06c891133c
Merge pull request #119215 from alexzielenski/apiserver/policy/namespaceParamRef-alpha
...
KEP-3488: Per namespace policy params
Kubernetes-commit: 8a053c700a3abc30717860e0b6a13243a7250743
2023-07-20 23:08:43 +00:00
d501de662c
feature: add multiple params capability to VAP controller
...
Kubernetes-commit: b5e9e0168cf9383dacbd730893c6bc426581e64b
2023-07-10 18:40:45 -07:00
1f9118f187
refactor: make scope of ParamKind available to vap controller
...
Kubernetes-commit: 3f63a2d17d4f70dc3ac191a52ad36897086efa7c
2023-07-11 12:04:07 -07:00
6a8d8652f7
refactor: use the provided sharedInformerFactory for params
...
Kubernetes-commit: 6323c106e9b5b0edd452a2a223d569a5dae8a832
2023-06-12 18:19:33 -07:00
00a0da2cb8
Merge pull request #119166 from nilekhc/log-decryption-failure
...
feat: improves metric and logging
Kubernetes-commit: 90c362b3430bcbbf8f245fadbcd521dab39f1d7c
2023-07-19 10:07:21 +00:00
0e9644ed24
Merge pull request #117740 from Richabanker/uvip-impl
...
Unknown Version Interoperability Proxy Impl
Kubernetes-commit: 66e99b3ff1649fc9bd3d9ef36affa1b16c5e2e21
2023-07-19 06:04:00 +00:00
3373784322
feat: improves metric and logging
...
Signed-off-by: Nilekh Chaudhari <1626598+nilekhc@users.noreply.github.com>
Kubernetes-commit: 2c8288ac873b89ae6e351df5e805b1a825aae60d
2023-07-07 23:01:05 +00:00
8a38d429d8
Add impl for uvip
...
Kubernetes-commit: cd5f3d9f9d5ae3153206178e6114d573dc24ad73
2023-03-29 17:20:25 -07:00
f100f84ac4
Merge pull request #119009 from MikeSpreitzer/track-executing-requests
...
Track executing requests
Kubernetes-commit: 31d662e58e9679ada73208fe63759c06793b013c
2023-07-18 21:53:00 +00:00
367a5f819d
Merge pull request #118601 from andrewsykim/apf-tune-max-seats
...
priority & fairness: support dynamic max seats
Kubernetes-commit: f6bcef0fd36f2f8312d8c6f14f17d804dcf97600
2023-07-18 10:03:54 +00:00
149a4e6556
Merge pull request #119321 from mingregister/mingregister-patch-1
...
replace strings.Index with strings.Contains
Kubernetes-commit: b2a9c06b2e7419691de5ea4f7d112baa2e00bc29
2023-07-18 06:14:23 +00:00
8e2b0eca2e
Merge pull request #118204 from sttts/sttts-openapi-v2-parameter-refs
...
openapi: reference shared parameters
Kubernetes-commit: f42ff8687026f8e12fb3d3b0da0760525d8d8ab2
2023-07-18 06:14:21 +00:00
b2ff4347db
Merge pull request #119380 from A-Hilaly/api-server/webhooks/match-conditions-beta-graduations
...
Graduate `AdmissionWebhookMatchCondition` to beta
Kubernetes-commit: 704970877e827908fc231d76f545feaa376bb6ed
2023-07-18 02:20:14 +00:00
bb61e75257
Merge pull request #119341 from divyasri537/remove-ctx-canceled-failopen
...
Ignore context canceled from validate and mutate webhook failopen metric
Kubernetes-commit: fab1f606ddaa640629d25f5f3e63c21582476ce1
2023-07-18 02:20:10 +00:00
90b43d6784
Merge pull request #119312 from pacoxu/prometheus/common-v0.44
...
upgrade prometheus common to v0.44.0
Kubernetes-commit: d627c4b41cdd9ef08b13604ce1c460eca26684f8
2023-07-18 02:20:08 +00:00
085dadbea3
Merge pull request #118959 from MikeSpreitzer/fix-118957b
...
Fix, deprecate apiserver_flowcontrol_request_concurrency_limit
Kubernetes-commit: af33d7a5af49cc841f8b58466b59e8dfdfe185ed
2023-07-17 22:22:43 +00:00
e613190aba
Skip apiserver_admission_webhook_request_total during context-canceled
...
Kubernetes-commit: d3c506133f1d5da6b8681423fc855d0513e8647e
2023-07-17 19:52:43 +00:00
6704aba021
Merge pull request #119110 from andrewsykim/apf-metrics-beta
...
Promote kube-apiserver flowcontrol metrics to Beta
Kubernetes-commit: 4f60a8d493ab9571eb328b9d98da477a50bc7446
2023-07-17 18:29:55 +00:00
623afac324
Enable admissionWebhookMatchCondition by default
...
Kubernetes-commit: 94c8ad289bb83c6457d1711a94c8a2cce9a7e8bc
2023-07-17 18:40:07 +01:00
5782becb79
Graduate AdmissionWebhookMatchCondition to beta
...
Kubernetes-commit: 0074b24ca42c8afca43f4ef3360f2d101594a567
2023-07-17 18:19:35 +01:00
04b26c4697
ValidatingAdmissionPolicy: support namespace access ( #118267 )
...
* Support namespace access from cel expression in validatingadmissionpolicy.
* Whitelist the exposed fields in namespace object and add test
* better handling of cluster-scoped resources.
* [API REVIEW] namespaceObject in Expression doc.
* compatibility with composition.
* generated: ./hack/update-codegen.sh && ./hack/update-openapi-spec.sh
* workaround namespace of namespace is unexpectedly set.
* basic test coverage for namespaceObject.
---------
Co-authored-by: Jiahui Feng <jhf@google.com>
Kubernetes-commit: 13172cba5c0e1c6a076dbda4aeebbccaf658c7f1
2023-07-15 01:33:59 +00:00
2af49f82c0
Merge pull request #119311 from ivelichkovich/metrics
...
matchCondition metrics for beta graduation
Kubernetes-commit: d5a653fd8791f25f44109e4626c1b34a7eec4164
2023-07-15 01:33:56 +00:00
eb9d761704
Merge pull request #119272 from deads2k/resources
...
add list of served versions to storage version
Kubernetes-commit: 47aeec63a839703e962ebd97e26edbc86fe6d99c
2023-07-14 21:44:27 +00:00
e725ece543
Merge pull request #119330 from bertinatto/fix-conn-reuse-test
...
Proactively bump golang.org/x/net to v0.12.0
Kubernetes-commit: c79be34fba3ad20532c9648216924afaa8434e06
2023-07-14 21:44:24 +00:00
437ae54e84
Ignore context canceled from validate and mutate webhook failopen metric
...
Kubernetes-commit: 1732b23a343bc0cedbab3dd1df3b7eee4d280036
2023-07-14 20:20:33 +00:00
616472f02a
Merge pull request #118782 from MikeSpreitzer/exempt-borrowing-impl
...
Exempt borrowing implementation
Kubernetes-commit: 2a91bd1dfdd2e293b9ec017ea3a976ecc2ecd545
2023-07-14 17:45:44 +00:00
643497556b
Merge pull request #118051 from A-Hilaly/api-server/webhooks/smart-reload
...
support `WebhookAccessors` smart reload
Kubernetes-commit: 4e9b487e7e6f23234fc60c6fcb09544185f6d174
2023-07-14 17:45:39 +00:00
a541a7b473
remove todo/spelling
...
Kubernetes-commit: 8a4a29d59177699a78f6194861f83789763aac25
2023-07-14 11:08:00 -05:00
c0cd27c353
update histogram
...
Kubernetes-commit: bef43788fc01775ea156be26d6731c87efbd7b37
2023-07-14 10:10:56 -05:00
c0cdd97787
Proactively bump golang.org/x/net to v0.12.0
...
Proactively bump to v0.12.0 to avoid v0.10.0 and v0.11.0, which contain
a regression added by commit
82780d606d
2023-07-14 10:25:23 -03:00
b928ae8c42
Merge pull request #119008 from nilekhc/hotreload-update-metrics
...
[KMSv2] feat: implements metrics for encryption config hot reload
Kubernetes-commit: e3bc35bc1bc7b399b564f2c4efc75eb9959e70f7
2023-07-14 09:41:20 +00:00
a3103f0437
Merge pull request #118933 from wojtek-t/apf_watchlist_support
...
Add support for watchlist to APF
Kubernetes-commit: 18e0e668ca62087075d7c657fd6728a07c65235c
2023-07-14 09:41:18 +00:00
e6c3a57fb9
replace strings.Index with strings.Contains instead
...
replace strings.Index() !=-1 with strings.Contains instead
Kubernetes-commit: 037847066ce7ebb622c4b207355ac97814414841
2023-07-14 15:25:36 +08:00
7d09f203d9
upgrade prometheus common to v0.44.0
...
Kubernetes-commit: 9b6af80a631f5659ea62d552d595b3dd137525a0
2023-07-14 11:05:46 +08:00
7eadaa66c4
ValidatingAdmissionPolicy: Variable Composition ( #118642 )
...
* [API REVIEW] Variable Composition
* lazy map.
* variable composition implementation.
* check variables during VAP validation.
* generated: ./hack/update-vendor.sh
* generated: UPDATE_COMPATIBILITY_FIXTURE_DATA
(cd staging/src/k8s.io/api/ && env UPDATE_COMPATIBILITY_FIXTURE_DATA=true go test)
* cost calucation.
* tests for cost calculations.
* e2e test for variables.
* fix doc for Validation.Expression.
* generated: ./hack/update-codegen.sh
* fix missing utilruntime import.
* generated: ./hack/update-openapi-spec.sh
Kubernetes-commit: b635f2a401fd03715f6a33c4a19f11c509c0ce03
2023-07-14 01:49:55 +00:00
4ef8c89d7d
Merge pull request #118988 from nilekhc/hash-keyid
...
[KMSv2] chore: hashes keyID being logged
Kubernetes-commit: 1e21da87b8e70b71f635c72914a15fd4ec0c576c
2023-07-14 01:49:48 +00:00
496cd9c142
matchCondition metrics
...
Kubernetes-commit: 01b9f4b6eb819e4cd4a6d192d703961b34841f18
2023-07-13 19:59:27 -05:00
4f6b63aa11
Pre-allocate webhook accessors arrays for mutating and validating
...
webhooks
Kubernetes-commit: 49d03468021e24434171fde5458df34f6a753a32
2023-07-13 23:43:12 +01:00
b137c25637
Add quantity library to CEL ( #118803 )
...
* add quantity library to CEL
* add more tests to quantity
* use 1.29 env for quantity
* set CEL default env to 1.28 for 1.28 release
* add compare function
* docs and arith lib
* fixup addInt and subInt overload, add docs
* more tests
* cleanup docs
* remove old comments
* remove unnecessary cast
* add isInteger
* add overflow tests
* boilerplate
* refactor expectedResult for tests
* doc typo fix
* returns bool
* add docs link
* different dos link
* add isInteger true case
* expand iff
* add quantity back to 1.28 version, and revert change to DefaultCompatibilityVersion
* formatting
Kubernetes-commit: 423f4dfc7982136c958fc78e187c911a8896ba1b
2023-07-13 14:43:56 -07:00
36de07c4e7
ValidatingAdmissionPolicy controller for Type Checking ( #117377 )
...
* [API REVIEW] ValidatingAdmissionPolicyStatucController config.
worker count.
* ValidatingAdmissionPolicyStatus controller.
* remove CEL typechecking from API server.
* fix initializer tests.
* remove type checking integration tests
from API server integration tests.
* validatingadmissionpolicy-status options.
* grant access to VAP controller.
* add defaulting unit test.
* generated: ./hack/update-codegen.sh
* add OWNERS for VAP status controller.
* type checking test case.
Kubernetes-commit: 049614f884e61d87fc5e277cf9fd7cb2e6571217
2023-07-13 13:41:50 -07:00
a3799aea9e
Merge pull request #118804 from benluddy/authz-deferred-errors
...
CEL lib: Expose errors on authz decisions instead of raising them from check()
Kubernetes-commit: 1d846a12da5b05e9b9e50b30fdaae2ea269822a0
2023-07-13 22:03:57 +00:00
5ed33dc31d
add list of served versions to storage version
...
Kubernetes-commit: 90ab7580aaeca1c6e949df15554ad5bc408dca8e
2023-07-12 18:27:27 -04:00
1f1467cf86
Merge pull request #119226 from enj/enj/i/kms_owners
...
Add enj to apiserver options approver
Kubernetes-commit: 374866eaf0ddf16442fc61464f4d5887026441b0
2023-07-12 22:06:54 +00:00
3cebba9887
Merge pull request #118812 from serathius/storage-metric
...
Improve apiserver storage size metric
Kubernetes-commit: 2ec4e14bfa0cec1f22919ea862c45b1501187e20
2023-07-12 22:06:52 +00:00
7f9444fbee
Merge pull request #118508 from serathius/kep2340
...
Implement Alpha state for KEP #2340
Kubernetes-commit: be13c6a884248c40cb3a50a24a622b4403138444
2023-07-12 09:33:11 -07:00
408cf7b500
Improve naming and code comments
...
Kubernetes-commit: 0695853a3061ece0f602c1f267c82ced3f8c880d
2023-07-12 16:20:14 +01:00
c534f8e2b9
Add enj to apiserver options approver
...
Signed-off-by: Monis Khan <mok@microsoft.com>
Kubernetes-commit: b81f07ac9a61d425f1e457132803ed94f6b8a52d
2023-07-11 16:07:44 -04:00
1668629f57
feat: implements metrics for encryption config hot reload
...
Signed-off-by: Nilekh Chaudhari <1626598+nilekhc@users.noreply.github.com>
Kubernetes-commit: c291e6355c44e84c2e1d503d1d9bf3e8fab9e194
2023-07-05 22:28:15 +00:00
73f18d34af
promote the following APF metrics to beta:
...
apiserver_flowcontrol_request_wait_duration_seconds
apiserver_flowcontrol_request_concurrency_in_use
apiserver_flowcontrol_request_concurrency_limit
apiserver_flowcontrol_rejected_requests_total
apiserver_flowcontrol_dispatched_requests_total
apiserver_flowcontrol_current_inqueue_requests
apiserver_flowcontrol_current_executing_requests
Signed-off-by: Andrew Sy Kim <andrewsy@google.com>
Kubernetes-commit: 0bb419b1498a664d1dda3b487e9f15fd220ea363
2023-07-05 18:19:36 +00:00
b8bc556baa
Add tracking and reporting of executing requests
...
Signed-off-by: Mike Spreitzer <mspreitz@us.ibm.com>
Kubernetes-commit: a8a2fb317c8bc9c64ced023988802b2517d34f81
2023-06-30 22:55:35 -04:00
Kubernetes Publisher
Alexander Zielenski
Nilekh Chaudhari
Richa Banker
Divya Sri Sanaganapalli
Amine
Cici Huang
Igor Velichkovich
Fabio Bertinatto
VillageHeadHuang
Paco Xu
Jiahui Feng
David Eads
Monis Khan
Andrew Sy Kim
Mike Spreitzer