Import the upstream codebase #9
Merged
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Add an mkdocs site and the associated CI.
Add the Module API
Adds a NodeReconciler that reconciles Modules that apply to modified Nodes. Get rid of KernelDaemonSetsMap in the Module API. Instead, Module maintains its ownership of the DaemonSets through the oot.node.kubernetes.io/module.name label. Add a new e2e workflow with two nodes that involves labeling and unlabeling the second node to verify that the module gets loaded and unloaded as expected.
* Add a reconciler that deletes DaemonSets targeting zero nodes.
Build container images once and use them in the e2e jobs.
Mount /lib/modules and /usr/lib/modules in the DriverContainer.
Make it possible to add additional volumes to the pod. Append volume mounts to those defined in the module instead of replacing them. Co-authored-by: Michail Resvanis <resbanis@gmail.com>
Use the Apache 2 license.
Monitor Go, Docker and GitHub Actions dependencies.
This PR includes: 1) adding VerifyModuleExistsForKernel function, that verifies presence of a file (full path) in a v1.Layer (layer of container image) 2) removing ExtractToolkitRelease funtion: no longer used by the preflight code, replaced by the VerifyModuleExistsForKernel 3) add unit-test 4) add test infrastructure to create a dummy v1.Layer
.gitignore contained manager, which made git ignore any directory named manager in the repository, including a controller-runtime package.
…netes-sigs#139) Bumps [github.com/prometheus/client_golang](https://github.com/prometheus/client_golang) from 1.12.2 to 1.13.0. - [Release notes](https://github.com/prometheus/client_golang/releases) - [Changelog](https://github.com/prometheus/client_golang/blob/main/CHANGELOG.md) - [Commits](prometheus/client_golang@v1.12.2...v1.13.0) --- updated-dependencies: - dependency-name: github.com/prometheus/client_golang dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Rename CI scripts to use hyphens. Use more bash options.
Craft the modprobe command using properties from the CR. Rename the CRD group from oot to kmm. Rename some labels from oot to kmm.
Bumps [k8s.io/kubectl](https://github.com/kubernetes/kubectl) from 0.24.3 to 0.24.4. - [Release notes](https://github.com/kubernetes/kubectl/releases) - [Commits](kubernetes/kubectl@v0.24.3...v0.24.4) --- updated-dependencies: - dependency-name: k8s.io/kubectl dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Use the highest standard priority class.
…#148) 1) Change the DriverContainer to ModuleLoader in the module API and in the code 2) change the docs to refer to module-loaders instead of driver-container MGMT-11718
Preflight package implements should implement all preflight functionality per one Module. Current commit will only implement image verification: image presence and correct kernel version MGMT-11438
kubernetes-sigs#150) * Fix kustomization for nodeSelector removal * Adds NodeAffinity for both node role keys master and control-plane
1) fixing yaml annotations 2) fixing comments 3) fixing CI templates 4) fixing unit-test variables namings
To be able to load a module, more privileges are required. This change sets the SELinux type of the pod to `spc_t` and the user to `root`. It also explicitely disable privilege escalation. This has been tested with a pod ServiceAccount that can use the `privileged` SCC. Reference: [Introducing a Super Privileged Container Concept](https://developers.redhat.com/blog/2014/11/06/introducing-a-super-privileged-container-concept) Signed-off-by: Fabien Dupont <fdupont@redhat.com>
Drop the KERNEL_LABELING_METHOD environment variable that made it possible to rely on NFD for kernel labeling.
This PR implements the preflight controller logic and filtering 1) add filter function for getting preflights on modules change 2) add controller implementation 3) unit-test
Import commits from https://github.com/qbarrand/oot-operator.
k8s-ci-robot
removed
the
do-not-merge/invalid-commit-message
qbarrand
changed the title
Contributor
Author
|
/unhold |
k8s-ci-robot
removed
the
do-not-merge/hold
Contributor
|
/lgtm |
k8s-ci-robot
added
the
lgtm
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
7 participants
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Change all references from OOT(O) to KMM(O).