kubernetes
/
apiserver
mirror of https://github.com/kubernetes/apiserver.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
7,379 Commits 30 Branches 1,482 Tags 31 MiB
Commit Graph

24 Commits

Author SHA1 Message Date
cici37 3d5977276b Promote metrics for VAP and CRD validation rules to beta. 
Kubernetes-commit: 95dbfa1c3d2f62e5d0f52788a2dd19fc61ca0a36
 2024-07-19 20:46:33 +00:00
Jordan Liggitt b338834e91 Move CEL env initialization out of package init() 
This ensures compatibility version and feature gates can be initialized
before cached CEL environments are created.

Kubernetes-commit: 03d48b76831a3a02d503c3075d818a76afd83cd8
 2024-06-29 21:45:55 -04:00
David Eads f26d4ed894 add field and label selectors to authorization attributes 
Co-authored-by: Jordan Liggitt <liggitt@google.com>

Kubernetes-commit: 92e3445e9d7a587ddb56b3ff4b1445244fbf9abd
 2024-05-23 15:12:26 -04:00
Cici Huang cd492e8b91 Fix the error type, Add into observation, Fix tests. 
Kubernetes-commit: b7821078b36f1cb25d903774ddf37a97966c2eac
 2024-07-16 08:27:36 -07:00
Jiahui Feng 8b22c5cc3d make use of new error reporting in the dispatcher. 
Kubernetes-commit: d61edc51b84774c158b3866ab9a0678d4ddaba96
 2024-04-26 11:49:44 -07:00
Jiahui Feng 8f577b916d remove unused policy_definition_total metric and state label 
Kubernetes-commit: 8e9232ef46d5b08ab4f95ad6c1e93671ef1bd5ba
 2024-04-25 18:30:26 -07:00
Jiahui Feng 2ae742ecb6 make Err wrap one or zero error. 
Kubernetes-commit: ce45a82346623d19168b0b85cbba5ba4ff164417
 2024-04-25 17:59:32 -07:00
Jiahui Feng 8be90f624a errors improvement. 
Kubernetes-commit: b846c39047289e69d932ea9d5d4dadc6856ad0c7
 2024-04-23 16:54:47 -07:00
Matthieu MOREL 8705baa8b2 fix: enable empty and len rules from testifylint on pkg package 
Signed-off-by: Matthieu MOREL <matthieu.morel35@gmail.com>

Co-authored-by: Patrick Ohly <patrick.ohly@intel.com>

Kubernetes-commit: f014b754fb5925dfbca6e27a44d0c3968b157e14
 2024-06-28 21:20:13 +02:00
Jeremy Shih feabdb6d52 make test parallel in for loop 
Kubernetes-commit: 40a25463fa48ee49a713b80b2157c362438960e2
 2024-03-25 09:39:01 +08:00
Cici Huang d44012e895 Adding the feature gates to fix cost for VAP and webhook matchConditions. 
Kubernetes-commit: d6e4115ead6b93d2accf688876471231b365ceae
 2024-05-01 16:26:41 -07:00
cici37 be9c733e9d Promote ValidatingAdmissionPolicy to GA. 
Kubernetes-commit: de506ce7ac9981c8253b2f818478bb4093fb7bb6
 2024-01-23 22:10:40 +00:00
Jiahui Feng 8f8266ef89 update to inject only the list of excluded resources. 
Kubernetes-commit: 6b03166beda6e550ebcbed1bb7d9ca2cc1d94df4
 2024-03-05 10:27:35 -08:00
Jiahui Feng a86b013fb6 make ValidatingAdmissionPolicy ignore excluded resources. 
Kubernetes-commit: 64ee859aa82c17daa8037e4e90e066ae4582d653
 2024-02-28 15:31:44 -08:00
Alexander Zielenski dd139db676 refactor: use shared CollectParams from VAP 
Kubernetes-commit: 4760e0cc44fb0ee2a92d12ee2b17f094e7ea94ec
 2024-02-15 17:00:45 -08:00
Alexander Zielenski 9a4b2b3543 refactor: use match from generic pkg in vap 
It is same exact code, but uses accessors now

Kubernetes-commit: 64cd09f7208e7a45d87ab6436c833c984fa6e594
 2024-02-20 09:22:18 -08:00
Alexander Zielenski eed515aa23 refactor: handle paramKind directly 
remove hacks that might conceal errors

Kubernetes-commit: acf1d850c6153aae10f26ef3d3e21fa8a63b20e0
 2024-02-20 09:22:35 -08:00
Alexander Zielenski 223ffcc3b0 add functions to policy accessors for getting match information and params 
Kubernetes-commit: 6d5133f3ecd4ddb38a29dac69641fb56576491a2
 2024-02-15 16:33:41 -08:00
Alexander Zielenski 8e917a7cef flake: avoid flake by ensuring params appear in the initial list 
sometimes they would not appear in the initial list if they were added while the informer was starting up due to ObjectTracker race

Kubernetes-commit: def05a20e22f069a60f4190755e8c7244d18781c
 2024-02-15 13:58:29 -08:00
Alexander Zielenski 7e9e7fe668 move OWNERS from validating to all new parent policy folder 
meant to do this in refactor PR

Kubernetes-commit: bd27c99262e73955af6af19a1d6d72fce6739522
 2024-02-14 16:32:08 -08:00
Alexander Zielenski 1672796601 bugfix: avoid NPE possibility by making composition environment global 
Kubernetes-commit: 3094395fa76210f33118d10d6a7c8214c50a7f33
 2024-01-29 13:45:27 -08:00
Alexander Zielenski 9fd47abbb1 refactor: implement VAP off of policy plugin fw 
Kubernetes-commit: 18fbc48b0155485cd78ec4d0e6050ccbb7d8e058
 2024-01-22 17:31:52 -08:00
Alexander Zielenski 06be9d025c refactor: move matching logic into parent policy folder 
Kubernetes-commit: d697f43d73870679ad4cd46939ad28e06926b6d3
 2024-01-17 18:12:41 -08:00
Alexander Zielenski 57e06e43f7 refactor: move vap into parent `policy` folder 
also renames to remove stutter

comment

Kubernetes-commit: 8b14116509ac19234924878ab08f7e9e8f03549a
 2024-01-17 18:09:30 -08:00