profile
viewpoint
Sascha Grunert saschagrunert @SUSE I’m on earth right now. http://saschagrunert.de The difference between fine and great software is listening to people.

containers/libpod 4818

libpod is a library used to create container pods. Home of Podman.

containers/buildah 3071

A tool that facilitates building OCI images

containers/conmon 125

An OCI container runtime monitor.

kubernetes-analysis/kubernetes-analysis 6

Kubernetes issue and pull request analysis powered by machine learning

openSUSE/obs-service-cargo_vendor 4

OBS Source Service to vendor Rust dependency sources

openSUSE/cri-o 2

openSUSE CRI-O base fork for upstream contributions

saschagrunert/awesome-rust 2

A curated list of Rust code and resources.

kubic-project/cri-o-testing 0

Integration and e2e testing of cri-o within kubic

openSUSE/buildah 0

A tool that facilitates building OCI images

openSUSE/conmon 0

An OCI container runtime monitor.

push eventsaschagrunert/openshift-release

Sascha Grunert

commit sha a2989a698bb9180504232e1ff02b1a03c695ddaa

Enable release-note plugin for CRI-O Signed-off-by: Sascha Grunert <sgrunert@suse.com>

view details

push time in 8 minutes

push eventopenSUSE/cri-o

Sascha Grunert

commit sha 22a870f1838ef46003fc06e6cb883925982a8321

Update golangci lint to v1.28.1 We also enable non-complaining linters as well as adding new ones to the list in .golangci.yml. Signed-off-by: Sascha Grunert <sgrunert@suse.com>

view details

push time in 20 minutes

pull request commentcri-o/cri-o

Update golangci lint to v1.28.0

/retest

saschagrunert

comment created time in 20 minutes

pull request commentkubernetes/kubernetes

Update seccomp e2e test for GA

/retest

saschagrunert

comment created time in 24 minutes

pull request commentkubernetes/kubernetes

Add seccomp GA version skew for pods

/retest

saschagrunert

comment created time in 11 hours

Pull request review commentcontainers/storage

new interface for MountImage added

 type mountPointError struct { func mount(flags *mflag.FlagSet, action string, m storage.Store, args []string) int { 	moes := []mountPointOrError{} 	for _, arg := range args {-		result, err := m.Mount(arg, paramMountLabel)-		errText := ""-		if err != nil {-			errText = fmt.Sprintf("%v", err)+		if paramReadOnly {+			result, err := m.MountImage(arg, []string{"noexec", "nosuid"}, paramMountLabel)+			errText := ""+			if err != nil {+				errText = fmt.Sprintf("%v", err)+			}+			moes = append(moes, mountPointOrError{arg, result, errText})+		} else {+			result, err := m.Mount(arg, paramMountLabel)+			errText := ""+			if err != nil {+				errText = fmt.Sprintf("%v", err)
				errText = err.Error()
rhatdan

comment created time in 11 hours

Pull request review commentcontainers/storage

new interface for MountImage added

 func validRootlessStoragePathFormat(path string) error { 	} 	return nil }++func validateMountOptions(mountOptions []string) error {+	var Empty struct{}+	// Add invalid options for ImageMount() here.+	invalidOptions := map[string]struct{}{+		"rw": Empty,+	}++	for _, opt := range mountOptions {+		if _, ok := invalidOptions[opt]; ok {+			return fmt.Errorf(" '%s' option not supported", opt)
			return fmt.Errorf("%q option not supported", opt)
rhatdan

comment created time in 11 hours

Pull request review commentcontainers/storage

new interface for MountImage added

 type mountPointError struct { func mount(flags *mflag.FlagSet, action string, m storage.Store, args []string) int { 	moes := []mountPointOrError{} 	for _, arg := range args {-		result, err := m.Mount(arg, paramMountLabel)-		errText := ""-		if err != nil {-			errText = fmt.Sprintf("%v", err)+		if paramReadOnly {+			result, err := m.MountImage(arg, []string{"noexec", "nosuid"}, paramMountLabel)+			errText := ""+			if err != nil {+				errText = fmt.Sprintf("%v", err)
				errText = err.Error()
rhatdan

comment created time in 11 hours

pull request commentcri-o/cri-o

Update golangci lint to v1.28.0

/retest

saschagrunert

comment created time in 11 hours

pull request commentkubernetes/kubernetes

Add seccomp GA version skew for pods

/retest

saschagrunert

comment created time in 13 hours

pull request commentkubernetes/kubernetes

Add seccomp GA version skew for pods

/retest

saschagrunert

comment created time in 14 hours

pull request commentkubernetes/kubernetes

Update seccomp e2e test for GA

/test pull-kubernetes-conformance-kind-ga-only-parallel

saschagrunert

comment created time in 15 hours

pull request commentkubernetes/kubernetes

Update seccomp e2e test for GA

/retest

saschagrunert

comment created time in 16 hours

delete branch saschagrunert/release-notes

delete branch : badge-fix

delete time in 16 hours

pull request commentkubernetes/kubernetes

Add seccomp GA version skew for pods

/retest

saschagrunert

comment created time in 16 hours

pull request commentkubernetes/kubernetes

Add seccomp GA version skew for pods

If this gets merged then I will continue to add e2e tests for the API migration in https://github.com/kubernetes/kubernetes/pull/91442

saschagrunert

comment created time in 17 hours

push eventsaschagrunert/kubernetes

Kubernetes Prow Robot

commit sha 205d5c58296357365bfa834ecabb384c1c1042c3

Merge pull request #91381 from pjbgf/seccomp-ga-kubelet-changes seccomp GA - Add new seccomp fields and update kubelet to use them

view details

Sascha Grunert

commit sha 813a5ead4bfec9b1c9fe1ab727e9575472efd79b

Update seccomp e2e test for GA We now execute the seccomp tests with `[LinuxOnly]` as described in the appropriate KEP test plan: https://github.com/kubernetes/enhancements/blob/master/keps/sig-node/20190717-seccomp-ga.md#test-plan The tests have been changed to used the new seccomp field within the security context in replacement for the annotations. As a follow-up, we will add version skew tests as well. Signed-off-by: Sascha Grunert <sgrunert@suse.com>

view details

push time in 17 hours

pull request commentkubernetes/kubernetes

Add seccomp GA version skew for pods

#91381 is merged, can rebase on master now

Done :heavy_check_mark:

saschagrunert

comment created time in 17 hours

push eventsaschagrunert/kubernetes

Kubernetes Prow Robot

commit sha 205d5c58296357365bfa834ecabb384c1c1042c3

Merge pull request #91381 from pjbgf/seccomp-ga-kubelet-changes seccomp GA - Add new seccomp fields and update kubelet to use them

view details

Sascha Grunert

commit sha c3ba2d8b8b801ea9658e15d8c53068ba2de7ce9e

Add seccomp GA version skew for pods This adds a new conversion function to the pod strategy to handle the seccomp version skew strategy: https://github.com/kubernetes/enhancements/blob/master/keps/sig-node/20190717-seccomp-ga.mdversion-skew-strategy Signed-off-by: Sascha Grunert <sgrunert@suse.com>

view details

push time in 17 hours

push eventsaschagrunert/kubernetes

Paulo Gomes

commit sha 8976e3620f8963e72084971d9d4decbd026bf49f

Add seccomp enforcement and validation based on new GA fields Adds seccomp validation. This ensures that field and annotation values must match when present. Co-authored-by: Sascha Grunert <sgrunert@suse.com>

view details

Kubernetes Prow Robot

commit sha 205d5c58296357365bfa834ecabb384c1c1042c3

Merge pull request #91381 from pjbgf/seccomp-ga-kubelet-changes seccomp GA - Add new seccomp fields and update kubelet to use them

view details

push time in 17 hours

push eventsaschagrunert/release-notes

Sascha Grunert

commit sha 6bfce27d83b8e8c1132265c9294ba1c8ec520971

Add v1.17.0 release notes Signed-off-by: Sascha Grunert <sgrunert@suse.com>

view details

Sascha Grunert

commit sha 96050944b06f98a60346cc1776ee89d77161ef2f

Update dependencies to fix vulnerabilties angular/common ^8.2.13 → ^8.2.14 angular/compiler ^8.2.13 → ^8.2.14 angular/core ^8.2.13 → ^8.2.14 angular/forms ^8.2.13 → ^8.2.14 angular/platform-browser ^8.2.13 → ^8.2.14 angular/platform-browser-dynamic ^8.2.13 → ^8.2.14 angular/router ^8.2.13 → ^8.2.14 ngrx/effects ^8.5.0 → ^8.5.2 ngrx/store ^8.5.0 → ^8.5.2 ngrx/store-devtools ^8.5.0 → ^8.5.2 ootstrap ^4.3.1 → ^4.4.1 oncurrently 5.0.0 → 5.0.1 gx-pagination ^4.1.0 → ^5.0.0 pm-check-updates ^3.2.1 → ^3.2.2 angular-devkit/build-angular ^0.803.18 → ^0.803.20 angular/cli ^8.3.18 → ^8.3.20 angular/compiler-cli ^8.2.13 → ^8.2.14 angular/language-service ^8.2.13 → ^8.2.14 types/jasmine ^3.4.6 → ^3.5.0 types/jest ^24.0.22 → ^24.0.23 types/node ^12.12.7 → ^12.12.16 cypress ^3.6.1 → ^3.7.0 ts-node ^8.5.0 → ^8.5.4 Signed-off-by: Sascha Grunert <sgrunert@suse.com>

view details

Kubernetes Prow Robot

commit sha 8372324c54d140c144b148803c931729334682f8

Merge pull request #129 from saschagrunert/k8s-1.17 Add v1.17.0 release notes

view details

Kubernetes Prow Robot

commit sha 47f74d12e944362d95e80e30fb5a54a77288db5a

Merge pull request #131 from saschagrunert/deps Update dependencies to fix vulnerabilties

view details

Sascha Grunert

commit sha 3d4e274543a54b2ef5cb158f8853b34f6433716d

Add v1.15.6 and v1.16.3 release notes Signed-off-by: Sascha Grunert <sgrunert@suse.com>

view details

Chris Carty

commit sha d414e17b679f8c8871335144e0eb4a2aa7e90bd8

added v1.14.10 release notes

view details

Kubernetes Prow Robot

commit sha 301e54d5c05feeed25bfe4b038ab15df3d4d9021

Merge pull request #132 from saschagrunert/v1.16.3 Add v1.15.6 and v1.16.3 release notes

view details

Chris Carty

commit sha f640517706ebb7077526c3759963249fb7790125

added v1.14.9 release notes

view details

Sascha Grunert

commit sha a352f498be266768cd52115039c2c7ffcbc7b9a0

Add v1.15.7 and v1.16.4 release notes Signed-off-by: Sascha Grunert <sgrunert@suse.com>

view details

Chris Carty

commit sha 62758d50e926414e1033bbd87fc96c4564df8ca9

added v1.14.7 release notes

view details

Chris Carty

commit sha ad18e6574c08239d3611cbdb73a0ca843eb3c21f

added v1.14.8 release notes

view details

Kubernetes Prow Robot

commit sha 45743ecb74bf4d578eef5e637cb4a963448dcfc0

Merge pull request #133 from saschagrunert/v1.16.4 Add v1.15.7 and v1.16.4 release notes

view details

Chris Carty

commit sha ccc578be57d5e998f0ace6306edc76c22a7cdf90

added v1.14.6 release notes

view details

Chris Carty

commit sha 8c971815c29a737892f4ceb5805f6c2f128fec59

added v1.14.5 release notes

view details

Chris Carty

commit sha 6ac9fdc3be2aebf462415408c1470ff0dcd2b6e3

Merge branch 'master' of github.com:kubernetes-sigs/release-notes into v1.14.x-release-notes

view details

Chris Carty

commit sha a9dd22ba75c877628bd84a06874588cf46bbc4a3

added v1.14.4 release notes, added missed 1.14.5 in assets

view details

Chris Carty

commit sha 19cddc0d6f66acda0d20ca7ebba5d9800e4ccf43

added v1.14.1-3 release notes

view details

Chris Carty

commit sha 2afa7d20adfa5b78579c82e7549119e73b77614b

added v1.14 and ran prettier

view details

Chris Carty

commit sha db1723b4d523858981a4c012868332b7cb237192

actually ran prettier on 1.14 notes

view details

Chris Carty

commit sha e257ccd2c26ba5d1e4428e6e2a13116f0800ffed

Squashed. Added 1.14.x assets

view details

push time in 17 hours

pull request commentkubernetes-sigs/release-notes

Fix badge selection and add e2e tests

Ah, I had to rebase to fix the prettier issues…

saschagrunert

comment created time in 17 hours

pull request commentopenshift/release

Enable release-note plugin for CRI-O

{"component":"unset","file":"prow/cmd/checkconfig/main.go:78","func":"main.reportWarning","level":"warning","msg":"[the following orgs or repos forbid the do-not-merge/release-note-label-needed label for merging but do not enable the release-note plugin: [org: cri-o], the following orgs or repos enable the release-note plugin but do not forbid the do-not-merge/release-note-label-needed label for merging: [repo: openshift-priv/sig-storage-local-static-provisioner]]","severity":"warning","time":"2020-07-06T13:34:50Z"}

odd, it sure looks like the release-note plugin is enabled

I don't get it too, we only enable the plugin for the cri-o org, right?

saschagrunert

comment created time in 17 hours

pull request commentkubernetes/kubernetes

Update seccomp e2e test for GA

/retest

saschagrunert

comment created time in 17 hours

pull request commentkubernetes/kubernetes

Add seccomp GA version skew for pods

Looks like the nil error issue was fixed in the original PR. This is very close, noted one bug and a few nits.

Addressed the open issues, I think I have to rebase on top of the master if https://github.com/kubernetes/kubernetes/pull/91381 got merged.

saschagrunert

comment created time in 17 hours

Pull request review commentkubernetes/kubernetes

Add seccomp GA version skew for pods

 func validateContainer(container string, pod *api.Pod) (string, error) {  	return container, nil }++// applySeccompVersionSkew implements the version skew behavior described in:+// https://github.com/kubernetes/enhancements/blob/master/keps/sig-node/20190717-seccomp-ga.md#version-skew-strategy+func applySeccompVersionSkew(pod *api.Pod) {+	// get possible annotation and field+	annotation, hasAnnotation := pod.Annotations[v1.SeccompPodAnnotationKey]+	field, hasField := (*api.SeccompProfile)(nil), false++	if pod.Spec.SecurityContext != nil && pod.Spec.SecurityContext.SeccompProfile != nil {+		field = pod.Spec.SecurityContext.SeccompProfile+		hasField = true+	}++	// sync field and annotation+	if hasField && !hasAnnotation {+		newAnnotation := seccompAnnotationForField(field)++		if newAnnotation != "" {+			if pod.Annotations == nil {+				pod.Annotations = map[string]string{}+			}+			pod.Annotations[v1.SeccompPodAnnotationKey] = newAnnotation+		}+	} else if hasAnnotation && !hasField {+		newField := seccompFieldForAnnotation(annotation)++		if newField != nil {+			if pod.Spec.SecurityContext == nil {+				pod.Spec.SecurityContext = &api.PodSecurityContext{}+			}+			pod.Spec.SecurityContext.SeccompProfile = newField+		}+	}++	// Handle the containers of the pod+	podutil.VisitContainers(&pod.Spec, podutil.AllFeatureEnabledContainers(),+		func(ctr *api.Container, _ podutil.ContainerType) bool {+			// get possible annotation and field+			key := api.SeccompContainerAnnotationKeyPrefix + ctr.Name+			annotation, hasAnnotation := pod.Annotations[key]++			field := (*api.SeccompProfile)(nil)+			if ctr.SecurityContext != nil && ctr.SecurityContext.SeccompProfile != nil {+				field = ctr.SecurityContext.SeccompProfile+				hasField = true+			}++			// sync field and annotation+			if hasField && !hasAnnotation {+				newAnnotation := seccompAnnotationForField(field)++				if newAnnotation != "" {+					if pod.Annotations == nil {+						pod.Annotations = map[string]string{}+					}+					pod.Annotations[key] = newAnnotation+				}+			} else if hasAnnotation && !hasField {+				newField := seccompFieldForAnnotation(annotation)++				if newField != nil {+					if ctr.SecurityContext == nil {+						ctr.SecurityContext = &api.SecurityContext{}+					}+					ctr.SecurityContext.SeccompProfile = newField+				}+			}++			return true+		})+}++// seccompFieldForAnnotation takes a pod seccomp profile field and returns the+// converted annotation value+func seccompAnnotationForField(field *api.SeccompProfile) string {+	// If only seccomp fields are specified, add the corresponding annotations.+	// This ensures that the fields are enforced even if the node version+	// trails the API version+	switch field.Type {+	case api.SeccompProfileTypeUnconfined:+		return v1.SeccompProfileNameUnconfined++	case api.SeccompProfileTypeRuntimeDefault:+		return v1.SeccompProfileRuntimeDefault++	case api.SeccompProfileTypeLocalhost:+		if field.LocalhostProfile != nil {+			return v1.SeccompLocalhostProfileNamePrefix + *field.LocalhostProfile+		}+	}++	// we can only reach this code path if the LocalhostProfile is nil but the+	// provided field type is SeccompProfileTypeLocalhost+	return ""+}++// seccompFieldForAnnotation takes a pod annotation and returns the converted+// seccomp profile field.+func seccompFieldForAnnotation(annotation string) *api.SeccompProfile {+	// If only seccomp annotations are specified, copy the values into the+	// corresponding fields. This ensures that existing applications continue+	// to enforce seccomp, and prevents the kubelet from needing to resolve+	// annotations & fields.+	if annotation == v1.SeccompProfileNameUnconfined {+		return &api.SeccompProfile{Type: api.SeccompProfileTypeUnconfined}++	} else if annotation == api.SeccompProfileRuntimeDefault || annotation == api.DeprecatedSeccompProfileDockerDefault {+		return &api.SeccompProfile{Type: api.SeccompProfileTypeRuntimeDefault}++	} else if strings.HasPrefix(annotation, v1.SeccompLocalhostProfileNamePrefix) {+		localhostProfile := strings.TrimPrefix(annotation, v1.SeccompLocalhostProfileNamePrefix)+		if localhostProfile != "" {+			return &api.SeccompProfile{+				Type:             api.SeccompProfileTypeLocalhost,+				LocalhostProfile: &localhostProfile,+			}+		}+	}++	// we can only reach this code path if the localhostProfile name has a zero+	// length

Added the comment. :+1:

saschagrunert

comment created time in 17 hours

Pull request review commentkubernetes/kubernetes

Add seccomp GA version skew for pods

 func validateContainer(container string, pod *api.Pod) (string, error) {  	return container, nil }++// applySeccompVersionSkew implements the version skew behavior described in:+// https://github.com/kubernetes/enhancements/blob/master/keps/sig-node/20190717-seccomp-ga.md#version-skew-strategy+func applySeccompVersionSkew(pod *api.Pod) {+	// get possible annotation and field+	annotation, hasAnnotation := pod.Annotations[v1.SeccompPodAnnotationKey]+	field, hasField := (*api.SeccompProfile)(nil), false++	if pod.Spec.SecurityContext != nil && pod.Spec.SecurityContext.SeccompProfile != nil {+		field = pod.Spec.SecurityContext.SeccompProfile+		hasField = true+	}++	// sync field and annotation+	if hasField && !hasAnnotation {+		newAnnotation := seccompAnnotationForField(field)++		if newAnnotation != "" {+			if pod.Annotations == nil {+				pod.Annotations = map[string]string{}+			}+			pod.Annotations[v1.SeccompPodAnnotationKey] = newAnnotation+		}+	} else if hasAnnotation && !hasField {+		newField := seccompFieldForAnnotation(annotation)++		if newField != nil {+			if pod.Spec.SecurityContext == nil {+				pod.Spec.SecurityContext = &api.PodSecurityContext{}+			}+			pod.Spec.SecurityContext.SeccompProfile = newField+		}+	}++	// Handle the containers of the pod+	podutil.VisitContainers(&pod.Spec, podutil.AllFeatureEnabledContainers(),+		func(ctr *api.Container, _ podutil.ContainerType) bool {+			// get possible annotation and field+			key := api.SeccompContainerAnnotationKeyPrefix + ctr.Name+			annotation, hasAnnotation := pod.Annotations[key]++			field := (*api.SeccompProfile)(nil)+			if ctr.SecurityContext != nil && ctr.SecurityContext.SeccompProfile != nil {+				field = ctr.SecurityContext.SeccompProfile+				hasField = true+			}++			// sync field and annotation+			if hasField && !hasAnnotation {+				newAnnotation := seccompAnnotationForField(field)++				if newAnnotation != "" {+					if pod.Annotations == nil {+						pod.Annotations = map[string]string{}+					}+					pod.Annotations[key] = newAnnotation+				}+			} else if hasAnnotation && !hasField {+				newField := seccompFieldForAnnotation(annotation)++				if newField != nil {+					if ctr.SecurityContext == nil {+						ctr.SecurityContext = &api.SecurityContext{}+					}+					ctr.SecurityContext.SeccompProfile = newField+				}+			}++			return true+		})+}++// seccompFieldForAnnotation takes a pod seccomp profile field and returns the+// converted annotation value+func seccompAnnotationForField(field *api.SeccompProfile) string {+	// If only seccomp fields are specified, add the corresponding annotations.+	// This ensures that the fields are enforced even if the node version+	// trails the API version+	switch field.Type {+	case api.SeccompProfileTypeUnconfined:+		return v1.SeccompProfileNameUnconfined++	case api.SeccompProfileTypeRuntimeDefault:+		return v1.SeccompProfileRuntimeDefault++	case api.SeccompProfileTypeLocalhost:+		if field.LocalhostProfile != nil {+			return v1.SeccompLocalhostProfileNamePrefix + *field.LocalhostProfile+		}+	}++	// we can only reach this code path if the LocalhostProfile is nil but the+	// provided field type is SeccompProfileTypeLocalhost+	return ""+}++// seccompFieldForAnnotation takes a pod annotation and returns the converted+// seccomp profile field.+func seccompFieldForAnnotation(annotation string) *api.SeccompProfile {+	// If only seccomp annotations are specified, copy the values into the+	// corresponding fields. This ensures that existing applications continue+	// to enforce seccomp, and prevents the kubelet from needing to resolve+	// annotations & fields.+	if annotation == v1.SeccompProfileNameUnconfined {+		return &api.SeccompProfile{Type: api.SeccompProfileTypeUnconfined}++	} else if annotation == api.SeccompProfileRuntimeDefault || annotation == api.DeprecatedSeccompProfileDockerDefault {

Fixed as suggested.

saschagrunert

comment created time in 17 hours

Pull request review commentkubernetes/kubernetes

Add seccomp GA version skew for pods

 func validateContainer(container string, pod *api.Pod) (string, error) {  	return container, nil }++// applySeccompVersionSkew implements the version skew behavior described in:+// https://github.com/kubernetes/enhancements/blob/master/keps/sig-node/20190717-seccomp-ga.md#version-skew-strategy+func applySeccompVersionSkew(pod *api.Pod) {+	// get possible annotation and field+	annotation, hasAnnotation := pod.Annotations[v1.SeccompPodAnnotationKey]+	field, hasField := (*api.SeccompProfile)(nil), false++	if pod.Spec.SecurityContext != nil && pod.Spec.SecurityContext.SeccompProfile != nil {+		field = pod.Spec.SecurityContext.SeccompProfile+		hasField = true+	}++	// sync field and annotation+	if hasField && !hasAnnotation {+		newAnnotation := seccompAnnotationForField(field)++		if newAnnotation != "" {+			if pod.Annotations == nil {+				pod.Annotations = map[string]string{}+			}+			pod.Annotations[v1.SeccompPodAnnotationKey] = newAnnotation+		}+	} else if hasAnnotation && !hasField {+		newField := seccompFieldForAnnotation(annotation)++		if newField != nil {+			if pod.Spec.SecurityContext == nil {+				pod.Spec.SecurityContext = &api.PodSecurityContext{}+			}+			pod.Spec.SecurityContext.SeccompProfile = newField+		}+	}++	// Handle the containers of the pod+	podutil.VisitContainers(&pod.Spec, podutil.AllFeatureEnabledContainers(),+		func(ctr *api.Container, _ podutil.ContainerType) bool {+			// get possible annotation and field+			key := api.SeccompContainerAnnotationKeyPrefix + ctr.Name+			annotation, hasAnnotation := pod.Annotations[key]++			field := (*api.SeccompProfile)(nil)+			if ctr.SecurityContext != nil && ctr.SecurityContext.SeccompProfile != nil {+				field = ctr.SecurityContext.SeccompProfile+				hasField = true+			}++			// sync field and annotation+			if hasField && !hasAnnotation {+				newAnnotation := seccompAnnotationForField(field)++				if newAnnotation != "" {+					if pod.Annotations == nil {+						pod.Annotations = map[string]string{}+					}+					pod.Annotations[key] = newAnnotation+				}+			} else if hasAnnotation && !hasField {+				newField := seccompFieldForAnnotation(annotation)++				if newField != nil {+					if ctr.SecurityContext == nil {+						ctr.SecurityContext = &api.SecurityContext{}+					}+					ctr.SecurityContext.SeccompProfile = newField+				}+			}++			return true+		})+}++// seccompFieldForAnnotation takes a pod seccomp profile field and returns the+// converted annotation value+func seccompAnnotationForField(field *api.SeccompProfile) string {+	// If only seccomp fields are specified, add the corresponding annotations.+	// This ensures that the fields are enforced even if the node version+	// trails the API version+	switch field.Type {+	case api.SeccompProfileTypeUnconfined:+		return v1.SeccompProfileNameUnconfined++	case api.SeccompProfileTypeRuntimeDefault:+		return v1.SeccompProfileRuntimeDefault++	case api.SeccompProfileTypeLocalhost:+		if field.LocalhostProfile != nil {+			return v1.SeccompLocalhostProfileNamePrefix + *field.LocalhostProfile+		}+	}++	// we can only reach this code path if the LocalhostProfile is nil but the+	// provided field type is SeccompProfileTypeLocalhost

Added the comment. :+1:

saschagrunert

comment created time in 17 hours

Pull request review commentkubernetes/kubernetes

Add seccomp GA version skew for pods

 func validateContainer(container string, pod *api.Pod) (string, error) {  	return container, nil }++// applySeccompVersionSkew implements the version skew behavior described in:+// https://github.com/kubernetes/enhancements/blob/master/keps/sig-node/20190717-seccomp-ga.md#version-skew-strategy+func applySeccompVersionSkew(pod *api.Pod) {+	// get possible annotation and field+	annotation, hasAnnotation := pod.Annotations[v1.SeccompPodAnnotationKey]+	field, hasField := (*api.SeccompProfile)(nil), false++	if pod.Spec.SecurityContext != nil && pod.Spec.SecurityContext.SeccompProfile != nil {+		field = pod.Spec.SecurityContext.SeccompProfile+		hasField = true+	}++	// sync field and annotation+	if hasField && !hasAnnotation {+		newAnnotation := seccompAnnotationForField(field)++		if newAnnotation != "" {+			if pod.Annotations == nil {+				pod.Annotations = map[string]string{}+			}+			pod.Annotations[v1.SeccompPodAnnotationKey] = newAnnotation+		}+	} else if hasAnnotation && !hasField {+		newField := seccompFieldForAnnotation(annotation)++		if newField != nil {+			if pod.Spec.SecurityContext == nil {+				pod.Spec.SecurityContext = &api.PodSecurityContext{}+			}+			pod.Spec.SecurityContext.SeccompProfile = newField+		}+	}++	// Handle the containers of the pod+	podutil.VisitContainers(&pod.Spec, podutil.AllFeatureEnabledContainers(),+		func(ctr *api.Container, _ podutil.ContainerType) bool {+			// get possible annotation and field+			key := api.SeccompContainerAnnotationKeyPrefix + ctr.Name+			annotation, hasAnnotation := pod.Annotations[key]++			field := (*api.SeccompProfile)(nil)

Fixed, added two unit tests, one for field -> annotation and another one vice versa.

saschagrunert

comment created time in 17 hours

push eventsaschagrunert/kubernetes

Sascha Grunert

commit sha 10f6e36eac2a5c0afc6b3d1940ccf462ee56048b

Add seccomp GA version skew for pods This adds a new conversion function to the pod strategy to handle the seccomp version skew strategy: https://github.com/kubernetes/enhancements/blob/master/keps/sig-node/20190717-seccomp-ga.mdversion-skew-strategy Signed-off-by: Sascha Grunert <sgrunert@suse.com>

view details

push time in 17 hours

pull request commentkubernetes/kubernetes

Update seccomp e2e test for GA

/retest

saschagrunert

comment created time in 17 hours

pull request commentkubernetes-sigs/release-notes

Fix badge selection and add e2e tests

@jeefy let's merge those as well :)

saschagrunert

comment created time in 17 hours

delete branch saschagrunert/release-notes

delete branch : update

delete time in 17 hours

pull request commentcri-o/cri-o

Update golang dependencies

Opening https://github.com/seccomp/containers-golang/issues/28 for clarification.

saschagrunert

comment created time in 18 hours

issue openedseccomp/containers-golang

Error adding seccomp rule for syscall socket: requested action matches default action of filter

Hey,

I'm not sure if we introduced a regression in https://github.com/seccomp/containers-golang/commit/f318ea962a1228ea9f6a2825b0051b2144699a16 but I was working on updating the golang dependencies in https://github.com/cri-o/cri-o/pull/3927 and noticed the following error on running the integration tests:

time="2020-07-06T15:05:20+02:00" level=fatal msg="Creating container failed: rpc error: code = Unknown desc = container create failed: time=\"2020-07-06T15:05:20+02:00\" level=error msg=\"container_linux.go:349: starting container process caused \\\"error adding seccomp rule for syscall socket: requested action matches default action of filter\\\"\"\ncontainer_linux.go:349: starting container process caused \"error adding seccomp rule for syscall socket: requested action matches default action of filter\"\n"

I see that libpod already uses v0.5.0, are there any other issues in relation to that already known?

created time in 18 hours

push eventopenSUSE/libpod

Valentin Rothberg

commit sha 138d447eb450f02d78225d7a976faf9262423380

image load: no args required Disable the args requirement of `image load`. Instead of requiring a lower bound, we really need an upper one with at most 1 argument. Extend the system tests to prevent future regressions. Fixes: #6718 Signed-off-by: Valentin Rothberg <rothberg@redhat.com>

view details

Ed Santiago

commit sha aa16a0aab1576cc8ea21d7407ff64b597e79f10c

system tests: invoke with abs path to podman Reversion of one part of #6679: my handling of 'realpath' would not work when $PODMAN is 'podman-remote --url etc'. Trying to handle that case got unmaintainable; so instead let's just force 'make {local,remote}system' to invoke with a full PODMAN path. This breaks down if someone runs the tests with a manual 'bats' invocation, but I think I'm the only one who ever does that. Since podman path will now be very long in the logs, add code to logformatter to abbreviate it like we do for the ginkgo logs. And, one thing that has bugged me for a long time: in the error logs, show a different prompt ('#' vs '$') to distinguish root vs rootless. This should make it much easier to see at-a-glance whether a log file is root or not. Add tests for it. Signed-off-by: Ed Santiago <santiago@redhat.com>

view details

OpenShift Merge Robot

commit sha 73514b1465fe2f79b82d017cdb11d587d6f7df3d

Merge pull request #6722 from vrothberg/fix-6718 image load: no args required

view details

Brent Baude

commit sha b2c42a0993d2129c910036d4054ec25129d09f18

wip Signed-off-by: Brent Baude <bbaude@redhat.com>

view details

Jhon Honce

commit sha 7377e578a9402a416579be92cee44c3b3786f81a

V2 podman system connection * Implement command * Refactor podman-remote to pull from containers.conf by default * podman-remote defaults to --remote being true * Write podman-system-connection.1.md Signed-off-by: Jhon Honce <jhonce@redhat.com>

view details

Brent Baude

commit sha 9ec0e10484ef9732ba1c4bbb2a9e3620286a5ff3

Add JSON output field for ps the toolbox team needs a field in our ps json that represents a human readable time. Signed-off-by: Brent Baude <bbaude@redhat.com>

view details

Matthew Heon

commit sha 039eaccb5b27cedf39a0b8b84697300bf53a6335

Add tests for --privileged with other flags With Podman v2.0, we broke (or thought we were going to break) using `--privileged` with `--group-add` and `--security-opt` (specifically using `--security-opt` for SELinux config). Signed-off-by: Matthew Heon <mheon@redhat.com>

view details

OpenShift Merge Robot

commit sha 92af85fcc2cb35b04ed74072ffd54d65b936d288

Merge pull request #6493 from jwhonce/wip/connection V2 podman system connection

view details

OpenShift Merge Robot

commit sha aa6881dd1474506610a85926f58893efe67eb98d

Merge pull request #6731 from baude/toolboxjson Add JSON output field for ps

view details

Peter Oliver

commit sha 4e85acf052e1f0f9a6b993040dd2d8af6da33c98

Fix typo in manpage for `podman auto update`. Signed-off-by: Peter Oliver <git@mavit.org.uk>

view details

OpenShift Merge Robot

commit sha 0d961a40ba40b3fbd69090c49ee3cec7151f8a8e

Merge pull request #6726 from edsantiago/bats system tests: invoke with abs path to podman

view details

Daniel J Walsh

commit sha 0560a98e0e0d68e5fcd9ee13b5b5c1ea944528c2

Add podman network to bash command completions network commands were not supported in command completions. Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>

view details

OpenShift Merge Robot

commit sha 81f4204e4e0c8074e2709bd7c4db3f1f61d1b351

Merge pull request #6728 from mheon/add_privileged_tests Add tests for --privileged with other flags

view details

Qi Wang

commit sha f586c006f8428a04fce5a5c7ae6b921e6337ebe6

Reformat inspect network settings Reformat ports of inspect network settings to compatible with docker inspect. Close #5380 Signed-off-by: Qi Wang <qiwan@redhat.com>

view details

Ed Santiago

commit sha 6864a5547a774d19a7ccb9d50a7799b721fb66ef

BATS tests: new too-many-arguments test ...plus a few others. And fixes to actual parsing. If a command's usage message includes '...' in the argument list, assume it can take unlimited arguments. Nothing we can check. For all others, though, the ALL-CAPS part on the right-hand side of the usage message will define an upper bound on the number of arguments accepted by the command. So in our 'podman --help' test, generate N+1 args and run that command. We expect a 125 exit status and a suitably helpful error message. Not all podman commands or subcommands were checking, so I fixed that. And, fixed some broken usage messages (all-caps FLAGS, and '[flags]' at the end of 'ARGS'). Add new checks to the help test to prevent those in the future. Plus a little refactoring/cleanup where necessary. Signed-off-by: Ed Santiago <santiago@redhat.com>

view details

OpenShift Merge Robot

commit sha 1356f92afb7d4e197c8902a0c8efc4dd6005bb18

Merge pull request #6685 from mavit/autfile Fix typo.

view details

OpenShift Merge Robot

commit sha 5fe122bf528a0665f7d12bc47357779b8686f6cf

Merge pull request #6706 from rhatdan/completions Add podman network to bash command completions

view details

maybe-sybr

commit sha bfcfdfcb748ed2b183496e6d256564d68d20cac3

APIv2:doc: Fix swagger doc to refer to volumes Signed-off-by: Matt Brindley <58414429+maybe-sybr@users.noreply.github.com>

view details

Jhon Honce

commit sha 4e59fd77a80a6295eb8dbf79991e1648bc739302

Fix ssh-agent support * An identity of "" implies ssh-agent and user/password to be used * Fixed example Signed-off-by: Jhon Honce <jhonce@redhat.com>

view details

maybe-sybr

commit sha 5fbac502bd839587523be92e91e5a1cf461c41ac

APIv2:fix: Remove `/json` from compat network EPs Signed-off-by: Matt Brindley <58414429+maybe-sybr@users.noreply.github.com>

view details

push time in 18 hours

push eventsaschagrunert/kubernetes

Sascha Grunert

commit sha 5e55f48392c37ab906848d09d14f7f036db48463

Update seccomp e2e test for GA We now execute the seccomp tests with `[LinuxOnly]` as described in the appropriate KEP test plan: https://github.com/kubernetes/enhancements/blob/master/keps/sig-node/20190717-seccomp-ga.md#test-plan The tests have been changed to used the new seccomp field within the security context in replacement for the annotations. As a follow-up, we will add version skew tests as well. Signed-off-by: Sascha Grunert <sgrunert@suse.com>

view details

push time in 18 hours

pull request commentkubernetes-sigs/release-notes

Update dependencies

Green tests, PTAL @jeefy @justaugustus @puerco

saschagrunert

comment created time in 18 hours

push eventsaschagrunert/kubernetes

Sascha Grunert

commit sha 035a5ccd81fa1ffc89af2f45eb05a5b524c5dba4

Update seccomp e2e test for GA We now execute the seccomp tests with `[LinuxOnly]` as described in the appropriate KEP test plan: https://github.com/kubernetes/enhancements/blob/master/keps/sig-node/20190717-seccomp-ga.md#test-plan The tests have been changed to used the new seccomp field within the security context in replacement for the annotations. As a follow-up, we will add version skew tests as well. Signed-off-by: Sascha Grunert <sgrunert@suse.com>

view details

push time in 18 hours

push eventsaschagrunert/kubernetes

Sascha Grunert

commit sha e2e5f01e9eb96703e5cc971cd186e284a7e798f3

Update seccomp e2e test for GA We now execute the seccomp tests with `[LinuxOnly]` as described in the appropriate KEP test plan: https://github.com/kubernetes/enhancements/blob/master/keps/sig-node/20190717-seccomp-ga.md#test-plan The tests have been changed to used the new seccomp field within the security context in replacement for the annotations. As a follow-up, we will add version skew tests as well. Signed-off-by: Sascha Grunert <sgrunert@suse.com>

view details

push time in 18 hours

pull request commentkubernetes/release

Cleanup log package

Huh? /retest

saschagrunert

comment created time in 18 hours

push eventsaschagrunert/release-notes

Sascha Grunert

commit sha 893c7460f03717da085ad01e29962e1c0892cc1c

Update dependencies Signed-off-by: Sascha Grunert <sgrunert@suse.com>

view details

push time in 18 hours

pull request commentcri-o/cri-o

Update golangci lint to v1.28.0

/retest

saschagrunert

comment created time in 18 hours

push eventsaschagrunert/release-notes

Sascha Grunert

commit sha 907815b56b3a77cff44e94c5b19c73bc380334a7

Update dependencies Signed-off-by: Sascha Grunert <sgrunert@suse.com>

view details

push time in 18 hours

push eventsaschagrunert/release

Sascha Grunert

commit sha 9980e14bf26aac7dcb05b06585d44e2f90ab334d

Set commands globally to verbose if log level >= Debug We now use an atomic bool abstraction to be able to set commands into verbose mode globally. This allows us to make commands automatically verbose if the log level is higher than `Debug`. Signed-off-by: Sascha Grunert <sgrunert@suse.com>

view details

push time in 19 hours

PR opened kubernetes/release

Set commands globally to verbose if log level >= Debug

<!-- Thanks for sending a pull request! Here are some tips for you:

  • If this is your first time, please read our contributor guidelines: https://git.k8s.io/community/contributors/guide#your-first-contribution and developer guide https://git.k8s.io/community/contributors/devel/development.md#development-guide
  • Please label this pull request according to what type of issue you are addressing, especially if this is a release targeted pull request. For reference on required PR/issue labels, read here: https://git.k8s.io/community/contributors/devel/sig-release/release.md#issuepr-kind-label
  • If you want faster PR reviews, read how: https://git.k8s.io/community/contributors/guide/pull-requests.md#best-practices-for-faster-reviews
  • If the PR is unfinished, see how to mark it: https://git.k8s.io/community/contributors/guide/pull-requests.md#marking-unfinished-pull-requests -->

What type of PR is this?

/kind feature

What this PR does / why we need it:

We now use an atomic bool abstraction to be able to set commands into verbose mode globally. This allows us to make commands automatically verbose if the log level is higher than Debug.

Which issue(s) this PR fixes:

<!-- *Automatically closes linked issue when PR is merged. Usage: Fixes #<issue number>, or Fixes (paste link of issue). --> None

Special notes for your reviewer:

None

Does this PR introduce a user-facing change?

<!-- If no, just write "NONE" in the release-note block below. If yes, a release note is required: Enter your extended release note in the block below. If the PR requires additional action from users switching to the new release, include the string "action required".

For more information on release notes see: https://git.k8s.io/community/contributors/guide/release-notes.md -->

- Added `command.SetGlobalVerbose(bool)` and `command.GetGlobalVerbose() bool` functions to
  globally set the commands verbosity mode
- Changed commands to be automatically verbose when the specified `log-level=[debug,trace]`
+92 -5

0 comment

6 changed files

pr created time in 19 hours

push eventsaschagrunert/release

Sascha Grunert

commit sha 3c4d9b1e1327553c4ae5637fc58982774c9c54ce

Set commands globally to verbose if log level >= Debug We now use an atomic bool abstraction to be able to set commands into verbose mode globally. This allows us to make commands automatically verbose if the log level is higher than `Debug`. Signed-off-by: Sascha Grunert <sgrunert@suse.com>

view details

push time in 19 hours

push eventsaschagrunert/release

Sascha Grunert

commit sha 62823b17395734435f9f16c5d981a0c9478ab237

Set commands globally to verbose if log level >= Debug We now use an atomic bool abstraction to be able to set commands into verbose mode globally. This allows us to make commands automatically verbose if the log level is higher than `Debug`. Signed-off-by: Sascha Grunert <sgrunert@suse.com>

view details

push time in 19 hours

create barnchsaschagrunert/release

branch : global-verbose

created branch time in 19 hours

push eventsaschagrunert/release

Sascha Grunert

commit sha 1ded02e7ac31d94d1bce47ce6e25868bf5e24554

Add `Commands` structure to command package The `Commands` structure allows concatenation of commands by preserving their working directory and verbosity mode. This reduces the noise when running multiple commands sequentially. Signed-off-by: Sascha Grunert <sgrunert@suse.com>

view details

Kubernetes Prow Robot

commit sha 87fc05d6217cc674f9b4851be95b51ddd087586a

Merge pull request #1391 from saschagrunert/commands Add `Commands` structure to command package

view details

push time in 19 hours

pull request commentkubernetes-sigs/release-notes

Update dependencies

/retest

saschagrunert

comment created time in 19 hours

delete branch saschagrunert/test-infra

delete branch : node-12

delete time in 19 hours

PR opened kubernetes/release

Cleanup log package

<!-- Thanks for sending a pull request! Here are some tips for you:

  • If this is your first time, please read our contributor guidelines: https://git.k8s.io/community/contributors/guide#your-first-contribution and developer guide https://git.k8s.io/community/contributors/devel/development.md#development-guide
  • Please label this pull request according to what type of issue you are addressing, especially if this is a release targeted pull request. For reference on required PR/issue labels, read here: https://git.k8s.io/community/contributors/devel/sig-release/release.md#issuepr-kind-label
  • If you want faster PR reviews, read how: https://git.k8s.io/community/contributors/guide/pull-requests.md#best-practices-for-faster-reviews
  • If the PR is unfinished, see how to mark it: https://git.k8s.io/community/contributors/guide/pull-requests.md#marking-unfinished-pull-requests -->

What type of PR is this?

/kind cleanup

What this PR does / why we need it:

We had a few methods and types left in the log package which were used by the already removed patch release package. This has been cleaned-up as well now.

Which issue(s) this PR fixes:

<!-- *Automatically closes linked issue when PR is merged. Usage: Fixes #<issue number>, or Fixes (paste link of issue). --> None

Special notes for your reviewer:

None

Does this PR introduce a user-facing change?

<!-- If no, just write "NONE" in the release-note block below. If yes, a release note is required: Enter your extended release note in the block below. If the PR requires additional action from users switching to the new release, include the string "action required".

For more information on release notes see: https://git.k8s.io/community/contributors/guide/release-notes.md -->

- Removed unused code in `log` package
+0 -62

0 comment

1 changed file

pr created time in 19 hours

create barnchsaschagrunert/release

branch : log-cleanup

created branch time in 19 hours

pull request commentcri-o/cri-o

Update golang dependencies

/test e2e-aws

saschagrunert

comment created time in 20 hours

issue closedkubernetes-analysis/kubernetes-analysis

[TEST]

<!-- Change the note to something else than None to get a prediction. -->

some release note s

closed time in 20 hours

saschagrunert

pull request commentkubernetes/kubernetes

Add seccomp GA version skew for pods

Ready for review again, please take another look @liggitt

saschagrunert

comment created time in 20 hours

PR opened kubernetes/test-infra

kubernetes-sigs/release-notes: switch to node 12

This is required to update to the latest Angular version 10.

Required by https://github.com/kubernetes-sigs/release-notes/pull/165

+6 -6

0 comment

1 changed file

pr created time in 20 hours

pull request commentkubernetes-sigs/release-notes

Update dependencies

Now blocked by https://github.com/kubernetes/test-infra/pull/18176

saschagrunert

comment created time in 20 hours

create barnchsaschagrunert/test-infra

branch : node-12

created branch time in 20 hours

push eventsaschagrunert/test-infra

Bradley Weston

commit sha 2d05500745339e2391e7465c5ebc1cc50302cfb9

update link to TestGrid's config.proto from configurator

view details

Ciprian Hacman

commit sha 7119839c6e77fa198f41a67b9b9f60bf299b4061

Move Kops to its own testgrid dasboard

view details

Bin Lu

commit sha 4e4454ae9249f78d819cff3f71640785209d78f5

Publishing arm64 conformance test results on packet.net Signed-off-by: Bin Lu <bin.lu@arm.com>

view details

Artyom Lukianov

commit sha 5d8aea63a30a718054a81dc84dcf791a07fda3d7

Provide jobs for e2e-node hugepages tests Using multiple hugepages with different page size is alpha feature under the k8s 1.18, to promote it to the beta, e2e tests was provided, but this tests can not run under the serial lane, because the feature gate should be enabled and the instance that will run tests, should have 1Gb hugepage allocated. To satisfy these requests new jobs should be introduced. Signed-off-by: Artyom Lukianov <alukiano@redhat.com>

view details

Erick Fejta

commit sha 7caa783623660283c54aa86154032e28f482d46d

Update test-infra to bazel 3.0.0. Update test-infra image variants to use install bazel 3.0.0 and bazel 3.1.0.

view details

Ciprian Hacman

commit sha 0e747276f939d7a0dca9b4455d54ed03cd1c8dfd

Update Kops OWNERS files

view details

Chi Zhang

commit sha 0ebc4a0188aab7abf5232c11d092145be74f3929

bump.sh checks if the image exists

view details

Jeff Grafton

commit sha 112cb253413ecadf7484e59893b881a0476d9eff

Add job to push images from kubernetes-sigs/boskos

view details

Aaron Crickenberger

commit sha 004aba3a30f6e958a086e4afab1eb31fb45a38d7

Migrate 100 node scalability release-blocking job to k8s-infra-prow-build

view details

Aaron Crickenberger

commit sha e4477cd0698c9d1eb30a6c6e571034b5a6a048f1

add greenhouse-metrics for k8s-infra-prow-build we still need a dashboard that uses this

view details

Aaron Crickenberger

commit sha fbd0cba2972097fe6a97102e09db08df53b477e8

Update boskos pool dashboard to support same type, different instance I would like to have pools named identically across prow-builds' boksos and k8s-infra's boskos, so there's one less thing to change when migrating a prowjob from one build cluster to the other. k8s-infra-gce-project vs. gce-project was a mistake I'd like to undo I also want to be able to display a panel per-instance for the same pool type. This is the dumb hardcoded approach

view details

Alvaro Aleman

commit sha 644fca198588e26cb1fcafd74d6774d12c356843

Revert "Merge pull request #17729 from alvaroaleman/rollback" This reverts commit 642d3bb18c1e792bc47403b80ca61ce2009287cf, reversing changes made to e50e8f54a551e3ab05f8d04f0ed1f11c53ce5583.

view details

Alvaro Aleman

commit sha d684bee33e1dd78dc30bfc9298d32b28dfc86cab

Fix plank metrics

view details

Alvaro Aleman

commit sha c350a0a9fcf53282bbf2bbf01f0455bb7b633af0

Fix NPD in deck

view details

Ed Bartosh

commit sha d1945827de5a8050cde62643568442617ac8570b

add metadata to cos-77 images COS images have /tmp mounted with 'noexec' mount option. This makes it impossible for run_remote to execute binaries from its workspace. This results in failed kubelet tests, e.g. ci-kubernetes-node-kubelet-benchmark and ci-kubernetes-node-kubelet-conformance test suites fail with "failed to run command './ginkgo': Permission denied" error Adding metadata pointing to cloud-init(gci-init.yaml) should solve this as cloud-init remounts /tmp with 'exec' mount option.

view details

Davanum Srinivas

commit sha 5058415bfca17d368d873534d3c24ef318a6167e

Offering to help with CI jobs - dims Signed-off-by: Davanum Srinivas <davanum@gmail.com>

view details

Patrick Ohly

commit sha 2e547f8abfcebfc24a7cc89a0dfb63613c88d3a5

image pushing: configure jobs for all Kubernetes-CSI repos This is part of rolling out multi-architecture image building for GCR, see https://github.com/kubernetes-csi/csi-release-tools/issues/86

view details

wojtekt

commit sha 6df22439c16a2be33fa0e211efa013c37440921e

Migrate scalability overrides to new locations

view details

wojtekt

commit sha afac9612974064f2870d52d17ef9aae41844a5ac

Remove outdated experimental jobs

view details

Kubernetes Prow Robot

commit sha 5addaf3c1b35c5b758c5de8ca470558f0cfa2ff3

Merge pull request #17727 from wojtek-t/update_overrides Update scalability tests overrides to use new locations

view details

push time in 20 hours

pull request commentkubernetes-sigs/release-notes

Update dependencies

/assign @puerco @jeefy

saschagrunert

comment created time in 20 hours

push eventsaschagrunert/release-notes

Sascha Grunert

commit sha f4d8d78cf892bac49f1e591b16023b1d8db99a1a

Update dependencies Signed-off-by: Sascha Grunert <sgrunert@suse.com>

view details

push time in 20 hours

PR opened kubernetes-sigs/release-notes

Update dependencies

This updates Angular from 8 to 10 as well as all related dependencies.

+13916 -9215

0 comment

11 changed files

pr created time in 20 hours

create barnchsaschagrunert/release-notes

branch : update

created branch time in 20 hours

pull request commentkubernetes/kubernetes

seccomp GA - Add new seccomp fields and update kubelet to use them

/test pull-kubernetes-kubemark-e2e-gce-big

pjbgf

comment created time in 20 hours

push eventsaschagrunert/kubernetes

Sascha Grunert

commit sha 96bb83e513a35285df572ebd7ae5d1e612bce952

Update seccomp e2e test for GA We now execute the seccomp tests with `[LinuxOnly]` as described in the appropriate KEP test plan: https://github.com/kubernetes/enhancements/blob/master/keps/sig-node/20190717-seccomp-ga.md#test-plan The tests have been changed to used the new seccomp field within the security context in replacement for the annotations. As a follow-up, we will add version skew tests as well. Signed-off-by: Sascha Grunert <sgrunert@suse.com>

view details

push time in 21 hours

issue openedkubernetes-analysis/kubernetes-analysis

[TEST]

<!-- Change the note to something else than None to get a prediction. -->

some release note

created time in 21 hours

pull request commentcri-o/cri-o

Update golangci lint to v1.28.0

/test e2e_rhel

saschagrunert

comment created time in 21 hours

PR opened kubernetes-sigs/release-notes

Remove `DataFields` from 1.18.5 notes and resort

The 1.18.5 release notes contained the unpublished DataFields field which is now removed. Beside that, we now sort 1.18.x patch releases before the 1.17.x ones.

+7 -11

0 comment

2 changed files

pr created time in 21 hours

pull request commentkubernetes/kubernetes

Add seccomp GA version skew for pods

/retest

saschagrunert

comment created time in 21 hours

create barnchsaschagrunert/release-notes

branch : resort

created branch time in 21 hours

pull request commentcri-o/cri-o

Update golang dependencies

/retest

saschagrunert

comment created time in a day

pull request commentkubernetes/kubernetes

Update seccomp e2e test for GA

/retest

saschagrunert

comment created time in a day

push eventsaschagrunert/kubernetes

Sergiusz Urbaniak

commit sha 83b850cd54295060ee1a66b4a9e90f54cc0bb0e1

kube-aggregator/openapi/controller: remove trailing 1 in failure rate limiter

view details

Patrick Ohly

commit sha c20721aa9f0a69f267f899ca387fdc489cfe6f24

storage: enhance test for ValidateCSIDriverUpdate This revised test changes one field at a time in various ways. This ensures that one failure reason doesn't mask the other. An incorrect comment also gets fixed. Suggested in https://github.com/kubernetes/kubernetes/pull/80568#pullrequestreview-272836101.

view details

Claudiu Belu

commit sha 31ea600b284515dd3470b244f9c6e1548408ecfe

images: Adds GOARM to images' Makefiles In order to build the image binaries, the GOARM variable is required, but not all Makefiles have it defined, causing the make to fail on those images. This adds the require GOARM variable to the Makefiles in question.

view details

Alena Prokharchyk

commit sha d634ed3850ff1980f21590eee051d4428acf4601

Removed unnecessary not nil check in node registration process

view details

Paulo Gomes

commit sha e7ced21235820139afc8dbb2e99314b9b69ec7fa

Invert error validation

view details

junxu

commit sha c58959c8ba7819345d5cc2b17ce4e95ccbc92d5b

Fix code style

view details

tahsinrahman

commit sha 201f869c66391a14c39a73c8745789f24458b99f

Add --logging-format flag for kube-apiserver

view details

SataQiu

commit sha 17f3cd48a54483b4c6b7dc1d742194a1f41daf0a

add '--logging-format' flag to kube-controller-manager Signed-off-by: SataQiu <1527062125@qq.com>

view details

Gaurav Singh

commit sha adcd8909fbbfd399af3983ced92fc743347e96fe

cleanup: Remove_unnecessary_Sprintfs Removed unused fmt Signed-off-by: Gaurav Singh <gaurav1086@gmail.com>

view details

Dan Winship

commit sha 9b3a4bb411a1134395370f1ba54daa734f043b6c

api: update Service.Spec.IPFamily docs

view details

Jan Safranek

commit sha 62b7516b636d71f345afd7af1296849977bbccf8

Add e2e test for read-only volume used by multiple pods

view details

Lubomir I. Ivanov

commit sha 7ddd966ed2038133dce3f93a062a9da1cb809088

kubeadm: mark --experimental-kustomize as deprecated

view details

SataQiu

commit sha 800dd19fc23f14f9e83f09ff40155395af9f7cb0

increase robustness for kubeadm etcd operations Signed-off-by: SataQiu <1527062125@qq.com>

view details

David Eads

commit sha 7f172286342c4238d4b636c113d35835ff9299ee

prevent panic in azure cloud provider from killing the process

view details

Antonio Ojea

commit sha 069707f75a14b9c98538755b089a123192bb0368

refactor and instrument range_allocator cidr_sets refactor and add the following metrics to the cidr_sets used by the range allocator:, under the subsystem: node_ipam_controller cidrset_cidrs_allocations_total cidrset_cidrs_releases_total cidrset_usage_cidrs cidrset_allocation_tries_per_request

view details

Jan Safranek

commit sha 9a9c2168258bd19f6323edf4bd918482ad3454f5

iscsi: don't write json medata file when the volume is already mounted. iSCSI volume plugin persists volume metadata into global mount directory, before it is mounted. Content of the directory is shadowed by the volume mount. Therefore kubelet should not write metadata to the directory when a second pod uses the same volume on the same node. 1. The metadata were already persisted before mounting the volume for the first pod. 2. The global mount directory has the volume mounted, so any write there would write to the volume, which is undesirable.

view details

wawa0210

commit sha 7d8aae51df4f318b71dc3b790dd01d0bcb79c5dd

fix pkg/controller/deployment staticcheck

view details

Rostislav M. Georgiev

commit sha 9d6e2b923a5309df75d378639303a4fdc29b97a0

kubeadm upgrade plan: Use internal types of the output API `kubeadm upgrade plan` is using the external (currently `v1alpha1`) types of the kubeadm output API to collect upgrade plans. This is counter intuitive since code structure gets bound to the whatever version the output API is at. In addition to that, the versioned API is used only in the very last stages of a machine readable output (which is currently not implemented). Hence, to increase flexibility and keep up with the standard Kubernetes ecosystem practice, `kubeadm upgrade plan` is migrated to use the internal types of the output API. Signed-off-by: Rostislav M. Georgiev <rostislavg@vmware.com>

view details

Rostislav M. Georgiev

commit sha 709e3c3a8360e805266b745b23187092a5444ca2

kubeadm upgrade plan: component config state table This change enables kubeadm upgrade plan to print a state table with information regarding known component config API groups. Most importantly this information includes current and preferred version for each group and an indication if a manual user upgrade is required. Signed-off-by: Rostislav M. Georgiev <rostislavg@vmware.com>

view details

Jordan Liggitt

commit sha 30e39c71e2e5c5d6bb3fd64c71571a04beef5368

Add deprecated, deprecationWarning fields to CRDs

view details

push time in a day

push eventsaschagrunert/kubernetes

Sergiusz Urbaniak

commit sha 83b850cd54295060ee1a66b4a9e90f54cc0bb0e1

kube-aggregator/openapi/controller: remove trailing 1 in failure rate limiter

view details

Patrick Ohly

commit sha c20721aa9f0a69f267f899ca387fdc489cfe6f24

storage: enhance test for ValidateCSIDriverUpdate This revised test changes one field at a time in various ways. This ensures that one failure reason doesn't mask the other. An incorrect comment also gets fixed. Suggested in https://github.com/kubernetes/kubernetes/pull/80568#pullrequestreview-272836101.

view details

Claudiu Belu

commit sha 31ea600b284515dd3470b244f9c6e1548408ecfe

images: Adds GOARM to images' Makefiles In order to build the image binaries, the GOARM variable is required, but not all Makefiles have it defined, causing the make to fail on those images. This adds the require GOARM variable to the Makefiles in question.

view details

Alena Prokharchyk

commit sha d634ed3850ff1980f21590eee051d4428acf4601

Removed unnecessary not nil check in node registration process

view details

Paulo Gomes

commit sha e7ced21235820139afc8dbb2e99314b9b69ec7fa

Invert error validation

view details

junxu

commit sha c58959c8ba7819345d5cc2b17ce4e95ccbc92d5b

Fix code style

view details

tahsinrahman

commit sha 201f869c66391a14c39a73c8745789f24458b99f

Add --logging-format flag for kube-apiserver

view details

SataQiu

commit sha 17f3cd48a54483b4c6b7dc1d742194a1f41daf0a

add '--logging-format' flag to kube-controller-manager Signed-off-by: SataQiu <1527062125@qq.com>

view details

Gaurav Singh

commit sha adcd8909fbbfd399af3983ced92fc743347e96fe

cleanup: Remove_unnecessary_Sprintfs Removed unused fmt Signed-off-by: Gaurav Singh <gaurav1086@gmail.com>

view details

Dan Winship

commit sha 9b3a4bb411a1134395370f1ba54daa734f043b6c

api: update Service.Spec.IPFamily docs

view details

Jan Safranek

commit sha 62b7516b636d71f345afd7af1296849977bbccf8

Add e2e test for read-only volume used by multiple pods

view details

Lubomir I. Ivanov

commit sha 7ddd966ed2038133dce3f93a062a9da1cb809088

kubeadm: mark --experimental-kustomize as deprecated

view details

SataQiu

commit sha 800dd19fc23f14f9e83f09ff40155395af9f7cb0

increase robustness for kubeadm etcd operations Signed-off-by: SataQiu <1527062125@qq.com>

view details

David Eads

commit sha 7f172286342c4238d4b636c113d35835ff9299ee

prevent panic in azure cloud provider from killing the process

view details

Antonio Ojea

commit sha 069707f75a14b9c98538755b089a123192bb0368

refactor and instrument range_allocator cidr_sets refactor and add the following metrics to the cidr_sets used by the range allocator:, under the subsystem: node_ipam_controller cidrset_cidrs_allocations_total cidrset_cidrs_releases_total cidrset_usage_cidrs cidrset_allocation_tries_per_request

view details

Jan Safranek

commit sha 9a9c2168258bd19f6323edf4bd918482ad3454f5

iscsi: don't write json medata file when the volume is already mounted. iSCSI volume plugin persists volume metadata into global mount directory, before it is mounted. Content of the directory is shadowed by the volume mount. Therefore kubelet should not write metadata to the directory when a second pod uses the same volume on the same node. 1. The metadata were already persisted before mounting the volume for the first pod. 2. The global mount directory has the volume mounted, so any write there would write to the volume, which is undesirable.

view details

wawa0210

commit sha 7d8aae51df4f318b71dc3b790dd01d0bcb79c5dd

fix pkg/controller/deployment staticcheck

view details

Rostislav M. Georgiev

commit sha 9d6e2b923a5309df75d378639303a4fdc29b97a0

kubeadm upgrade plan: Use internal types of the output API `kubeadm upgrade plan` is using the external (currently `v1alpha1`) types of the kubeadm output API to collect upgrade plans. This is counter intuitive since code structure gets bound to the whatever version the output API is at. In addition to that, the versioned API is used only in the very last stages of a machine readable output (which is currently not implemented). Hence, to increase flexibility and keep up with the standard Kubernetes ecosystem practice, `kubeadm upgrade plan` is migrated to use the internal types of the output API. Signed-off-by: Rostislav M. Georgiev <rostislavg@vmware.com>

view details

Rostislav M. Georgiev

commit sha 709e3c3a8360e805266b745b23187092a5444ca2

kubeadm upgrade plan: component config state table This change enables kubeadm upgrade plan to print a state table with information regarding known component config API groups. Most importantly this information includes current and preferred version for each group and an indication if a manual user upgrade is required. Signed-off-by: Rostislav M. Georgiev <rostislavg@vmware.com>

view details

Jordan Liggitt

commit sha 30e39c71e2e5c5d6bb3fd64c71571a04beef5368

Add deprecated, deprecationWarning fields to CRDs

view details

push time in a day

push eventsaschagrunert/kubernetes

Sergiusz Urbaniak

commit sha 83b850cd54295060ee1a66b4a9e90f54cc0bb0e1

kube-aggregator/openapi/controller: remove trailing 1 in failure rate limiter

view details

tahsinrahman

commit sha 201f869c66391a14c39a73c8745789f24458b99f

Add --logging-format flag for kube-apiserver

view details

Gaurav Singh

commit sha adcd8909fbbfd399af3983ced92fc743347e96fe

cleanup: Remove_unnecessary_Sprintfs Removed unused fmt Signed-off-by: Gaurav Singh <gaurav1086@gmail.com>

view details

Dan Winship

commit sha 9b3a4bb411a1134395370f1ba54daa734f043b6c

api: update Service.Spec.IPFamily docs

view details

Jan Safranek

commit sha 62b7516b636d71f345afd7af1296849977bbccf8

Add e2e test for read-only volume used by multiple pods

view details

Lubomir I. Ivanov

commit sha 7ddd966ed2038133dce3f93a062a9da1cb809088

kubeadm: mark --experimental-kustomize as deprecated

view details

Jan Safranek

commit sha 9a9c2168258bd19f6323edf4bd918482ad3454f5

iscsi: don't write json medata file when the volume is already mounted. iSCSI volume plugin persists volume metadata into global mount directory, before it is mounted. Content of the directory is shadowed by the volume mount. Therefore kubelet should not write metadata to the directory when a second pod uses the same volume on the same node. 1. The metadata were already persisted before mounting the volume for the first pod. 2. The global mount directory has the volume mounted, so any write there would write to the volume, which is undesirable.

view details

wawa0210

commit sha 7d8aae51df4f318b71dc3b790dd01d0bcb79c5dd

fix pkg/controller/deployment staticcheck

view details

Rostislav M. Georgiev

commit sha 9d6e2b923a5309df75d378639303a4fdc29b97a0

kubeadm upgrade plan: Use internal types of the output API `kubeadm upgrade plan` is using the external (currently `v1alpha1`) types of the kubeadm output API to collect upgrade plans. This is counter intuitive since code structure gets bound to the whatever version the output API is at. In addition to that, the versioned API is used only in the very last stages of a machine readable output (which is currently not implemented). Hence, to increase flexibility and keep up with the standard Kubernetes ecosystem practice, `kubeadm upgrade plan` is migrated to use the internal types of the output API. Signed-off-by: Rostislav M. Georgiev <rostislavg@vmware.com>

view details

Rostislav M. Georgiev

commit sha 709e3c3a8360e805266b745b23187092a5444ca2

kubeadm upgrade plan: component config state table This change enables kubeadm upgrade plan to print a state table with information regarding known component config API groups. Most importantly this information includes current and preferred version for each group and an indication if a manual user upgrade is required. Signed-off-by: Rostislav M. Georgiev <rostislavg@vmware.com>

view details

Lubomir I. Ivanov

commit sha a8b31556c8e54212b4181a02dcfa977f5769f5ad

kubeadm: add the --experimental-patches flag in cmd/options

view details

Lubomir I. Ivanov

commit sha 5506049b873304a84fc7e5318385cc664caa907d

kubeadm: add logic for patching components in util/patches

view details

Lubomir I. Ivanov

commit sha 144778db8373ae1a9c56df228153d5c136617783

kubeadm: plumb the patches option trough init/join/upgrade This changes adds the "patches" option in all places where the "kustomize" option is already present.

view details

Lubomir I. Ivanov

commit sha ceb768ccbde7a84782696bc46fa06b2a32c9fa0f

kubeadm: apply patches to static Pods Add PatchStaticPod() in staticpod/utils.go Apply patches to static Pods in: - phases/controlplane/CreateStaticPodFiles() - phases/etcd/CreateLocalEtcdStaticPodManifestFile() and CreateStackedEtcdStaticPodManifestFile() Add unit tests and update Bazel.

view details

Sandeep Rajan

commit sha 12bced9bfba3a0f37a2924cdf422bafabdb3a3e7

add back anti-affinity

view details

Roy Yang

commit sha f86b720cf619fed82342ac81c1ae7f460e927460

Update the COS E2E image policy Signed-off-by: Roy Yang <royyang@google.com>

view details

Yecheng Fu

commit sha 2cdc63aeaab603c61b48e95c044f1e4bb2f32548

cleanup in volume scheduling pkg - remove duplicated function claimToClaimKey - cache Lister - don't add indexer for PVCAssumeCache

view details

Patrick Ohly

commit sha 8f55fad7bb7f1e2ee54ef2ae46ed88d4ea44db5d

e2e pod logs: use hierarchical directory structure When using the entire test name as file name, the name became too long (> 256 characters, which wasn't supported by all file systems) and the artifact directory got cluttered. The original reason (a limitation in Gubernator) no longer applies because Spyglass is used now for log viewing.

view details

Chelsey Chen

commit sha 75612c17461fe81fb969768e12ca52bfb22f745d

Promote new Event API to v1

view details

Chelsey Chen

commit sha c90330d8f4ca9fd980df24044960a4d8bb28a780

Auto generated changes

view details

push time in a day

delete branch openSUSE/cri-tools

delete branch : pr-issue-template

delete time in a day

PR opened cri-o/cri-o

Reviewers
Update golangci lint to v1.28.0

<!-- Thanks for sending a pull request!

Please be aware that we're following the Kubernetes guidelines of contributing to this project. This means that we have to use this mandatory template for all of our pull requests.

Please also make sure you've read and understood our contributing guidelines (https://github.com/cri-o/cri-o/blob/master/CONTRIBUTING.md) as well as ensuring that all your commits are signed with git commit -s.

Here are some additional tips for you:

  • If this is your first time, please read our contributor guidelines: https://git.k8s.io/community/contributors/guide#your-first-contribution and developer guide https://git.k8s.io/community/contributors/devel/development.md#development-guide
  • Please label this pull request according to what type of issue you are addressing, especially if this is a release targeted pull request. For reference on required PR/issue labels, read here: https://git.k8s.io/community/contributors/devel/sig-release/release.md#issuepr-kind-label
  • If you want faster PR reviews, read how: https://git.k8s.io/community/contributors/guide/pull-requests.md#best-practices-for-faster-reviews
  • If the PR is unfinished, see how to mark it: https://git.k8s.io/community/contributors/guide/pull-requests.md#marking-unfinished-pull-requests -->

What type of PR is this?

/kind dependency-change

What this PR does / why we need it:

We also enable non-complaining linters as well as adding new ones to the list in .golangci.yml.

Which issue(s) this PR fixes:

<!-- Automatically closes linked issue when PR is merged. Usage: Fixes #<issue number>, or Fixes (paste link of issue). -->

<!-- Fixes # or None --> None

Special notes for your reviewer:

None

Does this PR introduce a user-facing change?

<!-- If no, just write None in the release-note block below. If yes, a release note is required: Enter your extended release note in the block below. If the PR requires additional action from users switching to the new release, include the string "action required".

For more information on release notes see: https://git.k8s.io/community/contributors/guide/release-notes.md -->

None
+7 -1

0 comment

2 changed files

pr created time in a day

create barnchopenSUSE/cri-o

branch : golangci-lint

created branch time in a day

PR opened cri-o/cri-o

Reviewers
Update golang dependencies

What type of PR is this?

/kind dependency-change

What this PR does / why we need it:

Bump the golang dependencies to their latest versions.

Which issue(s) this PR fixes:

<!-- Automatically closes linked issue when PR is merged. Usage: Fixes #<issue number>, or Fixes (paste link of issue). -->

<!-- Fixes # or None --> None

Special notes for your reviewer:

None

Does this PR introduce a user-facing change?

<!-- If no, just write None in the release-note block below. If yes, a release note is required: Enter your extended release note in the block below. If the PR requires additional action from users switching to the new release, include the string "action required".

For more information on release notes see: https://git.k8s.io/community/contributors/guide/release-notes.md -->

None
+46345 -33256

0 comment

568 changed files

pr created time in a day

push eventopenSUSE/cri-o

Sascha Grunert

commit sha 47bebace06007f60b909bdc2f500372fb820c826

Update golang dependencies Bump the golang dependencies to their latest versions. Signed-off-by: Sascha Grunert <sgrunert@suse.com>

view details

push time in a day

push eventopenSUSE/cri-o

Sascha Grunert

commit sha 0e4afe23f2112fd91cebe982e3f385f0ab631770

Update golang dependencies Bump the golang dependencies to their latest versions. Signed-off-by: Sascha Grunert <sgrunert@suse.com>

view details

push time in a day

create barnchopenSUSE/cri-o

branch : deps

created branch time in a day

Pull request review commentkubernetes-sigs/cri-tools

Add Kubernetes PR and issue template

+<!--  Thanks for sending a pull request!  Here are some tips for you:++- If this is your first time, please read our contributor guidelines: https://git.k8s.io/community/contributors/guide#your-first-contribution and developer guide https://git.k8s.io/community/contributors/devel/development.md#development-guide

Yep, changed the development guide to te mentioned link.

saschagrunert

comment created time in a day

push eventopenSUSE/cri-tools

Sascha Grunert

commit sha 81d870eade727250955e1e465989f322d665fa2e

Add Kubernetes PR and issue template Just copying the version from k/release because it contains small optimizations which should be valuable for this repo, too. Signed-off-by: Sascha Grunert <sgrunert@suse.com>

view details

push time in a day

Pull request review commentkubernetes-sigs/cri-tools

Add Kubernetes PR and issue template

+<!--  Thanks for sending a pull request!  Here are some tips for you:++- If this is your first time, please read our contributor guidelines: https://git.k8s.io/community/contributors/guide#your-first-contribution and developer guide https://git.k8s.io/community/contributors/devel/development.md#development-guide+- Please label this pull request according to what type of issue you are addressing, especially if this is a release targeted pull request. For reference on required PR/issue labels, read here:

Indeed they are supported here (see https://github.com/kubernetes-sigs/cri-tools/pull/636#issuecomment-654039996), I think a valid kind should be applied by the author in any case.

saschagrunert

comment created time in a day

pull request commentkubernetes-sigs/cri-tools

Add Kubernetes PR and issue template

/kind documentation

saschagrunert

comment created time in a day

push eventopenSUSE/cri-tools

Sascha Grunert

commit sha d0d03a63fadda54db005c9a5fb7c0070808e837d

Add Kubernetes PR and issue template Just copying the version from k/release because it contains small optimizations which should be valuable for this repo, too. Signed-off-by: Sascha Grunert <sgrunert@suse.com>

view details

push time in a day

Pull request review commentkubernetes-sigs/cri-tools

Add Kubernetes PR and issue template

+---+name: Feature Request+about: Suggest a feature for the Kubernetes release engineering tooling+labels: kind/feature, sig/release, area/release-eng

:+1:

saschagrunert

comment created time in a day

Pull request review commentkubernetes-sigs/cri-tools

Add Kubernetes PR and issue template

+---+name: Bug Report+about: Report a bug encountered while using Kubernetes release engineering tooling+labels: kind/bug, sig/release, area/release-eng++---++<!-- Please use this template while reporting a bug and provide as much info as possible. Not doing so may result in your bug not being addressed in a timely manner. Thanks!++If the matter is security related, please disclose it privately via https://kubernetes.io/security/+-->++#### What happened:++#### What you expected to happen:++#### How to reproduce it (as minimally and precisely as possible):++#### Anything else we need to know?:++#### Environment:++- Cloud provider or hardware configuration:

:+1:

saschagrunert

comment created time in a day

Pull request review commentkubernetes-sigs/cri-tools

Add Kubernetes PR and issue template

+---+name: Feature Request+about: Suggest a feature for the Kubernetes release engineering tooling

:+1:

saschagrunert

comment created time in a day

Pull request review commentkubernetes-sigs/cri-tools

Add Kubernetes PR and issue template

+---+name: Bug Report+about: Report a bug encountered while using Kubernetes release engineering tooling+labels: kind/bug, sig/release, area/release-eng

Sounds good, adapted as suggested.

saschagrunert

comment created time in a day

Pull request review commentkubernetes-sigs/cri-tools

Add Kubernetes PR and issue template

+---+name: Bug Report+about: Report a bug encountered while using Kubernetes release engineering tooling

Fixed as suggested :+1:

saschagrunert

comment created time in a day

pull request commentopenshift/release

Enable release-note plugin for CRI-O

PTAL @rhatdan @mrunalp @haircommander

saschagrunert

comment created time in a day

pull request commentopenshift/release

Enable release-note plugin for CRI-O

/remove-lifecycle rotten

saschagrunert

comment created time in a day

delete branch saschagrunert/release

delete branch : commands

delete time in 3 days

PR opened kubernetes/release

Add `Commands` structure to command package

<!-- Thanks for sending a pull request! Here are some tips for you:

  • If this is your first time, please read our contributor guidelines: https://git.k8s.io/community/contributors/guide#your-first-contribution and developer guide https://git.k8s.io/community/contributors/devel/development.md#development-guide
  • Please label this pull request according to what type of issue you are addressing, especially if this is a release targeted pull request. For reference on required PR/issue labels, read here: https://git.k8s.io/community/contributors/devel/sig-release/release.md#issuepr-kind-label
  • If you want faster PR reviews, read how: https://git.k8s.io/community/contributors/guide/pull-requests.md#best-practices-for-faster-reviews
  • If the PR is unfinished, see how to mark it: https://git.k8s.io/community/contributors/guide/pull-requests.md#marking-unfinished-pull-requests -->

What type of PR is this?

/kind feature

What this PR does / why we need it:

The Commands structure allows concatenation of commands by preserving their working directory and verbosity mode. This reduces the noise when running multiple commands sequentially.

Demo:

New("echo", "1").Verbose().Add("echo", "2").Add("echo", "3").Run()

will result int:

+ /usr/bin/echo 1
1
+ /usr/bin/echo 2
2
+ /usr/bin/echo 3
3

Which issue(s) this PR fixes:

<!-- *Automatically closes linked issue when PR is merged. Usage: Fixes #<issue number>, or Fixes (paste link of issue). -->

None

Special notes for your reviewer:

None

Does this PR introduce a user-facing change?

<!-- If no, just write "NONE" in the release-note block below. If yes, a release note is required: Enter your extended release note in the block below. If the PR requires additional action from users switching to the new release, include the string "action required".

For more information on release notes see: https://git.k8s.io/community/contributors/guide/release-notes.md -->

- Added `Commands` structure which can be used to run multiple commands sequentially by preserving
  the working directory and verbosity mode. The structure can be used by calling the `Add(cmd string, args string...)`
  method of `Command` or `Commands`. Calling `Run()` on `Commands` will run each command in sequence by
  aborting if the first command fails.
+50 -0

0 comment

2 changed files

pr created time in 3 days

delete branch saschagrunert/release

delete branch : command-verbose

delete time in 3 days

create barnchsaschagrunert/release

branch : commands

created branch time in 3 days

more