kubernetes
/
apiserver
mirror of https://github.com/kubernetes/apiserver.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
8,103 Commits 29 Branches 1,436 Tags 31 MiB
Commit Graph

543 Commits

Author SHA1 Message Date
Paweł Banaszewski 490f0b7444 Added Verb and Resource to request trace attributes 
Kubernetes-commit: fad094cb70c26f962c49d615b1f48326aa25181d
 2022-11-07 14:33:40 +00:00
David Ashpole aa161f2fc0 migrate apiserver utiltrace usage to component-base/tracing 
Kubernetes-commit: de26b9023f2872c5cd7e15fad5dd5ab649222c13
 2022-10-20 18:15:38 +00:00
Tim Allclair bd7c7f52c2 Consolidate AuditContext 
Kubernetes-commit: f1d684b7b60b39b7dc1eb4156307c593f0ba74e1
 2022-07-12 11:53:57 -07:00
scott 779d3eda81 Fix DeleteCollection API decode DeleteOptions fail 
The reason for the issue is that the apiserver uses the Scheme in the
global variable pkg/api/legacyscheme/scheme.go, and registers the
DeleteOptions corresponding to each APIGroup in the Scheme.  But
DeleteOptions in meta.k8s.io/v1 is not registered, resulting
in a notRegisteredErr.

Use metainternalversionscheme.Codecs as Serializer

Kubernetes-commit: e7d7f4a9e56fe5d9c10da437787118fe9ea9e5af
 2022-10-18 16:47:50 +08:00
Alex Zielenski c4a7c1b469 Allow timestamp transformer equalities to be configurable (#112158) 
* allow noop-ignoring transformer to be configurable

* consolidate timestamp equalities initialization

* remove extra plumbing

* fix typo

* remove CustomEqualities list

Kubernetes-commit: a9a1cdbd1531df06e27029686669a8fea99d44e8
 2022-09-28 10:56:34 -04:00
Shyam Jeedigunta f7e0cdae19 Reduce default gzip compression level from 4 to 1 in apiserver 
Kubernetes-commit: 7cd5e6597e7137aa3b37a7c7ade2bf831cb7aca9
 2022-09-07 13:23:53 -07:00
HaoJie Liu e1af448867 test: use bytes.Buffer.String 
Signed-off-by: HaoJie Liu <liuhaojie@beyondcent.com>

Kubernetes-commit: f55d658c1c8b4c59dcb33bd07285e62344ef0186
 2022-08-29 15:45:20 +08:00
Han Kang ce7b4d6e8c Add request body size metric 
Change-Id: Ica5d9b5457d4f844c4500b2c05b2f0631c27454c

Kubernetes-commit: 43c95cbf0682895cf5bb79452b1f011123ac4513
 2022-08-24 09:15:23 -07:00
Han Kang 270d177e30 add metric and test 
Change-Id: Ic2bcf39caef791b2e13448a97d2c3203ed1d94b9

Kubernetes-commit: 07020ab42e8f1a2e9d6fe4969c01d0f971324ae1
 2022-08-24 08:54:51 -07:00
Antonio Ojea ea69e5d51c remove DryRun feature gate checks 
Kubernetes-commit: a1bfb76458a219577884d312ceb93eb1bb3f7e39
 2022-08-26 11:33:56 +02:00
David Eads 6a7c6a0940 Revert "Add an option to conditionally disable compression based on client ip." 
This reverts commit 023583a15586328569ccab505db2f57f398e04b3.

Kubernetes-commit: 2f3ffbed2cffaaba63304318bc1d09b0144600ff
 2022-08-17 15:08:39 -04:00
Maciej Borsz 40280f9889 Add an option to conditionally disable compression based on client ip. 
Kubernetes-commit: 023583a15586328569ccab505db2f57f398e04b3
 2022-07-29 08:44:14 +00:00
Davanum Srinivas 7e94033a61 Generate and format files 
- Run hack/update-codegen.sh
- Run hack/update-generated-device-plugin.sh
- Run hack/update-generated-protobuf.sh
- Run hack/update-generated-runtime.sh
- Run hack/update-generated-swagger-docs.sh
- Run hack/update-openapi-spec.sh
- Run hack/update-gofmt.sh

Signed-off-by: Davanum Srinivas <davanum@gmail.com>

Kubernetes-commit: a9593d634c6a053848413e600dadbf974627515f
 2022-07-19 20:54:13 -04:00
Alexander Zielenski 43763b31c6 use more apt name for flag 
Kubernetes-commit: c2cbc460f2c5be07b0f5762005642625b06b6a75
 2022-07-20 10:45:21 -07:00
Alexander Zielenski feb8f08b78 guard usage of timestamp transformer under fieldManager non nil 
not strictly necessary for correctness, but it is not needed unless SSA is enabled

Kubernetes-commit: 48786d90da794bd1a0ef588f6393a0dddffcc400
 2022-07-20 08:58:28 -07:00
Alexander Zielenski c2e73305f9 add envar to disable non semantic updates feature 
enabled by default. can easily be changed in backports

Kubernetes-commit: 076051135d16b70c08d8d6382e73ef983614240f
 2022-07-14 11:28:10 -07:00
Alexander Zielenski 48eb70e1d1 benchmark and metrics for new timestamp transformer comparison 
add proper metrics

rename & improve documentation for path metric dimension

Kubernetes-commit: 40343793f7b9787b2d4b88f0a0439ce9e538075a
 2022-03-01 14:24:12 -08:00
Alexander Zielenski 81749c6ee9 revert timestamp updates to object if non-managed fields do not change 
add short-circuiting logic for long comaprison

replace timestamps rather than doing a full managed fields deepcopy

add guard

Kubernetes-commit: 7233538008489c189d09bb042fbabca97d9cdbaf
 2022-07-14 11:40:20 -07:00
Artur Żyliński e34c622d49 Add audit-id to storage traces 
Refactor GetAuditIDTruncated to use context instead of request

Kubernetes-commit: b1e12b01b6c578da3eb593805b48e9d4a69efe54
 2022-06-20 17:09:32 +02:00
Abirdcfly dde070e1ff cleanup: remove duplicate import 
Signed-off-by: Abirdcfly <fp544037857@gmail.com>

Kubernetes-commit: 00b9ead02c37921011ebe5293558cea5277cd295
 2022-04-24 20:58:04 +08:00
Tim Hockin 970b3ee9bb Initialize UID earlier in the Create process 
Before:
  Create()
      BeginCreate()
      BeforeCreate()
          init UID <---------------------
          strategy code

After:
  Create()
      init UID <-------------------------
      BeginCreate()
      BeforeCreate()
          strategy code

This also wipes UID early (suggested by David) and asserts it is set in
BeforeCreate().

Kubernetes-commit: 5615de51f9e768dd01d7fe49a48e8db756bd8ac8
 2022-06-17 15:32:25 -07:00
scott 91c6c18439 Fix issue that Audit Server could not correctly encode DeleteOption 
Kubernetes-commit: 286a67d78c5be2b9ee39ed9fe26aa5a232058832
 2022-05-18 20:23:16 +08:00
Han Kang a414002089 cleanup deprecated metrics and usages 
Kubernetes-commit: f223b900907b71431d7b6ceefa1642bb44fd9d84
 2022-06-01 11:55:14 -07:00
Davanum Srinivas 8a97d520ab Move from k8s.gcr.io to registry.k8s.io 
Signed-off-by: Davanum Srinivas <davanum@gmail.com>

Kubernetes-commit: 50bea1dad89930ad565526910aadc314b9e9f38b
 2022-05-10 08:30:09 -04:00
Guillaume Le Biller e6f50ae491 Update managedFields time when value is modified 
Kubernetes-commit: f681821fcf028e0e8082be6a9daf0a8ff9392a66
 2022-05-15 17:30:36 +02:00
Daniel Smith 088283fa36 Remove ClusterName 
Kubernetes-commit: 331525670b772eb8956b7f5204078c51c00aaef3
 2022-04-20 23:50:27 +00:00
Maciej Borsz 17c48c0f65 Improve Create/Update/Patch traces. 
Kubernetes-commit: 56769e794b757c541d1c7fef36a5507e52e3e7b2
 2022-04-20 07:30:12 +00:00
Sanskar Jaiswal d1bd5277fb Update comment and declaration of `storage.GuaranteedUpdate` to be clearer. 
Signed-off-by: Sanskar Jaiswal <jaiswalsanskar078@gmail.com>

Kubernetes-commit: f8df26ae803103f82edbf1efe17b1b169801b256
 2022-04-16 17:19:06 +05:30
Kensei Nakada dd6c8444f7 fix the doc about generateName conflict 
Kubernetes-commit: 0865b9eca3f36ecb1fe9664c77d5017ca3c79b29
 2022-03-23 01:08:37 +00:00
Tim Allclair 1e36b0a9fb Don't add audit annotations directly to the audit event 
Kubernetes-commit: bdebc62d49293a0fbbd7e0d95bfd94b1ce21015c
 2022-03-28 11:38:38 -07:00
Tim Bannister 8b7169efd9 Update generated docs 
Kubernetes-commit: de55f39f655816ecee9ab0b2c3842930cfe332a6
 2022-03-01 23:42:36 +00:00
Abu Kashem 1b651c5994 add latency tracker for storage and transform 
Kubernetes-commit: eca90856940e9251ecf3fde95c5e4d2d16f5ad68
 2022-02-01 18:13:03 -05:00
Daniel Smith cbbb5800c3 find and replace 
Kubernetes-commit: e405ae9ec8592bf028e351bab44de420908bac0d
 2022-03-17 18:50:38 +00:00
Wojciech Tyczyński 35d7dfb633 Prepare apiserver for operating on cached objects by not modifying them 
Kubernetes-commit: 7e434682e450e28d36f0ee4787e7b4672e8eb255
 2022-02-21 15:05:35 +01:00
Jordan Liggitt bacaca81ed set/validate object namespace before admission 
Kubernetes-commit: 92422a73053129a88ea48e62a44410103a400376
 2020-09-09 01:12:31 -04:00
Lukasz Szaszkiewicz 457184ab3a update the watch server to use EncoderWithAllocator during object serialization. 
It allows us to allocate a single buffer for the entire watch session and release it when a watch connection is closed.
Previously memory was allocated for every object serialization putting a lot of pressure on GC and consuming more memory than needed.

Kubernetes-commit: eda1b0c68ec166ee52c50e4a6ab682ce7227b6a5
 2022-02-17 16:04:50 +01:00
Wojciech Tyczyński e6794552b0 Remove Selflink from convertors 
Kubernetes-commit: 2169997dfea0a2f7ccf6911a745fc295793f70b4
 2022-01-19 13:54:18 +01:00
Wojciech Tyczyński 2d144f4c39 Ensure non-nil items in lists 
Kubernetes-commit: 8c1e8355f8efb322ad6e53229f0cbb14999a8fc2
 2022-01-14 10:14:17 +01:00
Wojciech Tyczyński 8268596b30 Remove unused selflink parameters from ContextBasedNaming 
Kubernetes-commit: 1e0b9c6e20a07f706e7ace39f417ea746fa05a3b
 2022-01-14 10:00:04 +01:00
Wojciech Tyczyński 5e8e1ff118 Relax to using namer instead of selflinker in API groupversion 
Kubernetes-commit: 0ad588b27b6845d9ece955bfdde0e2863b8e1394
 2022-01-13 16:34:56 +01:00
Wojciech Tyczyński 38d7003d33 Remove selflink setting from apiserver 
Kubernetes-commit: 0a674d3ed92ce6384e2e8018ca63cf2925474146
 2022-01-13 15:29:21 +01:00
Iceber Gu 7c3ebaea3a set RemainingItemCount to ParitalObjectMetadataList 
Kubernetes-commit: 45f52321e52c5e5705a1c7ad3c17e52de262f469
 2021-12-22 13:48:12 +08:00
Davanum Srinivas b840d63feb Cleanup OWNERS files (No Activity in the last year) 
Signed-off-by: Davanum Srinivas <davanum@gmail.com>

Kubernetes-commit: 497e9c1971c9e7d0193bc6d11503ec4ad527f1d5
 2021-12-10 15:18:50 -05:00
Davanum Srinivas 56a3a30ae1 Check in OWNERS modified by update-yamlfmt.sh 
Signed-off-by: Davanum Srinivas <davanum@gmail.com>

Kubernetes-commit: 9405e9b55ebcd461f161859a698b949ea3bde31d
 2021-12-09 21:31:26 -05:00
Abu Kashem 8949a1cdfc add trace step for transformResponseObject 
Kubernetes-commit: 41cef06f66dd4d7e87ff852dc228ab69587be9de
 2021-11-22 13:18:02 -05:00
Jordan Liggitt f0c214506c Return BadRequest for invalid large patch 
Kubernetes-commit: 2d307f47bd43902ee8f15751130dcbf4a4f775bf
 2021-11-21 09:13:37 -05:00
Kevin Delgado 59227ac996 Server Side Field Validation 
Implements server side field validation behind the
`ServerSideFieldValidation` feature gate. With the
feature enabled, any create/update/patch request
with the `fieldValidation` query param set to
"Strict" will error if the object in the request
body have unknown fields. A value of "Warn"
(also the default when the feautre is enabled)
will succeed the request with a warning.

When the feature is disabled (or the query param
has a value of "Ignore"), the request will succeed
as it previously had with no indications of any
unknown or duplicate fields.

Kubernetes-commit: e50e2bbc889eb274ad1463a54188a2805767bfde
 2021-08-18 02:25:36 +00:00
Antonio Ojea bcfc46c982 nolint:staticcheck,ineffassign Convert function 
Kubernetes-commit: 4bf93f318ac2cbf2f2d24da1991a5e5a4ded6143
 2021-11-16 18:59:09 +01:00
Antonio Ojea 4662dacdd3 migrate nolint coments to golangci-lint 
Kubernetes-commit: d126b1483840b5ea7c0891d3e7a693bd50fae7f8
 2021-11-16 16:57:58 +01:00
Alexander Zielenski 01b1d339b3 verify liveObj not returned by manager pipeline 
addresses feedback by adding a test to make sure that the manager pipeline will not return the same instance used as input, and that the output does not input managedFields

Kubernetes-commit: 68e175ef68eff1351917ac206fb29abe42128062
 2021-11-10 14:41:14 -08:00
Alexander Zielenski e2b596449a remove mutation of liveObj in fieldManager.Apply 
also document manager interface

Kubernetes-commit: 0963704178200365897390d1834615b30fac9b01
 2021-11-09 11:40:20 -08:00
Alexander Zielenski 13e927c892 guard against modification of test inputs in TestNoOpChanges 
Kubernetes-commit: 14b67bece4a9bb33adc23dcbbddd76a5cfe0c152
 2021-11-09 11:39:46 -08:00
Abu Kashem fea88b8efd drop managed fields from audit entries 
drop the managed fields of the objects from the audit entries when we
are logging request and response bodies.

Kubernetes-commit: bbc59348318c29199e23b27981fb56436ac68705
 2020-10-12 13:18:59 -04:00
Maciej Borsz 7bf60762ac Update writers.go 
Kubernetes-commit: f0c7c9abc92e9e32b4f83281f60d76bf25eed579
 2021-10-25 13:35:43 +02:00
Abu Kashem 6013da2b94 apiserver: wrap ResponseWriter using abstraction 
Kubernetes-commit: 0d50c969c587c8a6c16e0962118305ac652c5a6b
 2021-09-20 11:21:56 -04:00
Abu Kashem d53acfe201 apiserver: store (event, evaluated policy) pair in request context 
Kubernetes-commit: 8be823b0b0270e1b979b3d4c6e683e1daa0f2e01
 2021-09-20 17:43:16 -04:00
CKchen0726 5c4bb8bb6a remove invalid nil check 
Kubernetes-commit: 3f1675312042cd855a39200c4bff8020cc0922de
 2021-09-13 21:04:31 +08:00
Dr. Stefan Schimanski 5210be757e server-side-apply: print object name in SHOULD NOT HAPPEN message 
Kubernetes-commit: dc6f471e2cceb7aebb62fe2e4bd7c9ce53df6ff0
 2021-09-06 08:35:47 +02:00
Antoine Pelisse 56458d94fe Add name and namespace to structuredmerge errors 
Kubernetes-commit: 5b3c226c34af328d6bd46866e806589189d44f4d
 2021-08-12 15:53:54 -07:00
j2gg0s 1f934a9364 apiserver: avoid repeated loading context for requestInfo in Namer.Name 
Kubernetes-commit: 9cee586ee98bf7b5377ea04a8980f7f3fdbe5ec2
 2021-07-28 19:04:48 +08:00
Kevin Delgado 4a4149c8b0 remove apiserver impor from client-go 
Kubernetes-commit: af11c4ac9be74115dfd35ce6f18cfa0440fc3458
 2021-07-27 20:46:40 +00:00
Kevin Delgado a8a3bb4200 rename cache, add to integration test 
Kubernetes-commit: 604db6eb2ada446e78152685943253455b5ec888
 2021-07-19 20:04:27 +00:00
Kevin Delgado 613f696b0b Manually set GVK in extract, add commentary to extractor 
Kubernetes-commit: dda31bbf2e7a94624e3679e3db56c95e66509ce0
 2021-07-08 01:56:58 +00:00
Kevin Delgado 09e56ead9d Initial UnstructuredExtract without caching 
Kubernetes-commit: 6e481c5db19cda1ef1b7506c22c0046e440c7fe2
 2021-07-03 00:05:11 +00:00
njuptlzf dd5fc094cd Use objGV instead of gvk.GroupVersion 
Kubernetes-commit: 15c4d579f08335f33555d3cab5eff41c74e671b9
 2021-06-02 14:27:30 +08:00
Kasakaze f0159a94e3 Simplify objGV construction 
Co-authored-by: Jordan Liggitt <jordan@liggitt.net>

Kubernetes-commit: 58d7bf67d4694d52610097c72fe79012e19c5da0
 2021-06-02 10:53:05 +08:00
Kasakaze da0758027d Simplify objGV construction 
Co-authored-by: Jordan Liggitt <jordan@liggitt.net>

Kubernetes-commit: b9b01a0f901513370cf3e981544a79f57e321d67
 2021-06-02 10:52:44 +08:00
Kasakaze e7a594074a Simplify objGV construction 
Co-authored-by: Jordan Liggitt <jordan@liggitt.net>

Kubernetes-commit: 19c72a6cd05da805b1bec9fe567614ef82bf7beb
 2021-06-02 10:52:35 +08:00
Kasakaze 1b73b18c80 Simplify objGV construction 
Co-authored-by: Jordan Liggitt <jordan@liggitt.net>

Kubernetes-commit: 0ae6a7bac6ba268c59e82222d69ad91e381e79bc
 2021-06-02 10:52:22 +08:00
njuptlzf 790f5a21a7 Fix auditing failed of request: encoding failed 
Kubernetes-commit: 329f7d55d1344f728e28ce49728234f9f8f4c5d3
 2021-05-17 02:31:08 +08:00
Julian V. Modesto f753bce9f8 Make a public ValidateAnnotationsSize 
Kubernetes-commit: 2e771b8e745c4a3be0d5bae3a6dc94087284c73b
 2021-05-25 16:01:38 -04:00
Julian V. Modesto a01d02b7fd Make validation totalAnnotationSizeLimitB public. 
Replace the forked totalAnnotationSizeLimitB with
apimachineryvalidation.TotalAnnotationSizeLimitB.

Kubernetes-commit: 55ff96301797a503b6ee1d09f0eb2ffc827f01b1
 2021-05-18 17:28:11 -04:00
Julian V. Modesto c10cbf5412 Respect annotation size limit for SSA last-applied. 
To support CSA and SSA interoperability, SSA updates the CSA
last-applied annotation.

This change ensures we don't set a big last-applied annotation if the
value is over the annotation limits.

Also, make sure that it's possible to opt-out of this behavior by
setting the CSA annotation to "" the empty string.

Kubernetes-commit: 6054320be1e50a450e9d1e19a79caa96f2035d4d
 2021-05-18 15:06:48 -04:00
zhuangqh 640ba0e40e docs: fix outdated enhancement doc link 
Signed-off-by: zhuangqh <zhuangqhc@gmail.com>

Kubernetes-commit: adf28648cb32d17cd186a6c7e8b264419e6d0759
 2021-02-24 15:22:50 +08:00
Abu Kashem b84fa01322 add more context to post timeout request activities 
Kubernetes-commit: 66587afb60b10569aa4ed35d53a4a91fcc40abd2
 2021-04-09 12:09:35 -04:00
Lukasz Szaszkiewicz a9e68c9b32 let objects without metadata pass through the managedFields admission controller 
Not all objects provide metadata. There might be extention servers that allow for creating objects without the metadata field.

This PR changes the managedFileds admission to deal with objects without the metadata field.
Object without that field will be passed directly to the wrapped admission controller for further validation.

Kubernetes-commit: 3dbaf305ae1e52105a338987f3770ff104def68b
 2021-04-29 14:08:36 +02:00
Andrea Nodari ca3910bf4a Add nil path to mapping when a CR has no "scale" subresource 
This is to prevent the ScaleHandler to drop the entry. In this way
entries just get ignored.

Kubernetes-commit: 5b666a61a170f61c7e223085478b24a03612fa99
 2021-04-18 13:55:15 +02:00
Andrea Nodari a178a9c5d1 Drop managed fields entries with unknown fields 
This is aligned to the behaviour of server-side apply on main resources.

Kubernetes-commit: c10dd884c494734d12aceb41daaccd1d8da9356b
 2021-04-09 17:17:23 +02:00
Andrea Nodari 9c3786c066 Do not add managed fields if a scale entry doesn't own replicas 
This happens when a request changes the .status.replicas but not
.spec.replicas

Kubernetes-commit: 8e4b5c849b67b3a12dbd63391a4e75234382ba2c
 2021-04-04 19:05:45 +02:00
Andrea Nodari 8c0975e184 Check request info when updating managed fields during scale 
- Test all versions to make sure each resource version is in the
  mappings
- Fail when request info contains an unrecognized version. We have tests
  that guarantee that all known versions are in the mappings. If we
  get a version in request info that is not there we should fail fast to
  prevent inconsistent behaviour (e.g. for some reason the mappings is
  not up to date).

Ensure all known versions are in mappings

Kubernetes-commit: 09649e58b5a1368929e194991a763afc8011795e
 2021-03-11 16:51:46 +01:00
Antoine Pelisse ddd271ff4e Use ScaleHandler for all scalable resources 
Kubernetes-commit: 816e80206c169006de9d0a76cd385ee31c5aff39
 2021-03-11 11:05:05 -08:00
Andrea Nodari 8df8282eaf Track ownership of deployments scale subresource 
Kubernetes-commit: a9ea98b3b9272a7f7788a0d37891e4b13b9be38d
 2021-01-23 18:50:14 +01:00
Andrea Nodari 2ec597ed01 Add "subresource" field to ManagedFieldEntry 
This field is useful to namespace the managed field entries of a
subresource and differentiate them from the ones of the main resource.

Kubernetes-commit: 862d256195adf3be5475b1a6935e5feb78f884a5
 2021-02-27 17:16:46 +01:00
Jordan Liggitt b97dfc761c allow evictions subresource to accept policy/v1 and policy/v1beta1 
Kubernetes-commit: 33ad842480353f2816873bf728d75333948e4817
 2021-03-31 16:54:55 -04:00
Kevin Delgado ea32c4f47f Chain the field manager creation calls in newDefaultFieldManager and test 
Kubernetes-commit: d37461180a1e5a52aeb85cf5853e000acfeb852d
 2021-04-13 16:15:25 +00:00
Abu Kashem bb69e234a6 apiserver: improve correlation by using the audit ID 
- when we forward the request to the aggregated server, set the audit
  ID in the new request header. This allows audit logs from aggregated
  apiservers to be correlated with the kube-apiserver.
- use the audit ID in the current tracer
- use the audit ID in httplog
- when a request panics, log an error with the audit ID.

Kubernetes-commit: b607ca1bf3e1cf6152c446ea61ac7fdd9014e1f1
 2021-03-02 19:27:43 -05:00
Abu Kashem bf34b41185 refactor finishRequest 
Kubernetes-commit: a8ff821a19b819a54a54d027ec631eab2ffaedc3
 2021-03-22 18:01:33 -04:00
Abu Kashem 28c097bee7 move FinishRequest to its own package 
Kubernetes-commit: 393a1f73fbaa1bf1facb8882eaf4fead16b94f58
 2021-03-22 16:39:14 -04:00
Antoine Pelisse 49b6ebdaae fieldmanager: Strip managedfields BEFORE we update the timestamp 
Kubernetes-commit: c8be9651ce0de1eee3fa785882fe01dee4b15d37
 2021-03-09 12:46:07 -08:00
Danil-Grigorev de3d390777 Make selectors atomic 
Ensure that all label selectors are treated as atomic values,
to exclude situations when selectors are being corrupted by
different actors attempting to apply their overlapping definition
for this field with server-side-apply.

Kubernetes-commit: d8a7764b6396b90313ae7bd50a845f4da4705d67
 2021-01-12 18:29:56 +01:00
Kevin Delgado 86db6c67fb Server-Side Apply: Status Wiping/Reset Fields 
Adds and implements ResetFieldsProvder interface in order to ensure that
the fieldmanager no longer owns fields that get reset before the object
is persisted.

Co-authored-by: Kevin Wiesmueller <kwiesmul@redhat.com>
Co-authored-by: Kevin Delgado <kevindelgado@google.com>

Kubernetes-commit: a1fac8cbd9289d95db4831a83239292ed56ce59d
 2021-03-09 23:54:55 +00:00
Kevin Wiesmueller b101f44b76 cleanup managedFields admission and test 
Kubernetes-commit: 2d1ba0c35829a2f146a712d49cb21f382c9894cb
 2021-03-04 23:20:51 +01:00
Kevin Wiesmueller 8ef7c0686d only use managedFields decoding for admission check 
Kubernetes-commit: 98d498117b5566c1229d754d97923f61600660d8
 2021-03-01 20:29:15 +01:00
Kevin Wiesmueller 7c5bd1b084 harden managedFields decoding 
Kubernetes-commit: 470ad03d076cae44bc98c64a08eea32e65f1bb9f
 2021-03-01 19:58:56 +01:00
Kevin Wiesmueller 543879f479 fix test dependencies 
Kubernetes-commit: 295e47f60b64332ef4e3268db282184357440675
 2021-02-26 20:33:36 +01:00
Kevin Wiesmueller e4b883c5c7 update licenses and bazel 
Kubernetes-commit: 1a8e2bf0358651151a6440717b4de1f662c4571b
 2021-02-26 20:14:22 +01:00
Kevin Wiesmueller 04593d2277 prevent fieldManager admission from wrapping nil 
Kubernetes-commit: 22dfa6ae1b431cb8e8afe72ce7d60360bf766337
 2021-02-26 20:14:11 +01:00
Kevin Wiesmueller a69b2cb302 use existing validation code and decoding in fieldManager admission 
Kubernetes-commit: fc1841d72f7418dd2606fb796f2a1b664bb3a721
 2021-02-26 20:03:10 +01:00
Kevin Wiesmueller f9c68c0e80 export and cleanup managedFields decoding 
Kubernetes-commit: 589ca1be1c9e75b1730feacd1af6e2c817f693ac
 2021-02-26 17:47:52 +01:00
Kevin Wiesmueller 82e671a5f8 add managedFields admission 
Kubernetes-commit: f86b59ab79227929e7f283b859b4c59317399807
 2021-02-11 16:22:16 +01:00
Kevin Wiesmueller 81cd3ef7b0 fix admission controller 
Kubernetes-commit: 429a96da5e856c435b08b50791d462120724c475
 2021-02-11 16:11:43 +01:00
Kevin Wiesmueller 7da058f6bb disable webhook for testing 
Kubernetes-commit: ffbae9c5b4a3df9f7400d0047a5d7a957adf295d
 2021-02-01 17:56:49 +01:00
Kevin Wiesmueller 08a5711ffb update bazel 
Kubernetes-commit: a06f981fb1388976cd6427d7a4284d36dd2f2448
 2021-01-14 20:33:50 +01:00
Kevin Wiesmueller a29734176f use managedFields admission controller in create/patch/update 
Kubernetes-commit: 3d306e222de3b13a55030a53fef93622bb300646
 2021-01-14 20:15:11 +01:00
Kevin Wiesmueller 4a5fdad93b implement managedFields admission controller 
Kubernetes-commit: d5ae113e8dfba62709b1fccb8dbc26c6dde9b3e5
 2021-01-14 20:14:38 +01:00
chymy f5152b019f Fix static failures for vendor/k8s.io/apiserver/pkg/endpoints/handlers 
Kubernetes-commit: 04515b9c0a8634ddbb48883cdceb1c265ae97015
 2021-02-26 21:01:55 -05:00
Alan Zhu 3292215ff4 at most every may result in less than expected times if overloaded 
Signed-off-by: Alan Zhu <zg.zhu@daocloud.io>

Kubernetes-commit: 67234271ef50da475b4627b484b3b45ee54e8f8d
 2021-02-25 16:27:42 +08:00
Maciej Borsz b4f179e734 Use more real world examples in BenchmarkSerializeObject 
Kubernetes-commit: f01f2b122923798d60893c6c189a204b94fe5723
 2021-02-18 10:56:51 +01:00
Tim Bannister b29ffb4398 Update generated code 
Kubernetes-commit: 284e03e1abde67cae5520a9b61497a71cca78e90
 2021-02-15 22:50:30 +00:00
Maciej Borsz f407d7228e Add BenchmarkSerializeObject* benchmarks 
Kubernetes-commit: 2228d7ce2650ba4cc5811a761d9f54e09ea6d99e
 2021-02-17 15:03:53 +01:00
yoyinzyc 74c8267082 add context to metrics in apiserver/endpoint 
Kubernetes-commit: 266d67bd5124725befe775d580289b67a59f496c
 2021-01-20 13:13:00 -08:00
Abu Kashem 026eb846a4 apiserver: plumb context with request deadline 
- as soon as a request is received by the apiserver, determine the
  timeout of the request and set a new request context with the deadline.
- the timeout filter that times out non-long-running requests should
  use the request context as opposed to a fixed 60s wait today.
- admission and storage layer uses the same request context with the
  deadline specified.

we use the default timeout enforced by the apiserver:
- if the user has specified a timeout of 0s, this implies no timeout on the user's part.
- if the user has specified a timeout that exceeds the maximum deadline allowed by the apiserver.

Kubernetes-commit: e416c9e574c49fd0190c8cdac58322aa33a935cf
 2020-11-26 23:53:20 -05:00
David Eads 67507290ad finish removal of exportoptions 
Kubernetes-commit: 37cc89ed8d5194f288bc9f9633e6142647631a07
 2021-01-22 09:21:56 -05:00
Maciej Borsz 78e27f49d3 Add trace to SerializeObject 
Kubernetes-commit: e93836d9b35f5ec231da91807f00dab3d1a28fd9
 2021-01-12 09:45:43 +01:00
lala123912 5d990a9e20 staging\src\k8s.io\apiserver\pkg\endpoints:migrate to structured logs 
Kubernetes-commit: 12076ff3e587be00f1ef52e546fa3a3a85d41e7b
 2021-01-15 15:23:55 +08:00
Dr. Stefan Schimanski a2b6f03b6e apiserver: print unknown responsewriter error strings, not only %#+v 
Kubernetes-commit: b0ecbbc3cbd9bd811d5498a1dd95d516bcd82434
 2020-11-26 13:39:56 +01:00
Rajalakshmi-Girish c41f156212 fixes the unit tests to be more tolerant with error messages 
Kubernetes-commit: 98948ad8092b41ebc08d50aa557b2d7ba5496e7d
 2020-11-27 08:21:56 +00:00
Jie Shen 7dd2afd324 Revert "Cleanup: remove sanity check for CVE-2019-11253" 
Kubernetes-commit: e3df70364594cdb7d0b321a405f1c0718c2c9b54
 2020-12-11 09:38:21 +08:00
drfish 95a1d549eb Cleanup sanity check for CVE-2019-11253 
Kubernetes-commit: 4ac5844ec076e9bcc31fd0a79ca17eaf4fb1bdb3
 2020-12-08 23:19:21 +08:00
Ken Sipe 92af261bb8 fix SA2006 value of err not used 
Signed-off-by: Ken Sipe <kensipe@gmail.com>

Kubernetes-commit: a549d0a75e3a09d26f3a316982ff3711be4ed1d2
 2020-06-25 17:23:37 -05:00
Ken Sipe 8877e7bd70 fix S1039 unnecessary use of fmt.Sprintf 
Signed-off-by: Ken Sipe <kensipe@gmail.com>

Kubernetes-commit: 168677400c964fe823b985db35b5e1473db17b0f
 2020-06-25 17:04:41 -05:00
lala123912 36a172d35e Code optimization for add additional information to log trace in api server 
Kubernetes-commit: 5d61e18a4343773105e39c36b944b4f223e70eaf
 2020-11-23 16:27:05 +08:00
Tim Hockin c2f3123308 Make tests deal with old and new topology labels 
Kubernetes-commit: 3bd337baf487a0ad9d748e7e0362b3d1b5eb5c4d
 2020-11-06 08:47:32 -08:00
Jordan Liggitt cec339c07a Revert "plumb context with request deadline" 
This reverts commit 83f869ee1350da1b65d508725749fb70d0f535f2.

Kubernetes-commit: afd92b3b3ea8fa8e3dbe2521d6ce213c809d25c7
 2020-11-19 18:15:04 -05:00
Haowei Cai 77d77260fb unit and integration tests 
apiserver dedups and adds warning in CREATE/UPDATE/PATCH requests;
also handles duplication caused by mutating admission.

Kubernetes-commit: 8bcf34a203efa596ac3b65da9afd6b6c764e78a9
 2020-11-18 12:46:20 -08:00
Haowei Cai 00bc4d7843 apiserver dedups owner references and adds warning 
for CREATE and UPDATE requests, we check duplication before managedFields
update, and after mutating admission; for PATCH requests, we check
duplication after mutating admission

Kubernetes-commit: ffc54ed1d2cbf4396fcc498beeb6ad34ac3df69c
 2020-11-18 12:35:45 -08:00
Abu Kashem 46e3e4810e plumb context with request deadline 
- as soon as a request is received by the apiserver, determine the
timeout of the request and set a new request context with the deadline.
- the timeout filter that times out non-long-running requests should
use the request context as opposed to a fixed 60s wait today.
- admission and storage layer uses the same request context with the
deadline specified.

Kubernetes-commit: 83f869ee1350da1b65d508725749fb70d0f535f2
 2020-10-30 16:30:05 -04:00
Jefftree c13cd1f0d3 Make versionconverter functions private 
Kubernetes-commit: 1f986cc69d8ac5b579ccc2e6817fd0a07903692b
 2020-10-22 13:21:38 -07:00
Jefftree ce4c2eff1a Reuse SSA type converter for resources in the same API Group 
Kubernetes-commit: 7182d84b109bb1c928bd5bf92d8c175432b9eeae
 2020-10-20 11:16:51 -07:00
Andrea Nodari b4becfdb04 Add yaml util to unmarshal numbers into int/float 
Kubernetes-commit: 04d972cb4bab108b12f181f86b7c0f0854a1037a
 2020-10-23 17:26:10 +02:00
Joe Betz 2c72507385 Tag LabelSelector with +structType=atomic 
Kubernetes-commit: 8874bdf00402b55cf5ede88a5ba4dfc94e9f4399
 2020-08-11 11:34:15 -07:00
Antoine Pelisse d0b4a78e16 Do not update managedFields timestamp when they don't change 
Kubernetes-commit: fedc0b7093e396aaf1fca7fd6f145a0f3cfd5c47
 2020-10-01 10:53:16 -07:00
Andrea Nodari 618f4b129a Make the creation of namespace using POST and PATCH consistent 
PATCH verb is used when creating a namespace using server-side apply,
while POST verb is used when creating a namespace using client-side
apply.

The difference in path between the two ways to create a namespace led to
an inconsistency when calling webhooks. When server-side apply is used,
the request sent to webhooks has the field "namespace" populated with
the name of namespace being created. On the other hand, when using
client-side apply the "namespace" field is omitted.

This commit aims to make the behaviour consistent and populates the
"namespace" field when creating a namespace using POST verb (i.e.
client-side apply).

Kubernetes-commit: 3cb510e33eecbdc37aad14f121396ccfbf5268cb
 2020-09-21 12:13:12 +02:00
Andrea Nodari 99200040ed Do not allow manual changes to manageFields via subresources 
If a request tries to change managedFields, the response returns the
managedField of the live object.

Kubernetes-commit: c522ee08a3d248ec1097e3673119ffa7a4e1ef7b
 2020-07-14 17:42:54 +02:00
Lukasz Szaszkiewicz ac3c7faf5d deferredResponseWriter returns after calling the Close() method 
previously all sorts of errors including a data race were possible because deferredResponseWriter resets the writer and returns it to the pool.

an attempt to write to a nil writer will lead to "invalid memory address or nil pointer dereference"
sharing the same instance of deferredResponseWriter might lead to "index out of range [43] with length 30" and "recovered from err index > windowEnd" errors

Kubernetes-commit: e6f98311d00f083c1b980ed7434d2e9769fa921f
 2020-09-07 12:42:36 +02:00
wojtekt 14d59e2950 Stop setting SelfLink in kube-apiserver. 
Kubernetes-commit: 2539912a2245a53f6612100a32af96dd71a2ad4f
 2019-07-26 15:48:37 +02:00
Julian V. Modesto dea021183c Add tests for managed fields tracking. 
- Test that client-side apply users don't encounter a conflict with
server-side apply for objects that previously didn't track managedFields
- Test that we stop tracking managed fields with `managedFields: []`
- Test that we stop tracking managed fields when the feature is disabled

Kubernetes-commit: f2deb2417a6c542c54606ab17376b26ef1552b87
 2020-07-16 17:14:35 -04:00
Ken Sipe ce7f425acc fix S1002 omit comp to bool 
Signed-off-by: Ken Sipe <kensipe@gmail.com>

Kubernetes-commit: e8878687b18fd961e9f3e29c1c46fe018157a77d
 2020-06-26 10:36:38 -05:00
Antoine Pelisse c4c20f4f7d Update SMD to v4.0.1 and kube-openapi 
Kubernetes-commit: f4c145511a0bb62ea7ee1f2154945c84c17ffcd5
 2020-08-10 13:02:25 -07:00
Joe Betz 97937c66f2 Revert nested trace PR#88936 
Kubernetes-commit: 02cf58102a61b6d1e021e256381ff750573ce55d
 2020-07-20 09:55:05 -07:00
Julian V. Modesto fac7ebd95f Implement server-side apply upgrade & downgrade. 
- Allow client-side to server-side apply upgrade.

  Ensure that a user can change management of an object from client-side apply to
  server-side apply without conflicts.

- Allow server-side apply to client-side downgrade.

  For an object managed with client-side apply, a user may upgrade to
  managing the object with server-side apply, then decide to downgrade.

  We can support this downgrade by keeping the last-applied-configuration
  annotation for client-side apply updated with server-side apply.

Kubernetes-commit: e4368eb67e363d3d03f81214a8929268d2fe88ff
 2019-10-02 11:13:40 -04:00
Joe Betz 7a467399ac Enable nested tracing, add request filter chain tracing incl. authn/authz tracing 
Kubernetes-commit: b12ac0abc64adb71d97fbde12f373b1424631f20
 2020-03-06 16:11:21 -08:00
Joe Betz 5bb316ec73 Bump to sigs.k8s.io/structured-merge-diff 43c19b to pick up unsetting fields changes PR#166 
Kubernetes-commit: 11c38a9c703b825c61d6490e8da85202b760f3b1
 2020-06-26 20:05:34 -07:00
Joe Betz ee219411ed Add ResourceVersionMatch parameter to make Resource Version semantics consistent for list 
Kubernetes-commit: e214f2408b59c745c199645547948a8ad2a87ac2
 2020-05-29 10:44:26 -07:00
AkashSarda e0d29c69be Migrate API server logs to Structured logging framewrok 
Kubernetes-commit: af60e7b34d59d635740880a03e7e2587ec9ba041
 2020-06-17 21:06:35 +00:00
Antoine Pelisse 025116d4fa Fix fieldType being dropped by older go-clients 
Kubernetes-commit: 3f10709e4ce7e14fa9efc019ade3e99bb0a84b8a
 2020-04-30 13:38:23 -07:00
Antoine Pelisse 3b7411b225 FieldManager: Reset if we receive nil or a list with one empty item 
Kubernetes-commit: ed2cf6ef2cc4f4d358eee038d2d87387614bbf45
 2020-05-21 13:23:30 -07:00
Antoine Pelisse cc0f41ad59 fieldManager: Ignore and log all errors when updating managedFields 
Kubernetes-commit: 5378a788e471a18594c446888306d826d3b44661
 2020-05-08 12:48:09 -07:00
Wei Huang a67f43f565 Remove `EvenPodsSpread` featuregate and related logic 
Kubernetes-commit: 133dde63589bfb9f149607d1e8f6ae519d41719f
 2020-05-27 14:24:26 -07:00
Tariq Ibrahim d8082ddfe6 s/RelicaSets/ReplicaSets 
Kubernetes-commit: 9760dec9dc84d68c6613887128de192b4a66feff
 2020-04-29 12:59:05 -07:00