Extends the certificate attribute deprecation RoundTrippers wrapper with
a checker that counts certificates with sha-1 signatures in server responses.
Non-root non-self-signed SHA-1 certificate signatures were deprecated in
Golang 1.18.
Kubernetes-commit: 499ee65a9b0cd45d41716b513fae0d537f7f9c88
This change updates the generic webhook logic to use a rest.Config
as its input instead of a kubeconfig file. This exposes all of the
rest.Config knobs to the caller instead of the more limited set
available through the kubeconfig format. This is useful when this
code is being used as a library outside of core Kubernetes. For
example, a downstream consumer may want to override the webhook's
internals such as its TLS configuration.
Signed-off-by: Monis Khan <mok@vmware.com>
Kubernetes-commit: fef7d0ef1e1fbff65e8d445256036704bb9dbcbd
Adds counters to generic webhook code and to the kube aggregator
so that it is possible to effectively measure the impact of
Golang 1.15's deprecation of x509 cert CN hostname
verification.
Kubernetes-commit: 9d6a19efff05a40081337a2fcb3dce6331b04022
Currently webhook retry backoff parameters are hard coded, we want
to have the ability to configure the backoff parameters for webhook
retry logic.
Kubernetes-commit: 53a1307f68ccf6c9ffd252eeea2b333e818c1103
- Inside WithExponentialBackoff function, handle error returned
by wait.ExponentialBackoff.
- Ensure that the wait time is bound to the given context.
Kubernetes-commit: f8e35de156f212b6989b465e608dd99b525bd5dc
Normal files should have permissions 644 by default,
and does not require the last bit to be
executable
Signed-off-by: Odin Ugedal <odin@ugedal.com>
Kubernetes-commit: 35cb87f9cf71776e99a970dfff751cd29ba7ebfb
Add a 30 second timeout for all HTTP requests that the webhook sends
so they timeout instead of hanging forever.
Kubernetes-commit: 2de3ee5c48503d3b3214aef55ae7fd0dacc40457
SuggestClientDelay is returning whether the server has requested that
the client delay their next action. It is *not* about whether the client
should retry the action. Webhook was using it incorrectly, and the
method is now up to date.
Kubernetes-commit: 04846cc25b862c1eabff03ea0b11cbf2f7fae8e2
Stanislav Laznicka
Monis Khan
Abu Kashem
Gaurav Singh
Jefftree
Jordan Liggitt
shturec
Odin Ugedal
Patrick Barker
David Eads
Cao Shufeng
Mik Vyatskov
Eric Chiang
Clayton Coleman
Dr. Stefan Schimanski