bf05e35835
kubernetes mutual (2-way) x509 comment
...
Kubernetes-commit: 48260b4a77b423b178ec5e262ac67be52d49f455
2023-08-18 01:31:22 +00:00
2b65530afd
Use ptr.To to retrieve intstr addresses
...
This uses the generic ptr.To in k8s.io/utils to replace functions and
code constructs which only serve to return pointers to intstr
values. Other uses of the deprecated pointer package are updated in
modified files.
Signed-off-by: Stephen Kitt <skitt@redhat.com>
Kubernetes-commit: aa89e6dc978bf88653d893284248039b776aed54
2023-08-17 12:12:12 +02:00
9d077dc364
Merge pull request #119800 from jpbetz/cost-fix
...
Fixes CEL estimated cost to propagate result sizes correctly
Kubernetes-commit: 210a97e48bc6caac338663cfb917f60e61c84962
2023-08-17 00:17:04 +00:00
3981055a63
Merge pull request #119844 from enj/enj/i/upgrade_regex
...
wsstream: use a single approach to detect connection upgrade
Kubernetes-commit: 1ebb5e608b34b02d466181866d2fe64bac8565a4
2023-08-16 08:13:04 +00:00
41188ea6a1
Merge pull request #119825 from Jefftree/add-gv
...
Move adding GroupVersion log until after an update is confirmed
Kubernetes-commit: 47f75709326a737ea1880c9fd148ab32771d797c
2023-08-16 08:13:03 +00:00
1f19e00d1c
Merge pull request #119795 from sttts/sttts-httplog-impersonation
...
apiserver/httplog: pretty up impersonation output
Kubernetes-commit: 19f6d5be8269d4051acffc5709ec4bee7274268a
2023-08-16 08:12:58 +00:00
a11da9bae8
Merge pull request #119577 from jiahuif-forks/tests/validating-admission-policy/lazy-map-short-circuiting
...
CEL lazy map: add test for boolean short-circuiting
Kubernetes-commit: 112a4726a4af33b5e3d7cb3f6d51547262587669
2023-08-16 04:21:03 +00:00
6b6cfe5d12
Merge pull request #119385 from andrewsykim/current_inqueue_seats_metric
...
Add apiserver flowcontrol metric `current_inqueue_seats`
Kubernetes-commit: 338d68bbc2b5e69c18fed5eea11cc683e72dcbdf
2023-08-16 00:32:47 +00:00
9ece5c3b70
Merge pull request #118399 from skitt/ioutil-sig-api-machinery
...
api-machinery: stop using deprecated io/ioutil
Kubernetes-commit: 10beda334e360b6b2988d5d2d30c011cc50d4aa8
2023-08-16 00:32:44 +00:00
3bcdefc0fd
Refactor transformers for watch to implement Encoder interface
...
Kubernetes-commit: 160589a0edb2038f2e22e376b6a0b71a24d21f22
2023-08-11 21:43:49 +02:00
e78a7391c4
Merge pull request #119888 from dgrisonnet/panic-storage-metric
...
Fix segfault during storage size metric collection
Kubernetes-commit: 8a7df727820bafed8cef27e094a0212d758fcd40
2023-08-11 04:46:45 +00:00
25d893ad5f
add loading config and wire feature flag
...
Signed-off-by: Anish Ramasekar <anish.ramasekar@gmail.com>
Kubernetes-commit: 9e1ff1e51201ac41ddb1eed0d5cc015b4b6aa3df
2023-08-10 22:45:07 +00:00
1fbafe88b9
add StructuredAuthenticationConfiguration feature flag
...
Signed-off-by: Anish Ramasekar <anish.ramasekar@gmail.com>
Kubernetes-commit: 1bf90f9484c5dbcd941251f0036af65fa25ee193
2023-08-10 22:06:41 +00:00
245d131967
apiserver/etcd3: fix segv during metric collection
...
Fix a segfault when collecting the storage size metrics when the getters
used to collect the data on etcd haven't been initialized properly. This
happens when the EtcdOptions are not applied which is the case for
aggregated apiservers that don't care about storage.
Signed-off-by: Damien Grisonnet <dgrisonn@redhat.com>
Kubernetes-commit: c6efaf16c1ed07ce37485b7a272628f653cbf06f
2023-08-10 17:01:17 +02:00
e7a7329b64
Merge pull request #119835 from liggitt/mitigate-aggregated-discovery-npe
...
Avoid returning nil responseKind in v1beta1 aggregated discovery
Kubernetes-commit: 3d941afece97b284c764e5320cc8c80b0e88cba8
2023-08-10 01:27:20 +00:00
7ebae7f76f
kmsv2: add metric for DEK cache filled
...
Signed-off-by: Rita Zhang <rita.z.zhang@gmail.com>
Kubernetes-commit: 3cbecf218dfea2e99ae95310ac03406d1d87a072
2023-08-09 12:28:01 -07:00
70b023f369
Minor cleanup tranformers interface
...
Kubernetes-commit: 3fcc045bce9d77704f872d6089d7c09342e26a44
2023-08-09 19:49:59 +02:00
dc592c6f7e
bump github.com/emicklei/go-restful/v3 to v3.11.0.
...
Kubernetes-commit: 409b46576ff7848bf51b9d70165b693018173ebc
2023-08-09 23:31:06 +08:00
1edd7d6157
Avoid returning nil responseKind in v1beta1 aggregated discovery
...
Kubernetes-commit: 1876ddf71497bad349f7c4df24c2e22356d3bad9
2023-08-08 14:25:56 -04:00
35302d6383
Move adding GroupVersion log until after an update is confirmed
...
Kubernetes-commit: 49e00e8bdeec6b1cdaf691ec85ba8510892ebbc2
2023-08-08 14:28:54 +00:00
49f7deccb5
fix race on etcd client constructor for healthchecks
...
Change-Id: Id29b5b377989dcb5377316cfcdea367071a47365
Kubernetes-commit: 77b3bb0f69bfa4e5eb56ba484f724476304616cc
2023-08-08 13:55:14 +00:00
cc544e7bf1
Merge pull request #119725 from MadhavJivrajani/bump-net-dep
...
[CVE-2023-3978] .*: bump golang.org/x/net to v0.13.0
Kubernetes-commit: 1620473a9a01dd6bbef3398c0acb2e581d0a13c3
2023-08-07 21:21:27 +00:00
6311828461
Cleanup setting non-nil Items field
...
Kubernetes-commit: 172a41192c65324b1dc9dc4d90903552c538d664
2023-08-07 21:17:03 +02:00
539b445fa2
Add test coverage of result size of string operations
...
Kubernetes-commit: e4d16f34c15affdf4411d5bd1b19991b5fa27f2a
2023-08-07 12:41:52 -04:00
a1fc973692
Bump cel-go to v0.16.1
...
Kubernetes-commit: 69a5a528967500199a6748d0b7fac2a0fcc6df6d
2023-08-07 15:51:36 -04:00
13a3aab581
apiserver/httplog: pretty up impersonation output
...
```
I0807 09:09:16.419239 1 httplog.go:132] "HTTP" verb="GET" URI="/apis/batch/v1?timeout=32s" latency="214.666µs" userAgent="kubernetes-provider/v0.0.0 (linux/arm64) kubernetes/$Format" audit-ID="948ef6b2-474d-45a7-ad5f-894ce93d05f7" srcIP="192.168.139.202:35542" apf_pl="exempt" apf_fs="exempt" apf_execution_time="129.5µs" resp=200 addedInfo=<
&{kubernetes-admin [system:masters system:authenticated] map[]} is acting as &{foo [system:authenticated] map[]}
>
```
to
```
I0807 09:09:16.419239 1 httplog.go:132] "HTTP" verb="GET" URI="/apis/batch/v1?timeout=32s" latency="214.666µs" userAgent="kubernetes-provider/v0.0.0 (linux/arm64) kubernetes/$Format" audit-ID="948ef6b2-474d-45a7-ad5f-894ce93d05f7" srcIP="192.168.139.202:35542" apf_pl="exempt" apf_fs="exempt" apf_execution_time="129.5µs" resp=200 addedInfo="kubernetes-admin[system:masters system:authenticated] is impersonating foo[system:authenticated]"
```
Signed-off-by: Dr. Stefan Schimanski <stefan.schimanski@gmail.com>
Kubernetes-commit: 37730c07dd658ba585ffee3861780e18947ca534
2023-08-07 11:23:30 +02:00
3fd71eeb11
Refactor WatchServer to prepare for using encoders
...
Kubernetes-commit: ff56d3b6914dbc9e16683ab731eb8c0a485b4ab4
2023-08-03 21:50:08 +02:00
499e610e3d
.*: bump golang.org/x/net to v0.13.0
...
Signed-off-by: Madhav Jivrajani <madhav.jiv@gmail.com>
Kubernetes-commit: 1b90dff5276f3cb37236b446f1821175dad802c4
2023-08-02 11:11:22 +05:30
64eaf11221
wsstream: use a single approach to detect connection upgrade
...
Signed-off-by: Monis Khan <mok@microsoft.com>
Kubernetes-commit: 62b063b74b5eb1b7e72ebac7b5348593249f732b
2023-08-01 18:37:34 -04:00
2eac3ca68c
kmsv2 test feature enablement unit test
...
Signed-off-by: Rita Zhang <rita.z.zhang@gmail.com>
Kubernetes-commit: d86e72202c4b039e1dceccbfbae559fb1c54471d
2023-08-01 10:17:01 -07:00
f40bea647b
paginate initial list inside the storage watcher
...
Signed-off-by: wackxu <xushiwei5@huawei.com>
Kubernetes-commit: f5d6c65186d63647a46400762f849d500e6ac591
2023-07-28 16:43:34 +08:00
f75c503352
storage/factory: extend the Create method by newList and resourcePrefix params
...
Kubernetes-commit: ccabc01093a1344ebb27c32c946e9da3b8e91fd2
2023-07-28 09:53:01 +02:00
6f2daefacf
storage/util: move GetCurrentResourceVersionFromStorage
...
Kubernetes-commit: 9a253d896a096b4e1ffccf4b1f84e5cac1e1aad0
2023-07-26 15:53:13 +02:00
bf2563c6cd
CEL lazy map: add test for boolean short-circuiting
...
Kubernetes-commit: 66aa2af0979cc6007cd63720876fd21dda3b17dc
2023-07-25 14:37:20 -07:00
d2172f30e1
Merge pull request #119409 from alexzielenski/apiserver/policy/vap-tests
...
Add test cases for ValidatingAdmissionPolicy
Kubernetes-commit: b53830590fc2eff8a219d7bc225091878263ebe6
2023-07-24 15:12:13 -07:00
066c7cb8cc
apiserver: add flow control metric current_inqueue_seats
...
Signed-off-by: Andrew Sy Kim <andrewsy@google.com>
Kubernetes-commit: fb9646fd60d4b8e79223b729c1cb54fc6818fdd1
2023-07-24 19:40:05 +00:00
2d9be35745
storage/etcd: no-op, refactor watcher.Watch method signature
...
Kubernetes-commit: f7e659db236286ca15707bf08acb08dc0ac4ab0e
2023-07-24 12:33:03 +02:00
09a47412b5
bugfix: use matched resource for AdmissionRequest.resource, not the resource it was converted from
...
use existing admission request for audit annotation eval
populate matchResource in empty rules case
Kubernetes-commit: e1b0bc3d0a7fb89a1e60f4ec1ee34b10de22d00a
2023-07-21 18:13:24 -07:00
eea6b57f73
bump validatingadmissionpolicy alpha->beta
...
Kubernetes-commit: 5e2e8c806475d21bc22f10ccc810451c1bcb21a7
2023-07-21 16:27:51 -07:00
62fa4fb0fe
Merge pull request #118644 from alexzielenski/apiserver/policy/namespaceParamRef
...
KEP-3488: Promote ValidatingAdmissionPolicy to Beta
Kubernetes-commit: 18f8cb83989ff64beb0c7f47cdd3ad9df7bdbbeb
2023-07-22 03:29:38 +00:00
1b09d3c04f
Merge pull request #118828 from enj/enj/f/kms_v2_hkdf_expand
...
kmsv2: KDF based nonce extension
Kubernetes-commit: 773a6b1e460360538ce4d85a7c0d009efed81836
2023-07-22 03:29:36 +00:00
f56b9ee7f5
Graduate RemainingItemCount to GA
...
Kubernetes-commit: 4e2e059c7b205d2e4b246a262128223258a49498
2023-07-21 15:22:51 +02:00
3030f660a8
Graduate APIListChunking to GA
...
Kubernetes-commit: 6acfa3cb4ac876e46ead5ba4772ba18e480435ce
2023-07-21 11:35:21 +02:00
cf66e8fde8
Merge pull request #119437 from serathius/etcd-semantics
...
Fix the semantic meaning of etcd server within component statuses and metrics.
Kubernetes-commit: 5766947ab87d459266210945d6d1df9e138f3908
2023-07-20 23:08:44 +00:00
06c891133c
Merge pull request #119215 from alexzielenski/apiserver/policy/namespaceParamRef-alpha
...
KEP-3488: Per namespace policy params
Kubernetes-commit: 8a053c700a3abc30717860e0b6a13243a7250743
2023-07-20 23:08:43 +00:00
a690957dd1
update codegen
...
Kubernetes-commit: d6479587445a5a6fa736ee7fb3012a29f4e6e5e7
2023-07-19 16:21:22 -07:00
df86e524c7
refactor: replace usage of v1alpha1 with v1beta1
...
v1alpha -> v1beta
fill in DenyAction where there is no ParameterNotFoundAction
Kubernetes-commit: ef8670c946d53fda523341658919f9d8bd242d40
2023-07-19 15:53:31 -07:00
e9acd0c76d
Fix the semantic meaning of etcd server within component statuses and metrics.
...
Instead of numerating all the etcd endpoints known by apiserver, we will
group them by purpose. `etcd-0` will be the default etcd, `etcd-1` will
be the first resource override, `etcd-2` will be the second override and
so on.
Kubernetes-commit: 03aad1f823cb719fa6e6b6d33fefa2a2140cc760
2023-07-19 14:25:54 +02:00
a94f726abf
update the dependency sigs.k8s.io/structured-merge-diff/v4 to latest tag
...
Kubernetes-commit: d2df65ba6c91c1337e07373c254c2118aec3700a
2023-07-14 09:47:59 -07:00
d501de662c
feature: add multiple params capability to VAP controller
...
Kubernetes-commit: b5e9e0168cf9383dacbd730893c6bc426581e64b
2023-07-10 18:40:45 -07:00
seantywork
Stephen Kitt
Kubernetes Publisher
Wojciech Tyczyński
Anish Ramasekar
Damien Grisonnet
Rita Zhang
charles-chenzz
Jordan Liggitt
Jefftree
Antonio Ojea
Joe Betz
Dr. Stefan Schimanski
Madhav Jivrajani
Monis Khan
wackxu
Lukasz Szaszkiewicz
Jiahui Feng
Andrew Sy Kim
Alexander Zielenski
Marek Siarkowicz
Keerthan Reddy Mala