Jordan Liggitt
b3ad9fb4e3
Generate and format files
...
- Run hack/update-codegen.sh
- Run hack/update-generated-device-plugin.sh
- Run hack/update-generated-protobuf.sh
- Run hack/update-generated-runtime.sh
- Run hack/update-generated-swagger-docs.sh
- Run hack/update-openapi-spec.sh
- Run hack/update-gofmt.sh
Replay of a9593d634c6a053848413e600dadbf974627515f
Kubernetes-commit: 15d9d196476d64482189f00f1cf1a2061aea5b35
2022-11-16 11:39:18 -05:00
Tim Allclair
237dd3829d
generated files
...
Kubernetes-commit: a67b32ce9c7f1da293a8bb0fc98d3d15f111e660
2020-09-09 12:01:51 -07:00
Tim Allclair
5b8a366d87
Document the sources for the sourceIPs audit log field
...
Kubernetes-commit: 3fa086bcded1dfb7c4889ee28b95535d056b3408
2020-07-24 13:10:25 -07:00
carlory
871a4b7200
remove audit.k8s.io/v1[alpha|beta]1 versions
...
Kubernetes-commit: fcc282f9f2050aaa4007d6f0444b0f4972925fea
2022-02-13 13:23:49 +08:00
Jordan Liggitt
4d0c0a45de
Regenerate protobuf
...
Change-Id: I2a563514955d7fc7559ceb7afb73df08ace8fd8b
Kubernetes-commit: 48a1c729a0c934ea7f6b893b823c9f6279aa763f
2022-02-26 18:02:52 +00:00
John Howard
bd426ef17c
go-to-protobuf: regenerate with full go_package
...
Kubernetes-commit: 0f93e4da63ea9f98d993758a30d996be672847b7
2021-11-23 09:40:00 -08:00
Mike Spreitzer
259f814897
Order suggested FlowSchemas by matching precedence
...
Kubernetes-commit: 798fc67a3711d83af4b25241e17b80fbcf46e9fd
2022-01-12 21:40:22 -05:00
Wojciech Tyczyński
5ff0f3f2c7
Update default PF flow schemas to avoid all endpoint/configmaps operations from controller-manager to match leader-election PL
...
Kubernetes-commit: 849952813be756783c3ed73ae73b34bc5143747a
2021-11-29 20:21:07 +01:00
Davanum Srinivas
56a3a30ae1
Check in OWNERS modified by update-yamlfmt.sh
...
Signed-off-by: Davanum Srinivas <davanum@gmail.com>
Kubernetes-commit: 9405e9b55ebcd461f161859a698b949ea3bde31d
2021-12-09 21:31:26 -05:00
Abu Kashem
8e027735f7
apiserver: add OmitManagedFields to audit API
...
Kubernetes-commit: 9ed4bc91d5cc9de236d9f868a0f29263aec4b33e
2021-10-06 14:47:19 -04:00
Paco Xu
d1458891b4
remove deprecated validEgressSelectorNames 'master' ( #102242 )
...
* remove deprecated validEgressSelectorNames 'master'
Signed-off-by: pacoxu <paco.xu@daocloud.io>
* update gce configure: replace deprecated egress name 'master' with 'controlplane'
Signed-off-by: pacoxu <paco.xu@daocloud.io>
* add dup error for EgressSelection & fix converting alpha/beta to v1 name
Kubernetes-commit: a48a2efbd45ad77901dd09f2665d8cc1e1d8dbf6
2021-09-16 22:09:46 +08:00
Abu Kashem
db8aff032b
apf: update apf logic to use v1beta2
...
Kubernetes-commit: 28f2b42a4116a9223113e8b152e02a4f1e602ff4
2021-08-16 17:53:57 -04:00
Stephen Augustus
771ffe6475
generated: Run hack/update-gofmt.sh
...
Signed-off-by: Stephen Augustus <foo@auggie.dev>
Kubernetes-commit: 481cf6fbe753b9eb2a47ced179211206b0a99540
2021-08-12 17:13:11 -04:00
David Ashpole
5927da0040
Add distributed tracing to the apiserver using OpenTelemetry
...
Kubernetes-commit: 79550ed40c67a70534c1cb697e1fb7e7dbf96335
2021-06-25 05:20:16 -07:00
Abu Kashem
df062f56c2
add auto update for apf bootstrap configuration
...
Take the following approach:
On a fresh install, all bootstrap configuration objects will
have auto update enabled via the following annotation :
`apf.kubernetes.io/autoupdate: 'true'`
The kube-apiserver periodically checks the bootstrap configuration
objects on the cluster and applies update if necessary.
We enforce an 'always auto-update' policy for the mandatory
configuration object(s).
We update the suggested configuration objects when:
- auto update is enabled (`apf.kubernetes.io/autoupdate: 'true'`) or
- auto update annotation key is missing but `generation` is `1`
If the configuration object is missing the annotation key, we add
it appropriately:
it is set to `true` if `generation` is `1`, `false` otherwise.
The above approach ensures that we don't squash changes made by an
operator. Please note, we can't protect the changes made by the
operator in the following scenario:
- the user changes the spec and then deletes and recreates
the same object. (generation resets to 1)
remove using a marker
Kubernetes-commit: 759a64136b0d4619d5535adb79a8367e124b06c6
2021-01-12 16:12:13 -05:00
Maciej Borsz
b0d1b1af17
Add "node-high" priority-level
...
Kubernetes-commit: 8d6e76f2766e51177ee50a1fba09bc5b04d6ce53
2021-04-15 16:24:02 +02:00
Monis Khan
bd0605a728
audit: make stage consts use correct type
...
Signed-off-by: Monis Khan <mok@vmware.com>
Kubernetes-commit: 84ac2398da2be7810d311c4bc9f7358618ed193b
2021-04-09 12:29:20 -04:00
Abu Kashem
64517a3e40
apf: exempt probes /healthz /livez /readyz
...
Kubernetes-commit: 4447f2459aae1d916742eb1cb129d9438adcea9a
2021-03-30 12:55:30 -04:00
carlory
146083d06b
deprecate audit.k8s.io/v1[alpha|beta]1 versions
...
Kubernetes-commit: cad9c245b84fd16cbb5bf240622af07ce7bc3585
2021-02-08 11:22:29 +08:00
Nabarun Pal
e1246225c0
update gogo/protobuf to v1.3.2
...
gogo/protobuf@v1.3.2 fixes https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3121
Ref: https://github.com/kubernetes/client-go/issues/927
Signed-off-by: Nabarun Pal <pal.nabarun95@gmail.com>
Kubernetes-commit: 9cada2ec3ba793597606a1df1375ff8e8311ccf3
2021-01-27 18:01:27 +05:30
Adhityaa Chandrasekar
b8c96b50e9
APF defaults.go: use already defined catch-all name constant
...
Signed-off-by: Adhityaa Chandrasekar <adtac@google.com>
Kubernetes-commit: 5d2fdde1202e65bcc66ad1c038d5fe84e7dbad9a
2020-11-18 18:58:45 +00:00
Adhityaa Chandrasekar
e590a0415c
flowcontrol bootstrap: give catch-all PL more concurrency share
...
Signed-off-by: Adhityaa Chandrasekar <adtac@google.com>
Kubernetes-commit: 642b11483030e5aedbd6f43aeac3cbe40255b3b6
2020-11-13 19:26:06 +00:00
Adhityaa Chandrasekar
3d56b6662b
flowcontrol bootstrap: make exempt PL last
...
Signed-off-by: Adhityaa Chandrasekar <adtac@google.com>
Kubernetes-commit: bb32d51fd6eeb6a0d1c287986a3f575c8c9a180d
2020-11-13 03:44:56 +00:00
yue9944882
a4a3fc9b87
APF: graduate API and types to beta
...
Signed-off-by: Adhityaa Chandrasekar <adtac@google.com>
Kubernetes-commit: 849be447f563fc93a27a0827fb1185b885b57114
2020-11-04 16:33:14 +08:00
Andrew Sy Kim
5f8147ed4e
apiserver: use canonical egress selection names in EgressSelectorConfiguration API docs
...
Signed-off-by: Andrew Sy Kim <kim.andrewsy@gmail.com>
Kubernetes-commit: e4b45d944d54c239e1ad40af17221420f349c4f8
2020-10-26 10:24:16 -04:00
Andrew Sy Kim
6746ccadda
apiserver: support egress selection name 'controlplane' and deprecate 'master'
...
Signed-off-by: Andrew Sy Kim <kim.andrewsy@gmail.com>
Kubernetes-commit: a0aebf96ec2eef6517e2611335f0e6c9375dd807
2020-10-26 10:24:16 -04:00
Abu Kashem
3b4921fd00
allocate service-account flowschema to global-default
...
Kubernetes-commit: fd7bf9a5dc3b4a0ba51b041fc721de719d1b2e69
2020-10-02 13:58:46 -04:00
Haowei Cai
0ac797ac9e
move apiserverinternal types to kube-apiserver
...
move versioned types to k8s.io/api;
cleanup generated files
Kubernetes-commit: 1f4a4e9040fd9f357adf563b3d17aadaeb964e2b
2020-07-14 11:43:26 -07:00
David Ashpole
4b21935c20
consistently use double quotes in proto files
...
Kubernetes-commit: 296f7c91bb52cd724ce6d6d120d5d41ed459d677
2020-09-03 13:50:03 -07:00
wojtekt
7561eea1c6
Remove default conversions
...
Kubernetes-commit: 410d575d4219ee46c3726d31acf86e555f0a5f1b
2020-09-03 10:22:11 +02:00
yue9944882
be18e41882
fixes suggested default rules
...
Kubernetes-commit: a98f68e5b9cad08f4fc03665ca3a52cad69ed6f0
2020-07-01 15:26:02 +08:00
Stephen Augustus
58544edbdf
apiserver/pkg/apis/config/validation: Add invalidURLErrFmt
...
In go1.14, the following change to 'net/url' was made:
"When parsing of a URL fails (for example by Parse or ParseRequestURI),
the resulting Error message will now quote the unparsable URL. This
provides clearer structure and consistency with other parsing errors."
Here we add a new const, 'invalidURLErrFmt' to properly handle the now
quoted string in validation_test.go.
ref: https://golang.org/doc/go1.14#net/url
Signed-off-by: Stephen Augustus <saugustus@vmware.com>
Kubernetes-commit: b0f17c2918fe0d099fc59f17788ca60202a5ae1a
2020-04-18 04:37:22 -04:00
Chao Xu
2994d90069
generated
...
Kubernetes-commit: 5f3838b906628f907939080bac967ef8f105e92f
2020-02-26 23:56:24 -08:00
Chao Xu
9cf97e52a9
Add the StorageVersion API
...
Kubernetes-commit: a2ad36f1e564f81fae4f65c9ac8aa193d6b0662d
2020-02-26 23:56:07 -08:00
Chao Xu
d81e3cbf28
Promote the egressselector API to beta
...
Kubernetes-commit: 3fbb549fb7ff707eb7c67e7ae275517c5bdc9883
2020-02-24 17:12:44 -08:00
Jefftree
e8c3464402
Add tests for egress selector
...
Kubernetes-commit: d798ccbba166449971c8579dce57870abec9131b
2020-02-12 10:57:21 -08:00
Jefftree
95ee8d4df4
Support empty root CA for konnectivity
...
Kubernetes-commit: 55b89a6451d253532ede0736d7bc8af62f396596
2020-02-03 19:54:41 -08:00
Jefftree
cbcdfbfd72
Network Proxy: GRPC + HTTP Connect with UDS
...
Kubernetes-commit: 725d2b6a8fd7733afcbc6822723f4c7e171bcd7f
2020-01-13 21:23:39 -08:00
yue9944882
0fb7c60f0a
fork out a new global-default from catch-all to handle unclassified traffic
...
Kubernetes-commit: d1f62ead18f97f98dd01073ca47c3b19382765a3
2020-01-13 15:56:54 +08:00
Davanum Srinivas
cde2338e26
update generated files
...
Kubernetes-commit: b3853138a4f1a0637ec3c38a5c59f8228765b261
2020-01-13 17:56:56 -05:00
Mike Spreitzer
05e620fec5
removed excess blank line
...
Kubernetes-commit: f1c26bf4362636bcd36fff4663cc87b567bf6603
2020-01-17 12:30:07 -05:00
Mike Spreitzer
f6a6879cc4
Update validation for API Priority and Fairness
...
This PR fixes oversights and adds validation that rejects writes
of wrong Spec values for the four mandatory objects.
Kubernetes-commit: ec5321c6a9f23e5ad26cf88a41fda9dba0c5ce89
2020-01-17 02:43:52 -05:00
yue9944882
07fdbc261e
review: several fixes and addressing comments
...
Kubernetes-commit: 70dea6e4a8495ff028ccc8dc8e8aec04b93287c3
2020-01-10 16:49:37 +08:00
yue9944882
54dfffd2ea
bootstrap flow-control objects
...
typo
wrap bootstrap-creation-flow w/ wait.PollUtil
go wait
Kubernetes-commit: fe8ad90afa553314e96daa8bba5d3964c714aea1
2019-11-14 15:56:34 +08:00
Monis Khan
43f8cca801
kms: use negative cachesize value to disable caching
...
This change relaxes the KMS config cache size validation to allow
for negative values. The KMS code already treats all values <= 0 to
mean that the cache is disabled (zero is still a validation error).
Signed-off-by: Monis Khan <mok@vmware.com>
Kubernetes-commit: a16808f353afb6abf402c862d5f859b949d2027a
2019-12-15 23:30:36 -05:00
immutablet
5cec6b4746
Add defaulting logic for EncryptionConfiguration.
...
Kubernetes-commit: a151aa35dc21881d178e498141e5f58df13fb400
2019-11-14 22:53:18 -08:00
Jordan Liggitt
4b9c976f43
AdmissionConfiguration v1
...
Kubernetes-commit: 1234290adfa11eb3dd34242c296e1f1dbe211c19
2019-11-11 11:57:29 -05:00
wojtekt
0c1673664a
Autogenerated code
...
Kubernetes-commit: 7b6bcdf780b778af3df5c133686ccb18d8c38fa0
2019-10-24 14:09:51 +02:00
wojtekt
920eb0f6f5
Cleanup explicitly registered functions
...
Kubernetes-commit: d7011f1bdbee285cdfc9bdb0f5b0716f4e02adfd
2019-10-24 13:18:31 +02:00
Jordan Liggitt
0c12043fe4
Generated files
...
Kubernetes-commit: bbedc4f7ed436d28ed574615a33f8d03f7c8a2f0
2019-09-09 08:55:04 -04:00