kubernetes
/
apiserver
mirror of https://github.com/kubernetes/apiserver.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
1,080 Commits 30 Branches 1,482 Tags 31 MiB
Commit Graph

21 Commits

Author SHA1 Message Date
Cao Shufeng 0ff8c2c2e4 run hack/update-all.sh 
Kubernetes-commit: 4a20d729cc22a9d5adef1f778c0b81960f3b10f3
 2017-11-19 12:45:21 +08:00
Cao Shufeng d3301ca8d8 [advanced audit]add a policy wide omitStage 
Kubernetes-commit: d75c0f0e21af8229ed3147e9a798441221c03574
 2017-10-27 10:01:01 +08:00
Dr. Stefan Schimanski 563bb7b931 Update generated code 
Kubernetes-commit: 1e79dfb959896f2e51be87ecef491452bd17724c
 2017-11-09 12:27:20 +01:00
Dr. Stefan Schimanski a32fcea8bb deepcopy: remove deepcopy register tags 
Kubernetes-commit: 72809a08b94650bc8988db37be3a2ee4c6ccd113
 2017-11-09 12:40:14 +01:00
Jeff Grafton f4dbe23125 update BUILD files 
Kubernetes-commit: aee5f457dbfd70c2d15c33e392dce6a3ca710116
 2017-10-12 13:52:10 -07:00
Cao Shufeng b920c935aa run hack/update-all.sh 
Kubernetes-commit: b69285af7ff117018f9cd6c756e2d6b352cd9d42
 2017-10-12 11:29:41 +08:00
Cao Shufeng f7e881914a support micro time for advanced audit 
Kubernetes-commit: 817bc6954ca9af02013fd8f492f8ef865c217b0d
 2017-09-25 11:56:30 +08:00
Jeff Grafton eabf5a2c6e Use buildozer to delete licenses() rules 
Kubernetes-commit: 02fb4200dcdf8636eac5953d04b2c4af912f443b
 2017-09-21 14:54:29 -07:00
Jeff Grafton ecbbfb0461 Use buildozer to remove deprecated automanaged tags 
Kubernetes-commit: 532bd482dfbe25c6fc970d2175f7e02fec2fc8c0
 2017-09-21 14:53:56 -07:00
Kubernetes Publisher 7b23343a61 conversion-gen: make staging dirs independent of living in vendor/ 
Kubernetes-commit: f5451127512e42294564efae97d4cb669df54f49
 2017-09-22 11:42:06 +00:00
Cao Shufeng 26f73b45d4 fix docstring of advanced audit policy 
Kubernetes-commit: 22f4c1ad4db102d66ec829a64ab601919f2019f5
 2017-09-05 14:03:27 +00:00
Cao Shufeng 3827624a56 generated: update API resources 
./hack/update-codegen.sh
./hack/update-generated-protobuf.sh

Kubernetes-commit: b50acbdf0152f59e5fd6b065560aed4f85717a7a
 2017-09-04 14:03:48 +00:00
Cao Shufeng 4905dd9b0c Provide a way to omit Event stages in audit policy 
Updates https://github.com/kubernetes/kubernetes/issues/48561
This provide a way to omit some stages for each audit policy rule.

For example:
  apiVersion: audit.k8s.io/v1beta1
  kind: Policy
  - level: Metadata
    resources:
       - group: "rbac.authorization.k8s.io"
         resources: ["roles"]
    omitStages:
      - "RequestReceived"

RequestReceived stage will not be emitted to audit backends with
previous config.

Kubernetes-commit: 47ba91450fbe7d9002bfc9d4a48a73256252821f
 2017-09-04 14:03:48 +00:00
Cao Shufeng 92f836da87 update generated protobuf for audit v1beta1 api 
Kubernetes-commit: ea519bc06020d2b2a68fa46a3f57c9d66827659d
 2017-09-04 14:03:47 +00:00
Cao Shufeng 626d406dd0 run hack/update-codecgen.sh and hack/update-bazel.sh 
Kubernetes-commit: f94ca49e6307a7a668a7f5eb037891ac2045e167
 2017-09-01 16:38:54 +00:00
Cao Shufeng 9ab155429e Split APIVersion into APIGroup and APIVersion in audit events 
audit.Event.ObjectRef.APIVersion currently holds both the the API group and
version, separated by a /. This change break these out into separate fields.

This is part of:
https://github.com/kubernetes/kubernetes/issues/48561

Kubernetes-commit: c57eebfe2f8d36361d510f0afd926777a44cccd2
 2017-09-01 16:38:54 +00:00
Eric Chiang b4c852ede3 generated: update API resources 
./hack/update-codegen.sh
	./hack/update-codecgen.sh
	./hack/update-generated-protobuf.sh

Kubernetes-commit: 9caff69027e09f4617f06f30a6359072503ecc47
 2017-09-01 16:38:01 +00:00
Eric Chiang 1fa829c7c8 Audit policy v1beta1 now supports matching subresources and resource names. 
policy:
	- level: Metadata
	  resources:
	  - group: ""
	    resources ["pods/logs"]
	- level: None
	  resources:
	  - group: ""
	    resources: ["configmaps"]
	    resourceNames: ["controller-leader"]

The top level resource no longer matches the subresource. For example "pods"
no longer matches requests to the logs subresource on pods.

```release-note
Audit policy supports matching subresources and resource names, but the top level resource no longer matches the subresouce. For example "pods" no longer matches requests to the logs subresource of pods. Use "pods/logs" to match subresources.
```

Kubernetes-commit: 85491f1578b9b97751a332d3b957d874cecf27b3
 2017-09-01 16:38:01 +00:00
Jordan Liggitt 064c57bb9b Generated files 
Kubernetes-commit: c7defb806fc6c69deb4ab57655c3fa323ba8bebd
 2017-08-29 13:18:49 +00:00
Cao Shufeng 24b54db39e run hack/update-all.sh 
Kubernetes-commit: 0410221c3fec1a54cde05104b92e44e13cddc77a
 2017-08-29 13:16:13 +00:00
Cao Shufeng 3468d049a7 upgrade advanced audit to v1beta1 
Kubernetes-commit: f4e8b8f1464e588306d5c1c4ffdc1a6cb1e9313b
 2017-08-29 13:16:13 +00:00