kubernetes
/
apiserver
mirror of https://github.com/kubernetes/apiserver.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
6,225 Commits 30 Branches 1,482 Tags 31 MiB
Commit Graph

24 Commits

Author SHA1 Message Date
Igor Velichkovich 05d2078e68 Matchconditions admission webhooks alpha implementation for kep-3716 (#116261) 
* api changes adding match conditions

* feature gate and registry strategy to drop fields

* matchConditions logic for admission webhooks

* feedback

* update test

* import order

* bears.com

* update fail policy ignore behavior

* update docs and matcher to hold fail policy as non-pointer

* update matcher error aggregation, fix early fail failpolicy ignore, update docs

* final cleanup

* openapi gen

Kubernetes-commit: 5e5b3029f3bbfc93c3569f07ad300a5c6057fc58
 2023-03-15 07:36:02 +00:00
Jiahui Feng fc16fc2926 implmementing type checking 
with multi-type support.

Kubernetes-commit: feb18b3f5f9d443c27dd8cccb6358f271f887744
 2023-03-07 15:49:19 -08:00
Jiahui Feng 52ca13e6fc implement message expression. 
Kubernetes-commit: d8be7aa9ca99070e42cdef37b8c4af07b754520e
 2023-03-08 17:36:11 -08:00
Igor Velichkovich 9608de14c4 migrate versionedattr to avoid circular dependency 
Kubernetes-commit: 64c426a90232e34853d9b9cfdaad5409371c191a
 2023-03-03 14:04:29 -06:00
Cici Huang f58819aa69 Apply context cancellation to ValidatingAdmissionPolicy. 
Kubernetes-commit: c400002facd01a8b0fc10ca4f5a66c8b8abd94c4
 2023-03-03 00:18:47 +00:00
Joe Betz 265820879d Implement validationActions and auditAnnotations 
Kubernetes-commit: d221ddb89a5dde5a6f55674dc38aa71cc842d481
 2023-03-06 17:29:28 -05:00
Cici Huang c4a92f1b65 Apply resource constraints to ValidatingAdmissionPolicy. 
Kubernetes-commit: 244c63a2e6c8d859be8f4c6c23fbe1263dbfab0a
 2023-02-14 06:37:57 +00:00
Joe Betz f094db0dd5 Implement secondary authz 
Kubernetes-commit: 7bbda746fee7ae4e50647099b72c02327525ef7a
 2023-03-06 12:08:14 -05:00
Igor Velichkovich 0b1f199d07 refactor admission cel validator and compiler to be reusable 
Kubernetes-commit: e96ef311872ee6429a54e4580528717238a6816b
 2023-02-15 16:08:59 -06:00
Cici Huang 55bc692e10 Rename admission cel package to validatingadmissionpolicy 
Kubernetes-commit: 40c21dafcdb7d4f7ee85c652b362632f3b620861
 2022-11-08 14:18:26 +00:00
Alexander Zielenski 806e2feeca add test for error when informers are not ready 
Kubernetes-commit: acf571fcbed6e762a2a654bfbe6c415e668dfed3
 2022-11-09 15:28:37 -08:00
Alexander Zielenski 2167932c69 use existing admissionHandler readyfunc to wait for sync 
is what other plugins do, and should decrease verbosity in logs

Kubernetes-commit: df315f347c911c5cc189d14f6dc70a23da52e57d
 2022-11-08 13:07:42 -08:00
Kermit Alexander II 8884260fa6 Add metrics integration. 
Kubernetes-commit: 99494e67779d0db5a1bf304256e7df273070bf95
 2022-10-31 19:22:35 +00:00
Alexander Zielenski 7c2a6f0ee8 fix possible race in admission test of listwatch 
Kubernetes-commit: 4e217159cfc1441f3c3234059fc6fca0eb13a66d
 2022-11-07 12:01:44 -08:00
Joe Betz 0e28c0c81f Fix params to be null instead of an empty map if paramRef is null 
Kubernetes-commit: 65460b14d2b9ea20aaf2c6fece191af53ae57249
 2022-11-08 13:49:50 -05:00
Cici Huang 81aeb1b5e9 Integrate cel admission with API. 
Co-authored-by: Alexander Zielenski <zielenski@google.com>
Co-authored-by: Joe Betz <jpbetz@google.com>

Kubernetes-commit: e7d83a1fb7b3e4f6a75ed73bc6e410946e12ad9f
 2022-11-07 21:38:55 +00:00
Cici Huang 58f75bc06a Add match check for policy and binding. 
Co-authored-by: Max Smythe <smythe@google.com>

Kubernetes-commit: 46f97d4662d5b403badd29675d79d0c74875b9f0
 2022-11-07 21:33:17 +00:00
Cici Huang 464de72d97 Adding new api version of admissionregistration.k8s.io v1alpha1 for CEL in Admission Control 
Kubernetes-commit: 0486e062618f2181857ae7b235dcd4b8be0964e4
 2022-10-04 04:46:55 +00:00
Alexander Zielenski ee983a05da fix flaky admission tests 
would fllake .04% of the time on my machine.

In tests waiting for objects to be reconciled, would erroneously treat the "Not Found" case as an error rather than waiting a bit.

also add some more context to test errors to improve debuggability

Kubernetes-commit: bfbc1f3479423b5c53231cfec58895746ef2de69
 2022-10-21 09:47:18 -07:00
Alexander Zielenski e25b9399a5 add cel admission controller tests 
84% coverage

Kubernetes-commit: 8b74e73e3825e725d05376de717ad96506a52eec
 2022-10-12 18:03:44 -07:00
Alexander Zielenski cd8f0b6cf7 add cel admission plugin and initializer 
Kubernetes-commit: a41a536dbdb72877fa48f85272e479eb628e68f8
 2022-10-12 10:21:31 -07:00
Alexander Zielenski b154760894 add generics tests 
84.1% coverage

Kubernetes-commit: 74b103cd52da3b0149aa9e50a569a89bdd46e1db
 2022-10-13 13:44:03 -07:00
Alexander Zielenski b1196b949c add cel admission controller 
Kubernetes-commit: 2286501e227ead064e95880a6f28904526f887a6
 2022-10-12 10:21:08 -07:00
Alexander Zielenski bf7388424e add OWNERS 
Kubernetes-commit: c52fae186a60f0d480f26628c55656c76c7ccac0
 2022-10-12 16:11:11 -07:00