kubernetes
/
apiserver
mirror of https://github.com/kubernetes/apiserver.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
6,858 Commits 30 Branches 1,482 Tags 31 MiB
Commit Graph

6858 Commits

Author SHA1 Message Date
Anish Ramasekar 17a9a816ec [StructuredAuthn] Ensure empty fields of user object are accessible by 
CEL

Signed-off-by: Anish Ramasekar <anish.ramasekar@gmail.com>

Kubernetes-commit: b693f09d544b17c82af4437bd93ea0b165e2622e
 2023-11-02 22:20:06 +00:00
Kubernetes Publisher b20a2d3074 Merge pull request #121705 from liggitt/authz-config-webhook-test 
Add multi-webhook integration test

Kubernetes-commit: fb9c94b3a50aa9f95a6153fb04d844decedbcf33
 2023-11-03 01:25:01 +00:00
Jordan Liggitt 2a9f8b8d15 Include empty string attributes for CEL authz evaluation 
Kubernetes-commit: 44d89c8cf8c1ba883029e1244492a523d6b50b92
 2023-11-02 15:14:06 -04:00
Jordan Liggitt 4eacc8425d Plumb failure policy from config to webhook construction 
Kubernetes-commit: 2e2f51a4417d93b5505091d28b319365dc95e137
 2023-11-02 13:55:35 -04:00
Jordan Liggitt 374f72b704 Require match condition version only if matchConditions are specified 
Kubernetes-commit: a000af25ff3bcc79fe7d8da299225ad252c9894a
 2023-11-02 13:54:39 -04:00
Kubernetes Publisher 798e645af6 Merge pull request #121573 from tukwila/bump_etcd_v3.5.10 
bump etcd newest version: v3.5.10

Kubernetes-commit: 974735854b7fdfba2d0a67dbc15457c259e40aff
 2023-11-01 17:29:14 +00:00
Kubernetes Publisher d0f0eebe8c Merge pull request #121552 from pohly/klog-update 
klog v2.110.1 update

Kubernetes-commit: da61382068671c3e16782a9b45e7f2159ac0feb9
 2023-11-01 17:29:12 +00:00
guangli.bao 09fd766b6a bump to newest etcd: v3.5.10 
Signed-off-by: guangli.bao <guangli.bao@daocloud.io>

Kubernetes-commit: bc1df9e7dab085b0d6301ac96f6b7e3ff90836ee
 2023-11-01 10:44:07 +08:00
Patrick Ohly e2d4a4f3e2 dependencies: klog v2.110.1 
Dropping a newline at the end of the message when using klog calls is an
intentional improvement (https://github.com/kubernetes/klog/pull/378)

Kubernetes-commit: 878d037d3ba8fc4f11bf45a6cf5a66301ba89d82
 2023-10-16 10:03:54 +02:00
Kubernetes Publisher c78de1fe6c Merge pull request #121575 from apelisse/update-smd 
Update sigs.k8s.io/structured-merge-diff to v4.4.0

Kubernetes-commit: 593a17d3b6381bfdbf3bc3b36f56cad30d1531df
 2023-11-01 01:32:06 +00:00
Kubernetes Publisher caeb7958ad Merge pull request #121078 from aramase/aramase/f/kep_3331_cel_integration 
Implement CEL for StructuredAuthenticationConfig

Kubernetes-commit: fafccc0c9a514caa72e5a16ea0d6213081081e19
 2023-11-01 01:32:05 +00:00
Kubernetes Publisher a5e47d114d Merge pull request #121645 from p0lyn0mial/upstream-fix-race-in-test-forget-watcher 
bring back: cacher: when forgeting a watcher, call stopWatcherLocked multiple times

Kubernetes-commit: 715cd17c0d050174a7268360378f69cda2df3184
 2023-11-01 01:32:03 +00:00
Kubernetes Publisher 31543f677a Merge pull request #121651 from jiahuif-forks/fix/cel/type-resolver-safe-guard 
CEL type resolvers: avoid infinite recursion for type resolvers.

Kubernetes-commit: 3631efd85c1a772b518ad49fb20bb5b5454e6b90
 2023-10-31 21:29:01 +00:00
Jiahui Feng d463ec4cab avoid infinite recursion for type resolvers. 
Kubernetes-commit: e4776e0f85b8aceb8f1da7a87822b0d086045a8a
 2023-10-31 10:23:50 -07:00
Kubernetes Publisher 4909d085b8 Merge pull request #121649 from enj/enj/c/ec_controller_ctx 
encryptionconfig/controller: run unit tests faster

Kubernetes-commit: 029452198566a41bc39d04a1ec5bad3f37621a1c
 2023-10-31 21:28:57 +00:00
Kubernetes Publisher 347a598452 Merge pull request #121647 from aojea/fixrace 
Revert "cacher: when forgeting a watcher, call stopWatcherLocked mult…

Kubernetes-commit: 3570075e4f6d3cdb2aa8273004ea6ec336b33abd
 2023-10-31 21:28:56 +00:00
Kubernetes Publisher 9e76120f1e Merge pull request #121646 from kubernetes/revert-121614-decode-respect-timeout-context 
Revert "Make the decode function respect the timeout context"

Kubernetes-commit: be636a436b7b4c21b79eca17ff3e681920e54f31
 2023-10-31 21:28:55 +00:00
Kubernetes Publisher 0f520bf96f Merge pull request #121577 from cici37/celFixPick 
Bump cel-go to v0.17.7 and introduce set ext library with new options

Kubernetes-commit: d1113c9a00b3cd1c791f43b15280d4ebba2a7663
 2023-10-31 21:28:54 +00:00
Kubernetes Publisher 8acc6c6568 Merge pull request #121638 from tkashem/apf-ga 
apiserver: set APF featuregate to stable

Kubernetes-commit: 74fefd877f0ee9445735a756270f8eac44a96d0b
 2023-10-31 21:28:52 +00:00
Monis Khan 3097e77b18 encryptionconfig/controller: run unit tests faster 
Signed-off-by: Monis Khan <mok@microsoft.com>

Kubernetes-commit: 6ac7da1da87bb0e739806cad94676da915be6d9c
 2023-10-31 11:59:37 -04:00
Antonio Ojea bdad50b280 Revert "cacher: when forgeting a watcher, call stopWatcherLocked multiple times" 
This reverts commit bbca4a4b9add0f6c58e132500fd89dd39ee077f4.

Kubernetes-commit: c2cb3209138d852520da2743b9bd3a9795b2b7fb
 2023-10-31 15:28:01 +00:00
Wojciech Tyczynski 6caf326620 Revert "Make the decode function respect the timeout context" 
Kubernetes-commit: 98a2f22e740ccd2c30711f1b21d6383f1b91595e
 2023-10-31 16:27:17 +01:00
Kubernetes Publisher c6b93e573e Merge pull request #121615 from p0lyn0mial/upstream-cacher-forget-watcher 
cacher: when forgeting a watcher, call stopWatcherLocked multiple times

Kubernetes-commit: 5bac451d1f0f36eab857b60d08bfa9d992cce19a
 2023-10-31 13:24:00 +00:00
Kubernetes Publisher f89f0b61d3 Merge pull request #121223 from ritazh/authz-cel 
[StructuredAuthorizationConfig] - CEL integration

Kubernetes-commit: 064e86b3d03470f515b1adb34cac1cfacb285239
 2023-10-31 13:23:59 +00:00
Kubernetes Publisher 89717616cb Merge pull request #121049 from siyuanfoundation/refactor 
k8s.io/apiserver/storage/etcd: refactor etcd GetList.

Kubernetes-commit: e8d45596dfbdf69fd42aa6881dfdeb089a20ab33
 2023-10-31 13:23:58 +00:00
Abu Kashem b3499eec62 apiserver: set APF featuregate to ga 
Kubernetes-commit: c7fcef187562e1b3ffdaa2e2109c65d800b8f5d5
 2023-10-31 08:35:52 -04:00
Kubernetes Publisher a0b1b995d0 Merge pull request #121089 from tkashem/apf-v1 
Promote APF API to v1

Kubernetes-commit: f5a5d83d7c027aba86e18c52da8ec4cd14179be3
 2023-10-31 05:27:57 +00:00
Kubernetes Publisher 71515a8a0a Merge pull request #120780 from munnerz/bound-token-improvements 
Including JTI & node reference in issued service account tokens (kep 4193)

Kubernetes-commit: ab13d0b47c790cfcf8b623a10ea08336a458a5b6
 2023-10-31 01:25:35 +00:00
Kubernetes Publisher 96ed0730bb Merge pull request #120300 from wojtek-t/refactor_streaming_watch_encoder 
Refactor streaming watch encoder to enable caching

Kubernetes-commit: 2a4d5c5fd52492ceac500555579a28701d1092ce
 2023-10-31 01:25:34 +00:00
Kubernetes Publisher 82eb11670e Merge pull request #121614 from HirazawaUi/decode-respect-timeout-context 
Make the decode function respect the timeout context

Kubernetes-commit: 2a1140305cf602190012748a163534dfe4364be2
 2023-10-31 01:25:32 +00:00
Kubernetes Publisher a454d5acfe Merge pull request #121373 from cici37/crdGA 
[KEP-2876] Promote CRD validation rule to GA

Kubernetes-commit: 08070433cce0afbf3f12dafe42e15581a5e37349
 2023-10-31 01:25:31 +00:00
Kubernetes Publisher 2253cd2628 Merge pull request #121311 from nilekhc/validation-doc 
chore: updates api doc

Kubernetes-commit: 07515c0021436b2550bf5a826f818fda677f62e0
 2023-10-31 01:25:30 +00:00
Kubernetes Publisher 17d270f3cf Merge pull request #121310 from nilekhc/polling 
[KMSv2] feat: updates encryption config file watch logic to polling

Kubernetes-commit: d4592dc70ad9a65fcf3e7d1532bcbbf6774e53df
 2023-10-30 21:25:41 +00:00
Kubernetes Publisher 0389b07635 Merge pull request #119109 from jiahuif-forks/feature/validating-admission-policy/crd-typechecking 
ValidatingAdmissionPolicy - Type Checking for API Expensions types

Kubernetes-commit: ceea5fd0cbcb29212bed8c93f1aa81ce45d3cf69
 2023-10-30 21:25:40 +00:00
Kubernetes Publisher f3e30d29fe Merge pull request #121307 from cici37/celUpdate 
Add cel new validator into Kubernetes

Kubernetes-commit: 16fc00493bf7e94b6686ab2ea610ee4c18998b22
 2023-10-30 21:25:38 +00:00
Lukasz Szaszkiewicz 7c5f6db7bf cacher: when forgeting a watcher, call stopWatcherLocked multiple times 
It's possible that the watcher is already not in the structure (e.g. in case of
simultaneous Stop() and terminateAllWatchers(), but it is safe to call stopLocked()
on a watcher multiple times.

Kubernetes-commit: 7e35823690df01bd019a88d3346bd3ac820afaca
 2023-10-30 14:24:39 +01:00
Lukasz Szaszkiewicz 3f81d0cca7 cacher: when forgeting a watcher, call stopWatcherLocked multiple times 
It's possible that the watcher is already not in the structure (e.g. in case of
simultaneous Stop() and terminateAllWatchers(), but it is safe to call stopLocked()
on a watcher multiple times.

Kubernetes-commit: bbca4a4b9add0f6c58e132500fd89dd39ee077f4
 2023-10-30 14:24:39 +01:00
Kubernetes Publisher 7dc57d7603 Merge pull request #118886 from benluddy/apf-option-disable 
KEP-1040: Deep disablement for APF based on --enable-priority-and-fairness.

Kubernetes-commit: 38ed3ef7b7d00353ab81332c5c34e1cb5abec3f2
 2023-10-30 09:23:25 +00:00
Kubernetes Publisher 3832c1300f Merge pull request #120474 from YaoC/register-apiserver-handlers-metrics 
Register metrics for apiserver handlers

Kubernetes-commit: 9482248aa93f12b024cc8edc0d97a71f774aad2f
 2023-10-28 21:25:34 +00:00
Kubernetes Publisher 0e3b00d019 Merge pull request #121462 from alexzielenski/apiserver/apiextensions/ratcheting-metrics-actually 
KEP-4008: CRDValidationRatcheting Metrics

Kubernetes-commit: 1aef58b72a7d9a37cc7590c881b63808d02695f1
 2023-10-28 01:24:58 +00:00
Abu Kashem b041969f97 apiserver: allow zero value for the 'nominalConcurrencyShares' field 
Kubernetes-commit: 9fd2ab419ad771790d3cb80ea7b8e6828d9ce305
 2023-10-27 19:26:08 -04:00
Kubernetes Publisher 943a60e3a4 Merge pull request #121524 from carlory/gomega 
bump gomega to 1.29.0

Kubernetes-commit: ec297aa13a03f53f04023cd897af50dbfed31e0f
 2023-10-27 17:57:33 +00:00
Antoine Pelisse dfe5e25e6b Update sigs.k8s.io/structured-merge-diff to v4.4.1 
Kubernetes-commit: dec443b305a0240f2a9d7726c6a0c46beec19a1a
 2023-10-27 10:21:06 -07:00
Jiahui Feng a026b6fcf5 extend SchemaResolver for more types of schemas. 
Kubernetes-commit: 3f73cdcf2ad00d3200a216a9f19090950fea12f5
 2023-10-26 10:25:41 -07:00
Jiahui Feng 9493e52cdc opportunistically attempt to refresh RESTMapper 
if GVK resolution fails.

Kubernetes-commit: 38fecc8319d884aa4d4b98b013bf853e6072aa77
 2023-10-26 10:24:21 -07:00
carlory 8f87db3f06 bump gomega to 1.29.0 
Kubernetes-commit: 760abc2a82130d45607eeead4011afa8b0f81e6d
 2023-10-26 09:47:49 +08:00
Kubernetes Publisher 4f7fff8661 Merge pull request #121485 from ritazh/kmsv2-ga 
[KMSv2] promote KMSv2 and KMSv2KDF to GA

Kubernetes-commit: ebf46ce1b45b8617d280b0aa12ebf6c18f25dea6
 2023-10-27 01:23:54 +00:00
Kubernetes Publisher ac6e04da82 Merge pull request #121255 from tukwila/OpenAPIV3-cleanup 
Remove GAed feature gates OpenAPIV3

Kubernetes-commit: 993c918311289fb015223a6fdb3e3a613e941881
 2023-10-26 13:22:44 +00:00
Kubernetes Publisher b62f732b85 Merge pull request #121338 from dims/working-otel-bump 
Bump otel and other dependencies for CVE-2023-45142

Kubernetes-commit: d0084356b3cabdafcfc140d19ad8d544b2fc9b5d
 2023-10-26 09:27:25 +00:00
Kubernetes Publisher c30c483fd3 Merge pull request #121459 from jiahuif-forks/feature/cel/allow-empty-object 
allow empty object to be CEL value.

Kubernetes-commit: ab096ef3dee7171d055c457600707ee56c5fcb34
 2023-10-26 01:23:51 +00:00