kubernetes
/
apiserver
mirror of https://github.com/kubernetes/apiserver.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
4,924 Commits 30 Branches 1,482 Tags 31 MiB
Commit Graph

677 Commits

Author SHA1 Message Date
Alexander Zielenski 01b1d339b3 verify liveObj not returned by manager pipeline 
addresses feedback by adding a test to make sure that the manager pipeline will not return the same instance used as input, and that the output does not input managedFields

Kubernetes-commit: 68e175ef68eff1351917ac206fb29abe42128062
 2021-11-10 14:41:14 -08:00
Alexander Zielenski e2b596449a remove mutation of liveObj in fieldManager.Apply 
also document manager interface

Kubernetes-commit: 0963704178200365897390d1834615b30fac9b01
 2021-11-09 11:40:20 -08:00
Alexander Zielenski 13e927c892 guard against modification of test inputs in TestNoOpChanges 
Kubernetes-commit: 14b67bece4a9bb33adc23dcbbddd76a5cfe0c152
 2021-11-09 11:39:46 -08:00
Paweł Banaszewski 0df77d8de7 Changed buckets for apiserver_request_duration_seconds metric 
Kubernetes-commit: a8bd20a5af1174ce9f9a185b6d49f025a1045b03
 2021-10-29 15:37:27 +00:00
Reza Karimi 193bf2c49a making some apiserver metrics stable 
Kubernetes-commit: 894e31f41aed5e6db4275bf8cf89fdd62fe25b1e
 2021-11-02 17:53:53 +00:00
kkkkun 6bb07771dd Fix bug: Specical GET should be transformed to WATCH 
Kubernetes-commit: 5f98d8f79855af648a610b21d71583a6540a58cd
 2021-11-04 21:33:30 +08:00
Abu Kashem fea88b8efd drop managed fields from audit entries 
drop the managed fields of the objects from the audit entries when we
are logging request and response bodies.

Kubernetes-commit: bbc59348318c29199e23b27981fb56436ac68705
 2020-10-12 13:18:59 -04:00
Lukasz Szaszkiewicz 3af709f483 aggregator: pass apiServiceRegistrationControllerInitiated signal directly to apiserviceRegistration controller 
Kubernetes-commit: 5116a508a7bf84844f4987ab2db14af88bfd296f
 2021-10-20 11:06:27 +02:00
Lukasz Szaszkiewicz 67be998d0f rename to muxAndDiscoveryComplete 
Kubernetes-commit: 9e2bdfee02a6851fbb13ffe28611e9d2b6242785
 2021-10-19 12:24:00 +02:00
Lukasz Szaszkiewicz ab8ebf841f apiserver: adds WithMuxCompleteProtection filter 
It puts the muxCompleteProtectionKey in the context if a request has been made before muxCompleteSignal has been ready.
Putting the key protect us from returning a 404 response instead of a 503.
It is especially important for controllers like GC and NS since they act on 404s.

The presence of the key is checked in the NotFoundHandler (staging/src/k8s.io/apiserver/pkg/util/notfoundhandler/not_found_handler.go)

The race may happen when a request reaches the NotFoundHandler because not all paths have been registered in the mux
but when the registered checks are examined in the handler they indicate that the paths have been actually installed.
In that case, the presence of the key will make the handler return 503 instead of 404.

Kubernetes-commit: b71fa61b79598b723c3ee23217e0b44564d90b52
 2021-10-14 14:25:54 +02:00
Maciej Borsz 7bf60762ac Update writers.go 
Kubernetes-commit: f0c7c9abc92e9e32b4f83281f60d76bf25eed579
 2021-10-25 13:35:43 +02:00
Abu Kashem 6013da2b94 apiserver: wrap ResponseWriter using abstraction 
Kubernetes-commit: 0d50c969c587c8a6c16e0962118305ac652c5a6b
 2021-09-20 11:21:56 -04:00
Abu Kashem 02a51f0c60 apiserver: introduce abstraction for wrapping ResponseWriter 
Kubernetes-commit: 96e8fd69e392cc2acf12930a76edc66b801b3c93
 2021-09-20 11:21:02 -04:00
Abu Kashem 0e3e7334bb apiserver: refactor PolicyRuleEvaluator to return a struct 
Kubernetes-commit: a748fdc6775c63b52a1a963e2332ac774890d2a9
 2021-09-20 17:44:11 -04:00
Abu Kashem d53acfe201 apiserver: store (event, evaluated policy) pair in request context 
Kubernetes-commit: 8be823b0b0270e1b979b3d4c6e683e1daa0f2e01
 2021-09-20 17:43:16 -04:00
CKchen0726 5c4bb8bb6a remove invalid nil check 
Kubernetes-commit: 3f1675312042cd855a39200c4bff8020cc0922de
 2021-09-13 21:04:31 +08:00
wojtekt b898581360 Migrate to k8s.io/utils/clock in apiserver 
Kubernetes-commit: 859a98c0358610e2c127cd2fba1be601ca975188
 2021-09-14 20:36:07 +02:00
Dr. Stefan Schimanski 5210be757e server-side-apply: print object name in SHOULD NOT HAPPEN message 
Kubernetes-commit: dc6f471e2cceb7aebb62fe2e4bd7c9ce53df6ff0
 2021-09-06 08:35:47 +02:00
Stephen Augustus 771ffe6475 generated: Run hack/update-gofmt.sh 
Signed-off-by: Stephen Augustus <foo@auggie.dev>

Kubernetes-commit: 481cf6fbe753b9eb2a47ced179211206b0a99540
 2021-08-12 17:13:11 -04:00
Abu Kashem cafef859a7 apiserver: add key/value pair to httplog 
Kubernetes-commit: bdedd2a4c16487e075db45e778c9e47ddd57448f
 2021-08-19 17:07:24 -04:00
Antonio Ojea 38c6ad936b run hack/update-netparse-cve.sh 
Kubernetes-commit: 0cd75e8fec62a2531637e80bb950ac9983cac1b0
 2021-08-20 01:16:14 +02:00
Abu Kashem 450b7e8f12 rename audit Checker interface 
Kubernetes-commit: 27f150351475adaef416bd893403e7066b70d33a
 2021-03-24 13:07:21 -04:00
jyz0309 8a6934a20b add new metric 
Signed-off-by: jyz0309 <45495947@qq.com>

add comment

Signed-off-by: jyz0309 <45495947@qq.com>

add promlint

Signed-off-by: jyz0309 <45495947@qq.com>

address comment

Signed-off-by: jyz0309 <45495947@qq.com>

go fmt code

Signed-off-by: jyz0309 <45495947@qq.com>

Kubernetes-commit: 97ba475941f64f7ab41a92c51adeb4401146eed1
 2021-07-20 19:28:33 +08:00
Antoine Pelisse 56458d94fe Add name and namespace to structuredmerge errors 
Kubernetes-commit: 5b3c226c34af328d6bd46866e806589189d44f4d
 2021-08-12 15:53:54 -07:00
wojtekt c6719af51e Fix metrics reporting for the deprecated watch path 
Kubernetes-commit: d9d41b70f64da65525d769ab279e3930d59435fe
 2021-08-05 16:17:13 +02:00
j2gg0s 1f934a9364 apiserver: avoid repeated loading context for requestInfo in Namer.Name 
Kubernetes-commit: 9cee586ee98bf7b5377ea04a8980f7f3fdbe5ec2
 2021-07-28 19:04:48 +08:00
Yan Huang 8febdc018a Deprecate apiserver_longrunning_guage and apiserver_registered_watchers 
Deprecate apiserver_longrunning_guage and apiserver_registered_watchers

Update

Fix name

update

Add back empty space

Update the deprecated version to 1.23

Kubernetes-commit: e2b6816953c9c52b98c129a3e9c2dac4ee925ef0
 2021-07-19 23:18:35 -07:00
Kevin Delgado 4a4149c8b0 remove apiserver impor from client-go 
Kubernetes-commit: af11c4ac9be74115dfd35ce6f18cfa0440fc3458
 2021-07-27 20:46:40 +00:00
Kevin Delgado a8a3bb4200 rename cache, add to integration test 
Kubernetes-commit: 604db6eb2ada446e78152685943253455b5ec888
 2021-07-19 20:04:27 +00:00
Kevin Delgado 613f696b0b Manually set GVK in extract, add commentary to extractor 
Kubernetes-commit: dda31bbf2e7a94624e3679e3db56c95e66509ce0
 2021-07-08 01:56:58 +00:00
Kevin Delgado 09e56ead9d Initial UnstructuredExtract without caching 
Kubernetes-commit: 6e481c5db19cda1ef1b7506c22c0046e440c7fe2
 2021-07-03 00:05:11 +00:00
Harry Zhang 0321f0c67e fix CleanScope so we can resolve correct verb for apiserver_request_terminations_total 
Kubernetes-commit: a3f57886a267c28d5a0193ca7193d4de9e9212d9
 2021-07-07 19:07:49 -07:00
Margo Crawford 6c62752c02 This introduces an Impersonate-Uid header to server side code. 
UserInfo contains a uid field alongside groups, username and extra.
This change makes it possible to pass a UID through as an impersonation header like you
can with Impersonate-Group, Impersonate-User and Impersonate-Extra.

This PR contains:

* Changes to impersonation.go to parse the Impersonate-Uid header and authorize uid impersonation
* Unit tests for allowed and disallowed impersonation cases
* An integration test that creates a CertificateSigningRequest using impersonation,
  and ensures that the API server populates the correct impersonated spec.uid upon creation.

Kubernetes-commit: 74f5ed6b17287100b339a2b3a43fd4c6fb200978
 2021-03-04 15:19:52 -08:00
David Ashpole 5927da0040 Add distributed tracing to the apiserver using OpenTelemetry 
Kubernetes-commit: 79550ed40c67a70534c1cb697e1fb7e7dbf96335
 2021-06-25 05:20:16 -07:00
tiloso c94ba7a71a Fix staticcheck in cluster & k8s.io/{apimachinery,apiserver} 
Kubernetes-commit: c5d70e9db1e8f36e5eb6dae6ca72ad62c1c837d9
 2021-06-05 22:15:15 +02:00
Daniel Smith a08d7d5ddf Make logged verbs match metric-reported verbs 
Kubernetes-commit: 54fde5d119f8bb55aec18cb5aef01b6ea58dfea0
 2021-06-16 17:08:54 -07:00
njuptlzf dd5fc094cd Use objGV instead of gvk.GroupVersion 
Kubernetes-commit: 15c4d579f08335f33555d3cab5eff41c74e671b9
 2021-06-02 14:27:30 +08:00
Kasakaze f0159a94e3 Simplify objGV construction 
Co-authored-by: Jordan Liggitt <jordan@liggitt.net>

Kubernetes-commit: 58d7bf67d4694d52610097c72fe79012e19c5da0
 2021-06-02 10:53:05 +08:00
Kasakaze da0758027d Simplify objGV construction 
Co-authored-by: Jordan Liggitt <jordan@liggitt.net>

Kubernetes-commit: b9b01a0f901513370cf3e981544a79f57e321d67
 2021-06-02 10:52:44 +08:00
Kasakaze e7a594074a Simplify objGV construction 
Co-authored-by: Jordan Liggitt <jordan@liggitt.net>

Kubernetes-commit: 19c72a6cd05da805b1bec9fe567614ef82bf7beb
 2021-06-02 10:52:35 +08:00
Kasakaze 1b73b18c80 Simplify objGV construction 
Co-authored-by: Jordan Liggitt <jordan@liggitt.net>

Kubernetes-commit: 0ae6a7bac6ba268c59e82222d69ad91e381e79bc
 2021-06-02 10:52:22 +08:00
njuptlzf 790f5a21a7 Fix auditing failed of request: encoding failed 
Kubernetes-commit: 329f7d55d1344f728e28ce49728234f9f8f4c5d3
 2021-05-17 02:31:08 +08:00
Julian V. Modesto f753bce9f8 Make a public ValidateAnnotationsSize 
Kubernetes-commit: 2e771b8e745c4a3be0d5bae3a6dc94087284c73b
 2021-05-25 16:01:38 -04:00
Julian V. Modesto a01d02b7fd Make validation totalAnnotationSizeLimitB public. 
Replace the forked totalAnnotationSizeLimitB with
apimachineryvalidation.TotalAnnotationSizeLimitB.

Kubernetes-commit: 55ff96301797a503b6ee1d09f0eb2ffc827f01b1
 2021-05-18 17:28:11 -04:00
Jordan Liggitt 689a6cc12f Graduate WarningHeader feature to GA 
Kubernetes-commit: e3ea169d7d8b2c1417ef5a71ee1015f186ca0e3c
 2021-04-01 02:51:48 -04:00
Jordan Liggitt 754e90a0a3 Promote apiserver_requested_deprecated_apis metric to stable 
Kubernetes-commit: 7877539e3095669629e81633019836d2cdb7c368
 2021-05-11 16:24:58 -04:00
Julian V. Modesto c10cbf5412 Respect annotation size limit for SSA last-applied. 
To support CSA and SSA interoperability, SSA updates the CSA
last-applied annotation.

This change ensures we don't set a big last-applied annotation if the
value is over the annotation limits.

Also, make sure that it's possible to opt-out of this behavior by
setting the CSA annotation to "" the empty string.

Kubernetes-commit: 6054320be1e50a450e9d1e19a79caa96f2035d4d
 2021-05-18 15:06:48 -04:00
Marcel Zięba 489e43cad9 Add logging of filters to api calls logs 
Kubernetes-commit: 7e01b7260ac5cc20c1fc236cae220857726dc330
 2021-05-17 11:52:33 +00:00
zhuangqh 640ba0e40e docs: fix outdated enhancement doc link 
Signed-off-by: zhuangqh <zhuangqhc@gmail.com>

Kubernetes-commit: adf28648cb32d17cd186a6c7e8b264419e6d0759
 2021-02-24 15:22:50 +08:00
卢振兴10069964 549cbbf8de fix broken link in some files 
Kubernetes-commit: b29a5fb0746f772b38da570cd8fdc77396ffca31
 2021-04-13 08:43:24 +08:00