kubernetes
/
apiserver
mirror of https://github.com/kubernetes/apiserver.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
3,460 Commits 29 Branches 1,436 Tags 31 MiB
Commit Graph

34 Commits

Author SHA1 Message Date
Jefftree 13613a1c15 Address comment and remove if condition 
Kubernetes-commit: 61fa4e6c098559b65fe28c1bf55cb817697e38e5
 2020-02-27 17:18:57 -08:00
Jefftree 28f8e6670e audit webhook use network proxy 
Kubernetes-commit: cd57b830c142e2b9938ff801619070cf601c1422
 2019-12-19 12:29:37 -08:00
Patrick Barker 3039935d60 adds dynamic audit integration test 
Kubernetes-commit: d995047366153d86f0061b829ee4e7657f17996b
 2018-10-16 16:17:33 -06:00
Daniel Kłobuszewski 877329b0f3 Add option to k8s apiserver to reject incoming requests upon audit failure 
Kubernetes-commit: 7a10f4eda725f55bec9893eb1c03f2402dbcd32f
 2018-07-03 14:40:55 +02:00
WanLinghao f78d7e624c fix a description error in DynamicAuditing feature 
Kubernetes-commit: 84aa00c03df00eade6615ca009fa9b2943a98b8c
 2018-11-17 01:49:02 +08:00
Patrick Barker 9fd62b6f47 adds dynamic audit configuration 
Kubernetes-commit: eb89d3dddd3792b0a6cd724e64bbbc11d6c15380
 2018-10-18 21:34:17 -05:00
Davanum Srinivas 2710b17b80 Move from glog to klog 
- Move from the old github.com/golang/glog to k8s.io/klog
- klog as explicit InitFlags() so we add them as necessary
- we update the other repositories that we vendor that made a similar
change from glog to klog
  * github.com/kubernetes/repo-infra
  * k8s.io/gengo/
  * k8s.io/kube-openapi/
  * github.com/google/cadvisor
- Entirely remove all references to glog
- Fix some tests by explicit InitFlags in their init() methods

Change-Id: I92db545ff36fcec83afe98f550c9e630098b3135

Kubernetes-commit: 954996e231074dc7429f7be1256a579bedd8344c
 2018-11-09 13:49:10 -05:00
Chao Wang f8fa426bd3 Use `audit.k8s.io/v1` as default value of option --audit-webhook-version and --audit-log-version in release 1.13 
Kubernetes-commit: 9671a035f7e7308ac804b4637af19bac2ecce0f4
 2018-10-31 17:22:37 +08:00
Marian Lobur 7dbcbd39e2 Remove deprecated legacy audit logging code. 
Kubernetes-commit: 3f730d4c255e7c8ee67a020eed0b8f0a8f634750
 2018-07-05 13:57:17 +02:00
Tim Allclair 8e1390d9d4 Synchronous & unbatched audit log writes 
Kubernetes-commit: c9670d0652f8d7da662f71caac6fca2044296ae6
 2018-03-15 00:44:46 -07:00
Cao Shufeng b40373204e use Audit v1 api and add it to some unit tests 
Kubernetes-commit: 716dc87a1095027f9ab08ee59abfffab1d15ec29
 2018-07-27 14:06:29 +08:00
Cao Shufeng 8fe5561ce7 [trivial] fix option help message. 
s/andif/and if/

Kubernetes-commit: 42b93ab7244765dd744257a793b0b9c138146bb3
 2018-06-13 09:07:34 +08:00
Tim Allclair 554c4f1986 Fix MaxAge default audit log option 
Kubernetes-commit: 3dae49c6977526aba09dc070639ebc789b458411
 2018-06-18 14:36:50 -07:00
Mik Vyatskov 53e0783ab7 Implemented truncating audit backend 
Signed-off-by: Mik Vyatskov <vmik@google.com>

Kubernetes-commit: 52fae991305e3252ccc5c9c86a9b7abc04c149af
 2018-03-23 16:13:34 +01:00
Mik Vyatskov b2b70701e1 Make advanced audit output version configurable. 
Signed-off-by: Mik Vyatskov <vmik@google.com>

Kubernetes-commit: ad25d1f9ec398e5f9e91fd225cbbfdc5aa00973f
 2018-02-19 21:15:49 +01:00
Tim Allclair d89e8e9460 Fix default auditing options. 
- Log backend defaults to blocking mode (backwards compatability)
- Fix webhook validation
- Add options test

Kubernetes-commit: e004257919d779d56f27ad84c7f33799cc7ab580
 2018-03-02 15:16:37 -08:00
Cao Shufeng 6466b038b4 fix option --audit-webhook-initial-backoff 
Before this change, --audit-webhook-initial-backoff has no effect

Kubernetes-commit: 5bc5cd1b2ccb0b9fb5e652b579b4fb379428cb56
 2018-03-10 17:44:20 +08:00
Mik Vyatskov 9169f6d300 Add buffering to the log audit backend 
Signed-off-by: Mik Vyatskov <vmik@google.com>

Kubernetes-commit: 881e6d4f6f905079b2c27299e7b631b6903b6815
 2018-02-22 19:52:33 +01:00
Mik Vyatskov 8977dcee4a Make audit batch webhook backend configurable 
Signed-off-by: Mik Vyatskov <vmik@google.com>

Kubernetes-commit: 7e717ef3a6a57d31251ccee94d9e2dd29a70c27b
 2017-11-30 18:47:48 +01:00
Dr. Stefan Schimanski a063c5336d apiserver: avoid panics on nil sub-option structs 
Kubernetes-commit: b153268da79d2acf14e042945959801c3dba8221
 2017-09-09 21:44:32 +00:00
Cao Shufeng d2f7a0c820 Log a warning when --audit-policy-file not passed to apiserver 
Kubernetes-commit: 3b91f1cc0d32278a9baf2a4b9b4e416cbfb2457f
 2017-09-09 21:44:31 +00:00
Cao Shufeng 0c7ac2906f set AdvancedAuditing feature gate to true by default 
Kubernetes-commit: 1388426898f46de5e8730c3f71ce3ccaf50337b8
 2017-09-09 21:44:30 +00:00
Maciej Szulik 3c2866020c Switch audit output to v1beta1 
Kubernetes-commit: f3487f08c6c2444adde9ba110263c9132769332b
 2017-09-03 14:04:14 +00:00
Cao Shufeng e74487ab1a set --audit-log-format default to json 
Updates: https://github.com/kubernetes/kubernetes/issues/48561

Kubernetes-commit: 130f5d10adf13492f3435ab85a50d357a6831f6e
 2017-08-29 13:18:49 +00:00
Dr. Stefan Schimanski 24a3b34c79 audit: disable new v1beta1 types until incompatible changes are done 
Kubernetes-commit: 1dc251a1604b1576258f123ac8dd8390bba2e4a9
 2017-08-29 13:16:13 +00:00
huangjiuyuan 530dec4a81 adding validations on kube-apiserver audit log options 
Signed-off-by: huangjiuyuan <jiuyuan.huang@daocloud.io>

Kubernetes-commit: 21d0f815645ca3452719faf1ad69c63a9c3f3db2
 2017-07-19 03:49:08 +00:00
Cao Shufeng 8bc6800aeb support json output for log backend of advanced audit 
Kubernetes-commit: bc94370e9cbf3e54dc7dab1dbfc7404815eafb4c
 2017-07-16 04:08:41 +00:00
Cao Shufeng 924adf12df Add Validate() function for audit options 
Kubernetes-commit: cf8e3ccf1959942342ed0c10f6b43d46beb65e04
 2017-07-05 08:39:49 +00:00
Eric Chiang be1a712a68 apiserver: add a webhook implementation of the audit backend 
Kubernetes-commit: a88e0187f9f6083ed68d18e939a776c44c728e4b
 2017-06-13 20:47:30 +00:00
Tim St. Clair 8ff532a4cb Implement audit policy logic 
Kubernetes-commit: a5de309ee261aea15bb1cc12647b32640c2ac196
 2017-06-13 20:47:28 +00:00
Dr. Stefan Schimanski f7d766d92d audit: add audit event to the context and fill in handlers 
Kubernetes-commit: 0b5bcb021932355b3ff7c2b45fb579f4adad84bf
 2017-06-13 20:47:28 +00:00
xiangpengzhao 1512c30ca6 Delete "hard-coded" default value in flags usage. 
Kubernetes-commit: 420caf200cdb1ba41d6af43c5695c29de2082851
 2017-04-29 20:35:54 +00:00
deads2k 1e6581d944 use - to indicate audit log goes to system out 
Kubernetes-commit: 91f461283ec25dd43d55db97f981723a94f208b8
 2017-03-31 20:37:15 +00:00
deads2k d3c1c03062 move auditoptions to separate struct 2017-02-13 07:36:42 -05:00