @simo5
Prior this change, etcd wasn't cleaned up on my machine that lead to
orphaned etcd process after the update-swagger-spec.sh failed.
This change also adds additional improvements:
- don't kill/wait/rm when argument is empty.
- use kube::util::trap_add.
Automatic merge from submit-queue (batch tested with PRs 58008, 58351). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
update-swagger-spec.sh: when API server fails to start, show the last lines of logs
**What this PR does / why we need it**:
When API server fails to start there is no easy way to know why. You have to read the script where you will find that there is a log file that could have some useful info. This PR simplifies debugging:
1) it includes the path to the log file in the error message
2) it also shows the last 10 lines from this log
Before this change:
```
+++ [0116 19:33:49] Starting kube-apiserver
!!! [0116 19:34:19] Timed out waiting for apiserver: to answer at 127.0.0.1:8050/healthz; tried 30 waiting 1 between each
!!! Error in ./hack/update-swagger-spec.sh:42
Error in ./hack/update-swagger-spec.sh:42. 'return 1' exited with status 1
Call stack:
1: ./hack/update-swagger-spec.sh:42 main(...)
Exiting with status 1
+++ [0116 19:34:19] Clean up complete
```
After this change:
```
+++ [0116 19:42:41] Starting kube-apiserver
!!! [0116 19:42:51] Timed out waiting for apiserver: to answer at 127.0.0.1:8050/healthz; tried 30 waiting 1 between each
!!! [0116 19:42:51] Here are the last 10 lines from kube-apiserver (/tmp/swagger-api-server.log)
!!! [0116 19:42:51] === BEGIN OF LOG ===
I0116 19:42:41.689355 30809 server.go:122] Version: v1.10.0-alpha.1.877+a02cb7c1f7d0d6-dirty
I0116 19:42:41.942601 30809 serving.go:295] Generated self-signed cert (/tmp/update-swagger-spec.2Udp/certs/apiserver.crt, /tmp/update-swagger-spec.2Udp/certs/apiserver.key)
I0116 19:42:41.942611 30809 server.go:647] external host was not specified, using 10.10.10.10
W0116 19:42:41.942618 30809 authentication.go:378] AnonymousAuth is not allowed with the AllowAll authorizer. Resetting AnonymousAuth to false. You should use a different authorizer
error in initializing storage factory: group version podsecuritypolicy.admission.k8s.io/v1beta1 that has not been registered
!!! [0116 19:42:51] === END OF LOG ===
+++ [0116 19:42:51] Clean up complete
```
**Release note**:
```release-note
NONE
```
PTAL @cblecker @sttts
CC @simo5
Automatic merge from submit-queue. If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Install gazelle from bazelbuild/bazel-gazelle instead of rules_go
**What this PR does / why we need it**: downloads gazelle from its new home; it's being removed from `bazelbuild/rules_go`. It also removes @spiffxp's workaround from a few weeks ago.
**Special notes for your reviewer**: these should really be vendored (https://github.com/kubernetes/kubernetes/pull/57600), but this prevents us from running into issues in the meantime.
**Release note**:
```release-note
NONE
```
/approve no-issue
/assign @BenTheElder
Automatic merge from submit-queue (batch tested with PRs 58207, 58258). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Use sort -V to compare golang versions
Change hack/lib/golang.sh to compare golang
version properly with "sort -s -t. -k 1,1 -k 2,2n -k 3,3n",
which sorts key by key and not as strings.
**What this PR does / why we need it**:
trivial fix: hack/lib/golang.sh compare versions like strings, 1.10 is greater than 1.9 as a version but not as a string. Use "sort -s -t. -k 1,1 -k 2,2n -k 3,3n" to compare properly.
**Which issue(s) this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close the issue(s) when PR gets merged)*:
Fixes #
**Special notes for your reviewer**:
**Release note**:
```release-note
NONE
```
Jiaying Zhang