kubernetes
/
kops
mirror of https://github.com/kubernetes/kops.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
11,992 Commits 31 Branches 256 Tags 544 MiB
Commit Graph

478 Commits

Author SHA1 Message Date
Justin SB 2a44cb7f16 Update script and testdata CA keypair 
If we generate with the wrong type (usages), the keypair will be
regenerated.
 2020-09-12 16:21:15 -04:00
Justin SB 6fa8be2716 JSON formatting of IAM: Workaround for optional fields 
AWS IAM is very strict and doesn't support `Resource: []` for example.
We implement a custom MarshalJSON method to work around that.
 2020-09-09 09:57:07 -04:00
Justin SB a61ecf4c58 Refactor to use interface for iam Subjects 
Hat-tip to johngmyers for the idea!
 2020-09-09 09:57:07 -04:00
Justin SB ccc814dfbc Create tests for JWKS scenarios 2020-09-09 09:57:06 -04:00
Kubernetes Prow Robot 4604fa53b3
Merge pull request #9899 from olemarkus/remove-insecure-bind-address 
Don't explicitly set insecure-bind-address on newer k8s
 2020-09-09 03:25:53 -07:00
Ole Markus With 886b4c97cb Don't explicitly set insecure-bind-address on newer k8s 2020-09-09 11:41:51 +02:00
Ciprian Hacman 43e0b2332c Update expected outputs of integration tests 2020-09-08 10:12:57 +03:00
Ciprian Hacman d1bdc1632d Update expected outputs of integration tests 2020-09-08 08:46:09 +03:00
Kubernetes Prow Robot 277038d419
Merge pull request #9839 from rifelpet/tf-cert-id 
Dont generate the ssl_certificate_id field on TCP listeners in Terraform
 2020-08-31 06:14:21 -07:00
Kubernetes Prow Robot 56bab9fa4f
Merge pull request #9813 from justinsb/expose_jwks 
Expose JWKS via a feature-flag
 2020-08-30 21:06:20 -07:00
Peter Rifel 0326ce4ad7
Dont generate the ssl_certificate_id field on TCP listeners in Terraform 2020-08-30 09:44:16 -05:00
Justin SB 786423f617 Expose JWKS via a feature-flag 
When the PublicJWKS feature-flag is set, we expose the apiserver JWKS
document publicly (including enabling anonymous access).  This is a
stepping stone to a more hardened configuration where we copy the JWKS
document to S3/GCS/etc.

Co-authored-by: John Gardiner Myers <jgmyers@proofpoint.com>
 2020-08-30 10:15:11 -04:00
Justin SB c63ce4b5ab Implement setter by reflection 
This means we no longer have to individually hard-code the `kops set`
fields, however we use the "language" we're now demonstrated.

We add tests to ensure we have parity with our existing (hard-coded)
setter logic.
 2020-08-30 09:59:52 -04:00
Peter Rifel 55f33c68b3
Cleanup old v1alpha1 test outputs 2020-08-27 14:30:10 -05:00
Peter Rifel 64f6f5e2cb
Add integration test for GCE private topology with bastion 2020-08-27 14:28:26 -05:00
Ciprian Hacman cd82550088 Update integration test for Calico after validation changes 2020-08-24 12:54:15 +03:00
Ciprian Hacman 3f8edd74fe Update integration test for Calico 2020-08-24 12:30:37 +03:00
Ciprian Hacman 2880e22bce Add flag for root volume encryption 2020-08-21 18:31:21 +03:00
Kubernetes Prow Robot 8a81d94c7b
Merge pull request #9773 from victorfrancax1/7286 
Adding support for permission boundaries for AWS IAM Roles
 2020-08-19 06:51:11 -07:00
Victor Ferreira 3aaa9a7c0f feat(aws): adding support to permission boundaries for IAM Roles 2020-08-19 01:16:13 -03:00
Kubernetes Prow Robot 96ab8423b1
Merge pull request #9566 from hakman/arm64-images 
Add ARM64 support for masters
 2020-08-14 20:46:17 -07:00
Ole Markus With 9890839cec Add an integration test for openstack floating ip 
* Integration test for floatingip cluster
* Implements mocking of floatingIP (only list for now)
* Expands various cloudmocks
* Fixes an NPR in openstack validation
* Fixes a bug where kops tries to use DNS even if the cluster is gossip
 2020-08-12 12:59:30 +02:00
Kubernetes Prow Robot 9b46e3fb9a
Merge pull request #9721 from hakman/ghw-win-2019 
Add windows job to GH workflows
 2020-08-11 11:20:18 -07:00
Ciprian Hacman f9f8ecfcf5 Fix API conversion tests for Windows 2020-08-11 14:28:37 +03:00
Ciprian Hacman 2359a25b84 Fix integration tests EOLs for Windows 2020-08-11 14:28:37 +03:00
Peter Rifel 6991655921
Add openstack integration test. 
This will create / update / update / delete an openstack cluster using cloudmock, ensuring there are no lingering changes reported or orphaned resources
 2020-08-10 15:22:49 -05:00
Ciprian Hacman 527b1eb36f ARM64 support - Update expected tests output 2020-08-10 12:05:24 +03:00
Kubernetes Prow Robot 2fbef78143
Merge pull request #9650 from johngmyers/update-notag 
Remove tags from NodeupConfig
 2020-07-31 02:27:08 -07:00
John Gardiner Myers d434733254 update-expected.sh 2020-07-30 19:42:07 -07:00
John Gardiner Myers cd2941b56c update-expected.sh 2020-07-29 17:24:39 -07:00
Peter Rifel f3e6ac874d
Update integration test outputs with new ssh key tags 2020-07-28 13:35:10 -05:00
John Gardiner Myers be3e311c12 update-expected.sh 2020-07-17 19:32:53 -07:00
John Gardiner Myers c0774d7ffa Stop using legacy IAM in integration tests 2020-07-17 19:32:48 -07:00
John Gardiner Myers d0b30cf771 update-expected.sh 2020-07-17 11:26:09 -07:00
Peter Rifel 4bcc1e1ffa
Remove old unused files 
The yaml files were most likely meant to live in tests/integration/update_cluster/minimal_gce but those files already exist.

The md file is very old and not relevant
 2020-07-13 12:48:28 -05:00
Peter Rifel f213854330
Update integration test outputs with filebase64 2020-07-08 23:24:11 -05:00
Ciprian Hacman 827d8c041f Update mock version to 1.19.0-alpha.1 2020-07-08 18:31:18 +03:00
Peter Rifel 69f2c71cc3
Add tag support to AWS launch templates 
In addition to TagSpecifications which allow tagging of instances and volumes, launch templates support tags of their own.

This adds the usual tags to LTs, as seen in the kubernetes.tf additions. Cloudformation does not yet support it [0], so only "api" and "terraform" targets are updated.

[0] https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ec2-launchtemplate-launchtemplatedata.html
 2020-07-07 22:43:45 -05:00
Ciprian Hacman 69511a998e Use kubelet docker-specific flags only for Docker 2020-07-05 07:57:10 +03:00
Ole Markus With 53f670aeb0 Rebase with master 2020-07-03 08:39:43 +02:00
Ole Markus With 263172caac Use new templates for cilium 1.8 2020-07-03 07:56:35 +02:00
Kubernetes Prow Robot 734a0eb5f3
Merge pull request #9415 from johngmyers/refactor-nodeup-2 
Continue moving InstanceGroup data to NodeupConfig
 2020-07-02 20:50:47 -07:00
Ciprian Hacman a7c8d2087c Use github.com/blang/semver/v4 2020-07-01 08:54:42 +03:00
John Gardiner Myers 56e5adc67e Move VPC setup into NewCluster() 2020-06-30 12:37:46 -07:00
John Gardiner Myers fe66b0011b Move CloudProvider determination into NewCluster() 2020-06-30 12:37:11 -07:00
John Gardiner Myers 5f45389124 update-expected.sh 2020-06-28 18:52:03 -07:00
John Gardiner Myers 35645b49c4 update-expected.sh 2020-06-28 18:51:42 -07:00
John Gardiner Myers 64167b7420 update-expected.sh 2020-06-28 18:51:16 -07:00
Peter Rifel 75ccf45eb7
Fold multiple integration test cases into the complex cluster test 
Each integration test cluster adds many LoC and some overhead in running the integration tests.
Since many of the tests are only testing a specific feature, it would be simpler to combine all of the non-mutually exclusive features into the complex cluster.
 2020-06-19 22:09:22 -05:00
Ciprian Hacman 80295961fb ARM64 support - Update tests output 2020-06-19 04:42:11 +03:00