Automatic merge from submit-queue (batch tested with PRs 64181, 65737). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
API linter framework and namesMatch API rule
**What this PR does / why we need it**:
Bump kube-openapi dependency to use the [API linter framework](https://github.com/kubernetes/kube-openapi/pull/83) in k/k OpenAPI spec generation procedure.
Currently one API rule is enforced:
"Go field names must be CamelCase. JSON field names must be camelCase. Other than capitalization of the initial letter, the two should almost always match. No underscores nor dashes in either."
**Which issue(s) this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close the issue(s) when PR gets merged)*:
Fixes#65244
**Special notes for your reviewer**:
Most code change in this PR was generated (~1700 lines). Please see commits for detail.
**Release note**:
```release-note
NONE
```
/sig api-machinery
/cc @pwittrock @mbohlool
Kubernetes-commit: 614e3adda05c5d7189c8485ba7abe1ba7ee501a7
Automatic merge from submit-queue (batch tested with PRs 65832, 66160, 66145). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
apiserver: make loopback logic in SecureServingOptions reusable
For reuse in other components this PR separates the loopback logic from the GenericApiServer config.
Kubernetes-commit: 60ca8045152368d3344d53dfecfb3fbfc9a1510f
Automatic merge from submit-queue (batch tested with PRs 65899, 65900). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
apiserver: use self-signed cert fixtures in integration test servers
Kubernetes-commit: 932766231342f1f7d2b8d3063b139c46a8bf9f2b
Automatic merge from submit-queue (batch tested with PRs 65105, 62948). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
dry-run: Create Options with dryRun for POST/PUT/PATCH
**What this PR does / why we need it**:
Create new options for Create and Update (through POST/PUT/PATCH).
**Which issue(s) this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close the issue(s) when PR gets merged)*:
Fixes #
**Special notes for your reviewer**:
**Release note**:
```release-note
NONE
```
Kubernetes-commit: fe8846196d30eaf327b9cba0991ae60e7a3c4047
Automatic merge from submit-queue (batch tested with PRs 66076, 65792, 65649). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
kubernetes: fix printf format errors
These are all flagged by Go 1.11's
more accurate printf checking in go vet,
which runs as part of go test.
```release-note
NONE
```
Kubernetes-commit: 0972ce1accf859b73abb5a68c0adf4174245d4bf
Automatic merge from submit-queue (batch tested with PRs 66038, 65992, 66008). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Convert TestServerRunWithSNI to subtests to isolate flake
This test is flaking - make it easier to pin down where and why by
converting to subtests and making cleanup logic simpler. Also turn an
ignored listen error into a "fatal".
Make the test run in parallel to speed up individual runs and hopefully
flush out issues.
Noticed and reported in OpenShift, https://github.com/openshift/origin/issues/20220
@deads2k / @sttts
Kubernetes-commit: ff9a66bd176c0e0ad992fd3496cc2b4b2a144f15
Automatic merge from submit-queue (batch tested with PRs 65931, 65705, 66033). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Remove unused x509 code
We don't intend to use/support these user extraction methods
```release-note
NONE
```
Kubernetes-commit: 4b4408c339bc81c9d96a93d07f163e42bd0f3322
This test is flaking - make it easier to pin down where and why by
converting to subtests and making cleanup logic easier. Also turn an
ignored listen error into a "fatal".
Make the test run in parallel to speed up individual runs and hopefully
flush out issues.
Kubernetes-commit: 09463975c379114ef9cd42d3c7efb6254b2c3b33
Automatic merge from submit-queue (batch tested with PRs 65830, 65780, 65961). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
change field selector conversion registration to be strongly typed
the signature of these methods is misleading... they require a group-version-kind
```release-note
NONE
```
Kubernetes-commit: 4d609cea7f1ccd3840b46e3e2ae83cc6452ab4a7
Automatic merge from submit-queue (batch tested with PRs 65830, 65780, 65961). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
apiserver: get rid of ReadWritePort in config
Executing removal TODO by making the read write port logic explicit, and not hidden deep in the secure serving code.
Preparation for https://github.com/kubernetes/kubernetes/pull/65832
Kubernetes-commit: f6bbf1f6f8ab856b95baea56ab624672b09662fd
Automatic merge from submit-queue (batch tested with PRs 65946, 65904, 65913, 65906, 65920). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
track schemes by name for error reporting
Getting an error message about a type not being in the scheme is hard to fix if you don't know which scheme is failing. This adds a name to the scheme which can be set during creation or can be set based on the calling stack. If you use the old constructor a name is generated for you based on the stack. Something like "k8s.io/client-go/dynamic/scheme.go:28" for instance.
Also moves a typer to its point of use. This was debt from previous refactors which I noticed going through.
@kubernetes/sig-api-machinery-misc
@sttts
```release-note
NONE
```
Kubernetes-commit: 8e2fdb32bc84103b15310a221a375470bf567bdc
Before this the advertised IP (which shows up in the server cert) in case of
listening to loopback was the first host interface IP. This makes self-signed
certs non-constant, such that we cannot use fixtures.
Kubernetes-commit: c1c564fd4d21dd68ea14d7ea678d8619f47fe445
Automatic merge from submit-queue (batch tested with PRs 64511, 65865, 65867, 65866). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
kube-controller-manager: create self-signed certs
If secure serving is enabled (not automatically wired yet, but 3rdparties could wire it), create self-signed certs if none are given. Reuses the code from k8s.io/apiserver.
Kubernetes-commit: 667ad2b1631252daa1d0f12fe1b0fd51b571f22b
Automatic merge from submit-queue (batch tested with PRs 64911, 65710). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
apiextensions-apiserver: add pkg/cmd/server/testing pkg for integration tests
In analogy to kube-apiserver, this implements a uniform apiextensions-apiserver for integration tests which can be started using customized flags.
Kubernetes-commit: c7d4931dad9b15cba6913d3344b0cdc57615333f
Automatic merge from submit-queue (batch tested with PRs 65822, 65834, 65859, 65631). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
apiserver: don't create self-signed certs with disabled secure serving
Kubernetes-commit: abf59aa8c47c0c94491f8ce8863297b5e1a9b8d5
Automatic merge from submit-queue. If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
make use of request.UserAgent()
**What this PR does / why we need it**:
**Which issue(s) this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close the issue(s) when PR gets merged)*:
Fixes #
**Special notes for your reviewer**:
/assign @sttts
**Release note**:
```release-note
NONE
```
Kubernetes-commit: 97a4da713b43beb9b5d6d27854ace6cf354593d6
Automatic merge from submit-queue. If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Add healthz check to ensure logging is not blocked
When running the apiserver/controllers in pods, we encountered a docker bug that blocked stdout/stderr (https://github.com/moby/moby/issues/31373)
That in turn blocked flushing logs, which in turn eventually blocked any goroutine that logs anything (which is pretty much all the important goroutines)
This adds a healthz check that logging is not blocked so that healthz indicates something is wrong
```release-note
NONE
```
Kubernetes-commit: a5ebe7ddf30a535c6347d0e9d685866c06360f55
Automatic merge from submit-queue (batch tested with PRs 65677, 65711, 65150, 65726). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Add additional authorization check for create-on-update
**What this PR does / why we need it**:
Currently it is possible for a user who is only authorized to update objects to send a PUT request for an object that doesn't currently exist, and if that resource allows create on update, it will all them to create the object. This PR fixes that bug and adds a test case which fails on master, but succeeds when the additional authorization check is done.
/sig api-machinery
/kind bug
/cc @liggitt @lavalamp
**Release note**:
```release-note
LimitRange and Endpoints resources can be created via an update API call if the object does not already exist. When this occurs, an authorization check is now made to ensure the user making the API call is authorized to create the object. In previous releases, only an update authorization check was performed.
```
Kubernetes-commit: 0e6d3f2abe57b00cd17acd6c92c9c0e0a2515011
Automatic merge from submit-queue (batch tested with PRs 64599, 65729). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
fix go import
**What this PR does / why we need it**:
Fix go import introduced by #63777.
cc @lavalamp
/assign @sttts
**Release note**:
```release-note
NONE
```
Kubernetes-commit: 70e6fd29532db9b40fc300d6d596053f826cbda8
Automatic merge from submit-queue (batch tested with PRs 65040, 65731). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
[trivial] fix option help message.
s/andif/and if/
**What this PR does / why we need it**:
**Which issue(s) this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close the issue(s) when PR gets merged)*:
Fixes #
**Special notes for your reviewer**:
**Release note**:
```release-note
NONE
```
Kubernetes-commit: b770083da5afe215c168cf2e6f753fb02ea39cf4
Automatic merge from submit-queue (batch tested with PRs 65299, 65524, 65154, 65329, 65536). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Allow override of AllowCreateOnUpdate with new argument to Update
**What this PR does / why we need it**:
Changes the Update function signature to include a new bool which tells storage to override what the UpdateStrategy returns for AllowCreateOnUpdate. This is not exposed to the user, the handler is the one that sets this override value. Eventually the patch handler will set this to true, in order to provide more consistent apply behavior, without changing the existing PUT behavior.
Redo of https://github.com/kubernetes/kubernetes/pull/65075 but on master to reduce number of conflicts when we merge feature-serverside-apply with master.
/sig api-machinery
/cc @apelisse @lavalamp
**Release note**:
```release-note
NONE
```
No release note because this is just an internal change
Kubernetes-commit: dcf296a97a53aad4d95eb328c5e7c283eeba2fb1
Automatic merge from submit-queue. If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Add missing error handling in schema-related code
**What this PR does / why we need it**:
Adds missing error handling to a few places.
**Which issue(s) this PR fixes**
Updates #51457. Still more work to do to fix the issue - client generation code needs to be updated (addressed in https://github.com/kubernetes/kubernetes/pull/64664).
**Release note**:
```release-note
NONE
```
/kind bug
/sig api-machinery
Kubernetes-commit: 7786bd8c9a99974e2cda31940dd4a1ef0a31c2e5
Automatic merge from submit-queue (batch tested with PRs 64741, 65484). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
enable etcdv3 client prometheus metics
**What this PR does / why we need it**:
Provide a way to enable etcdv3 client prometheus metics
**Which issue(s) this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close the issue(s) when PR gets merged)*:
Fixes#64740
**Special notes for your reviewer**:
**Release note**:
```release-note
Enable etcdv3 client prometheus metics
```
Kubernetes-commit: 1570d3851cce541f3e7a9eb9ae6f242255bf33e6
Automatic merge from submit-queue (batch tested with PRs 65593, 65678). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
simplify httplog.LogOf
**What this PR does / why we need it**:
LogOf returns the logger hiding in w, otherwise returns a passthroughLogger, and it never panics.
**Release note**:
```release-note
NONE
```
Kubernetes-commit: 83a8e42d035a6371fb94c8cb13a9664cc0bcacf1
Automatic merge from submit-queue (batch tested with PRs 65518, 65624, 65380, 65390, 65586). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
cleanup: remove deadcode
/kind cleanup
remove deadcode
remove unnecessary conversion
```release-note
NONE
```
Kubernetes-commit: 16dbb95c51532e8a937a3ccb90223e8568b130c3
Automatic merge from submit-queue (batch tested with PRs 65319, 64513, 65474, 65601, 65634). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Fix apiserver metrics
Kubernetes-commit: 4f465fac5b395b2395b65c91035b3803e8631e59
Automatic merge from submit-queue (batch tested with PRs 65319, 64513, 65474, 65601, 65634). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Use same rvParse in watchcache and move cacheStorage in separate dir
**What this PR does / why we need it**:
Use same rvParse in watchcache and move cacheStorage in separate dir.
**Which issue(s) this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close the issue(s) when PR gets merged)*:
Fixes #
**Special notes for your reviewer**:
**Release note**:
```release-note
NONE
```
Kubernetes-commit: 7b46e884ae439c53439ce55779b34530df6fa3db
These are all flagged by Go 1.11's
more accurate printf checking in go vet,
which runs as part of go test.
Lubomir I. Ivanov <neolit123@gmail.com>
applied ammend for:
pkg/cloudprovider/provivers/vsphere/nodemanager.go
Kubernetes-commit: 2bd91dda64b857ed2f45542a7aae42f855e931d1
Automatic merge from submit-queue. If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
apiserver: do not print feature gates for glog v=0
**What this PR does / why we need it**:
Demand verbosity level > 0 for glog Infof() calls when
setting feature gates in pkg/util/feature_gate.go.
Without this, regular calls to things like `kubeadm token generate` would also print `feature_gate.go:230] feature gates: &{map[]}`.
**Which issue(s) this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close the issue(s) when PR gets merged)*:
Fixeskubernetes/kubeadm#953
**Special notes for your reviewer**:
i doubt there is a particular reason to not use verbosity level here?
is `v=1` sufficient here?
/area apiserver
/area kubeadm
/kind cleanup
/cc @kubernetes/sig-cluster-lifecycle-pr-reviews
/cc @kubernetes/sig-api-machinery-pr-reviews
**Release note**:
```release-note
NONE
```
Kubernetes-commit: f0dcdd76229127df8364aa84bbe9f93313644f38
Nikhita Raghunath