* Drop the use dprotaso/controller-tools fork
Keeping the fork up to date is not really tenable and it's
fairly complex. We now simply manipulate the resulting
CRD yaml after generation
* go mod tidy
* Prune the allowed scaleTargetRef fields
* allow containers.privileged
* update overrides to include hostPath feature flag
* refactor function for readability
* refactor feature key constants to prevent typos
* drop schema patch config file
* close encoder prior to writing the file
* 15546: Add support for hostPath
* 15546: Fix additional Space and eof
* Fix eof
* update for EOF
* revert mess up
* remove white spaces
* added Comment
* remove extra validations as its there in K8
* Feature: added PodSpec.HostIPC extension
* updates for hostipc
* add support for hostpid and hostnetwork
---------
Co-authored-by: Pablo Carneiro Elias <pablo.cael@gmail.com>
* Add startup probe to CRDs
* Allow startup probes in Knative Services
* Increase ProgressDeadlineSeconds when startup probe is present
* Remove ProgressDeadlineSeconds increase when startup probe is present
* Allow access to Pod field `shareProcessNamespace`.
Feature is guarded by feature flag "kubernetes.podspec-shareprocessnamespace".
Fixes#14137.
* Add missing test for shareProcessNamespace
* Update performance tests
* add updated grafana dashboard
* add better logging
* make sure results are always calculated
* use existing Knative grafana instance
* add local grafana setup instructions
* Add real traffic test
* Add datasource variable in grafana dashboard
* Update grafana URL
* Drop old grafana file
* Add new test to simulate real traffic
* Minor improvements
* Create service in code instead of using YAML
* Add function to wrap reporting vegeta.Metrics to influxdb
* Update grafana dashboard
* add from + to filter to grafana link
* fix pointers
* make `knative.dev/serving/test/v1` work with `injection.ParseAndGetRESTConfigOrDie()`
* minor test fixes
* use milliseconds for grafana url params
* fix review dog warnings
* use BUILD_ID and JOB_NAME to identify a CI job
* drop unnecessary type conversions
* Run `hack/update-deps.sh`
* use `envsubst` instead of `sed`
* Review fixes
* Wait for all KSVC to be deleted before starting the next job
* Add gRPC probe
* Modify unit test
* Modify unit test
* Set default to grpcprobe's service field
* Use knative pkg for ptr operation
* Use config's KubeMajor & KubeMinor instead of k8s native version pkg
* Wrap error in GRPCProbe
* Add comment to explain why use dialer_others.go
* Run update scripts
* Add probe test
* Add test in readiness/probe_test.go
* update deps
* Ignore readinessProbe when it's gRPC
* Fix test to use empemeral port
* Resolve govet lint error
* Use errors.Is to compare
* Also use ephemeral port for handler test
* drop unneccesary else block
* Add secure-pod-defaults flag to default Pods to 'restricted' profile by default
* Account for pod-level SecurityContext when setting defaluts
* Fix format that somehow slipped through auto-format-on-save
* Fix lint unparam complaint
* Don't default Revision values when BYO name is unchanged.
Fixes#11512
* Switch to using a context-passed ConfigurationSpec reference instead of hard-coding Configuration and Service.
* Complete docstring for WithConfigurationSpec
* Permit explicitly selecting Kubernetes defaults in PodSecurityContext.
* Fix comment on defaultSecurityContext
* Allow both "safe" future default and "unsafe" current default to be set explicitly when feature is enabled.
* Add seccompProfile to CRD schemas (it was accepted, but not documented)
* Add e2e tests, checking CI combinations
* Capabilities.Drop is "omitempty", so it will always be empty instead of nil.
* Fix e2e test comment.
🐛 My previous changed missed the new config file that controls how the CRD schema is updated.
You can now clearly see the fields being added to the schemas.
Apologies for the break, I had no clue this was a thing!
/kind bug
Related: https://github.com/knative/serving/pull/13395
* drop unnecessary validation
* use dave's fork of controller-tools
* ensure arrays have an item schema
* drop list map type markers
* tweak conformance tests to allow fields to be pruned if the create request doesn't error out
* split lifecycle test to prestop/poststart
* revert eefc3cce62
* use mako stub for perf testing
* clean up
* reduce number of tests to make job go faster
* more cleanup to address pr comments
* fix comments in mako-perf-tests-script
* remove extra lines from script
* install netstat when reading results
* update boilerplate year
* update copyright of generated code
* Update protofiles with new boilerplate
Ran with versions
protoc - 3.19.4
protoc-gen-gogofaster - v1.3.2
* run protobuf gen with older gogofaster version
* Consolidate serving-nscert controller into main controller.
* Fix up e2e tests
* Remove wildcard cert stuff from generate-yamls and install.
* Fix lint.
* Address nak3 feedback; remove a no-longer-needed utility program
* Clean up the rest of SERVING_NSCERT_YAML (which was an empty file).
* Remove the rest of SERVING_NSCERT_YAML
* allow setting spec.template.spec.automountServiceAccountToken in PodSpec
* only allow setting to false
* preventing panic
* actually preventing panic
* updating schema
* fixing logic to deny when set to true
* gofmt
* using helper function for &false, removing unneeded disallowed block
* Add v1beta1 version of DomainMapping crd
* Keep v1alpha1 as storage version for a release
* Update copyright year
* Rerun codegen after rebase
* Regenerate with new boilerplate
* Move DomainMapping feature to beta
Adds the domain mapping yamls to config/core so that they are built in
to the main serving yaml. This does not combine the controller and
webhook binaries (this will only happen when the feature is GA) so
it is still possible to opt out of domain mapping by reducing replica
count of the relevant controller/webhook to zero and removing access to
the CRD.
* Dont build domainmapping yaml since its built in to core yaml
* Cleanup dangling reference to removed yaml
* Update codegen
* Move tests to beta suite
* e2e - drop imperative bash yaml for declarative ytt/kapp
* don't override knative_setup
* fix namespace of some test-resources
* move ingress class to a property file
* change overlay file names to indicate which configmaps they overlay
* domain-mapping controller is HA
* better coordination between generate-yamls.sh and our e2e scripts
* post-install job support
* fix autotls tests
* fix kourier - do a global search when replacing the system namespace
* drop setting ambassador namespace
* pin kapp to a specific sha
* first pass at upgrade test fixes
* drop ignore-unknown-comments flag - no longer needed with v0.32.0
* fix istio latest-release install
* hardcode kapp app names
upgrade tests change the E2E_SCRIPT name thus we can end up with two installations
* kind tweaks
* drop unused constant
* minor cleanup
* fix stray # in istio mesh ytt file
* drop bash wait since kapp will do this for us
* pull back the global rename and just do it where we need to
otherwise we end up with cluster roles with weird names
* apply injection to namespaces
* custom-yamls now accepts the generated env file output from generate-yamls.sh
* include peer auth for net-certmanager webhook
* fix kong ingress value
* Setup CRD generation machinery and generate initial schemas
* Add filtered PodSpec schema
* Fix embedded types
* Fix things
* Allow preservation for some more types
* Add comments
* Add an explicit comment towards our patched version
* Detach update-codegen from schema generation for now
* Drop incorrect default descriptions
* Drop unnecessary git based rollback
* Simplify further
* Drop now unnecessary comment
* Reorder schema and manual fields
* Drop feature flagged fields
* Remove fat fingering
* Fix leftovers
This generates api docs for api types when we do all the other code
generation. Doing this is part of trying to simplify the docs release
process, and will remove the need to manually generate these when
releasing docs, which has been a source of pain in docs release. Since
we already need to run update-codegen when modifying api types, there
shouldn't be any significant new friction in doing this (on my machine
time to run codegen went from 4m5s to 4m19s, so you get 14 more seconds
to refresh your coffee).
As an additional bonus, this means you can view API docs for a
particular serving version or commit via github in docs/serving-api.md,
which is nice.
* Migrate upgrade tests to using pkg/test/upgrade framework
* Convert AssertAutoscaleUpToNumPods and inner functions to helper
functions that
return error instead of calling t.Fatal to fail the current test.
Avoid using *testing.T
so that these functions can be reused outside of tests or span
multiple tests.
* The autoscaler helper functions are used in upgrade tests where
"setup" and
"verify" phases run within different tests. Pull test.EnsureTearDown
from SetupSvc to ensure
that a kservice is not destroyed at the end of the first phase
("setup") but
remains active until "verify" phase. This is ensured by calling
EnsureTearDown later in the
"verify" phase.
* Adjust Bash scripts to avoid unbound variable errors during upgrade
tests exexution (due
to using -u flag by the upgrade framework).
* Use umbrella functions for individual groups of tests
That's for easy reuse in other repos such as knative/operator
* Define curPods and targetPods constants in upgrade tests
* Fix imports and licences
* Fix lint - comments on new exported functions
* Split AssertAutoscaleUpToNumPods into setup and wait parts
* Pass errgroup by reference
* Fix lint error
* Move logf into TestContext
* Remaining fixes for moving logf to TestContext
* Call logf on context directly
* Update readme
* Remove the comment and fix imports
* Update modules after running update-codegen
* Do not upgrade Ingress when upgrading Knative
* autoscale and prober tests will fail if ingress is replaced during
upgrade
* Pass around func() error instead of errGroup
* Mark a few functions as t.Helper()
* Fix codegen
Stavros Kontopoulos
Dave Protasowski
Amarendra Kumar
Kapil Sareen
Reto Lehmann
Roland Huß
Seongpyo Hong
JinVei
Caleb Woodbine
Clay Kauzlaric
Evan Anderson
Matt Moore
Nader Ziada
Paul Schweigert
kobayashi
knative-automation
Julian Friedman
Mahamed
Stavros Kontopoulos
Markus Thömmes
Evan Anderson
Martin Gencur
Scott Nichols