Commits · a9e6917d2ad5d487437c3133128420f34557911f · Plural / platform / external-dns

05 Nov, 2019 3 commits
- Drop labeler when forking · a9e6917d
  njuettner authored 5 years ago
```
Signed-off-by: njuettner <nick@zalando.de>
```
  a9e6917d
- Merge pull request #1254 from bavarianbidi/docs/openstack/snippet-for-rbac-enabled-environment · ceae2f9a
  Kubernetes Prow Robot authored 5 years ago
```
docs/designate: add snippet for rbac env
```
  ceae2f9a
- docs/designate: add snippet for rbac env · a16827e7
  Mario Constanti authored 5 years ago
```
* extend the external-dns deployment to work within a RBAC enabled
environment
* add short hint how to mount/use/trust self-sign certificates
```
  a16827e7
04 Nov, 2019 2 commits
- Merge pull request #1253 from bavarianbidi/docs/fix-debug-log-level-flag · f675fc96
  Kubernetes Prow Robot authored 5 years ago
```
docs: fix log-level param in tutorials
```
  f675fc96
- docs: fix log-level param in tutorials · 82e43e85
  Mario Constanti authored 5 years ago
```
* arg --debug is now --log-level=debug
* flag --log-level was merged 2017 with
  PR https://github.com/kubernetes-sigs/external-dns/pull/339
```
  82e43e85
01 Nov, 2019 1 commit
- Move into kubernetes-sigs organization (#1245) · f763d2a4
  Nick Jüttner authored 5 years ago
```
* Move into kubernetes-sigs organization

* Disable labeler action for forks
```
  f763d2a4
29 Oct, 2019 4 commits
- Merge pull request #1242 from kubernetes-incubator/labeler · 80555587
  Kubernetes Prow Robot authored 5 years ago
```
Adding labels on PR
```
  80555587
- Merge pull request #1243 from kubernetes-incubator/njuettner-patch-1 · 1663574a
  Nick Jüttner authored 5 years ago
```
Update labeler.yml
```
  1663574a
- Update labeler.yml · 235edcbe
  Nick Jüttner authored 5 years ago
  
  235edcbe
- Adding labels on PR · ad17f21a
  njuettner authored 5 years ago
  
  ad17f21a
25 Oct, 2019 3 commits
- Merge pull request #1218 from skoef/nodeSource · eaf7ae5c
  Kubernetes Prow Robot authored 5 years ago
```
added support for using nodes as source
```
  eaf7ae5c
- added description to exported function · 0c547a98
  Reinier Schoof authored 5 years ago
  
  0c547a98
- remove obsolete comment · 5667d0b1
  Reinier Schoof authored 5 years ago
  
  5667d0b1
24 Oct, 2019 4 commits
- honor ttlAnnotationKey for node endpoints · b6ec8557
  Reinier Schoof authored 5 years ago
  
  b6ec8557
- error when no node address could be found · fee7046e
  Reinier Schoof authored 5 years ago
  
  fee7046e
- Merge pull request #1 from linki/nodeSource · c6943f8c
  Reinier Schoof authored 5 years ago
```
Group equal DNS names into same endpoint
```
  c6943f8c
- source: group equal DNS names into same endpoint · 02f40d78
  Martin Linkhorst authored 5 years ago
  
  02f40d78
15 Oct, 2019 1 commit
- Merge pull request #1223 from dgrizzanti/namespace_doc_updates · cec75d7d
  Kubernetes Prow Robot authored 5 years ago
```
Propose a few doc changes to make the use of namespace more clear
```
  cec75d7d
08 Oct, 2019 3 commits
- Propose a few doc changes to make the use of namespace more clear · c4db4af3
  David Grizzanti authored 5 years ago
  
  c4db4af3
- Merge pull request #1164 from h3ndrk/master · 85274ace
  Kubernetes Prow Robot authored 5 years ago
```
Change ApplyChanges in RFC2136 to batch update
```
  85274ace
- Merge pull request #1206 from dooman87/patch-1 · 59475a1c
  Kubernetes Prow Robot authored 5 years ago
```
#582: Unknown Serviceaccount error
```
  59475a1c
01 Oct, 2019 3 commits
- respect controller annotation for node source · 4325d736
  Reinier Schoof authored 5 years ago
  
  4325d736
- implemented annotationFilter for node source · 16194ca9
  Reinier Schoof authored 5 years ago
  
  16194ca9
- added support for using nodes as source · a491d8f6
  Reinier Schoof authored 5 years ago
  
  a491d8f6
24 Sep, 2019 2 commits
- Merge pull request #1149 from dkeightley/master · 8db7e77d
  Kubernetes Prow Robot authored 5 years ago
```
Add RBAC manifest, update wording around IAM policy
```
  8db7e77d
- #582: Unknown Serviceaccount error · aa2b4589
  Pokidov N. Dmitry authored 5 years ago
```
Seems like there was attempts to fix it but change didn't make it to master
```
  aa2b4589
17 Sep, 2019 9 commits
- Merge pull request #1197 from linki/go-mod-tidy · 94246643
  Kubernetes Prow Robot authored 5 years ago
```
Run go mod tidy with go 1.13
```
  94246643
- chore: run go mod tidy with go v1.13 · 9193c571
  Martin Linkhorst authored 5 years ago
  
  9193c571
- Merge pull request #1196 from kubernetes-incubator/v0.5.17 · 1b3e6809
  Kubernetes Prow Robot authored 5 years ago
```
v0.5.17
```
  1b3e6809
- v0.5.17 · 885c9e70
  njuettner authored 5 years ago
```
Signed-off-by: njuettner <nick@zalando.de>
```
  885c9e70
- Merge pull request #1189 from Evesy/cf_token · 40ede255
  Kubernetes Prow Robot authored 5 years ago
```
Support Cloudflare API Token Auth
```
  40ede255
- Formatting · 3580908c
  Mike Eves authored 5 years ago
  
  3580908c
- Small syntax change · 0f234ead
  Mike Eves authored 5 years ago
  
  0f234ead
- Merge pull request #1184 from tariq1890/go113 · 802372b6
  Kubernetes Prow Robot authored 5 years ago
```
upgrade go version to 1.13 in external-dns
```
  802372b6
- Merge pull request #1193 from greut/egoscale-0.18.x · f986d20c
  Kubernetes Prow Robot authored 5 years ago
```
exoscale: add context support
```
  f986d20c
16 Sep, 2019 3 commits

exoscale: add context support · ab08d84c
Yoan Blanc authored 5 years ago
```
Signed-off-by: Yoan Blanc <yoan@dosimple.ch>
```
ab08d84c
Merge pull request #1185 from serialx/fix-amazon-iam-roles-service-account · 894360a1
Kubernetes Prow Robot authored 5 years ago
```
Fix AWS IAM Roles for Service Accounts permission problem.
```
894360a1

Fix AWS IAM Roles for Service Accounts permission · c97781a4

Brian Hong authored 5 years ago

Amazon EKS supports IAM Roles for Service Accounts. It mounts tokens
files to `/var/run/secrets/eks.amazonaws.com/serviceaccount/token`.
Unfortunately, external-dns runs as 'nobody' so it cannot access this
file. External DNS is then unable to make any AWS API calls to work:

```
time="2019-09-11T07:31:53Z" level=error msg="WebIdentityErr: unable to read file at /var/run/secrets/eks.amazonaws.com/serviceaccount/token\ncaused by: open /var/run/secrets/eks.amazonaws.com/serviceaccount/token: permission denied"
```

See: https://docs.aws.amazon.com/eks/latest/userguide/iam-roles-for-service-accounts-technical-overview.html

Below are the file permissions mounted on External DNS pod:

```
~ $ ls -al /var/run/secrets/eks.amazonaws.com/serviceaccount/
total 0
drwxrwxrwt    3 root     root           100 Sep 11 06:40 .
drwxr-xr-x    3 root     root            28 Sep 11 06:40 ..
drwxr-xr-x    2 root     root            60 Sep 11 06:40 ..2019_09_11_06_40_49.865776187
lrwxrwxrwx    1 root     root            31 Sep 11 06:40 ..data -> ..2019_09_11_06_40_49.865776187
lrwxrwxrwx    1 root     root            12 Sep 11 06:40 token -> ..data/token
~ $ ls -al /var/run/secrets/eks.amazonaws.com/serviceaccount/..data/token
-rw-------    1 root     root          1028 Sep 11 06:40 /var/run/secrets/eks.amazonaws.com/serviceaccount/..data/token
```

This commit fixes this problem by specifying securityContext to make
mounted volumes with 65534 (nobody) group ownership.

c97781a4

12 Sep, 2019 1 commit
- Support Cloudflare API Token Auth · 49e0c8b0
  Mike Eves authored 5 years ago
  
  49e0c8b0
10 Sep, 2019 1 commit
- upgrade go version to 1.13 in external-dns · 28c7c729
  Tariq Ibrahim authored 5 years ago
  
  28c7c729