[WIP] k8s 1.25.0-rc.1 #1348
Closed
[WIP] k8s 1.25.0-rc.1 #1348
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Add unit tests for registry/admissionregistration/validatingwebhookconfiguration
kubelet tracing instrumentation
…sruption Add worker to clean up stale DisruptionTarget condition
…-test Promote NamespaceStatus endpoints test +3 Endpoints
…a2-deprecated Deprecate kubescheduler ComponentConfig v1beta2
update smd to 4.2.3
ginkgo: disable color escape sequences by default when not connected to a terminal
KEP-3327: Add CPUManager policy option to align CPUs by Socket instead of by NUMA node
Upgrade CSIMigrationGCE feature gate to GA
Enable 'running_managed_controllers' for KCM/CCM controllers: routes, services and cloud-node
…nges Update CRI API to support Evented PLEG
…ges for kubelet client and serving certificates Signed-off-by: Paco Xu <paco.xu@daocloud.io>
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
It is used to request that a pod runs in a unique user namespace. Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com> Signed-off-by: Rodrigo Campos <rodrigoca@microsoft.com> Co-authored-by: Rodrigo Campos <rodrigoca@microsoft.com>
Move e2e test from alpha with feature promoted to beta
…ment Allow retroactive storage class assigment to PVCs
KEP: /enhancements/keps/sig-node/1287-in-place-update-pod-resources
Promote CronJobTimeZone to beta
Change-Id: I3be351fb3b53216948a37b1d58224f8fbbf22b47
…uceeded Fix JobTrackingWithFinalizers when a pod succeeds after the job fails
…ional modify the signing/approving controller to tolerate either set of usages for kubelet client and serving certificates
…time to unmount UPSTREAM: <carry>: Fix sync of PV deletion in PV controller Always queue PV deletion events immediately, without any wait. It does not affect dynamic de-provisioning / deletion of volumes, it's done on PVC deletion. This de-flakes unit tests, which expect that PV deletion is processed without waiting too much. This updates carry patch b24f93e. It still waits for 21 seconds after *PVC* deletion! UPSTREAM: <carry>: delay queuing deletion for PV to allow nodes some time to unmount openshift-rebase(v1.24):source=c5fd3449734
…etup openshift-rebase(v1.24):source=ce8d63d76a0
openshift-rebase(v1.24):source=ab75ff1a507
…tioning is disabled Signed-off-by: Artyom Lukianov <alukiano@redhat.com> openshift-rebase(v1.24):source=aa8752060b0
openshift-rebase(v1.24):source=d7b268fffba
…d to CSI Skip test that depend on in-tree Azure Disk volume plugin that (wrongly) uses failure domains for value of "topology.kubernetes.io/zone" label in Azure regions that don't have availability zones. Our e2e tests blindly use that label and expect that a volume provisioned in such a "zone" can be used only by nodes in that "zone" (= topology domain). This is false, Azure Disk CSI driver can use such a volume in any zone and therefore the test may randomly fail. See https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=2066865 openshift-rebase(v1.24):source=7871e95298a
In the tests, we oftentimes create pods directly by the administrative user and so their SCC-related privileges are being used to create the pods. The PSa label syncher however works by introspecting SAs in each namespace, and since the SAs in the direct pod creation use-cases don't have the SCC-related privileges, the labelsyncer evaluates these namespaces as "restricted" because only the "restricted-v2" SCC is ever assigned in the namespaces. This breaks tests where pods are created directly. openshift-rebase(v1.24):source=35dc012e1f5
…vice account token should be auto-generated
Remove reserved CPUs from default set when workload partitioning is enabled. Co-Authored-By: Brent Rowsell <browsell@redhat.com> Signed-off-by: Don Penney <dpenney@redhat.com>
…aren't causing problems when auto-attached by ginkgo
when we run verify-import-boss.sh it fails with the following error errors in package "k8s.io/kubernetes/cmd/kubeadm/app/phases/bootstraptoken/node": the following imports did not match any allowed prefix: gopkg.in/yaml.v3 k8s.io/kube-openapi/pkg/validation/spec note: this should be an upstream fix, not sure why we don't see this error in upstream, does upstream not run this job in verify? investigate and take proper action for this commit
…res lock to false
…space The main purpose of this change is to update the e2e Netpol tests to use the srandard CreateNamespace function from the Framework. Before this change, a custom Namespace creation function was used, with the following consequences: * Pod security admission settings had to be enforced locally (not using the centralized mechanism) * the custom function was brittle, not waiting for default Namespace ServiceAccount creation, causing tests to fail in some infrastructures * tests were not benefiting from standard framework capabilities: Namespace name generation, automatic Namespace deletion, etc. As part of this change, we also do the following: * clearly decouple responsibilities between the Model, which defines the K8s objects to be created, and the KubeManager, which has access to runtime information (actual Namespace names after their creation by the framework, Service IPs, etc.) * simplify / clean-up tests and remove as much unneeded logic / funtions as possible for easier long-term maintenance * remove the useFixedNamespaces compile-time constant switch, which aimed at re-using existing K8s resources across test cases. The reasons: a) it is currently broken as setting it to true causes most tests to panic on the master branch, b) it is not a good idea to have some switch like this which changes the behavior of the tests and is never exercised in CI, c) it cannot possibly work as different test cases have different Model requirements (e.g., the protocols list can differ) and hence different K8s resource requirements. For kubernetes#108298 Signed-off-by: Antonin Bas <abas@vmware.com>
…aMonitoring to beta"
|
/retest-required |
|
/retest-required |
|
@soltysh: The following tests failed, say
Full PR test history. Your PR dashboard. Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. I understand the commands that are listed here. |
openshift-merge-robot
added
the
needs-rebase
|
@soltysh: PR needs rebase. Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. |
|
Closing in favor of #1360. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Picks: https://docs.google.com/spreadsheets/d/10KYptJkDB1z8_RYCQVBYDjdTlRfyoXILMa0Fg8tnNlY/edit#gid=1852049954
Test tracker: https://docs.google.com/spreadsheets/d/1KuC8QAmQd2LiCMk0EVBxss97V0-UNtFM8vVEqPYWCqs/edit#gid=1312057609