upstream/kubectl
1
0
Fork 0
mirror of https://github.com/kubernetes/kubectl.git synced 2026-02-19 02:28:08 -05:00
Code Issues Projects Releases Packages Wiki Activity Actions
4051 commits 24 branches 1286 tags 86 MiB
Commit graph

4051 commits

This branch
This branch
All branches
Author SHA1 Message Date
Kubernetes Publisher
993c636f60 Merge pull request #136689 from kfess/bugfix/windows-plugin 
Fix kubectl plugin list overshadow detection on Windows

Kubernetes-commit: 09259d3dff0e31970c2e94c38ca6b7ed19b6e865
 2026-02-17 23:02:46 +00:00
Kubernetes Publisher
50c35e77ed Merge pull request #137019 from olamilekan000/add-a-show-secret-flag-in-diff-command 
add show-secret flag to the diff command

Kubernetes-commit: 31bf3ed48b91b67e5003d8df1b3bd0b918d1fb94
 2026-02-16 19:00:41 +00:00
Kubernetes Publisher
3110da20e6 Merge pull request #136411 from olamilekan000/fix-cli-throwing-an-error-when-tailing-logs 
fix cli throwing an error when trying to tail the logs for a Pod

Kubernetes-commit: 18865bef4158651b9d818201505af41dcba3125d
 2026-02-16 15:02:25 +00:00
olalekan odukoya
e366288460 add show-secret flag to the diff command 
Signed-off-by: olalekan odukoya <odukoyaonline@gmail.com>

Kubernetes-commit: 03060174b8e040b9cb086c7e4d613c082c34e1e8
 2026-02-13 22:48:12 +01:00
Kubernetes Publisher
ee050e22cb Merge pull request #136921 from dims/dump-from-utils 
Move dump package from apimachinery to k8s.io/utils

Kubernetes-commit: 5b63a8c68e8e4d417ab3758c7a80118c2db27ac9
 2026-02-12 21:57:33 +00:00
Davanum Srinivas
19d8e344ea Move dump package from apimachinery to k8s.io/utils 
Replace all imports of k8s.io/apimachinery/pkg/util/dump with
k8s.io/utils/dump across the repo. The apimachinery dump package
now contains deprecated wrapper functions that delegate to
k8s.io/utils/dump for backwards compatibility.

Signed-off-by: Davanum Srinivas <davanum@gmail.com>

Kubernetes-commit: 550cc8645bedcc8b187e0ebeb52ead29d5631a32
 2026-02-10 15:20:41 -05:00
Kubernetes Publisher
3ec3773a1b Merge pull request #136826 from alvaroaleman/bumpv0.32 
Bump structured merge diff to v6.3.2

Kubernetes-commit: 65f09e605cb206b2e5fcff4d69a4ae8acf62dbc3
 2026-02-10 23:54:35 +00:00
Kubernetes Publisher
b396ad3860 Merge pull request #136820 from dims/update-otel-deps 
Update OpenTelemetry dependencies to latest versions

Kubernetes-commit: 7b0310aaddb6ccd921679db6b26345c836a6cd5e
 2026-02-10 04:55:47 +00:00
Kubernetes Publisher
5e8f05e2f5 Merge pull request #136775 from atombrella/feature/activate_modernize_slicessort 
Enable modernize/slicessort rule

Kubernetes-commit: f693c45c4ecc214f34017182fb7b8f178d7ef16d
 2026-02-10 04:55:45 +00:00
Alvaro Aleman
e08f42a130 Bump structured merge diff to v6.3.2 
Diff: https://github.com/kubernetes-sigs/structured-merge-diff/compare/v6.3.1...v6.3.2

It's just one change that prevents a NPD when an embedded pointer to a
struct is encountered.

Kubernetes-commit: f59cfe60ef2063e2383ebef416f9da05196903d6
 2026-02-07 13:49:48 -05:00
Davanum Srinivas
216321f754 Update OpenTelemetry dependencies to latest versions 
Bump OpenTelemetry dependencies:
- go.opentelemetry.io/otel v1.39.0 → v1.40.0
- go.opentelemetry.io/otel/metric v1.39.0 → v1.40.0
- go.opentelemetry.io/otel/sdk v1.39.0 → v1.40.0
- go.opentelemetry.io/otel/trace v1.39.0 → v1.40.0
- go.opentelemetry.io/otel/exporters/otlp/otlptrace v1.39.0 → v1.40.0
- go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracegrpc v1.39.0 → v1.40.0
- go.opentelemetry.io/contrib/.../otelrestful v0.64.0 → v0.65.0
- go.opentelemetry.io/contrib/.../otelhttp v0.64.0 → v0.65.0
- go.opentelemetry.io/contrib/.../otelgrpc v0.63.0 → v0.65.0

Unpin otelgrpc: the nil TracerProvider panic (kubernetes#135865) that
required pinning at v0.63.0 is fixed in v0.65.0. Removed the
pinnedModules entry from unwanted-dependencies.json.

Signed-off-by: Davanum Srinivas <davanum@gmail.com>

Kubernetes-commit: 275adf8b047da379724c91a9163f8138159ea8e8
 2026-02-07 08:26:25 -05:00
Austin Abro
749aa3b298 feat(wait): introduce waitOptions.RunWaitContext() (#136781) 
* run wait with context

Signed-off-by: Austin Abro <austinabro321@gmail.com>

* delete other comment

Signed-off-by: Austin Abro <austinabro321@gmail.com>

---------

Signed-off-by: Austin Abro <austinabro321@gmail.com>

Kubernetes-commit: 598922db7562f628fb51ef1db6d3ccb6003369a4
 2026-02-07 00:40:56 +00:00
Mads Jensen
07471296e7 Fixes under staging. 
Kubernetes-commit: ae8838f58a5859c33f2443b7df8a4bc525fde95b
 2026-02-06 22:44:34 +01:00
Kubernetes Publisher
efa9e3e296 Merge pull request #136747 from dims/use-k8s-utils-btree 
Use btree from k8s.io/utils instead of github.com/google/btree

Kubernetes-commit: dc1ec1211e4f54064ba6dafd8aac46ac3d4379b4
 2026-02-05 12:39:57 +00:00
Kubernetes Publisher
d0855f974a Merge pull request #136753 from tallclair/qos-cleanup 
Use quantity.Sign() instead of quantity.Cmp(zeroQuantity)

Kubernetes-commit: f1bed8121bdfadbd00e2b240b58b41daba6c6bde
 2026-02-05 08:29:49 +00:00
Tim Allclair
beafecea32 Use quantity.Sign() instead of quantity.Cmp(zeroQuantity) 
Kubernetes-commit: e8b7c959c9bacabb14100f871ffe19a02a7a1528
 2026-02-04 10:38:23 -08:00
Kubernetes Publisher
d495d270d0 Merge pull request #136673 from HirazawaUi/remove-DisableNodeKubeProxyVersion 
Lock the DisableNodeKubeProxyVersion feature gate to be enabled by default

Kubernetes-commit: 871ad000b43250533c9aabfe17ab4a05cdc18d82
 2026-02-04 20:33:48 +00:00
Kubernetes Publisher
ad1d4b7106 Merge pull request #136730 from dims/update-prometheus-deps 
Bump prometheus/common to v0.67.5 and prometheus/procfs to v0.19.2

Kubernetes-commit: 27dad90a0ca98e396846bb658cac49509b52ce95
 2026-02-04 16:42:55 +00:00
Davanum Srinivas
2e47bdee50 Use btree from k8s.io/utils instead of github.com/google/btree 
The google/btree package is deprecated, so switch to the maintained
fork in k8s.io/utils/third_party/forked/golang/btree.

API differences:
- NewG -> New
- BTreeG[T] -> BTree[T]

Signed-off-by: Davanum Srinivas <davanum@gmail.com>

Kubernetes-commit: a328ca88ad662119bbf129cd1107fabd8dd9f539
 2026-02-04 09:19:58 -05:00
HirazawaUi
456c00e8c7 Lock the DisableNodeKubeProxyVersion feature gate to be enabled by default. 
Kubernetes-commit: 9703ce508fa0da17da10f0905af9982eb1e08a09
 2026-02-04 20:53:10 +08:00
Davanum Srinivas
80276c6c8b Bump prometheus/common to v0.67.5 and prometheus/procfs to v0.19.2 
prometheus/common v0.66.1 -> v0.67.5:
- Breaking: TextParser must now use NewTextParser() constructor
- Float/gauge histograms support in expfmt
- Fixed panic in tlsRoundTripper when CA file missing
- https://github.com/prometheus/common/compare/v0.66.1...v0.67.5

prometheus/procfs v0.16.1 -> v0.19.2:
- New: process shared memory, netfilter queue, hung_task metrics
- Enhanced meminfo (zswap, hugetlb fields)
- MD raid component devices exposed
- Fixed ZswappedBytes calculation
- https://github.com/prometheus/procfs/compare/v0.16.1...v0.19.2

Signed-off-by: Davanum Srinivas <davanum@gmail.com>

Kubernetes-commit: aa4159c2d2dde5d2e9929974884f12608d7d2d3d
 2026-02-03 21:24:37 -05:00
kita456
f082187cdc Fix kubectl plugin list overshadow detection on Windows 
Kubernetes-commit: 7bb838e50b5b878b19151bd03cb3e20bf8746740
 2026-02-02 22:09:05 +09:00
Kubernetes Publisher
3c2d5800e1 Merge pull request #135790 from 0x5457/fix/attach-reattach-message-missing-namespace 
Fix missing namespace flag in attach reattach message

Kubernetes-commit: c04907b02556add29458563b181d66aed6a11a51
 2026-01-30 22:38:16 +00:00
Kubernetes Publisher
50e13d0d42 Merge pull request #136643 from ardaguclu/kubectl-kuberc-beta 
Promote kubectl kuberc commands to beta

Kubernetes-commit: 22e1ea92cd9395e6ee24ed8355eb9f61299f54a4
 2026-01-30 18:40:42 +00:00
Arda Güçlü
10d2309a74 Promote kubectl kuberc commands to beta 
Kubernetes-commit: 4e47d34a0d2d7d420f2bf511a28b86da88e54213
 2026-01-30 09:23:14 +03:00
Kubernetes Publisher
53611777af Merge pull request #136534 from dmaizel/fix/nil-map-panic-maxResourceList 
fix: handle nil ResourceList in max() to prevent panic

Kubernetes-commit: 03c362c9b18784387f334605d13bf297f4659165
 2026-01-28 18:45:14 +00:00
Daniel Maizel
8ec1b93d42 fix: handle nil ResourceList in max() to prevent panic 
Kubernetes-commit: 7d5b4710bda738ec34f5bff23e02e930f09a0687
 2026-01-28 16:07:25 +02:00
kfess
3ebaf84cd8 Add missing tests for kubectl describe commands (#136461) 
* Add missing tests for kubectl describe commands

* fix linter error

Kubernetes-commit: 3a0744ce6d9b6f747b00f19eb086485d003aa075
 2026-01-28 20:07:52 +09:00
Kubernetes Publisher
17176eacef Merge pull request #136582 from yongruilin/master_kubeopenapi-format 
Bump k8s.io/kube-openapi to latest and enable numeric format validation

Kubernetes-commit: b90909e4325d5375af7deb190585a5e9885c288d
 2026-01-28 02:45:48 +00:00
yongruilin
ed4a0a062d Bump k8s.io/kube-openapi to latest 
Kubernetes-commit: 65b579a036fa3b230f9c5e22d449fe9e4790078e
 2026-01-27 21:39:39 +00:00
olalekan odukoya
d9dc040ca9 fix cli throwing an error when trying to follow logs for pod while still initializing 
Signed-off-by: olalekan odukoya <odukoyaonline@gmail.com>

Kubernetes-commit: 5b3b05921f68116e8c96697766f7298d27b5a142
 2026-01-22 00:51:44 +01:00
Kubernetes Publisher
da94a05fbb Merge pull request #136362 from dims/update-opentelemetry-v1.39.0 
Update OpenTelemetry dependencies to latest versions

Kubernetes-commit: 69eb15ee58c9cb20b90007e9b064dfb78b66a867
 2026-01-21 22:43:46 +00:00
Davanum Srinivas
e4de583378 Update OpenTelemetry dependencies to latest versions 
Core packages (opentelemetry-go):
- go.opentelemetry.io/otel: v1.38.0 → v1.39.0
- go.opentelemetry.io/otel/metric: v1.38.0 → v1.39.0
- go.opentelemetry.io/otel/trace: v1.38.0 → v1.39.0
- go.opentelemetry.io/otel/sdk: v1.38.0 → v1.39.0

Exporters:
- go.opentelemetry.io/otel/exporters/otlp/otlptrace: v1.34.0 → v1.39.0
- go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracegrpc: v1.34.0 → v1.39.0

Contrib instrumentation (opentelemetry-go-contrib):
- go.opentelemetry.io/contrib/.../otelhttp: v0.61.0 → v0.64.0
- go.opentelemetry.io/contrib/.../otelrestful: v0.44.0 → v0.64.0

Protocol definitions (opentelemetry-proto-go):
- go.opentelemetry.io/proto/otlp: v1.5.0 → v1.9.0

Notable changes:
- Go 1.24 is now the minimum required version (Go 1.23 support dropped) for OTEL components
- Performance: ~4x improvement in histogram concurrent operations; xxhash
  replaces fnv for attribute hashing
- Fixed goroutine leak in span processors when context is canceled
- otelrestful migrated semantic conventions from v1.20.0 to v1.34.0
  (e.g., http.method → http.request.method)
- Partial OTLP export errors now surfaced instead of being silently dropped
- otelrestful no longer depends on json-iterator/go, modern-go/concurrent,
  or modern-go/reflect2; unwanted-dependencies.json updated accordingly

Signed-off-by: Davanum Srinivas <davanum@gmail.com>

Kubernetes-commit: c40ea60b9f193fbead586f9fd6cc26f7b77312ff
 2026-01-20 17:20:21 -05:00
Kubernetes Publisher
ebb9e96a24 Merge pull request #136227 from dims/update-grpc-ecosystem-deps-jan2026 
Update gRPC ecosystem dependencies

Kubernetes-commit: 8f76dbf79bc972bfc886980aca3a5d8188f63826
 2026-01-20 18:37:57 +00:00
Kubernetes Publisher
eb067c5cd6 Merge pull request #136010 from olamilekan000/fix-k8s-losing-some-line-of-logs 
fix kubectl interactive mode losing some line of logs

Kubernetes-commit: 9ea678d860d410f7a929f6b077f6d2bf1b6ecfc9
 2026-01-19 22:32:20 +00:00
Kubernetes Publisher
d4872b694a Merge pull request #135874 from mochizuki875/make_general_profile_default 
kubectl debug: make general profile default

Kubernetes-commit: 49f5ecc02cd36fb41e28d3157c0c8a65e92404c9
 2026-01-16 22:21:57 +00:00
Kubernetes Publisher
a887594ae3 Merge pull request #135744 from ali-a-a/describe-service-app-protocol 
Add appProtocol to the service describe output

Kubernetes-commit: 9bbfe74defb5875f537b93f4dff70485b195b026
 2026-01-16 22:21:56 +00:00
Keita Mochizuki
a6e555e5b2 Update staging/src/k8s.io/kubectl/pkg/cmd/debug/debug.go 
Co-authored-by: Maciej Szulik <soltysh@gmail.com>

Kubernetes-commit: 211e77a9967f241edff1c6f0116369b2d1200455
 2026-01-16 23:45:12 +09:00
Kubernetes Publisher
4c393220d1 Merge pull request #136212 from dims/update-security-deps-jan2026-v2 
Update security and stability dependencies

Kubernetes-commit: a94970c0c5de0fa56b0ed82823850db7e0257685
 2026-01-16 14:35:09 +00:00
Davanum Srinivas
7c4f59ad76 Update gRPC ecosystem dependencies 
Update the gRPC ecosystem to pick up performance improvements,
bug fixes, and maintain compatibility with the latest protobuf
and OpenTelemetry releases.

Notable changes in grpc v1.78.0:
- mem.Reader interface changed to struct
- Legacy pick_first load balancer policy removed (pickfirstleaf)
- Improved connection state management

Updated dependencies:
- grpc-gateway/v2: v2.27.4 (2025-12-26)
- go-grpc-middleware/v2: v2.3.3 (2025-11-04)
- go-grpc-middleware/providers/prometheus: v1.1.0 (2025-06-16)
- google.golang.org/grpc: v1.78.0 (2025-12-23)
- genproto/googleapis/api: v0.0.0-20260112192933-99fd39fd28a9 (2026-01-12)
- genproto/googleapis/rpc: v0.0.0-20260112192933-99fd39fd28a9 (2026-01-12)

Signed-off-by: Davanum Srinivas <davanum@gmail.com>

Kubernetes-commit: f727e938dc95ac1a95a2536e7d01220172022a71
 2026-01-14 09:18:21 -05:00
Davanum Srinivas
f3dd744682 Update security and stability dependencies 
This PR updates several dependencies addressing security vulnerabilities,
stability fixes, and authentication improvements.

- golang.org/x/crypto: v0.46.0 -> v0.47.0
  - Includes latest X509 root certificate bundle updates
  - Security hardening for cryptographic operations
  - Foundation dependency for TLS and authentication

- github.com/golang-jwt/jwt/v5: v5.2.2 -> v5.3.0
  - IMPORTANT: v5.2.2 patched vulnerability GHSA-mh63-6h87-95cp (token
    validation security issue) - this update ensures we have the fix
  - Adds multiple audience validation support for JWT tokens
  - Go 1.21 minimum requirement (code modernization)
  - Replaced legacy interface{} with modern any keyword

- golang.org/x/net: v0.48.0 -> v0.49.0
  - HTTP/2 priority scheduler improvements (RFC 9218)
  - WebSocket security enhancements
  - Network layer stability fixes

- go.uber.org/zap: v1.27.0 -> v1.27.1
  - Fix: Prevent Object from panicking on nils (PR #1501)
  - Fix: Race condition in WithLazy (PR #1511)
  - Both fixes improve logging stability in concurrent scenarios

- github.com/godbus/dbus/v5: v5.2.0 -> v5.2.2
  - Security: Disabled SHA1 authentication by default on non-Windows
    platforms (v5.2.0 change now inherited)
  - Performance: Multiple optimizations reducing memory allocations
  - Fix: Alignment issues in decoder operations
  - Fix: Allow more than 32 containers/struct fields in a signature

Signed-off-by: Davanum Srinivas <davanum@gmail.com>

Kubernetes-commit: 5b478645cdb3be5ed92a21d2f7b417b6328cfa6e
 2026-01-13 23:08:03 -05:00
Kubernetes Publisher
22c39ba421 Merge pull request #136143 from pohly/client-go-fake-list-and-watch-fix 
client-go testing: fix List+Watch support

Kubernetes-commit: 8392659d3c90fea03be805968b53ec7a05dea183
 2026-01-15 18:28:42 +00:00
Kubernetes Publisher
3a767404cb Merge pull request #135563 from yangjunmyfm192085/fixkubectl 
When using kubectl to delete multiple sts pods simultaneously, it gets stuck and won't exit

Kubernetes-commit: 2c677fe0345d510f48e2fe2863deaa502f73d2a6
 2026-01-15 18:28:37 +00:00
Patrick Ohly
efa6958ce8 client-go testing: start ResourceVersion at 1 for empty set 
List should never return "0", that has a special meaning in queries.

Kubernetes-commit: 3783a720e7278466859fe140d2bfbbfb054f5313
 2026-01-14 12:19:32 +01:00
Kubernetes Publisher
daa9ed2d23 Merge pull request #136162 from dims/update-security-deps-jan2026 
Update security-critical authentication and protobuf dependencies

Kubernetes-commit: c29a5d73a6fd04896033fe615c259f2949c5e94f
 2026-01-14 02:36:07 +00:00
Davanum Srinivas
6d8fe8db3e Update security-critical authentication and protobuf dependencies 
This PR updates security-critical dependencies addressing authentication
and data parsing vulnerabilities.

**Authentication Security:**
- github.com/coreos/go-oidc: v2.3.0 -> v2.5.0
  - Security fix: Now verifies token signature BEFORE validating payload
  - Prevents potential processing of tampered tokens before cryptographic
    verification

- github.com/cyphar/filepath-securejoin: v0.6.0 -> v0.6.1
  - Security fix: Fixed seccomp fallback logic - library now properly falls
    back to safer O_PATH resolver when openat2(2) is denied by seccomp-bpf
  - Fixed file descriptor leak in openat2 wrapper during RESOLVE_IN_ROOT

- cyphar.com/go-pathrs: v0.2.1 -> v0.2.2
  - Companion update to filepath-securejoin

**Protobuf Security:**
- google.golang.org/protobuf: v1.36.8 -> v1.36.11
  - Security fix: Added recursion limit check in lazy decoding validation
  - Prevents potential stack exhaustion attacks via maliciously crafted
    protobuf messages
  - Also adds support for URL chars in type URLs in text-format

These updates are critical for:
- OIDC authentication in kube-apiserver
- Container filesystem path resolution (used by container runtimes)
- Protobuf message parsing throughout the codebase

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Signed-off-by: Davanum Srinivas <davanum@gmail.com>

Kubernetes-commit: c825d80bbf2c82666192c329478a686fa3a1d5dc
 2026-01-11 16:50:37 -05:00
Kubernetes Publisher
fdacba02e1 Merge pull request #136161 from dims/update-golang-x-deps-jan2026 
Update golang.org/x dependencies to latest versions

Kubernetes-commit: 1c894014ebe25e0b042efa91698284f527493d90
 2026-01-13 03:15:56 +00:00
Kubernetes Publisher
b597402c65 Merge pull request #135759 from Abhigyan-Shekhar/fix-cel-race-condition 
FIX: Deep copy MapType in CEL composition to prevent data race

Kubernetes-commit: 477b99a8d880847938c141239bafdfc35eee45bb
 2026-01-12 22:22:48 +00:00
Davanum Srinivas
46548fc97c Update golang.org/x dependencies to latest versions 
updates the golang.org/x package family to newer releases:

- golang.org/x/crypto: v0.45.0 -> v0.46.0
- golang.org/x/net: v0.47.0 -> v0.48.0
- golang.org/x/sys: v0.38.0 -> v0.40.0
- golang.org/x/time: v0.9.0 -> v0.14.0
- golang.org/x/oauth2: v0.30.0 -> v0.34.0
- golang.org/x/text: v0.31.0 -> v0.33.0
- golang.org/x/term: v0.37.0 -> v0.39.0
- golang.org/x/sync: v0.18.0 -> v0.19.0
- golang.org/x/mod: v0.29.0 -> v0.32.0
- golang.org/x/tools: v0.38.0 -> v0.40.0
- golang.org/x/exp: 8a7402abbf56 -> 944ab1f22d93

Security & Stability:
- x/crypto: Updated X509 root certificate bundle
- x/net: HTTP/2 PING optimization to reduce DoS detection triggers,
  data race fix in trace RenderEvents
- x/sys: Fixed out-of-bounds memory access in sockaddrIUCVToAny
- x/time: Fixed rate limiter overflow when using very low rates that
  could cause the limiter to jam open

Performance:
- x/time: ~19% improvement in Sometimes.Do when no interval configured

Maintenance:
- Various vet diagnostic fixes for Go 1.26 compatibility
- Dependency updates across the golang.org/x ecosystem

Signed-off-by: Davanum Srinivas <davanum@gmail.com>

Kubernetes-commit: 0e67c56a8f26ace2889fd24e098b78e13f9bbffe
 2026-01-11 16:25:45 -05:00
Kubernetes Publisher
0d27056628 Merge pull request #136108 from pohly/ginkgo-gomega-update 
dependencies: ginkgo v2.27.4, gomega v1.39.0

Kubernetes-commit: 758ef0ffbce5cbca7a893d839dde892d79c2738f
 2026-01-09 00:35:14 +00:00