kubernetes
/
apiserver
mirror of https://github.com/kubernetes/apiserver.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
6,226 Commits 30 Branches 1,482 Tags 31 MiB
Commit Graph

1435 Commits

Author SHA1 Message Date
Max Smythe 41adff8c93 Custom match criteria (#116350) 
* Add custom match conditions for CEL admission

This PR is based off of, and dependent on the following PR:

https://github.com/kubernetes/kubernetes/pull/116261

Signed-off-by: Max Smythe <smythe@google.com>

* run `make update`

Signed-off-by: Max Smythe <smythe@google.com>

* Fix unit tests

Signed-off-by: Max Smythe <smythe@google.com>

* Fix unit tests

Signed-off-by: Max Smythe <smythe@google.com>

* Update compatibility test data

Signed-off-by: Max Smythe <smythe@google.com>

* Revert "Update compatibility test data"

This reverts commit 312ba7f9e74e0ec4a7ac1f07bf575479c608af28.

* Allow params during validation; make match conditions optional

Signed-off-by: Max Smythe <smythe@google.com>

* Add conditional ignoring of matcher CEL expression validation on update

Signed-off-by: Max Smythe <smythe@google.com>

* Run codegen

Signed-off-by: Max Smythe <smythe@google.com>

* Add more validation tests

Signed-off-by: Max Smythe <smythe@google.com>

* Short-circuit CEL matcher when no matchers specified

Signed-off-by: Max Smythe <smythe@google.com>

* Run codegen

Signed-off-by: Max Smythe <smythe@google.com>

* Address review comments

Signed-off-by: Max Smythe <smythe@google.com>

---------

Signed-off-by: Max Smythe <smythe@google.com>

Kubernetes-commit: e5fd204c33e90a7e8f5a0ee70242f1296a5ec7af
 2023-03-16 04:20:31 +00:00
Igor Velichkovich 05d2078e68 Matchconditions admission webhooks alpha implementation for kep-3716 (#116261) 
* api changes adding match conditions

* feature gate and registry strategy to drop fields

* matchConditions logic for admission webhooks

* feedback

* update test

* import order

* bears.com

* update fail policy ignore behavior

* update docs and matcher to hold fail policy as non-pointer

* update matcher error aggregation, fix early fail failpolicy ignore, update docs

* final cleanup

* openapi gen

Kubernetes-commit: 5e5b3029f3bbfc93c3569f07ad300a5c6057fc58
 2023-03-15 07:36:02 +00:00
Kubernetes Publisher b841df9c51 Merge pull request #115123 from aramase/v2beta1 
[KMSv2] Generate proto API and update feature gate for beta

Kubernetes-commit: 15040e1c860f057c74d6f30b609d52e3ae7a5775
 2023-03-15 07:35:58 +00:00
Kubernetes Publisher 6fb7281a6b Merge pull request #116539 from pohly/ginkgo-gomega-update 
dependencies: ginkgo v2.9.1, gomega v1.27.3

Kubernetes-commit: f22504a9bafd5e34d86853a816d10578376aadc2
 2023-03-15 07:35:53 +00:00
Kubernetes Publisher 121f10f1bd Merge pull request #116345 from aramase/aramase/f/kms_cache_key 
[KMSv2] use encDEK, keyID and annotations to generate cache key

Kubernetes-commit: 2467eb8a7b0e988f897d6eee478636d6ff6d5d3f
 2023-03-15 07:35:47 +00:00
Kubernetes Publisher a8f9a38ca8 Merge pull request #116155 from enj/enj/f/dek_reuse 
kmsv2: re-use DEK while key ID is unchanged

Kubernetes-commit: 4950f519039918c5f247a4cec7cf5b824bb16c92
 2023-03-15 07:35:29 +00:00
Andrew Sy Kim 53a2449e3c apiserver: exclude APF queue wait time from SLO latency metrics (#116420) 
* apiserver: add latency tracker for priority & fairness queue wait time

Signed-off-by: Andrew Sy Kim <andrewsy@google.com>

* apiserver: exclude priority & fairness wait times to SLO/SLI latency metrics

Signed-off-by: Andrew Sy Kim <andrewsy@google.com>

* apiserver: update TestLatencyTrackersFrom to check latency from PriorityAndFairnessTracker

Signed-off-by: Andrew Sy Kim <andrewsy@google.com>

* flowcontrol: add helper function observeQueueWaitTime to consolidate metric and latency tracker calls

Signed-off-by: Andrew Sy Kim <andrewsy@google.com>

* flowcontrol: replace time.Now() / time.Since() with clock.Now() / clock.Since() for better testability

Signed-off-by: Andrew Sy Kim <andrewsy@google.com>

* flowcontrol: add unit test TestQueueWaitTimeLatencyTracker to validate queue wait times recorded by latency tracker

Signed-off-by: Andrew Sy Kim <andrewsy@google.com>

---------

Signed-off-by: Andrew Sy Kim <andrewsy@google.com>

Kubernetes-commit: ee18f602523e11a80823a659bed8f70f98a12914
 2023-03-15 07:35:21 +00:00
Kubernetes Publisher d3d464578a Merge pull request #115668 from jiahuif-forks/feature/validating-admission-policy/type-system 
Type System for ValidatingAdmissionPolicy

Kubernetes-commit: 152876a3eb9c6211c48bb159c87e2bf834e4eedc
 2023-03-15 07:35:12 +00:00
Patrick Ohly 7aa13f68e2 dependencies: ginkgo v2.9.1, gomega v1.27.4 
They contain some nice-to-have improvements (for example, better printing of
errors with gomega/format.Object) but nothing that is critical right now.

"go mod tidy" was run manually in
staging/src/k8s.io/kms/internal/plugins/mock (https://github.com/kubernetes/kubernetes/pull/116613
not merged yet).

Kubernetes-commit: fe59e091eb3331db54cff2351f16eabfe0cb681d
 2023-03-13 16:06:20 +01:00
Kubernetes Publisher 194b6423a9 Merge pull request #116397 from jiahuif-forks/feature/validating-admission-policy/message-expression 
MessageExpression for ValidatingAdmissionPolicy

Kubernetes-commit: 6b3e2b7873f8518b95f5b09fa04f5f316669c7b2
 2023-03-14 05:47:52 +00:00
Kubernetes Publisher 5fe8da4de2 Merge pull request #116542 from enj/enj/f/go1.20 
Explicit bump to go 1.20

Kubernetes-commit: de9ce03f19e8b1ace1e79fae17119820c4232b67
 2023-03-13 21:38:00 +00:00
Monis Khan b01238ab32 Explicit bump to go 1.20 
Signed-off-by: Monis Khan <mok@microsoft.com>

Kubernetes-commit: ba471884fba92246e1547ce4a27f9d5e735afc60
 2023-03-13 12:47:36 -04:00
Kubernetes Publisher a45b9813bc Merge pull request #114497 from dgrisonnet/pod-logs-metrics 
Remove redundant subsystem in kube-apiserver pod logs metrics name

Kubernetes-commit: 94e30facdbe4d21234a07da0b7998b4b8a3b1414
 2023-03-11 02:01:38 +00:00
Kubernetes Publisher 5494077b73 Merge pull request #111372 from HeavenTonight/master 
code cleanup

Kubernetes-commit: 7529178924a997708fa1ad93b32d00326cc27fb0
 2023-03-10 21:07:01 +00:00
Kubernetes Publisher 0202e4e14e Merge pull request #116108 from Jefftree/agg-discovery-enb 
Enable Aggregated Discovery for Beta

Kubernetes-commit: d8fe8454157cfcc79dba292e67c6919be36b6266
 2023-03-10 21:06:59 +00:00
Kubernetes Publisher 4bde4d74d6 Merge pull request #110772 from p0lyn0mial/upstream-reflector-gets-stream 
client-go: Add support for API streaming to the reflector

Kubernetes-commit: 90c3232de77aa0dd09b948ffdd27c575688fba8a
 2023-03-10 17:21:04 +00:00
Kubernetes Publisher 8b3d5d0ea8 Merge pull request #116349 from apelisse/use-smarter-cache 
Update kube-openapi to 15aac26d736a

Kubernetes-commit: a034962173e2b481d59e81178e3897870511ec7d
 2023-03-10 09:06:47 +00:00
Kubernetes Publisher 860d453bc1 Merge pull request #115969 from DangerOnTheRanger/messageExpression-for-crd 
Add messageExpression field for CRD validation

Kubernetes-commit: 16d2d55bc06158124a41f3ee8cf567e63ddd9d21
 2023-03-10 09:06:40 +00:00
Kubernetes Publisher 7a3a376fee Merge pull request #115065 from apelisse/apimachinery-managed-fields 
managedfields: Move most of fieldmanager package to managefields

Kubernetes-commit: e8ae6658ed13fb7dbeb595cf29418f74a523d895
 2023-03-10 09:06:35 +00:00
Kubernetes Publisher 2fa0308197 Merge pull request #116393 from liggitt/etcd-cancel-error 
Recognize etcd/grpc cancel errors correctly

Kubernetes-commit: 7fe0fb7fbfd3d6a8e07d6cc732d963767b2b0c58
 2023-03-09 04:00:50 +00:00
Kubernetes Publisher 629c615880 Merge pull request #116235 from Jefftree/oas-ga 
Promote OpenAPI V3 to GA

Kubernetes-commit: 4a896644de963d87bd863efc4e3ebd9984161e8d
 2023-03-08 23:55:40 +00:00
Kubernetes Publisher f09ba7dd91 Merge pull request #116103 from cici37/context 
Apply context cancellation to ValidatingAdmissionPolicy

Kubernetes-commit: 1030693d4eeceb63df0e060e9c68c7bcbcf01fec
 2023-03-07 16:03:02 +00:00
Kubernetes Publisher e289f0d9a0 Merge pull request #115973 from jpbetz/enforcement-actions 
KEP-3488: Implement Enforcement Actions and Audit Annotations

Kubernetes-commit: 04675428bbfc9bf7ba4c9e1abfc427b6228069d9
 2023-03-07 07:59:23 +00:00
Kubernetes Publisher 044de75c61 Merge pull request #116054 from jpbetz/secondary-authz 
KEP-3488: Implement secondary authz for ValidatingAdmissionPolicy

Kubernetes-commit: 64259b43b8e5b7c086bf2b74743dc7e73ebe37e3
 2023-03-06 23:55:01 +00:00
Kubernetes Publisher 4e95c2b23c Merge pull request #116294 from p0lyn0mial/upstream-flaky-getcurrentrvfromstorage 
cacher: deflake TestGetCurrentResourceVersionFromStorage

Kubernetes-commit: b6acf6f8056533c2d9bf6aa74d055a3fd071b94f
 2023-03-06 16:00:39 +00:00
Kubernetes Publisher 1cdc9eb33b Merge pull request #116166 from pohly/test-go-vet 
fix "go vet" issues, check as part of golangci-lint

Kubernetes-commit: ff735dff85367c2a096c4065b8b3c1fbbeecabc4
 2023-03-04 00:23:51 +00:00
Kubernetes Publisher 4d04ac1ed0 Merge pull request #116162 from apelisse/update-openapi 
Update kube-openapi to afdc3dddf62d31f5e3868d699379c571a6007920

Kubernetes-commit: 253ab3eda71f250ad6692bb16f035cebaf0651c9
 2023-03-04 00:23:44 +00:00
Kubernetes Publisher b623fd4d28 Merge pull request #116251 from wojtek-t/fix_ready_test 
Fix deadlock in ready test

Kubernetes-commit: a1b12e49eac237a37939642d0c3395008b9ab380
 2023-03-03 20:17:05 +00:00
Antoine Pelisse 89a7166a87 Update kube-openapi to afdc3dddf62d31f5e3868d699379c571a6007920 
Kubernetes-commit: 736123f447219375219a23b9acc9d550fe8ec4c4
 2023-03-03 08:43:44 -08:00
Kubernetes Publisher 24494ec75b Merge pull request #116202 from ritazh/kmsv2-testcoverage 
kmsv2: improve test coverage

Kubernetes-commit: 165829587a6fe398a1e473001f6b7dfa32ad9e37
 2023-03-03 12:37:32 +00:00
Kubernetes Publisher 089e06c244 Merge pull request #116242 from bobbypage/bump-gosystemd 
deps: Update github.com/coreos/go-systemd/v22 to v22.4.0

Kubernetes-commit: 152d973d8bd4723874ce59058450edab65687a07
 2023-03-03 08:33:32 +00:00
David Porter 81e9b11dc8 deps: Update github.com/coreos/go-systemd/v22 to v22.4.0 
Update github.com/coreos/go-systemd/v22 to v22.4.0 which introduces
`GetUnitNameByPID`. This function will be used in node e2e to get the
container runtime systemd unit name.

Performed by:

$ hack/pin-dependency.sh github.com/coreos/go-systemd/v22  v22.4.0
$ hack/update-vendor.sh

Signed-off-by: David Porter <david@porter.me>

Kubernetes-commit: 28e9775fd50e14a068ecaea32a1e7a2fac4fa08e
 2023-03-02 19:33:55 -08:00
Kubernetes Publisher 308ee1073b Merge pull request #116221 from enj/enj/i/kms_lru_size 
kmsv2: retain more key ID metrics

Kubernetes-commit: ff52646d9350aae5fcbe47f155e41936bb6c5ea3
 2023-03-02 20:54:04 +00:00
Kubernetes Publisher 5b2e0c750b Merge pull request #115402 from p0lyn0mial/upstream-sendinitialevents-take-2 
Add API for watch list

Kubernetes-commit: 762fa1268651206b9262a0c880a884984028bdf4
 2023-03-02 12:33:22 +00:00
Kubernetes Publisher a2de531ce7 Merge pull request #115893 from mgoltzsche/go-jose-update-2.6 
bump go-jose to v2.6.0

Kubernetes-commit: d788d436c98e26cde800b5dee3c7aa492bc18550
 2023-03-02 05:14:50 +00:00
Kubernetes Publisher bba9e4f448 Merge pull request #116106 from alexzielenski/revert-116062-revert-field-manager 
Revert "Revert "Merge pull request #115324 from alexzielenski/apiserver/smd/use-openapiv3"

Kubernetes-commit: b4b2345f9a4faa08715a1bf3114e6312938f8736
 2023-03-02 05:14:46 +00:00
Kubernetes Publisher 48f7ac46b4 Merge pull request #115277 from pohly/klog-update 
klog update

Kubernetes-commit: 51dedff4f3efd407ebf47de11d0db521274471a3
 2023-03-02 01:46:31 +00:00
Kubernetes Publisher 74ce81dc7a Merge pull request #115413 from pacoxu/etcd-dep-update 
upgrade etcd deps to v3.5.7

Kubernetes-commit: 5b07dd0c5428f8177a670c97e8415798e9a2b6aa
 2023-03-01 21:14:37 +00:00
Kubernetes Publisher c2c9868096 Merge pull request #116033 from chengjoey/fix/apiserver-metrics 
fix apiserver metrics `RecordsWatchCacheCapacityChange` use watchCacheCapacity as increase total

Kubernetes-commit: 8cd421163050d6416357d9f6cf860495b067682d
 2023-03-01 17:14:35 +00:00
Kubernetes Publisher 11b18674b8 Merge pull request #116140 from dashpole/fix_nobody_tracing 
Update otelhttp dependency to v0.35.1

Kubernetes-commit: f22060cda6018fa8fbb146036282bb3dcf5c84cf
 2023-03-01 01:47:02 +00:00
David Ashpole 364555b5c9 update otelhttp to v0.35.1 
Kubernetes-commit: e0d44fd2165881aae8ca7f6ab44bc672509e3c4e
 2023-02-28 17:52:30 +00:00
Kubernetes Publisher a5d1ee28dd Merge pull request #115918 from yt2985/genericWatch 
Partition watchers by namespace/name scope

Kubernetes-commit: f2fdda8667228b357880ed353e494baabc902681
 2023-02-28 13:13:14 +00:00
Kubernetes Publisher 3a9f1f4bf0 Merge pull request #102884 from vinaykul/restart-free-pod-vertical-scaling 
In-place Pod Vertical Scaling feature

Kubernetes-commit: b9fd1802ba0aec68508b4e9eec00819008a79370
 2023-02-28 09:20:51 +00:00
Kubernetes Publisher d7f6a50acf Merge pull request #116070 from aramase/aramase/f/kms-pkg/util 
[KMS] move util from envelope to kms package

Kubernetes-commit: 0e077bb7ac898555b7bb968fee8115aa738bde34
 2023-02-27 05:13:52 +00:00
Kubernetes Publisher 2e474648dc Merge pull request #116053 from aramase/aramase/c/rm_dek_interarrival_kmsv2 
[KMSv2] remove setting `dek_cache_inter_arrival_time_seconds` for KMSv2 only

Kubernetes-commit: c48a7971e35a56cc2c996e174e3f76e9d2e82eaa
 2023-02-25 05:13:34 +00:00
Kubernetes Publisher 64fd31116a Merge pull request #115666 from wojtek-t/refactor_delete_collection 
Minor refactor of DeleteCollection in preparation for pagination support there

Kubernetes-commit: 67f4f9ad5a3d8653b63652774442a09e7780b78b
 2023-02-24 21:13:39 +00:00
Kubernetes Publisher 2a34a68a42 Merge pull request #116037 from wojtek-t/move_cache_watcher 
Split cacheWatcher into its own file

Kubernetes-commit: e8662a46dd27db774ec953dae15f93ae2d1a68c8
 2023-02-24 13:13:24 +00:00
Kubernetes Publisher e05e3e20fa Merge pull request #115794 from MadhavJivrajani/remove-test-list-deprecated 
storage: Get rid of TestListDeprecated

Kubernetes-commit: 7ab7af711188471cca575e6cbb15328c4dc347b0
 2023-02-23 17:13:46 +00:00
Kubernetes Publisher 07630bb938 Merge pull request #115938 from aramase/aramase/f/organize-kms-pkg 
[KMSv2] restructure kms staging dir

Kubernetes-commit: 403a46037df29d08b4aaf1043345bf75feba77b1
 2023-02-22 05:13:23 +00:00
Kubernetes Publisher 83c4b5b2c6 Merge pull request #115686 from tkashem/apf-test-fix 
apiserver: fix APF tests, use T functions on the test goroutine

Kubernetes-commit: 59ec35eb2dbfa92cb1466d8c5a7c0796dfd1eed0
 2023-02-22 05:13:21 +00:00