kubernetes
/
apiserver
mirror of https://github.com/kubernetes/apiserver.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
7,514 Commits 30 Branches 1,482 Tags 31 MiB
Commit Graph

12 Commits

Author SHA1 Message Date
Jiahui Feng 2ae742ecb6 make Err wrap one or zero error. 
Kubernetes-commit: ce45a82346623d19168b0b85cbba5ba4ff164417
 2024-04-25 17:59:32 -07:00
Jiahui Feng 8be90f624a errors improvement. 
Kubernetes-commit: b846c39047289e69d932ea9d5d4dadc6856ad0c7
 2024-04-23 16:54:47 -07:00
Cici Huang d44012e895 Adding the feature gates to fix cost for VAP and webhook matchConditions. 
Kubernetes-commit: d6e4115ead6b93d2accf688876471231b365ceae
 2024-05-01 16:26:41 -07:00
Jiahui Feng 6b0a70e192 typed variables support. 
Kubernetes-commit: c03579bfa40dcb39e1ffe24c12f933720e4eb204
 2023-10-04 16:39:24 -07:00
Cici Huang 04b26c4697 ValidatingAdmissionPolicy: support namespace access (#118267) 
* Support namespace access from cel expression in validatingadmissionpolicy.

* Whitelist the exposed fields in namespace object and add test

* better handling of cluster-scoped resources.

* [API REVIEW] namespaceObject in Expression doc.

* compatibility with composition.

* generated: ./hack/update-codegen.sh && ./hack/update-openapi-spec.sh

* workaround namespace of namespace is unexpectedly set.

* basic test coverage for namespaceObject.

---------

Co-authored-by: Jiahui Feng <jhf@google.com>

Kubernetes-commit: 13172cba5c0e1c6a076dbda4aeebbccaf658c7f1
 2023-07-15 01:33:59 +00:00
Jiahui Feng 7eadaa66c4 ValidatingAdmissionPolicy: Variable Composition (#118642) 
* [API REVIEW] Variable Composition

* lazy map.

* variable composition implementation.

* check variables during VAP validation.

* generated: ./hack/update-vendor.sh

* generated: UPDATE_COMPATIBILITY_FIXTURE_DATA

(cd staging/src/k8s.io/api/ && env UPDATE_COMPATIBILITY_FIXTURE_DATA=true go test)

* cost calucation.

* tests for cost calculations.

* e2e test for variables.

* fix doc for Validation.Expression.

* generated: ./hack/update-codegen.sh

* fix missing utilruntime import.

* generated: ./hack/update-openapi-spec.sh

Kubernetes-commit: b635f2a401fd03715f6a33c4a19f11c509c0ce03
 2023-07-14 01:49:55 +00:00
Joe Betz f32e391a45 Introduce CEL EnvSets for managing safe rollout of new CEL features, libraries and expression variables 
Kubernetes-commit: e740f8340eedc89baccd120329b454a860385e2d
 2023-04-28 14:16:56 -04:00
Jiahui Feng fc16fc2926 implmementing type checking 
with multi-type support.

Kubernetes-commit: feb18b3f5f9d443c27dd8cccb6358f271f887744
 2023-03-07 15:49:19 -08:00
Joe Betz 265820879d Implement validationActions and auditAnnotations 
Kubernetes-commit: d221ddb89a5dde5a6f55674dc38aa71cc842d481
 2023-03-06 17:29:28 -05:00
Cici Huang c4a92f1b65 Apply resource constraints to ValidatingAdmissionPolicy. 
Kubernetes-commit: 244c63a2e6c8d859be8f4c6c23fbe1263dbfab0a
 2023-02-14 06:37:57 +00:00
Joe Betz f094db0dd5 Implement secondary authz 
Kubernetes-commit: 7bbda746fee7ae4e50647099b72c02327525ef7a
 2023-03-06 12:08:14 -05:00
Igor Velichkovich 0b1f199d07 refactor admission cel validator and compiler to be reusable 
Kubernetes-commit: e96ef311872ee6429a54e4580528717238a6816b
 2023-02-15 16:08:59 -06:00