2d9be35745
storage/etcd: no-op, refactor watcher.Watch method signature
...
Kubernetes-commit: f7e659db236286ca15707bf08acb08dc0ac4ab0e
2023-07-24 12:33:03 +02:00
ba70a1768a
Merge pull request #119824 from aojea/deflake_TestCreateHealthcheck
...
fix race creating etcd client for healthchecks
Kubernetes-commit: f46583dcaafc1b5d47b79ceb17ea78e7781f7014
2023-08-21 12:27:13 +00:00
d4f3c15bbd
Merge pull request #119714 from ritazh/kmsv2-feature-enablement-ut
...
kmsv2 test feature enablement unit test
Kubernetes-commit: db64cc4a55f826ac83b7f64b1ca124b0b318e932
2023-08-19 04:02:54 +00:00
5711af83ff
Merge pull request #119878 from ritazh/kmsv2-metrics-dekcachesize
...
kmsv2: add metric for DEK cache filled
Kubernetes-commit: 16310c959dfc5fefc70e9041e0029feffa62d791
2023-08-19 04:02:53 +00:00
9d077dc364
Merge pull request #119800 from jpbetz/cost-fix
...
Fixes CEL estimated cost to propagate result sizes correctly
Kubernetes-commit: 210a97e48bc6caac338663cfb917f60e61c84962
2023-08-17 00:17:04 +00:00
3981055a63
Merge pull request #119844 from enj/enj/i/upgrade_regex
...
wsstream: use a single approach to detect connection upgrade
Kubernetes-commit: 1ebb5e608b34b02d466181866d2fe64bac8565a4
2023-08-16 08:13:04 +00:00
41188ea6a1
Merge pull request #119825 from Jefftree/add-gv
...
Move adding GroupVersion log until after an update is confirmed
Kubernetes-commit: 47f75709326a737ea1880c9fd148ab32771d797c
2023-08-16 08:13:03 +00:00
1f19e00d1c
Merge pull request #119795 from sttts/sttts-httplog-impersonation
...
apiserver/httplog: pretty up impersonation output
Kubernetes-commit: 19f6d5be8269d4051acffc5709ec4bee7274268a
2023-08-16 08:12:58 +00:00
a11da9bae8
Merge pull request #119577 from jiahuif-forks/tests/validating-admission-policy/lazy-map-short-circuiting
...
CEL lazy map: add test for boolean short-circuiting
Kubernetes-commit: 112a4726a4af33b5e3d7cb3f6d51547262587669
2023-08-16 04:21:03 +00:00
6b6cfe5d12
Merge pull request #119385 from andrewsykim/current_inqueue_seats_metric
...
Add apiserver flowcontrol metric `current_inqueue_seats`
Kubernetes-commit: 338d68bbc2b5e69c18fed5eea11cc683e72dcbdf
2023-08-16 00:32:47 +00:00
9ece5c3b70
Merge pull request #118399 from skitt/ioutil-sig-api-machinery
...
api-machinery: stop using deprecated io/ioutil
Kubernetes-commit: 10beda334e360b6b2988d5d2d30c011cc50d4aa8
2023-08-16 00:32:44 +00:00
e78a7391c4
Merge pull request #119888 from dgrisonnet/panic-storage-metric
...
Fix segfault during storage size metric collection
Kubernetes-commit: 8a7df727820bafed8cef27e094a0212d758fcd40
2023-08-11 04:46:45 +00:00
245d131967
apiserver/etcd3: fix segv during metric collection
...
Fix a segfault when collecting the storage size metrics when the getters
used to collect the data on etcd haven't been initialized properly. This
happens when the EtcdOptions are not applied which is the case for
aggregated apiservers that don't care about storage.
Signed-off-by: Damien Grisonnet <dgrisonn@redhat.com>
Kubernetes-commit: c6efaf16c1ed07ce37485b7a272628f653cbf06f
2023-08-10 17:01:17 +02:00
e7a7329b64
Merge pull request #119835 from liggitt/mitigate-aggregated-discovery-npe
...
Avoid returning nil responseKind in v1beta1 aggregated discovery
Kubernetes-commit: 3d941afece97b284c764e5320cc8c80b0e88cba8
2023-08-10 01:27:20 +00:00
7ebae7f76f
kmsv2: add metric for DEK cache filled
...
Signed-off-by: Rita Zhang <rita.z.zhang@gmail.com>
Kubernetes-commit: 3cbecf218dfea2e99ae95310ac03406d1d87a072
2023-08-09 12:28:01 -07:00
1edd7d6157
Avoid returning nil responseKind in v1beta1 aggregated discovery
...
Kubernetes-commit: 1876ddf71497bad349f7c4df24c2e22356d3bad9
2023-08-08 14:25:56 -04:00
35302d6383
Move adding GroupVersion log until after an update is confirmed
...
Kubernetes-commit: 49e00e8bdeec6b1cdaf691ec85ba8510892ebbc2
2023-08-08 14:28:54 +00:00
49f7deccb5
fix race on etcd client constructor for healthchecks
...
Change-Id: Id29b5b377989dcb5377316cfcdea367071a47365
Kubernetes-commit: 77b3bb0f69bfa4e5eb56ba484f724476304616cc
2023-08-08 13:55:14 +00:00
cc544e7bf1
Merge pull request #119725 from MadhavJivrajani/bump-net-dep
...
[CVE-2023-3978] .*: bump golang.org/x/net to v0.13.0
Kubernetes-commit: 1620473a9a01dd6bbef3398c0acb2e581d0a13c3
2023-08-07 21:21:27 +00:00
539b445fa2
Add test coverage of result size of string operations
...
Kubernetes-commit: e4d16f34c15affdf4411d5bd1b19991b5fa27f2a
2023-08-07 12:41:52 -04:00
a1fc973692
Bump cel-go to v0.16.1
...
Kubernetes-commit: 69a5a528967500199a6748d0b7fac2a0fcc6df6d
2023-08-07 15:51:36 -04:00
13a3aab581
apiserver/httplog: pretty up impersonation output
...
```
I0807 09:09:16.419239 1 httplog.go:132] "HTTP" verb="GET" URI="/apis/batch/v1?timeout=32s" latency="214.666µs" userAgent="kubernetes-provider/v0.0.0 (linux/arm64) kubernetes/$Format" audit-ID="948ef6b2-474d-45a7-ad5f-894ce93d05f7" srcIP="192.168.139.202:35542" apf_pl="exempt" apf_fs="exempt" apf_execution_time="129.5µs" resp=200 addedInfo=<
&{kubernetes-admin [system:masters system:authenticated] map[]} is acting as &{foo [system:authenticated] map[]}
>
```
to
```
I0807 09:09:16.419239 1 httplog.go:132] "HTTP" verb="GET" URI="/apis/batch/v1?timeout=32s" latency="214.666µs" userAgent="kubernetes-provider/v0.0.0 (linux/arm64) kubernetes/$Format" audit-ID="948ef6b2-474d-45a7-ad5f-894ce93d05f7" srcIP="192.168.139.202:35542" apf_pl="exempt" apf_fs="exempt" apf_execution_time="129.5µs" resp=200 addedInfo="kubernetes-admin[system:masters system:authenticated] is impersonating foo[system:authenticated]"
```
Signed-off-by: Dr. Stefan Schimanski <stefan.schimanski@gmail.com>
Kubernetes-commit: 37730c07dd658ba585ffee3861780e18947ca534
2023-08-07 11:23:30 +02:00
499e610e3d
.*: bump golang.org/x/net to v0.13.0
...
Signed-off-by: Madhav Jivrajani <madhav.jiv@gmail.com>
Kubernetes-commit: 1b90dff5276f3cb37236b446f1821175dad802c4
2023-08-02 11:11:22 +05:30
64eaf11221
wsstream: use a single approach to detect connection upgrade
...
Signed-off-by: Monis Khan <mok@microsoft.com>
Kubernetes-commit: 62b063b74b5eb1b7e72ebac7b5348593249f732b
2023-08-01 18:37:34 -04:00
2eac3ca68c
kmsv2 test feature enablement unit test
...
Signed-off-by: Rita Zhang <rita.z.zhang@gmail.com>
Kubernetes-commit: d86e72202c4b039e1dceccbfbae559fb1c54471d
2023-08-01 10:17:01 -07:00
bf2563c6cd
CEL lazy map: add test for boolean short-circuiting
...
Kubernetes-commit: 66aa2af0979cc6007cd63720876fd21dda3b17dc
2023-07-25 14:37:20 -07:00
d2172f30e1
Merge pull request #119409 from alexzielenski/apiserver/policy/vap-tests
...
Add test cases for ValidatingAdmissionPolicy
Kubernetes-commit: b53830590fc2eff8a219d7bc225091878263ebe6
2023-07-24 15:12:13 -07:00
066c7cb8cc
apiserver: add flow control metric current_inqueue_seats
...
Signed-off-by: Andrew Sy Kim <andrewsy@google.com>
Kubernetes-commit: fb9646fd60d4b8e79223b729c1cb54fc6818fdd1
2023-07-24 19:40:05 +00:00
09a47412b5
bugfix: use matched resource for AdmissionRequest.resource, not the resource it was converted from
...
use existing admission request for audit annotation eval
populate matchResource in empty rules case
Kubernetes-commit: e1b0bc3d0a7fb89a1e60f4ec1ee34b10de22d00a
2023-07-21 18:13:24 -07:00
eea6b57f73
bump validatingadmissionpolicy alpha->beta
...
Kubernetes-commit: 5e2e8c806475d21bc22f10ccc810451c1bcb21a7
2023-07-21 16:27:51 -07:00
62fa4fb0fe
Merge pull request #118644 from alexzielenski/apiserver/policy/namespaceParamRef
...
KEP-3488: Promote ValidatingAdmissionPolicy to Beta
Kubernetes-commit: 18f8cb83989ff64beb0c7f47cdd3ad9df7bdbbeb
2023-07-22 03:29:38 +00:00
1b09d3c04f
Merge pull request #118828 from enj/enj/f/kms_v2_hkdf_expand
...
kmsv2: KDF based nonce extension
Kubernetes-commit: 773a6b1e460360538ce4d85a7c0d009efed81836
2023-07-22 03:29:36 +00:00
cf66e8fde8
Merge pull request #119437 from serathius/etcd-semantics
...
Fix the semantic meaning of etcd server within component statuses and metrics.
Kubernetes-commit: 5766947ab87d459266210945d6d1df9e138f3908
2023-07-20 23:08:44 +00:00
06c891133c
Merge pull request #119215 from alexzielenski/apiserver/policy/namespaceParamRef-alpha
...
KEP-3488: Per namespace policy params
Kubernetes-commit: 8a053c700a3abc30717860e0b6a13243a7250743
2023-07-20 23:08:43 +00:00
a690957dd1
update codegen
...
Kubernetes-commit: d6479587445a5a6fa736ee7fb3012a29f4e6e5e7
2023-07-19 16:21:22 -07:00
df86e524c7
refactor: replace usage of v1alpha1 with v1beta1
...
v1alpha -> v1beta
fill in DenyAction where there is no ParameterNotFoundAction
Kubernetes-commit: ef8670c946d53fda523341658919f9d8bd242d40
2023-07-19 15:53:31 -07:00
e9acd0c76d
Fix the semantic meaning of etcd server within component statuses and metrics.
...
Instead of numerating all the etcd endpoints known by apiserver, we will
group them by purpose. `etcd-0` will be the default etcd, `etcd-1` will
be the first resource override, `etcd-2` will be the second override and
so on.
Kubernetes-commit: 03aad1f823cb719fa6e6b6d33fefa2a2140cc760
2023-07-19 14:25:54 +02:00
d501de662c
feature: add multiple params capability to VAP controller
...
Kubernetes-commit: b5e9e0168cf9383dacbd730893c6bc426581e64b
2023-07-10 18:40:45 -07:00
1f9118f187
refactor: make scope of ParamKind available to vap controller
...
Kubernetes-commit: 3f63a2d17d4f70dc3ac191a52ad36897086efa7c
2023-07-11 12:04:07 -07:00
6a8d8652f7
refactor: use the provided sharedInformerFactory for params
...
Kubernetes-commit: 6323c106e9b5b0edd452a2a223d569a5dae8a832
2023-06-12 18:19:33 -07:00
00a0da2cb8
Merge pull request #119166 from nilekhc/log-decryption-failure
...
feat: improves metric and logging
Kubernetes-commit: 90c362b3430bcbbf8f245fadbcd521dab39f1d7c
2023-07-19 10:07:21 +00:00
0e9644ed24
Merge pull request #117740 from Richabanker/uvip-impl
...
Unknown Version Interoperability Proxy Impl
Kubernetes-commit: 66e99b3ff1649fc9bd3d9ef36affa1b16c5e2e21
2023-07-19 06:04:00 +00:00
3373784322
feat: improves metric and logging
...
Signed-off-by: Nilekh Chaudhari <1626598+nilekhc@users.noreply.github.com>
Kubernetes-commit: 2c8288ac873b89ae6e351df5e805b1a825aae60d
2023-07-07 23:01:05 +00:00
7fb4ad7511
api-machinery: stop using deprecated io/ioutil
...
This replaces deprecated ioutil functions as follows:
* ioutil.ReadAll -> io.ReadAll
* ioutil.ReadFile -> os.ReadFile
* ioutil.TempDir -> os.MkdirTemp
* ioutil.TempFile -> os.CreateTemp
* ioutil.WriteFile -> os.WriteFile
Signed-off-by: Stephen Kitt <skitt@redhat.com>
Kubernetes-commit: b60a3a58df2791ae67764f6325be31aea5eca5a0
2023-05-02 15:08:18 +02:00
8a38d429d8
Add impl for uvip
...
Kubernetes-commit: cd5f3d9f9d5ae3153206178e6114d573dc24ad73
2023-03-29 17:20:25 -07:00
f100f84ac4
Merge pull request #119009 from MikeSpreitzer/track-executing-requests
...
Track executing requests
Kubernetes-commit: 31d662e58e9679ada73208fe63759c06793b013c
2023-07-18 21:53:00 +00:00
367a5f819d
Merge pull request #118601 from andrewsykim/apf-tune-max-seats
...
priority & fairness: support dynamic max seats
Kubernetes-commit: f6bcef0fd36f2f8312d8c6f14f17d804dcf97600
2023-07-18 10:03:54 +00:00
149a4e6556
Merge pull request #119321 from mingregister/mingregister-patch-1
...
replace strings.Index with strings.Contains
Kubernetes-commit: b2a9c06b2e7419691de5ea4f7d112baa2e00bc29
2023-07-18 06:14:23 +00:00
8e2b0eca2e
Merge pull request #118204 from sttts/sttts-openapi-v2-parameter-refs
...
openapi: reference shared parameters
Kubernetes-commit: f42ff8687026f8e12fb3d3b0da0760525d8d8ab2
2023-07-18 06:14:21 +00:00
b2ff4347db
Merge pull request #119380 from A-Hilaly/api-server/webhooks/match-conditions-beta-graduations
...
Graduate `AdmissionWebhookMatchCondition` to beta
Kubernetes-commit: 704970877e827908fc231d76f545feaa376bb6ed
2023-07-18 02:20:14 +00:00
Lukasz Szaszkiewicz
Kubernetes Publisher
Damien Grisonnet
Rita Zhang
Jordan Liggitt
Jefftree
Antonio Ojea
Joe Betz
Dr. Stefan Schimanski
Madhav Jivrajani
Monis Khan
Jiahui Feng
Andrew Sy Kim
Alexander Zielenski
Marek Siarkowicz
Nilekh Chaudhari
Stephen Kitt
Richa Banker