* Wire up Secret for declarative validation
* Migrate Secret.Type to declarative immutable validation
* Add +k8s:optional tag to Secret.Type field
* Add TestDeclarativeValidate test for CREATE flow
* Add immutability test cases for unset->set and set->unset
* Fix ValidateDeclarativelyWithMigrationChecks call to include DeclarativeValidationConfig
* Fix double declarative validation by removing manual ValidateDeclarativelyWithMigrationChecks calls
The secret strategy embedded rest.DeclarativeValidation (which implements
DeclarativeValidationStrategy) but also called ValidateDeclarativelyWithMigrationChecks
directly inside Validate and ValidateUpdate. The REST handler and test framework
call ValidateDeclaratively separately after Validate/ValidateUpdate, causing
double execution that broke the AllDeclarativeEnforced test scenario.
Fix by returning only handwritten errors from Validate/ValidateUpdate, matching
the pattern used by csiDriverStrategy and other correctly-migrated strategies.
* Use alpha stability level for +k8s:immutable on Secret.Type
The validation-gen tool enforces that Beta-level tags cannot be used in
Stable validation. Change +k8s:immutable to
+k8s:alpha(since: "1.36")=+k8s:immutable to match other stable-API fields.
Regenerate zz_generated.validations.go and update test expected errors
with .MarkAlpha() accordingly.
* Update alpha stability level version from 1.36 to 1.37
Update +k8s:alpha(since: "1.36") annotations to 1.37 in types.go
and generated.proto for Secret.Type immutability and ReplicationController
declarative validation tags.
* Regenerate zz_generated.validations.go after rebase
Rebase onto latest master brought in validation-gen changes that add
.MarkShortCircuit() to immutable and optional field validations.
* Add generated declarative validation test files for Secret
validation-gen generates test/declarative_validation/core/secret/
as part of Secret declarative validation wiring.
* Add declarative validation coverage test for Secret.type immutability
The coverage checker requires all registered validation rules to be
exercised by tests. Add a test that triggers the immutable validation
error for Secret.type to satisfy coverage for the generated rule:
v1, Kind=Secret: type FieldValueInvalid origin="immutable"
* Move Secret declarative validation tests to test/declarative_validation
Move all test cases from pkg/registry/core/secret/declarative_validation_test.go
to test/declarative_validation/core/secret/declarative_validation_test.go
per #138872, and remove the original file.
* Revert ReplicationController alpha tags from 1.37 back to 1.36
The since: "1.36" tags on ReplicationController fields track when those
tags were originally added (v1.36) and should not have been changed.
Only the newly added Secret.Type immutable tag targets 1.37.
* Drop WorkloadRef field and introduce SchedulingGroup field in Pod API
* Introduce v1alpha2 Workload and PodGroup APIs, drop v1alpha1 Workload API
Co-authored-by: yongruilin <yongrlin@outlook.com>
* Run hack/update-codegen.sh
* Adjust kube-scheduler code and integration tests to v1alpha2 API
* Drop v1alpha1 scheduling API group and run make update
---------
Co-authored-by: yongruilin <yongrlin@outlook.com>
* Reports node declared features in Node.Status.DeclaredFeatures.
* Add kubelet admission handler to check pod required features and match with node declared features on pod creation.
* Checks node declared features on pod updates and emits events if the node does not
satisfy the pod's feature requirements.
* Adds API validation for node object.
