github/sample-controller
4
0
Fork 0
mirror of https://github.com/kubernetes/sample-controller.git synced 2026-05-01 00:00:03 +08:00
Code Issues Packages Projects Releases Wiki Activity
1,910 Commits 29 Branches 1,497 Tags
123a12af7fc4d599c75e1bffd0a8ca30fda6e311
Commit Graph

984 Commits

Author SHA1 Message Date
Kubernetes Publisher 123a12af7f Merge pull request #138573 from dims/update-go-openapi-deps-rebase 
Update go-openapi dependencies (jsonpointer, jsonreference, swag)

Kubernetes-commit: e9b95827ebf963f7bab0a1a8ddd90e408858c892
 2026-04-26 03:46:36 +00:00
Kubernetes Publisher bc792f9f57 Merge pull request #138393 from humblec/bump-etcd-sdk-3.6.10 
etcd: bump etcd sdk to v3.6.10

Kubernetes-commit: e1cf06b9b41f3534fd1ce475a18ef20d46e8f876
 2026-04-25 15:53:56 +00:00
Humble Devassy Chirammal 16dc858d52 etcd: bump etcd sdk to v3.6.10 
Bump go.etcd.io/etcd/{api,client/pkg,client,pkg,server}/v3 from v3.6.8 to v3.6.10.
go.etcd.io/etcd/raft/v3 is intentionally left unchanged (separate release cadence).

Signed-off-by: Humble Devassy Chirammal <humble.devassy@gmail.com>

Kubernetes-commit: 15492a41ed637237cf1891ef140544f64197643d
 2026-04-25 09:08:49 +05:30
Davanum Srinivas 9523ba1a6a Update go-openapi dependencies (jsonpointer, jsonreference, swag) 
Bump go-openapi dependencies to latest versions:
- github.com/go-openapi/jsonpointer v0.21.0 → v0.22.4
- github.com/go-openapi/jsonreference v0.20.2 → v0.21.4
- github.com/go-openapi/swag v0.23.0 → v0.25.4

The new swag version has been restructured into a multi-module monorepo
with submodules (cmdutils, conv, fileutils, jsonname, jsonutils, loading,
mangling, netutils, stringutils, typeutils, yamlutils). As a result:
- mailru/easyjson and josharian/intern are no longer transitive deps
  and have been removed from vendor
- go-openapi/jsonpointer and go-openapi/swag no longer reference
  unwanted deps davecgh/go-spew, mailru/easyjson, or gopkg.in/yaml.v3
- Updated hack/unwanted-dependencies.json accordingly

Signed-off-by: Davanum Srinivas <davanum@gmail.com>

Kubernetes-commit: 693dc57f5753ce69f7d3f49f26bfefc9554e47e6
 2026-04-24 08:13:31 -04:00
Kubernetes Publisher 84e486356a Merge pull request #138562 from dims/update-cbor-dep 
Update github.com/fxamacker/cbor/v2 to v2.9.1

Kubernetes-commit: 6e4605d14e04ea9681b6dd6b5729c788e28e89b7
 2026-04-24 11:48:58 +00:00
Kubernetes Publisher b7ee5f3764 Merge pull request #138561 from dims/update-xnet-dep 
Update golang.org/x/net to v0.53.0

Kubernetes-commit: 1f22abeebcb4e1ecae2f3dbcf3f0cd747ecfb3d6
 2026-04-24 11:48:56 +00:00
Davanum Srinivas 1bcc1dadb4 Update github.com/fxamacker/cbor/v2 to v2.9.1 
Parser hardening for the kube-apiserver CBOR deserializer (PRs #750,
#753, #757): fixes tag-1 epoch float64 overflow into time.Time fields
(directly reachable via DecTagOptional decode path), RawMessage clone
defense, and keyasint type-confusion fixes.

Kubernetes-commit: dc29a934e460eb29130de6724787ca1b677e31e0
 2026-04-23 21:43:02 -04:00
Davanum Srinivas 856bc55680 Update golang.org/x/net to v0.53.0 
Fixes CVE-2026-33814 (golang/go#78476): HTTP/2 Transport hangs
indefinitely when a peer sends a SETTINGS frame with MaxFrameSize=0.
This is reachable from kube-apiserver's OIDC, admission webhook,
and aggregated API client paths.

Kubernetes-commit: 12a2470693d86f63f4614048ffdd43dc393dd7e0
 2026-04-23 21:36:05 -04:00
Kubernetes Publisher 0e704b8366 Merge pull request #138192 from skitt/otel-1.42 
Bump otel to 1.43.0 and contrib to 0.68.0

Kubernetes-commit: 5ed1fd971d594a3cda7f7e26cd037e8be37f520f
 2026-04-23 20:33:59 +00:00
Stephen Kitt 9d718c45a1 Bump otel to 1.43.0 and contrib to 0.68.0 
See
https://github.com/open-telemetry/opentelemetry-go/releases/tag/v1.41.0
https://github.com/open-telemetry/opentelemetry-go/releases/tag/v1.42.0
https://github.com/open-telemetry/opentelemetry-go/releases/tag/v1.43.0
and
https://github.com/open-telemetry/opentelemetry-go-contrib/releases/tag/v1.41.0
https://github.com/open-telemetry/opentelemetry-go-contrib/releases/tag/v1.42.0
https://github.com/open-telemetry/opentelemetry-go-contrib/releases/tag/v1.43.0
for details.

otelgrpc no longer produces "messages" span events so these are
removed from the tracing test.

Signed-off-by: Stephen Kitt <skitt@redhat.com>

Kubernetes-commit: 1a63916abee48d6356fbc2e6965433647e6cf073
 2026-04-03 10:10:53 +02:00
Kubernetes Publisher 4dec9a97fa Merge pull request #135708 from michaelschiff/informer-generated-docs 
informer-gen generated comments reference non-existent method

Kubernetes-commit: 88bf9c97c4285de0d83e227159a9698015b3927e
 2026-04-23 11:00:57 +00:00
Kubernetes Publisher 29033d6ac4 Merge pull request #138354 from dims/update-moby-spdystream-v0.5.1 
Update github.com/moby/spdystream from v0.5.0 to v0.5.1

Kubernetes-commit: 02b979213695b4e3d707ceb5a79095ae7d81b7a0
 2026-04-14 17:59:01 +00:00
Davanum Srinivas e71d591837 Update github.com/moby/spdystream from v0.5.0 to v0.5.1 
Kubernetes-commit: 7e9c2c8eef26f99aa2f94d8e09d6d32de86c7769

Kubernetes-commit: f6209104d25a6c0ea7605a73b9ec4085aacbca03
 2026-04-13 13:57:52 -04:00
Kubernetes Publisher af87cf97b0 Merge pull request #137849 from bryantbiggs/deps/update-kube-openapi 
deps: Update `kube-openapi` to drop `ginkgo/gomega` indirect deps

Kubernetes-commit: ec68099e62c85901c8d225705d55adfac26cf69d
 2026-03-18 20:53:06 +00:00
Bryant Biggs a7c37a26fb dependencies: bump kube-openapi to drop ginkgo/gomega indirect deps 
Bump k8s.io/kube-openapi to pick up kubernetes/kube-openapi#579 which
moved the last ginkgo/gomega tests to stdlib testing and ran go mod
tidy, removing ginkgo/gomega from kube-openapi's go.mod.

This drops ginkgo/gomega as indirect deps from apimachinery. It also
prunes Masterminds/semver, google/pprof, and golang.org/x/tools from
client-go and other staging modules where they were only needed
through kube-openapi's ginkgo/gomega chain.

Contributes to kubernetes/kubernetes#127888

Kubernetes-commit: 56cd74d879f1ba11aadcff95326f17a1cc2c82ef
 2026-03-18 09:09:11 -05:00
Kubernetes Publisher 6995a6dbb2 Merge pull request #136657 from Jefftree/sharding-test 
[KEP-5866] Sharded List and Watch

Kubernetes-commit: e2abeef6cdf10dd026662047a828437f55b28246
 2026-03-18 00:49:01 +00:00
Kubernetes Publisher 7e83fd5ea7 Merge pull request #137298 from dims/dsri/cri-streaming-option-a-hardcut 
cri streaming option a hardcut - add new staging repositories `streaming` and `cri-streaming`

Kubernetes-commit: 2bd6c7fe3cb8663804dc6e7672ff01aeebc97274
 2026-03-17 10:54:03 +00:00
Davanum Srinivas fbb57b8768 staging: extract CRI streaming modules with client-go compatibility 
Extract streaming code into dedicated staging modules while keeping stable
compatibility APIs for external client-go consumers.

This commit:
- adds `k8s.io/cri-streaming` for CRI exec/attach/portforward server code
- adds `k8s.io/streaming` as the canonical home for shared transport
  primitives (`httpstream`, `spdy`, `wsstream`, runtime helpers)
- switches in-tree transport consumers to `k8s.io/streaming`
- removes in-tree kubelet CRI streaming package
- preserves NO_PROXY/no_proxy CIDR handling in extracted SPDY proxier logic
- adds deprecated `k8s.io/apimachinery/pkg/util/httpstream` compatibility
  wrappers (`httpstream`, `spdy`, `wsstream`) backed by `k8s.io/streaming`
- restores exported client-go SPDY/portforward API signatures to
  apimachinery `httpstream` types for downstream compatibility
- adds streaming-native client-go adapters/constructors so in-tree callers
  can use `k8s.io/streaming` without changing external compatibility APIs
- deduplicates SPDY-over-websocket dial negotiation shared by compat and
  streaming tunneling dialers
- logs dropped unknown stream types in `RemoveStreams` adapter fallbacks to
  improve compatibility-path debuggability
- adds integration coverage for the streaming-upgrader-to-client-go-compat
  adapter path against a real cri-streaming exec endpoint
- clarifies kubectl streaming import aliasing to avoid `httpstream` package
  ambiguity
- updates tests, import restrictions, publishing metadata, and vendor/module
  metadata for the new staging modules

Signed-off-by: Davanum Srinivas <davanum@gmail.com>

Kubernetes-commit: 1ee1ff97fb7f9755a44d29bee0c80d2ccbed68dc
 2026-02-28 19:40:07 -05:00
Kubernetes Publisher 404001820a Merge pull request #137495 from pohly/klog-update 
dependencies: klog v2.140.0

Kubernetes-commit: 9d0495ec93f7942b9fd6482df79820376a447eee
 2026-03-10 17:12:45 +00:00
Patrick Ohly 8b7cc7520a dependencies: klog v2.140.0 
klog hasn't been updated in Kubernetes for a few releases. Several
enhancements have accumulated that are worth having.

Kubernetes-commit: 56e0565c113107bdea398b075aba5bdef43489ed
 2026-03-06 17:43:11 +01:00
Kubernetes Publisher 552c862a9a Merge pull request #137456 from liggitt/go126 
Update go.mod to go 1.26, fix 1.26 vet errors

Kubernetes-commit: 800a58b7c515b3d5e2677f6af37f9ece186b67c0
 2026-03-06 08:56:41 +00:00
Kubernetes Publisher cc7947006d Merge pull request #137473 from jpbetz/fix-set-transform 
Fix SetTransform to correctly override per-informer transforms

Kubernetes-commit: 3dceb579f797c88564d03a7bdf91ba8108ffd820
 2026-03-06 08:56:39 +00:00
Kubernetes Publisher 06e7a6d9b1 Merge pull request #137451 from dims/update-google-protobuf-deadcode-fix 
Update google.golang.org/protobuf to v1.36.12-0.20260120151049-f2248ac996af to prevent file size explosion in go 1.26

Kubernetes-commit: 77c013637cb40e1b5d2b26664dc7b297f1ff2693
 2026-03-05 20:58:40 +00:00
Davanum Srinivas 489d4af143 Update google.golang.org/protobuf to v1.36.12-0.20260120151049-f2248ac996af 
Pins google.golang.org/protobuf to HEAD commit f2248ac996afc39b3df0777cdcc269f6ade50b07
(v1.36.12-0.20260120151049-f2248ac996af) which includes fixes for dead code
elimination issues surfaced by Go 1.26's reflect changes.

Xref: https://github.com/golang/protobuf/issues/1704
Xref: https://github.com/kubernetes/kubernetes/issues/137445
Signed-off-by: Davanum Srinivas <davanum@gmail.com>

Kubernetes-commit: c8826e0d235fde75d02643bd700179ed79897ad6
 2026-03-05 09:36:13 -05:00
Kubernetes Publisher 92583927f0 Merge pull request #137349 from Jefftree/fix-model-name-bounding-dirs 
Pass --readonly-pkg to openapi-gen in kube_codegen.sh

Kubernetes-commit: ef8a14f679491f858968f49a847c393a3a3fc5e2
 2026-03-05 05:03:44 +00:00
Jefftree 404805e4e1 update kube-openapi 
Kubernetes-commit: 721eea74e75dc95bafbfa450bb2309e494abf45c
 2026-03-04 15:33:47 -05:00
Kubernetes Publisher 6adacb47b9 Merge pull request #137286 from humblec/update-vendored-dependencies 
Update vendored dependencies ( gomega/cadvisor)

Kubernetes-commit: 3f2ebc50eecfaeda23df4435dc82422fa65425ed
 2026-02-27 17:15:45 +00:00
Humble Devassy Chirammal f96a2115f9 dependencies: bump gomega to v1.39.1 and ginkgo to v2.28.1 
Kubernetes-commit: 600d188f2b02eea974509062c04186309065ff16
 2026-02-27 15:48:21 +05:30
Kubernetes Publisher f302725b85 Merge pull request #134081 from sxllwx/try-to-fix-133656 
chore(sample-controller): use reigster-gen

Kubernetes-commit: 5da88b908c92f7ae753e19b6a30bea2c45f8e431
 2026-02-24 20:03:52 +00:00
Jordan Liggitt 5a57c65aa6 Bump to go 1.26 
Kubernetes-commit: f291ae40b03afaaf49cca43b650bfbd05f4babee
 2026-02-17 16:05:07 -05:00
Kubernetes Publisher a8896aaa29 Merge pull request #136392 from skitt/unsupported-typo 
Align IsWatchListSemanticsUnSupported comment

Kubernetes-commit: 15a2107890558876c35db3e44420575d657ac3a0
 2026-02-20 18:44:35 +00:00
Kubernetes Publisher 4cfc7ddd3e Merge pull request #136921 from dims/dump-from-utils 
Move dump package from apimachinery to k8s.io/utils

Kubernetes-commit: 5b63a8c68e8e4d417ab3758c7a80118c2db27ac9
 2026-02-12 21:25:53 +00:00
Kubernetes Publisher 100f3ac540 Merge pull request #135395 from pohly/apimachinery-wait-for-cache-sync 
apimachinery + client-go + device taint eviction unit test: context-aware Start/WaitFor, waiting through channels

Kubernetes-commit: eb09a3c23e3c3905c89e996fcec2c02ba8c4bb0e
 2026-02-11 09:19:44 +00:00
Kubernetes Publisher b5e36fedcd Merge pull request #136826 from alvaroaleman/bumpv0.32 
Bump structured merge diff to v6.3.2

Kubernetes-commit: 65f09e605cb206b2e5fcff4d69a4ae8acf62dbc3
 2026-02-10 22:08:40 +00:00
Davanum Srinivas b9a13d422d Move dump package from apimachinery to k8s.io/utils 
Replace all imports of k8s.io/apimachinery/pkg/util/dump with
k8s.io/utils/dump across the repo. The apimachinery dump package
now contains deprecated wrapper functions that delegate to
k8s.io/utils/dump for backwards compatibility.

Signed-off-by: Davanum Srinivas <davanum@gmail.com>

Kubernetes-commit: 550cc8645bedcc8b187e0ebeb52ead29d5631a32
 2026-02-10 15:20:41 -05:00
Kubernetes Publisher 8202729143 Merge pull request #136455 from pohly/client-go-simpleclient-undeprecation 
fake client-go: un-deprecate NewSimpleClientset

Kubernetes-commit: 09e1c9fe0ec3d3a61fa71c43610b42e1e3f53612
 2026-02-10 00:34:08 +00:00
Alvaro Aleman 31c1b60160 Bump structured merge diff to v6.3.2 
Diff: https://github.com/kubernetes-sigs/structured-merge-diff/compare/v6.3.1...v6.3.2

It's just one change that prevents a NPD when an embedded pointer to a
struct is encountered.

Kubernetes-commit: f59cfe60ef2063e2383ebef416f9da05196903d6
 2026-02-07 13:49:48 -05:00
Kubernetes Publisher c59724d92f Merge pull request #135782 from richabanker/fifo-identity-metric 
Add identifier-based queue depth metrics for RealFIFO

Kubernetes-commit: 8972957668a174bbb589f167817130e0f2d352a9
 2026-02-06 04:39:22 +00:00
Kubernetes Publisher 5628993de5 Merge pull request #136747 from dims/use-k8s-utils-btree 
Use btree from k8s.io/utils instead of github.com/google/btree

Kubernetes-commit: dc1ec1211e4f54064ba6dafd8aac46ac3d4379b4
 2026-02-05 12:11:59 +00:00
Davanum Srinivas 5c2e83116d Use btree from k8s.io/utils instead of github.com/google/btree 
The google/btree package is deprecated, so switch to the maintained
fork in k8s.io/utils/third_party/forked/golang/btree.

API differences:
- NewG -> New
- BTreeG[T] -> BTree[T]

Signed-off-by: Davanum Srinivas <davanum@gmail.com>

Kubernetes-commit: a328ca88ad662119bbf129cd1107fabd8dd9f539
 2026-02-04 09:19:58 -05:00
Kubernetes Publisher a102553d0e Merge pull request #131068 from soltysh/sample_controller_scheme 
Switch sample-controller to use NewClientset supporting applyconfiguration rather than deprecated NewSimpleClientset

Kubernetes-commit: a7b940cde27e7d736d309b02573a62c213cfa4fd
 2026-01-30 10:33:16 +00:00
Maciej Szulik c7133c2f84 Generate applyconfigurations and openapi for sample-controller 
Signed-off-by: Maciej Szulik <soltysh@gmail.com>

Kubernetes-commit: c45c6f184233227e49ab9bceacb709a229b756dd
 2025-03-26 13:25:43 +01:00
Kubernetes Publisher 75c8bbf84e Merge pull request #136582 from yongruilin/master_kubeopenapi-format 
Bump k8s.io/kube-openapi to latest and enable numeric format validation

Kubernetes-commit: b90909e4325d5375af7deb190585a5e9885c288d
 2026-01-28 02:15:00 +00:00
yongruilin b5243f3303 Bump k8s.io/kube-openapi to latest 
Kubernetes-commit: 65b579a036fa3b230f9c5e22d449fe9e4790078e
 2026-01-27 21:39:39 +00:00
Kubernetes Publisher 50434c6a06 Merge pull request #136362 from dims/update-opentelemetry-v1.39.0 
Update OpenTelemetry dependencies to latest versions

Kubernetes-commit: 69eb15ee58c9cb20b90007e9b064dfb78b66a867
 2026-01-21 22:14:22 +00:00
Davanum Srinivas a2aea51475 Update OpenTelemetry dependencies to latest versions 
Core packages (opentelemetry-go):
- go.opentelemetry.io/otel: v1.38.0 → v1.39.0
- go.opentelemetry.io/otel/metric: v1.38.0 → v1.39.0
- go.opentelemetry.io/otel/trace: v1.38.0 → v1.39.0
- go.opentelemetry.io/otel/sdk: v1.38.0 → v1.39.0

Exporters:
- go.opentelemetry.io/otel/exporters/otlp/otlptrace: v1.34.0 → v1.39.0
- go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracegrpc: v1.34.0 → v1.39.0

Contrib instrumentation (opentelemetry-go-contrib):
- go.opentelemetry.io/contrib/.../otelhttp: v0.61.0 → v0.64.0
- go.opentelemetry.io/contrib/.../otelrestful: v0.44.0 → v0.64.0

Protocol definitions (opentelemetry-proto-go):
- go.opentelemetry.io/proto/otlp: v1.5.0 → v1.9.0

Notable changes:
- Go 1.24 is now the minimum required version (Go 1.23 support dropped) for OTEL components
- Performance: ~4x improvement in histogram concurrent operations; xxhash
  replaces fnv for attribute hashing
- Fixed goroutine leak in span processors when context is canceled
- otelrestful migrated semantic conventions from v1.20.0 to v1.34.0
  (e.g., http.method → http.request.method)
- Partial OTLP export errors now surfaced instead of being silently dropped
- otelrestful no longer depends on json-iterator/go, modern-go/concurrent,
  or modern-go/reflect2; unwanted-dependencies.json updated accordingly

Signed-off-by: Davanum Srinivas <davanum@gmail.com>

Kubernetes-commit: c40ea60b9f193fbead586f9fd6cc26f7b77312ff
 2026-01-20 17:20:21 -05:00
Kubernetes Publisher 2a236a856d Merge pull request #136212 from dims/update-security-deps-jan2026-v2 
Update security and stability dependencies

Kubernetes-commit: a94970c0c5de0fa56b0ed82823850db7e0257685
 2026-01-16 14:04:42 +00:00
Davanum Srinivas 5594bf5680 Update security and stability dependencies 
This PR updates several dependencies addressing security vulnerabilities,
stability fixes, and authentication improvements.

- golang.org/x/crypto: v0.46.0 -> v0.47.0
  - Includes latest X509 root certificate bundle updates
  - Security hardening for cryptographic operations
  - Foundation dependency for TLS and authentication

- github.com/golang-jwt/jwt/v5: v5.2.2 -> v5.3.0
  - IMPORTANT: v5.2.2 patched vulnerability GHSA-mh63-6h87-95cp (token
    validation security issue) - this update ensures we have the fix
  - Adds multiple audience validation support for JWT tokens
  - Go 1.21 minimum requirement (code modernization)
  - Replaced legacy interface{} with modern any keyword

- golang.org/x/net: v0.48.0 -> v0.49.0
  - HTTP/2 priority scheduler improvements (RFC 9218)
  - WebSocket security enhancements
  - Network layer stability fixes

- go.uber.org/zap: v1.27.0 -> v1.27.1
  - Fix: Prevent Object from panicking on nils (PR #1501)
  - Fix: Race condition in WithLazy (PR #1511)
  - Both fixes improve logging stability in concurrent scenarios

- github.com/godbus/dbus/v5: v5.2.0 -> v5.2.2
  - Security: Disabled SHA1 authentication by default on non-Windows
    platforms (v5.2.0 change now inherited)
  - Performance: Multiple optimizations reducing memory allocations
  - Fix: Alignment issues in decoder operations
  - Fix: Allow more than 32 containers/struct fields in a signature

Signed-off-by: Davanum Srinivas <davanum@gmail.com>

Kubernetes-commit: 5b478645cdb3be5ed92a21d2f7b417b6328cfa6e
 2026-01-13 23:08:03 -05:00
Kubernetes Publisher 16cd5dbcd7 Merge pull request #136162 from dims/update-security-deps-jan2026 
Update security-critical authentication and protobuf dependencies

Kubernetes-commit: c29a5d73a6fd04896033fe615c259f2949c5e94f
 2026-01-14 02:05:02 +00:00
Davanum Srinivas 1aa4a38e16 Update security-critical authentication and protobuf dependencies 
This PR updates security-critical dependencies addressing authentication
and data parsing vulnerabilities.

**Authentication Security:**
- github.com/coreos/go-oidc: v2.3.0 -> v2.5.0
  - Security fix: Now verifies token signature BEFORE validating payload
  - Prevents potential processing of tampered tokens before cryptographic
    verification

- github.com/cyphar/filepath-securejoin: v0.6.0 -> v0.6.1
  - Security fix: Fixed seccomp fallback logic - library now properly falls
    back to safer O_PATH resolver when openat2(2) is denied by seccomp-bpf
  - Fixed file descriptor leak in openat2 wrapper during RESOLVE_IN_ROOT

- cyphar.com/go-pathrs: v0.2.1 -> v0.2.2
  - Companion update to filepath-securejoin

**Protobuf Security:**
- google.golang.org/protobuf: v1.36.8 -> v1.36.11
  - Security fix: Added recursion limit check in lazy decoding validation
  - Prevents potential stack exhaustion attacks via maliciously crafted
    protobuf messages
  - Also adds support for URL chars in type URLs in text-format

These updates are critical for:
- OIDC authentication in kube-apiserver
- Container filesystem path resolution (used by container runtimes)
- Protobuf message parsing throughout the codebase

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Signed-off-by: Davanum Srinivas <davanum@gmail.com>

Kubernetes-commit: c825d80bbf2c82666192c329478a686fa3a1d5dc
 2026-01-11 16:50:37 -05:00