kubernetes
/
apiserver
mirror of https://github.com/kubernetes/apiserver.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
8,107 Commits 29 Branches 1,436 Tags 31 MiB
Commit Graph

271 Commits

Author SHA1 Message Date
Adhityaa Chandrasekar b8c96b50e9 APF defaults.go: use already defined catch-all name constant 
Signed-off-by: Adhityaa Chandrasekar <adtac@google.com>

Kubernetes-commit: 5d2fdde1202e65bcc66ad1c038d5fe84e7dbad9a
 2020-11-18 18:58:45 +00:00
Adhityaa Chandrasekar e590a0415c flowcontrol bootstrap: give catch-all PL more concurrency share 
Signed-off-by: Adhityaa Chandrasekar <adtac@google.com>

Kubernetes-commit: 642b11483030e5aedbd6f43aeac3cbe40255b3b6
 2020-11-13 19:26:06 +00:00
Adhityaa Chandrasekar 3d56b6662b flowcontrol bootstrap: make exempt PL last 
Signed-off-by: Adhityaa Chandrasekar <adtac@google.com>

Kubernetes-commit: bb32d51fd6eeb6a0d1c287986a3f575c8c9a180d
 2020-11-13 03:44:56 +00:00
yue9944882 a4a3fc9b87 APF: graduate API and types to beta 
Signed-off-by: Adhityaa Chandrasekar <adtac@google.com>

Kubernetes-commit: 849be447f563fc93a27a0827fb1185b885b57114
 2020-11-04 16:33:14 +08:00
Andrew Sy Kim 5f8147ed4e apiserver: use canonical egress selection names in EgressSelectorConfiguration API docs 
Signed-off-by: Andrew Sy Kim <kim.andrewsy@gmail.com>

Kubernetes-commit: e4b45d944d54c239e1ad40af17221420f349c4f8
 2020-10-26 10:24:16 -04:00
Andrew Sy Kim 6746ccadda apiserver: support egress selection name 'controlplane' and deprecate 'master' 
Signed-off-by: Andrew Sy Kim <kim.andrewsy@gmail.com>

Kubernetes-commit: a0aebf96ec2eef6517e2611335f0e6c9375dd807
 2020-10-26 10:24:16 -04:00
Abu Kashem 3b4921fd00 allocate service-account flowschema to global-default 
Kubernetes-commit: fd7bf9a5dc3b4a0ba51b041fc721de719d1b2e69
 2020-10-02 13:58:46 -04:00
Haowei Cai 0ac797ac9e move apiserverinternal types to kube-apiserver 
move versioned types to k8s.io/api;
cleanup generated files

Kubernetes-commit: 1f4a4e9040fd9f357adf563b3d17aadaeb964e2b
 2020-07-14 11:43:26 -07:00
David Ashpole 4b21935c20 consistently use double quotes in proto files 
Kubernetes-commit: 296f7c91bb52cd724ce6d6d120d5d41ed459d677
 2020-09-03 13:50:03 -07:00
wojtekt 7561eea1c6 Remove default conversions 
Kubernetes-commit: 410d575d4219ee46c3726d31acf86e555f0a5f1b
 2020-09-03 10:22:11 +02:00
yue9944882 be18e41882 fixes suggested default rules 
Kubernetes-commit: a98f68e5b9cad08f4fc03665ca3a52cad69ed6f0
 2020-07-01 15:26:02 +08:00
Stephen Augustus 58544edbdf apiserver/pkg/apis/config/validation: Add invalidURLErrFmt 
In go1.14, the following change to 'net/url' was made:
"When parsing of a URL fails (for example by Parse or ParseRequestURI),
the resulting Error message will now quote the unparsable URL. This
provides clearer structure and consistency with other parsing errors."

Here we add a new const, 'invalidURLErrFmt' to properly handle the now
quoted string in validation_test.go.

ref: https://golang.org/doc/go1.14#net/url

Signed-off-by: Stephen Augustus <saugustus@vmware.com>

Kubernetes-commit: b0f17c2918fe0d099fc59f17788ca60202a5ae1a
 2020-04-18 04:37:22 -04:00
Chao Xu 2994d90069 generated 
Kubernetes-commit: 5f3838b906628f907939080bac967ef8f105e92f
 2020-02-26 23:56:24 -08:00
Chao Xu 9cf97e52a9 Add the StorageVersion API 
Kubernetes-commit: a2ad36f1e564f81fae4f65c9ac8aa193d6b0662d
 2020-02-26 23:56:07 -08:00
Chao Xu d81e3cbf28 Promote the egressselector API to beta 
Kubernetes-commit: 3fbb549fb7ff707eb7c67e7ae275517c5bdc9883
 2020-02-24 17:12:44 -08:00
Jefftree e8c3464402 Add tests for egress selector 
Kubernetes-commit: d798ccbba166449971c8579dce57870abec9131b
 2020-02-12 10:57:21 -08:00
Jefftree 95ee8d4df4 Support empty root CA for konnectivity 
Kubernetes-commit: 55b89a6451d253532ede0736d7bc8af62f396596
 2020-02-03 19:54:41 -08:00
Jefftree cbcdfbfd72 Network Proxy: GRPC + HTTP Connect with UDS 
Kubernetes-commit: 725d2b6a8fd7733afcbc6822723f4c7e171bcd7f
 2020-01-13 21:23:39 -08:00
yue9944882 0fb7c60f0a fork out a new global-default from catch-all to handle unclassified traffic 
Kubernetes-commit: d1f62ead18f97f98dd01073ca47c3b19382765a3
 2020-01-13 15:56:54 +08:00
Davanum Srinivas cde2338e26 update generated files 
Kubernetes-commit: b3853138a4f1a0637ec3c38a5c59f8228765b261
 2020-01-13 17:56:56 -05:00
Mike Spreitzer 05e620fec5 removed excess blank line 
Kubernetes-commit: f1c26bf4362636bcd36fff4663cc87b567bf6603
 2020-01-17 12:30:07 -05:00
Mike Spreitzer f6a6879cc4 Update validation for API Priority and Fairness 
This PR fixes oversights and adds validation that rejects writes
of wrong Spec values for the four mandatory objects.

Kubernetes-commit: ec5321c6a9f23e5ad26cf88a41fda9dba0c5ce89
 2020-01-17 02:43:52 -05:00
yue9944882 07fdbc261e review: several fixes and addressing comments 
Kubernetes-commit: 70dea6e4a8495ff028ccc8dc8e8aec04b93287c3
 2020-01-10 16:49:37 +08:00
yue9944882 54dfffd2ea bootstrap flow-control objects 
typo

wrap bootstrap-creation-flow w/ wait.PollUtil

go wait

Kubernetes-commit: fe8ad90afa553314e96daa8bba5d3964c714aea1
 2019-11-14 15:56:34 +08:00
Monis Khan 43f8cca801 kms: use negative cachesize value to disable caching 
This change relaxes the KMS config cache size validation to allow
for negative values.  The KMS code already treats all values <= 0 to
mean that the cache is disabled (zero is still a validation error).

Signed-off-by: Monis Khan <mok@vmware.com>

Kubernetes-commit: a16808f353afb6abf402c862d5f859b949d2027a
 2019-12-15 23:30:36 -05:00
immutablet 5cec6b4746 Add defaulting logic for EncryptionConfiguration. 
Kubernetes-commit: a151aa35dc21881d178e498141e5f58df13fb400
 2019-11-14 22:53:18 -08:00
Jordan Liggitt 4b9c976f43 AdmissionConfiguration v1 
Kubernetes-commit: 1234290adfa11eb3dd34242c296e1f1dbe211c19
 2019-11-11 11:57:29 -05:00
wojtekt 0c1673664a Autogenerated code 
Kubernetes-commit: 7b6bcdf780b778af3df5c133686ccb18d8c38fa0
 2019-10-24 14:09:51 +02:00
wojtekt 920eb0f6f5 Cleanup explicitly registered functions 
Kubernetes-commit: d7011f1bdbee285cdfc9bdb0f5b0716f4e02adfd
 2019-10-24 13:18:31 +02:00
Jordan Liggitt 0c12043fe4 Generated files 
Kubernetes-commit: bbedc4f7ed436d28ed574615a33f8d03f7c8a2f0
 2019-09-09 08:55:04 -04:00
Jordan Liggitt a653e5ab1a Export UserInfo conversion, use authnv1.UserInfo in audit 
Kubernetes-commit: 0e787a4b78a849fa66a02126721dd185e7c00955
 2019-09-09 08:54:54 -04:00
misakazhou 330a638869 Fix broken link to api-conventions doc. 
Signed-off-by: misakazhou <misakazhou@tencent.com>

Kubernetes-commit: f0323a2030c7adae0e0965a7d3b455dd416472a0
 2019-08-29 08:35:16 +08:00
Walter Fender 9bdac68d70 Get network-proxy working with GCE. 
Got the proxy-server coming up in the master.
Added certs and have it comiung up with those certs.
Added a daemonset to run the network-agent.
Adding support for agent running as a sameon set on every node.

Added quick hack to test that proxy server/agent were correctly
tunneling traffic to the kubelet.

Added more WIP for reading network proxy configuration.
Get flags set correctly and fix connection services.
Adding missing ApplyTo
Added ConnectivityService.
Fixed build directives. Added connectivity service configuration.
Fixed log levels.
Fixed minor issues for feature turned off.
Fixed boilerplate and format.
Moved log dialer initialization earlier as per Liggits suggestion.
Fixed a few minor issues in the configuration for GCE.
Fixed scheme allocation
Adding unit test.
Added test for direct connectivity service.

Switching to injecting the Lookup method rather than using a Singleton.
First round of mikedaneses feedback.
Fixed deployment to use yaml and other changes suggested by MikeDanese.

Switched network proxy server/agent which are kebab-case not camelCase.
Picked up DIAL_RSP fix.
Factored in deads2k feedback.
Feedback from mikedanese
Factored in second round of feedback from David.
Fix path in verify.
Factored in anfernee's feedback.
First part of lavalamps feedback.
Factored in more changes from lavalamp and mikedanese.

Renamed network-proxy to konnectivity-server and konnectivity-agent.
Fixed tolerations and config file checking.
Added missing strptr
Finished lavalamps requested rename.
Disambiguating konnectivity service by renaming it egress selector.

Switched feature flag to KUBE_ENABLE_EGRESS_VIA_KONNECTIVITY_SERVICE

Kubernetes-commit: ebb65c5f4c51340f42c260cf00bde8629ed68d74
 2019-05-20 12:44:51 -07:00
Antoine Pelisse 0c3358252b Regenerate 
Kubernetes-commit: 6568325ca2bef519e5c8228cd33887660b5ed7b0
 2019-07-24 15:21:55 -07:00
immutablet 5faffb9123 Allow kube-apiserver to test the status of kms-plugin. 
Kubernetes-commit: 05fdbb201ffbaff4e92f0899f9e2ca038febb88d
 2019-05-30 11:15:35 -07:00
Vallery Lancey 6e15e9a893 Updated github.com/gogo/protobuf from SHA to nearest-pinnable tag (v1.0.0), as part of dependency management cleanup: #79234 
Kubernetes-commit: fe59ee8aaf8c7399476d286349caca9e3c05c522
 2019-07-02 21:44:06 -07:00
Pingan2017 d5c0852e40 clean up redundant conditiontype OutOfDisk 
Kubernetes-commit: e94d7b3802abe4ad7086551b91b2801ccee606c2
 2018-12-29 15:31:56 +08:00
Chao Xu 74be843d4b generated 
Kubernetes-commit: 369314959c1bf096c1d3502f10b28a00c3d12691
 2019-05-24 17:46:39 -07:00
Dr. Stefan Schimanski 2449fce880 apis: add +k8s:protobuf-gen=package tag 
Kubernetes-commit: fd62585bd0a4b42935e516c5bcd37040ef57c820
 2019-03-04 23:22:24 +01:00
Dr. Stefan Schimanski 9c57618b0e Add proto roundtrip tests in roundtrip_test.go files 
Kubernetes-commit: b9e12fd4db158c7aad96cee6310796263dfd9e30
 2019-03-04 21:40:48 +01:00
Ben Moss 0806898be7 Update deprecated links 
Kubernetes-commit: 34ac4d9ee9fed65d770403fff4cb037253fc5d09
 2019-02-04 13:28:31 -05:00
Roy Lenferink 4c9524b9fb Updated OWNERS files to include link to docs 
Kubernetes-commit: b43c04452f3b563473b5c2a765d4ac18cc0ff58f
 2019-01-30 20:05:00 +01:00
immutableT d9414ee2ab Expose kms timeout value via encryption config. 
Kubernetes-commit: a4dc53cfeb91ee07cedcc6959e88e30cb0c3cca8
 2019-01-03 14:26:57 -08:00
Lucas Käldström e8928c4a1c Move k8s.io/{apiserver,apimachinery}/pkg/apis/config to k8s.io/component-base/config. Co-authored-by @Klaven 
Kubernetes-commit: 2e52d5c3311d3dcfd042e81570ef138645de529a
 2019-01-06 13:57:47 +02:00
Stanislav Laznicka fb4c655720 autogen files 
Kubernetes-commit: 628d1fef37d565444a4fd7c97d8677621159dc57
 2018-09-11 12:33:10 +02:00
Slava Semushin e2bc8e4617 Introduce kubeapiserver.config.k8s.io/v1 with EncryptionConfiguration and use a standard method for parsing config file. 
Co-authored-by: Stanislav Laznicka <slaznick@redhat.com>

Kubernetes-commit: c21cb548e6c7d4ab019fce8a35c9b99c035c2071
 2018-05-02 18:21:38 +02:00
Jordan Liggitt e206313b1e audit subproject owners/reviewers 
Kubernetes-commit: 4fe30e92fa655b08f819bc449ca6002a7ccd3eea
 2018-11-02 12:46:56 -04:00
Jordan Liggitt 670c0a7eb7 Update API-related owners files 
Kubernetes-commit: 8c20bdaf4661f8764c7a7f2e42674aa6a9bf5d70
 2018-10-30 17:05:08 -04:00
Nikhita Raghunath a14ca1235c generated proto: remove trailing whitespace 
Kubernetes-commit: e60b0a129a16fbc785c73dd4839acaabf856851c
 2018-10-25 16:37:33 +05:30
Patrick Barker e560728e03 adds dynamic audit api 
Kubernetes-commit: 381d0a5d1416f58c94ea02d23d59cbcb6ce526f0
 2018-08-17 10:36:51 -06:00
Joe Betz 5c1ed41d69 Update etcd client to 3.3.9 
Kubernetes-commit: 4263c752115c3796ee5715c7de4cbc2e237809d3
 2018-10-01 16:53:57 -07:00
Jingyi Hu 90f716757e *: Remove comment tags in GoDoc 
Adding blank line between comment tag and package name in doc.go. So
that the comment tags such as '+k8s:deepcopy-gen=package' do not show up
in GoDoc.

Kubernetes-commit: 61117761cd4a1b2e6ad9ff2d7eb915f3d2739dc6
 2018-09-04 14:08:32 -07:00
Lucas Käldström 7bc82613f8 Standardize componentconfig code/comment patterns 
Kubernetes-commit: 83d53ea1c2aeda3619c3aafeb9cf7e50c124058e
 2018-09-06 13:42:02 +03:00
noqcks 383e6cc9a3 Add validation for kube-scheduler 
adding validation for componentconfig

adding validation to cmd kube-scheduler

Add support for ipv6 in IsValidSocketAddr function

updating copyright date in componentconfig/validation/validation.go

updating copyright date in componentconfig/validation/validation_test.go

adding validation for cli options

adding BUILD files

updating validate function to return []errors in cmd/kube-scheduler

ok, really returning []error this time

adding comments for exported componentconfig Validation functions

silly me, not checking structs along the way :'(

refactor to avoid else statement

moving policy nil check up one function

rejigging some deprecated cmd validations

stumbling my way around validation slowly but surely

updating according to review from @bsalamat

- not validating leader election config unless leader election is enabled
- leader election time values cannot be zero
- removing validation for KubeConfigFile
- removing validation for scheduler policy

leader elect options should be non-negative

adding test cases for renewDeadline and leaseDuration being zero

fixing logic in componentconfig validation 😅

removing KubeConfigFile reference from tests as it was removed in master

2ff9bd6699

removing bogus space after var assignment

adding more tests for componentconfig based on feedback

making updates to validation because types were moved on master

update bazel build

adding validation for staging/apimachinery

adding validation for staging/apiserver

adding fieldPaths for staging validations

moving staging validations out of componentconfig

updating test case scenario for staging/apimachinery

./hack/update-bazel.sh

moving kube-scheduler validations from componentconfig

./hack/update-bazel.sh

removing non-negative check for QPS

resourceLock required

adding HardPodAffinitySymmetricWeight 0-100 range to cmd flag help section

Kubernetes-commit: 0334a34e4af9b56ffa4d8fe17514c931c69db84b
 2018-07-30 16:22:22 -04:00
Cao Shufeng a7a4624d67 run make update 
Kubernetes-commit: 2c19a5d43c772d9a2f2427591ec3d8d863b7d4fe
 2018-08-17 11:35:57 +08:00
Cao Shufeng d61a594a58 update Annotations description about audit.Event 
Kubernetes-commit: 0a8c207a59d34a811e792364c1077f896ae8b9a8
 2018-08-17 11:15:49 +08:00
Mehdy Bohlool bad7b5ebe9 generated files 
Kubernetes-commit: 612dcb9ef1b256deb2431ea5b0a01b351407b6a1
 2018-08-08 14:01:51 -07:00
Lucas Käldström 9747204de4 Remove defaulting from shared ComponentConfig types 
Kubernetes-commit: 1b2346584f9c7eb78de96305dfa8f5298a4d9827
 2018-08-09 23:33:47 +03:00
Lucas Käldström 0fb19f3031 Write manually-created conversion funcs for shared ComponentConfig types 
Kubernetes-commit: 2c0d3787998479aa95c9544767681d353e4e1ff7
 2018-08-09 19:48:12 +03:00
Cao Shufeng d84f9deae6 run "make update" 
Kubernetes-commit: 15b800fdf77c70e4560954ba311f761a7a0d2448
 2018-07-06 15:23:37 +08:00
Cao Shufeng 28497af6f8 upgrade advanced Audit to stable 
Kubernetes-commit: 6d2c2ef1697aa2671358e383e258735eeb26e65c
 2018-07-06 13:35:20 +08:00
hangaoshuai c8bda16dad update zz_generated.conversion.go file 
Kubernetes-commit: d6caefe848e14d8703632427b8ce542bacd4d4c7
 2018-08-05 11:50:25 +08:00
hangaoshuai f0f99f21ff add an OWNERS file 
Kubernetes-commit: 6be5a07d4114acfaabf21da4d0bf2653fcf3118d
 2018-07-13 09:26:56 +08:00
hangaoshuai 70bcdadea7 add generated code files 
Kubernetes-commit: 2193f9892e9fd1b953fb8a4e9affe363444fdcd1
 2018-07-12 21:32:30 +08:00
hangaoshuai efae429c1d move apiserver Configuration to k8s.io/apiserver/pkg/apis/config 
Kubernetes-commit: 0875ffe1e25c2d3544e2966b827c3d2d70531ed5
 2018-07-12 17:37:52 +08:00
David Eads cb5cac48ee make package name match all the import aliases 
Kubernetes-commit: d3bd0eb1d5cefc25e4476d8dc086ebd90439ef4e
 2018-08-01 10:01:32 -04:00
Clayton Coleman 7694cbf962 generated: Avoid use of reflect.Call in conversion code paths 
Kubernetes-commit: ef561ba8b58a4427a51b2b5dbb9ad633e45f04a7
 2018-07-03 16:17:14 -04:00
Dr. Stefan Schimanski 4d53b026bc Update generated files 
Kubernetes-commit: f8de7cea406a8d01799c4b4d40b892f3b38fa534
 2018-06-29 20:02:31 +02:00
xuzhonghu e92769a0c3 auto gen 
Kubernetes-commit: b5990b78cb821507ec6d8823ff1341e904694e90
 2018-06-06 11:12:37 +08:00
xuzhonghu c739da1f02 logging user-agent in audit 
Kubernetes-commit: d066d547cce64a4f02bb05d718bc53fe71d06ad3
 2018-06-06 10:53:03 +08:00
Dr. Stefan Schimanski 0f5c209b8d Update generated files 
Kubernetes-commit: 1208437f84304ef4f73a6bf1770786bb436b75c9
 2018-06-13 09:53:47 +02:00
David Eads c41d1d0993 simplify api registration 
Kubernetes-commit: c5445d3c56e06ab366b9cca34bd69c5cc386ec47
 2018-05-07 08:32:20 -04:00
David Eads b7f90743d0 remove rootscopedkinds from groupmeta 
Kubernetes-commit: 8ae62517da5eff6d6bad21badfd39ee88463ad42
 2018-04-30 13:27:01 -04:00
David Eads 88d943c0e6 eliminate indirection from type registration 
Kubernetes-commit: e7fbbe0e3c91f34836b999e695aa133503cfdae5
 2018-04-24 08:21:23 -04:00
fisherxu 716af975eb regenerated all files and remove all YEAR fields 
Kubernetes-commit: b49ef6531c11f1c834e0d7591f5c965f6193c711
 2018-01-22 20:37:53 +08:00
hzxuzhonghu 166387d3d7 fix bug in apiserver.k8s.io install 
Kubernetes-commit: f66c9b388fd276293ac9b430cac2ecf88b236e5d
 2018-03-13 14:47:05 +08:00
Kubernetes Publisher 627fa76a8b sync: initially remove files BUILD */BUILD BUILD.bazel */BUILD.bazel 2018-03-15 09:38:17 +00:00
jennybuckley 9fa0aca343 Run hack/update-all.sh 
Kubernetes-commit: c8dacd8e631f59ef158c79156d77a99fd2a632cc
 2018-02-26 17:16:14 -08:00
Jeff Grafton 1ab12b2dc8 Autogenerated: hack/update-bazel.sh 
Kubernetes-commit: ef56a8d6bb3800ab7803713eafc4191e8202ad6e
 2018-02-16 13:43:01 -08:00
hzxuzhonghu 17f624c321 run hack/update-all.sh 
Kubernetes-commit: 08c024f3670288648751b9444c7db6a63fb0cd04
 2017-11-08 17:31:19 +08:00
hzxuzhonghu a94f246093 audit support wildcard matching subresources 
Kubernetes-commit: 6e83d88be906c174ab3860eec70f2a4aec0ecb48
 2017-11-08 16:03:26 +08:00
fisherxu 5c2ccdd681 delete unused generated file 
Kubernetes-commit: c6499e8db3ad35dce4b0b6b8302654bd90ff0826
 2018-02-07 11:03:40 +08:00
Cao Shufeng d49980e0ed run hack/update-all.sh 
Kubernetes-commit: c512a078e92bcabcca01a83d0367aa8235562e12
 2018-01-26 10:32:48 +08:00
Cao Shufeng 8af8554968 add Annotations to audit event 
Kubernetes-commit: 97b0d99a33d71250bc7f967135c435e62343d9b8
 2018-01-08 12:00:33 +08:00
halfcrazy 6f8c3a80da fix typo in package apiserver 
Kubernetes-commit: 0da91a8577ddfdeaff985cbb6c0da69d5a2ffc81
 2018-02-01 03:04:33 +08:00
Dr. Stefan Schimanski 304d1abda0 Update generated files 
Kubernetes-commit: 83268fa9a8642c9754eeadca76c1b572c4c0ec43
 2018-01-11 17:17:27 +01:00
Dr. Stefan Schimanski 574b95f04b admission: do not leak admission config types outside of the plugins 
Kubernetes-commit: 1a552bbe149373c056ee004304d7e5abaa89f4c6
 2017-11-27 14:44:04 +01:00
lcfang 0ed40315e0 fixed some bad url 
Kubernetes-commit: 713e28874afab96b91000d187b0d3d6ce01abf2a
 2018-01-10 22:05:00 +08:00
Allen Petersen 5792dbc5ef Update generated files 
Kubernetes-commit: 3d69cea1e589add1d24fc72e9a8c46081664a719
 2018-01-02 22:07:30 -08:00
Christoph Blecker e0f0630269 Regenerate all generated code 
Kubernetes-commit: 80e344644e2b6222296f2f03551a8d0273c7cbce
 2018-01-02 00:21:07 -08:00
Jeff Grafton c8a97ee31a Autogenerate BUILD files 
Kubernetes-commit: efee0704c60a2ee3049268a41535aaee7f661f6c
 2017-12-23 13:06:26 -08:00
Cao Shufeng 0ff8c2c2e4 run hack/update-all.sh 
Kubernetes-commit: 4a20d729cc22a9d5adef1f778c0b81960f3b10f3
 2017-11-19 12:45:21 +08:00
Cao Shufeng d3301ca8d8 [advanced audit]add a policy wide omitStage 
Kubernetes-commit: d75c0f0e21af8229ed3147e9a798441221c03574
 2017-10-27 10:01:01 +08:00
Chao Xu 9dda7d3efb let validation webhook convert objects to the external version before sending them 
Kubernetes-commit: ab053a224d27aa48ea4b34ba7591cfd72c3f567d
 2017-11-03 16:49:56 -07:00
Dr. Stefan Schimanski 563bb7b931 Update generated code 
Kubernetes-commit: 1e79dfb959896f2e51be87ecef491452bd17724c
 2017-11-09 12:27:20 +01:00
Dr. Stefan Schimanski a32fcea8bb deepcopy: remove deepcopy register tags 
Kubernetes-commit: 72809a08b94650bc8988db37be3a2ee4c6ccd113
 2017-11-09 12:40:14 +01:00
Dr. Stefan Schimanski fa51e5900d apimachinery: Remove cloner from scheme 
Kubernetes-commit: b5b62c68318be79a665257c260ea9f9bbb6d6318
 2017-11-09 12:27:06 +01:00
Dr. Stefan Schimanski 5de103879c Fix and update comment with api.Scheme 
Kubernetes-commit: 2b201ead1124cae766e1777196ed5725c37f1c54
 2017-10-16 16:28:16 +02:00
David Eads 54a900b6d1 add nested encoder and decoder to admission config 
Kubernetes-commit: 35513976580ab342b7e07078c51db0545e45e6bd
 2017-10-04 12:43:44 -04:00
Jeff Grafton f4dbe23125 update BUILD files 
Kubernetes-commit: aee5f457dbfd70c2d15c33e392dce6a3ca710116
 2017-10-12 13:52:10 -07:00
Cao Shufeng b920c935aa run hack/update-all.sh 
Kubernetes-commit: b69285af7ff117018f9cd6c756e2d6b352cd9d42
 2017-10-12 11:29:41 +08:00
Cao Shufeng f7e881914a support micro time for advanced audit 
Kubernetes-commit: 817bc6954ca9af02013fd8f492f8ef865c217b0d
 2017-09-25 11:56:30 +08:00
Di Xu a9d3dd8d8f fix some typos in api types 
Kubernetes-commit: a1cee9ab3bc50310498554f3929676b577943062
 2017-07-19 22:07:12 +08:00
Jeff Grafton eabf5a2c6e Use buildozer to delete licenses() rules 
Kubernetes-commit: 02fb4200dcdf8636eac5953d04b2c4af912f443b
 2017-09-21 14:54:29 -07:00
Jeff Grafton ecbbfb0461 Use buildozer to remove deprecated automanaged tags 
Kubernetes-commit: 532bd482dfbe25c6fc970d2175f7e02fec2fc8c0
 2017-09-21 14:53:56 -07:00
Kubernetes Publisher 7b23343a61 conversion-gen: make staging dirs independent of living in vendor/ 
Kubernetes-commit: f5451127512e42294564efae97d4cb669df54f49
 2017-09-22 11:42:06 +00:00
Cao Shufeng 26f73b45d4 fix docstring of advanced audit policy 
Kubernetes-commit: 22f4c1ad4db102d66ec829a64ab601919f2019f5
 2017-09-05 14:03:27 +00:00
Dr. Stefan Schimanski 433a5a01a7 audit: fix fuzzer 
Kubernetes-commit: 58dd0879a754baff151913184ab5e1cd924fb19d
 2017-09-05 14:03:26 +00:00
Cao Shufeng 3827624a56 generated: update API resources 
./hack/update-codegen.sh
./hack/update-generated-protobuf.sh

Kubernetes-commit: b50acbdf0152f59e5fd6b065560aed4f85717a7a
 2017-09-04 14:03:48 +00:00
Cao Shufeng 4905dd9b0c Provide a way to omit Event stages in audit policy 
Updates https://github.com/kubernetes/kubernetes/issues/48561
This provide a way to omit some stages for each audit policy rule.

For example:
  apiVersion: audit.k8s.io/v1beta1
  kind: Policy
  - level: Metadata
    resources:
       - group: "rbac.authorization.k8s.io"
         resources: ["roles"]
    omitStages:
      - "RequestReceived"

RequestReceived stage will not be emitted to audit backends with
previous config.

Kubernetes-commit: 47ba91450fbe7d9002bfc9d4a48a73256252821f
 2017-09-04 14:03:48 +00:00
Cao Shufeng 92f836da87 update generated protobuf for audit v1beta1 api 
Kubernetes-commit: ea519bc06020d2b2a68fa46a3f57c9d66827659d
 2017-09-04 14:03:47 +00:00
Cao Shufeng 626d406dd0 run hack/update-codecgen.sh and hack/update-bazel.sh 
Kubernetes-commit: f94ca49e6307a7a668a7f5eb037891ac2045e167
 2017-09-01 16:38:54 +00:00
Cao Shufeng 9ab155429e Split APIVersion into APIGroup and APIVersion in audit events 
audit.Event.ObjectRef.APIVersion currently holds both the the API group and
version, separated by a /. This change break these out into separate fields.

This is part of:
https://github.com/kubernetes/kubernetes/issues/48561

Kubernetes-commit: c57eebfe2f8d36361d510f0afd926777a44cccd2
 2017-09-01 16:38:54 +00:00
Tim Hockin 39fbd1db4a Remove generated JSON code 
Kubernetes-commit: 9e2fccd1de5384a6ecadf54849f612a10ecfe93a
 2017-09-01 16:38:01 +00:00
Eric Chiang b4c852ede3 generated: update API resources 
./hack/update-codegen.sh
	./hack/update-codecgen.sh
	./hack/update-generated-protobuf.sh

Kubernetes-commit: 9caff69027e09f4617f06f30a6359072503ecc47
 2017-09-01 16:38:01 +00:00
Eric Chiang 1fa829c7c8 Audit policy v1beta1 now supports matching subresources and resource names. 
policy:
	- level: Metadata
	  resources:
	  - group: ""
	    resources ["pods/logs"]
	- level: None
	  resources:
	  - group: ""
	    resources: ["configmaps"]
	    resourceNames: ["controller-leader"]

The top level resource no longer matches the subresource. For example "pods"
no longer matches requests to the logs subresource on pods.

```release-note
Audit policy supports matching subresources and resource names, but the top level resource no longer matches the subresouce. For example "pods" no longer matches requests to the logs subresource of pods. Use "pods/logs" to match subresources.
```

Kubernetes-commit: 85491f1578b9b97751a332d3b957d874cecf27b3
 2017-09-01 16:38:01 +00:00
Jordan Liggitt 064c57bb9b Generated files 
Kubernetes-commit: c7defb806fc6c69deb4ab57655c3fa323ba8bebd
 2017-08-29 13:18:49 +00:00
Cao Shufeng d7bd79fee1 [advanced audit api] fuzz Event with random value 
This is an error import by me:
https://github.com/kubernetes/kubernetes/pull/49115

We need to fuzz other parts of Event with random value, otherwise
this round trip test will not make too much sense.
@sttts @ericchiang

Kubernetes-commit: f2ec610455f3756afebfcbd99c108abc86a5015d
 2017-08-29 13:17:13 +00:00
Cao Shufeng 24b54db39e run hack/update-all.sh 
Kubernetes-commit: 0410221c3fec1a54cde05104b92e44e13cddc77a
 2017-08-29 13:16:13 +00:00
Cao Shufeng 3468d049a7 upgrade advanced audit to v1beta1 
Kubernetes-commit: f4e8b8f1464e588306d5c1c4ffdc1a6cb1e9313b
 2017-08-29 13:16:13 +00:00
Dr. Stefan Schimanski 2c8f1ce1d5 apimachinery: remove pre-apigroups import prefix logic 
Kubernetes-commit: 8728576236698083f619c4fab06943b174f3fc61
 2017-08-29 13:16:10 +00:00
Jeff Grafton 6c539a43c6 Use buildozer to delete licenses() rules except under third_party/ 
Kubernetes-commit: a7f49c906df816123e7d4ccbd4cebab411519465
 2017-08-29 13:15:24 +00:00
Jeff Grafton 6caa2933ae Use buildozer to remove deprecated automanaged tags 
Kubernetes-commit: 33276f06be5e872bf53ca62a095fcf0a6b6c11a8
 2017-08-29 13:15:24 +00:00
Jeff Grafton f8c99c82f6 Autogenerate BUILD files 
Kubernetes-commit: cf55f9ed45e6df2431d47cfc5b9c9b30758527f1
 2017-08-29 13:15:23 +00:00
Cao Shufeng 4ace90bfb4 Return Audit-Id http header for trouble shooting 
Kubernetes-commit: 4a1e7ddaa6e0d2e92ce27d9846cfc8407e1fcb60
 2017-08-29 13:14:38 +00:00
Jeff Grafton 44942b068a Run hack/update-bazel.sh to generate BUILD files 
Kubernetes-commit: 3579017b865ddbc5449d6bba87346f086e4b93ff
 2017-08-29 13:13:51 +00:00
Dr. Stefan Schimanski 4f763bd819 Add missing ugorji codecs for auth/v1, settings/v1alphav1 and storage/v1 
Kubernetes-commit: 51df7cf59de2a7fbaad61e4a1a13598668028de5
 2017-08-29 13:13:07 +00:00
supereagle 2faadf8c85 update generated deepcopy code 
Kubernetes-commit: a1c880ece3574a2c7170e0d040489d56dd912e08
 2017-08-29 13:13:04 +00:00
Nikhita Raghunath 9e00357e52 fuzzer: remove unreachable code 
Kubernetes-commit: 365abedff55108ce9f96b5e186622b91a415cba2
 2017-07-28 13:56:11 +00:00
Dr. Stefan Schimanski aaf3784254 Unify fuzzers and roundtrip tests 
Kubernetes-commit: ecc811d263894ae54bbe62a3b1ba14847a260e95
 2017-07-28 13:56:11 +00:00
Dr. Stefan Schimanski e24df9a2e5 Update generated code 
Kubernetes-commit: 8dd0989b395b29b872e1f5e06934721863e4a210
 2017-07-19 03:49:08 +00:00
Dr. Stefan Schimanski 36b2f4560f deepcopy: add interface deepcopy funcs 
- add DeepCopyObject() to runtime.Object interface
- add DeepCopyObject() via deepcopy-gen
- add DeepCopyObject() manually
- add DeepCopySelector() to selector interfaces
- add custom DeepCopy func for TableRow.Cells

Kubernetes-commit: 39d95b9b065fffebe5b6f233d978fe1723722085
 2017-07-19 03:49:08 +00:00
Dr. Stefan Schimanski 8304eb8a20 audit: fix deepcopy registration 
Kubernetes-commit: ad23081273785668ee2520e5349cf0b05f64e41f
 2017-07-16 04:08:41 +00:00
Cao Shufeng af4570c690 update events' ResponseStatus at Metadata level 
ResponseStatus is populated in MetadataLevel, so we also update it in
MetadataLevel.

Kubernetes-commit: b6abcacb38d5da7c70ea9f3e6f673c8beeb90092
 2017-07-04 08:39:44 +00:00
Cao Shufeng 0ce81fed2f add validate for advanced audit policy 
This change checks group name and non-resrouce URLs format for audit
policy.

Kubernetes-commit: 7437b88386665ff4a16fe37d02818285636ec8ce
 2017-07-04 08:39:44 +00:00
Chao Xu 8be42ee0d0 run hack/update-all 
Kubernetes-commit: 60604f8818aecbc9c3736fbc32747cc0a535bc80
 2017-06-28 00:14:31 +00:00
Chao Xu e5d0493897 make all works. generated harmless covnersion/deepcoy chagnes 
Kubernetes-commit: 847b048fa0b2e83d4d4c39ceb37e9e0262d5a968
 2017-06-28 00:14:31 +00:00
Chao Xu 81b7aaaa7d run root-rewrite-import-client-go-api-types 
Kubernetes-commit: f2d3220a11111f86b2f481e70e3c1ca4f5896f44
 2017-06-28 00:14:31 +00:00
Chao Xu 150b64eff5 run hack/update-codegen.sh 
Kubernetes-commit: e185f7e2770039a799a21af9362ed999197dcc33
 2017-06-28 00:14:31 +00:00
Clayton Coleman 5f00d0e8e2 generated: protobuf with stable map ordering 
Kubernetes-commit: 606825eea47f41c72a3da1d4d2a769a340e1b69d
 2017-06-20 00:06:38 +00:00
Christoph Blecker 4587b5cf81 Update docs/ URLs to point to proper locations 
Kubernetes-commit: 1bdc7a29aee051ccef4bb21dcd9d43ee47b2a5d8
 2017-06-13 20:47:32 +00:00
Tim St. Clair fe3c2f4191 Generate protobuf for the audit API 
Kubernetes-commit: d7d54357205e62a2912ded53f2b307205bfccf2b
 2017-06-13 20:47:31 +00:00
Chao Xu 3f8656c5e3 generated defaults files 
generated bazel

Kubernetes-commit: 902c501595dfd044b3e7062e1518f7f3025751a5
 2017-06-13 20:47:30 +00:00
Dr. Stefan Schimanski f695ec4d4b audit-types: add Panic stage 
Kubernetes-commit: 3e9c8aaac689d9b0a11849b09aced266b48b3af8
 2017-06-13 20:47:29 +00:00
Tim St. Clair 8ff532a4cb Implement audit policy logic 
Kubernetes-commit: a5de309ee261aea15bb1cc12647b32640c2ac196
 2017-06-13 20:47:28 +00:00
Cao Shufeng 7618d3f6da Fix doc about Verb for advanced audit feature 
Kubernetes-commit: 312d117f51972fdaaf691100452942c61e163224
 2017-06-13 20:47:28 +00:00
Tim St. Clair 4fa7bd1587 Generated code 
Kubernetes-commit: 7bc9b3004956e84dd29ab66a7fb24e9924d960b7
 2017-06-13 20:47:28 +00:00
Tim St. Clair 2c15f760d9 Update audit API with missing pieces 
Kubernetes-commit: 4c98cab4dbccdc6ba005c08bf45c48aeb8e142b9
 2017-06-13 20:47:28 +00:00
Dr. Stefan Schimanski 94ea219615 Update bazel 
Kubernetes-commit: 9fdc36a47ada0bc34ee53b68edd085d368ed9012
 2017-06-13 20:47:28 +00:00
Dr. Stefan Schimanski f7d766d92d audit: add audit event to the context and fill in handlers 
Kubernetes-commit: 0b5bcb021932355b3ff7c2b45fb579f4adad84bf
 2017-06-13 20:47:28 +00:00