- Use sub-tests to avoid side-effects between test cases,
cancel the context between cases, and make it easier to
determine the failing case in the test logs.
- Use anonymous closures in benchmarks, instead of sub-tests,
so the times still include all cases.
Kubernetes-commit: 0e5eab042c314851ae4e653f0037fe901baf94d8
The TestGetCacheBypass requires watch cache to be initialized after
which it will want backend to return errors to check what requests are
cached and which are not.
The watch cache is marked as ready after a list succeeds, but before a watch request is executed.
If watch request fail it will immidietly flip back to unready.
Injecting error after watch cache was ready didn't guarantee that watch
request started, sometimes causing watch to be called after and fail.
This immidietly caused the watch cache to be again unready for the rest
of the test.
The fix is just to separate failure injection for List and Watch
responses.
Kubernetes-commit: 70e05132645d5c49cf0ac61a3ae8869dc60f0bde
- Close response body after http calls in the watch tests
- Add apitesting utility methods for closing and testing errors
from response body and websocket.
- Validate read after close errors.
Kubernetes-commit: 9d963298a3b7b828f01a9b02af57863a7480eb0b
This handles canceling the request after the test completes, cleaning
up resources on the client and server.
Kubernetes-commit: 080d6f9ead740ec1358e320e388f79cc4de97697
Improve audit context handling by encapsulating event data and operations behind a structured API. Make
the Audit system more robust in concurrent environments by properly isolating mutable state. The cleaner
API simplifies interaction with audit events, improving maintainability. Encapsulation reduces bugs
by preventing direct manipulation of audit events.
Signed-off-by: Davanum Srinivas <davanum@gmail.com>
Co-Authored-By: Jordan Liggitt <liggitt@google.com>
Co-Authored-By: sxllwx <scottwangsxll@gmail.com>
Kubernetes-commit: 75afa1e0acfb309d984be14937a06f796f220cd6
This removes a dependency from generated applyconfigurations to a testing
package. To do this, the type converter in the testing package has been
moved out to the apimachinery package and the utilities the converter
depend on have been reorganized.
Kubernetes-commit: 4821604f83a6f4764497879b666087ba7cb05060
Co-Authored-By: Matthew Wong <mattwon@amazon.com>
Signed-off-by: Davanum Srinivas <davanum@gmail.com>
Kubernetes-commit: cf82fd7e9ceac60b7a336c90958835865c4f2f0a
This prepares us to add support for distributed claims support in
CEL expressions.
Signed-off-by: Monis Khan <mok@microsoft.com>
Kubernetes-commit: 43d6ea12e3f757e46e17311801a596aa5e70b06e
- Move the watch handler unit tests to the same package as the
WatchServer implementation.
k8s.io/apiserver/pkg/endpoints -> k8s.io/apiserver/endpoints/handlers
- Copy over minimal scheme and codec test setup
- Refactor the tests to use testify assert and require
This unblocks making WatchServer private, if we decide to do that.
Kubernetes-commit: 7fcc1bcf1d1fdb2da6ea1c5b49798a7c7eeb6e6d
* Introduce new boolean `cache{Una,A}uthorizedRequests` field
* Run `hack/update-codegen.sh`
* Respect legacy flags values for caching
With the legacy `--authorization-webhook-cache-{un}authorized-ttl`
flags, caching was disabled when the TTL was set to `0`, so let's
continue doing so when building the authz configuration struct.
* Pass TTL=0 to webhook authz plugin when cache disabled
Kubernetes-commit: fa8e37f7805d608c121f07da5259d3086436d397
With StreamingCollectionEncodingToJSON and
StreamingCollectionEncodingToProtobuf, the WatchList must re-justify its
necessity. To prevent an ecosystem from building around a feature that
may not be promoted, we will stop serving list-via-watch until
performance numbers can justify its inclusion.
This also stops the kube-controller-manager from using the
list-via-watch by default. The fallback is a regular list, so during
the skew during an upgrade the "right" thing will happen and the new
StreamingCollectionEncoding will be used.
Kubernetes-commit: 660df229bf3929741cf31659187060d0c651dcf9
This doesn't matter for shouldDelegateList, but matters when picking
source of RV. RV from continue takes precedence.
Kubernetes-commit: 7da942ca7486310893d4f11f3af062957f953555
Anish Ramasekar
Karl Isenberg
Marek Siarkowicz
Jordan Liggitt
Davanum Srinivas
Karl Isenberg
sxllwx
Joe Betz
Ali Abbasi Alaei
Monis Khan
Wojciech Tyczyński
Jon Huhn
xigang
Antoni Zawodny
Benjamin Elder
Rafael Franzke
David Mengqi Yu
David Eads
Siyuan Zhang
David Ashpole
Marek Siarkowicz
yongruilin