a048292893
Merge pull request #102057 from marseel/feature/add_logging_of_filters
...
Add logging of filters to api calls logs
Kubernetes-commit: ec5ec0804d5f13531738f76fa85846b9cff106a7
2021-05-19 11:17:41 +00:00
e68a95ecd0
update testing related dependencies
...
Signed-off-by: Davanum Srinivas <davanum@gmail.com>
Kubernetes-commit: 0803ea49b95579195fc55b4a64a6e859932dba7f
2021-05-18 19:31:47 -04:00
a01d02b7fd
Make validation totalAnnotationSizeLimitB public.
...
Replace the forked totalAnnotationSizeLimitB with
apimachineryvalidation.TotalAnnotationSizeLimitB.
Kubernetes-commit: 55ff96301797a503b6ee1d09f0eb2ffc827f01b1
2021-05-18 17:28:11 -04:00
b313c48103
Retain the test coverage of TestObserveWebhookRejection.
...
Kubernetes-commit: ae90e6b9a1f1e9e7704feeefa8723c15f2afa61e
2021-05-18 21:13:24 +00:00
9eb1679911
Merge pull request #102094 from liggitt/revert-runc
...
Revert "Merge pull request #101888 from kolyshkin/update-runc-rc94"
Kubernetes-commit: 1295b2c4b59b8bba58186294eb2d76a7ecb4987e
2021-05-18 19:44:36 +00:00
c10cbf5412
Respect annotation size limit for SSA last-applied.
...
To support CSA and SSA interoperability, SSA updates the CSA
last-applied annotation.
This change ensures we don't set a big last-applied annotation if the
value is over the annotation limits.
Also, make sure that it's possible to opt-out of this behavior by
setting the CSA annotation to "" the empty string.
Kubernetes-commit: 6054320be1e50a450e9d1e19a79caa96f2035d4d
2021-05-18 15:06:48 -04:00
7edb7c1c1e
Add attr to the argument list of ObserveWebhookRejection, and remove
...
operation, as it is included in attr.
Kubernetes-commit: fb23e449ab680bc53fc1aae826e377c1153d51e4
2021-05-18 17:42:02 +00:00
f9b4d95442
add fail-open audit logs to validating and mutating admission webhook
...
Kubernetes-commit: 9fe7c8955bcb1edbb5aa4fe6bfb8bb6d93d381de
2021-05-18 13:31:03 -04:00
7e7e12fdd1
Revert "Merge pull request 101888 from kolyshkin/update-runc-rc94"
...
This reverts commit b1b06fe0a4d80ac0fd67fae56f29a3710934a256, reversing
changes made to 382a33986b043f78a42d3d865d0ca383687bf171.
Kubernetes-commit: 4b45d0d921051627c43d5fc014e383a6cb872ade
2021-05-18 09:12:04 -04:00
7f74d873f3
Merge pull request #97232 from p0lyn0mial/upstream-graceful-shutdown-unit
...
adds a unit test for checking if graceful shutdown of HTTP2 server works
Kubernetes-commit: 2d58b72889b5c617b2c70d2734eef6d391362e1b
2021-05-18 11:28:49 +00:00
50f8d1fd27
Merge pull request #101888 from kolyshkin/update-runc-rc94
...
vendor: bump runc to rc94
Kubernetes-commit: b1b06fe0a4d80ac0fd67fae56f29a3710934a256
2021-05-18 11:28:46 +00:00
489e43cad9
Add logging of filters to api calls logs
...
Kubernetes-commit: 7e01b7260ac5cc20c1fc236cae220857726dc330
2021-05-17 11:52:33 +00:00
790f5a21a7
Fix auditing failed of request: encoding failed
...
Kubernetes-commit: 329f7d55d1344f728e28ce49728234f9f8f4c5d3
2021-05-17 02:31:08 +08:00
60016f0860
Merge pull request #99840 from deads2k/try-beta
...
update to handle beta removals in 1.22
Kubernetes-commit: 8abdf8cf4549f438e45bf5e54e0080c243e645d7
2021-05-13 16:42:05 -07:00
d15d62d4df
enforce strict alpha handling for API serving
...
Kubernetes-commit: 21faec925459bce93954e0f0110ebd3a4f207c24
2021-05-12 09:17:15 -04:00
2286099903
update integration tests to reflect the kube version to stop serving removed APIs
...
Kubernetes-commit: d6a4afa5b8f6b7a17868649ea40b370c7f12a37f
2021-05-11 15:17:40 -04:00
7efdd584a1
Merge pull request #101865 from sanwishe/structuredLogdynamiccertificates
...
Structured Logging migration: for package staging/src/k8s.io/apiserver/pkg/server/dynamiccertificates
Kubernetes-commit: f594c25c70bab163edba38bbf17faf7176577a6c
2021-05-18 11:28:40 +00:00
0776e2390c
Merge pull request #99391 from zhuangqh/update-doc
...
docs: fix outdated enhancement doc link
Kubernetes-commit: 8ba1831951bb3e597473433789590a787eabb6b3
2021-05-18 11:28:36 +00:00
5d58e48c69
Merge pull request #101777 from pacoxu/flake-apiserver-config
...
wait for poststarthook/max-in-flight-filter to be initialized
Kubernetes-commit: 4c6c3f39f9449897264455e2cc6a51a7fa715160
2021-05-18 11:28:33 +00:00
e3be483b74
Merge pull request #101790 from mborsz/patch-15
...
In "Fast watcher, slow processing." warning, print objectType
Kubernetes-commit: 27af788a1765dec279086be18fa9ba4a057ef427
2021-05-18 11:28:31 +00:00
bb1430a365
Merge pull request #101046 from lojies/fixbrokenlink
...
fix broken link in some files
Kubernetes-commit: c9bd08a3c47acdf2d8275015c0917a439a2df179
2021-05-18 11:28:28 +00:00
d844c612f3
Merge pull request #98028 from tkashem/apf-post-startup-fix
...
add auto update for priority & fairness bootstrap configuration objects
Kubernetes-commit: 0a46301891ca65491b2090a55f1b3fbaafc14000
2021-05-18 11:28:26 +00:00
068d9df703
Merge pull request #101390 from caesarxuchao/minor
...
minor change, move the comment to the right line
Kubernetes-commit: c76e21806b55d09b26c1a7fdf6090a0bd8df6d73
2021-05-18 11:28:22 +00:00
11278839a7
Merge pull request #97867 from lauchokyip/fixstaticerrors
...
Fix staticcheck on vendor/k8s.io/apiserver/pkg/server/httplog
Kubernetes-commit: d76d217b0f1907b15800c1c3a45a4986ca789791
2021-05-18 11:28:20 +00:00
6259222d53
Merge pull request #97428 from tkashem/inner-handler-timeout
...
add more context to log after a request times out
Kubernetes-commit: d9ac8234771213295c6996b8c5c2ec934d0d9306
2021-05-18 11:28:18 +00:00
656428f94c
Merge pull request #100216 from yangjunmyfm192085/run-test29
...
Fix misspelling of condition.
Kubernetes-commit: c08526c7f70ce665f61d149ed631c4fd31f48bd2
2021-05-18 11:28:16 +00:00
ed042aa23e
Merge pull request #100993 from mozillazg/fix-staticcheck-failed-registry-rest-resttest
...
Fix staticcheck failures for vendor/k8s.io/apiserver/pkg/registry/rest/resttest
Kubernetes-commit: bd6f5c2e645a64e9127625cd2c2bf83c8c80ab2a
2021-05-18 11:28:13 +00:00
2e076b8708
Merge pull request #101107 from cmssczy/etcd_storage
...
fix hardcoding and format error log
Kubernetes-commit: 2bda8ac3ec163ef158ca45d4f49de857c5107070
2021-05-18 11:28:11 +00:00
208474c5fe
Merge pull request #101389 from caesarxuchao/loopback
...
Switch the order of adding SNICert and creating LoopbackClientConfig
Kubernetes-commit: 4bfde341026f63a3a8d5d9d150b351a5024c59ed
2021-05-18 11:28:05 +00:00
c55f8b7cef
Merge pull request #101707 from enj/enj/i/bad_cadata
...
client-go transport: assert that final CA data is valid
Kubernetes-commit: 9126048c9c47cc51f15f977da51c6023229a02b5
2021-05-18 11:28:04 +00:00
3c7f54740f
apf: add plumbing to estimate width" of a request
...
- add plumbing that allows us to estimated "width" of a request
- the default implementation returns 1 as the "width" of all
incoming requests, this is in keeping with the current behavior.
Kubernetes-commit: 9b72eb1929a64b9d5a5234090a631ba312fb4d41
2021-05-11 07:03:05 -04:00
ec22c8bdd8
apf: add "width" for request
...
all requests have a width of 1 to maintain current behavior.
Kubernetes-commit: b50507d98bd12503592ea62d2be2aadef49bdf70
2021-05-11 07:03:05 -04:00
c2901b339f
vendor: bump runc to rc94
...
One notable change is cgroup manager's Set now accept Resources rather
than Cgroup (see https://github.com/opencontainers/runc/pull/2906 ).
Modify the code accordingly.
Also update runc dependencies (as hinted by hack/lint-depdendencies.sh):
github.com/cilium/ebpf v0.5.0
github.com/containerd/console v1.0.2
github.com/coreos/go-systemd/v22 v22.3.1
github.com/godbus/dbus/v5 v5.0.4
github.com/moby/sys/mountinfo v0.4.1
golang.org/x/sys v0.0.0-20210426230700-d19ff857e887
github.com/google/go-cmp v0.5.4
github.com/kr/pretty v0.2.1
github.com/opencontainers/runtime-spec v1.0.3-0.20210326190908-1c3f411f0417
Signed-off-by: Kir Kolyshkin <kolyshkin@gmail.com>
Kubernetes-commit: b49744f177087173d43d7771588d83b9df5a3c0b
2021-05-10 18:12:04 -07:00
1b6c1bf2dd
Structured Logging migration: for package staging/src/k8s.io/apiserver/pkg/server/dynamiccertificates
...
Signed-off-by: sanwishe <jiang.mingzhi35@zte.com.cn>
Kubernetes-commit: 6eb645088c41f5f9309ad27a3fe80ccebd18460d
2021-05-10 20:08:14 +08:00
770eb2bc44
Update watcher.go
...
Kubernetes-commit: 532e35ba31e4df0a2df7dd5f2930035ce9379559
2021-05-07 16:07:34 +02:00
5290a24345
Implement support for watch initialization in P&F
...
Kubernetes-commit: 0cc217647ca8be0820973b970124a072c27b6575
2021-05-07 12:49:06 +02:00
e11aa23b6b
wait for poststarthook/max-in-flight-filter to be initialized asynchronously
...
Signed-off-by: pacoxu <paco.xu@daocloud.io>
Kubernetes-commit: 3c4eb55b4acd4bc4740b15a58fc7da0d5b516300
2021-05-07 15:17:03 +08:00
5289a15a1a
client-go transport: assert that final CA data is valid
...
Signed-off-by: Monis Khan <mok@vmware.com>
Kubernetes-commit: 440ea3ef49e0ac77353ceeaebc2aad6c995d5b35
2021-05-03 10:11:54 -04:00
0abfd35982
Merge pull request #95396 from stlaz/x509_cn_error_metrics
...
webhooks,aggregation: add metrics to count certs missing SAN
Kubernetes-commit: 96e4e953978416e164e001abd2c607ce357fdd46
2021-05-18 11:28:01 +00:00
ba14a28ef3
Merge pull request #101484 from tkashem/apf-queueset-use-list
...
apf: use a list instead of slice for queueset
Kubernetes-commit: a108dc498be8c745cbf01ae072389fbae11fb970
2021-05-18 11:27:58 +00:00
b10515a636
Merge pull request #100218 from aojea/unitflakes1
...
unit test using metrics must reset the global registry
Kubernetes-commit: 6850e0abf24fd115cd26853559247861820b5670
2021-05-18 11:27:56 +00:00
664c22f9f6
Merge pull request #101509 from thinpark/park
...
[k8s.io/apiserver/pkg/endpoints/discovery/]: improve readability
Kubernetes-commit: ce5ce8e290ae140bc8d4838a377f99052d592191
2021-05-18 11:27:53 +00:00
8dd82c2391
Add WarningsOnCreate,WarningsOnUpdate
...
Kubernetes-commit: 8c8a4cf3e4a18e97359ce750530a4fa27bbd3b88
2021-04-30 21:46:54 -04:00
d636703205
Default StreamingProxyRedirects to disabled
...
Signed-off-by: pacoxu <paco.xu@daocloud.io>
Kubernetes-commit: 2eb90f9b80982d31efa971450ea7ac60359f9442
2021-04-30 14:07:43 +08:00
b9ce58c2ef
Merge pull request #101611 from p0lyn0mial/fix-fieldmanager-admission-metadata
...
let objects without metadata pass through the managedFields admission controller
Kubernetes-commit: db2c109a14e9847da5fde58deb723dd8402aaa2c
2021-04-29 06:50:50 -07:00
a9e68c9b32
let objects without metadata pass through the managedFields admission controller
...
Not all objects provide metadata. There might be extention servers that allow for creating objects without the metadata field.
This PR changes the managedFileds admission to deal with objects without the metadata field.
Object without that field will be passed directly to the wrapped admission controller for further validation.
Kubernetes-commit: 3dbaf305ae1e52105a338987f3770ff104def68b
2021-04-29 14:08:36 +02:00
28df761863
Merge pull request #101532 from stevekuznetsov/skuznets/wrap-admission-error-reasons
...
apiserver: wrap errors in admission with context
Kubernetes-commit: 50e319767cc4aad5c6ff56a8d002c406cdcc3e0e
2021-05-18 11:27:49 +00:00
15750850e0
specify pod name and hostname in indexed job
...
Kubernetes-commit: e64e34e0298d27d4099b632f5b7c1ba38fc66561
2021-04-29 03:33:36 +00:00
8c01d7fe18
apiserver: wrap errors in admission with context
...
When the API server encounters an error during admission webhook
handling, lower-level errors are bubbled up without any additional
context added. This leads to fairly opaque and unintelligible errors. It
is not clear to users if the API server itself is having an error (for
instance, fetching the REST client) or if the request to the webhook
failed in some way.
Signed-off-by: Steve Kuznetsov <skuznets@redhat.com>
Kubernetes-commit: ae9e71ba68cb1dd00bb5ed2635bac9aab2abbafe
2021-04-27 11:19:01 -07:00
f9a92cec2f
Merge pull request #95387 from JAORMX/logperms
...
Ensure audit log permissions are restricted
Kubernetes-commit: b81a36021f0a6d3d4944c3aba779e0174955515c
2021-05-18 11:27:46 +00:00
Kubernetes Publisher