kubernetes
/
apiserver
mirror of https://github.com/kubernetes/apiserver.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
3,010 Commits 30 Branches 1,482 Tags 31 MiB
Commit Graph

3010 Commits

Author SHA1 Message Date
Shihang Zhang 53db7e198a change envelope transformer to return status error for better monitoring 
Change-Id: I8263c4673d5f57617acf315c7af6ebe5aacd9c7c

Kubernetes-commit: cba43530d77d7f28bc302912e8f43c4a69fdec3b
 2019-09-10 13:12:31 -07:00
Jordan Liggitt 0c12043fe4 Generated files 
Kubernetes-commit: bbedc4f7ed436d28ed574615a33f8d03f7c8a2f0
 2019-09-09 08:55:04 -04:00
Jordan Liggitt a653e5ab1a Export UserInfo conversion, use authnv1.UserInfo in audit 
Kubernetes-commit: 0e787a4b78a849fa66a02126721dd185e7c00955
 2019-09-09 08:54:54 -04:00
haoshuwei 5bce489f18 fix some ineffassigns 
Signed-off-by: haoshuwei <haoshuwei24@gmail.com>

Kubernetes-commit: aaed9daf9b44757e767d93bd45d1bb0412c00243
 2019-09-09 18:52:17 +08:00
Dr. Stefan Schimanski fc05a0cd5b endpoints: fix admission test types 
Kubernetes-commit: 420f010f8798a8938ff4332ca53bbac8a8e09c01
 2019-09-09 08:36:52 +02:00
haoshuwei 0682f6518c fix some missing errors return statements 
Signed-off-by: haoshuwei <haoshuwei24@gmail.com>

Kubernetes-commit: c4fe8f11b200d0a97e8ce447e5af592b5c4870d0
 2019-09-09 13:54:14 +08:00
Ted Yu 66fb39740e Return proper Kind in error for Cacher 
Kubernetes-commit: e4d880bd62fc694bffc188a680c9c088a86a5167
 2019-09-07 19:42:56 -07:00
Monis Khan 298cf1beec Encryption config: correctly handle overlapping providers 
This change updates NewPrefixTransformers to not short-circuit on
the first transformer that has a matching prefix.  If the same type
of encryption ProviderConfiguration is used more than once, they
will share the same prefix.  A failure in the first one should not
prevent a later match from being attempted.

Added TestCBCKeyRotationWithOverlappingProviders unit test to
prevent regressions.  Note that this test explicitly exercises this
flow using an EncryptionConfiguration object as the structure of the
resulting transformer is an important part of the check.

Signed-off-by: Monis Khan <mkhan@redhat.com>

Kubernetes-commit: 4dc16f29a7285a4bcaff1915728953d8a55e1b6e
 2019-09-06 12:09:43 -04:00
RainbowMango 5f565617cd Add metrics of authentication overall latency. 
Add alpha tags to authentication_attempts explicitly.

Kubernetes-commit: 0c0d69e8be69fd2e1c62a292ed44be6c0d4158fc
 2019-09-04 20:50:24 +08:00
Kubernetes Publisher e72ec4e024 Merge pull request #82047 from roberthbailey/owners 
Remove myself from reviewers across the repo

Kubernetes-commit: 7e906ae145f1c8d9306c24b95c239550a921531a
 2019-09-04 11:53:29 +00:00
Kubernetes Publisher f83d0c1e0b Merge pull request #82303 from roycaihw/update-precondition-retry 
In GuaranteedUpdate, retry on a precondition check failure if we are working with cached data

Kubernetes-commit: 26a381b8e1cf30021b0169721a874e77d6681b9c
 2019-09-04 03:53:19 +00:00
Haowei Cai a0989eba0f in GuaranteedUpdate, retry on precondition check failure if we are working with cached data 
Kubernetes-commit: 88f0be6e59aa56570deaa2a9163d0eb3a3ae20f8
 2019-09-03 17:26:39 -07:00
Haowei Cai 495219a608 test 
Kubernetes-commit: 2670651a3c06028b6aaadb9dc7151d71357364bf
 2019-09-03 17:09:12 -07:00
Kubernetes Publisher 0ae3388cc2 Merge pull request #82252 from liggitt/webhook-client-auth-test 
Match webhook client auth with ports consistently

Kubernetes-commit: b47349ad20084ed1033dad3349bc7d82970394c5
 2019-09-03 16:01:51 -07:00
mengyang02 0da8f30350 replace time.Now().Sub with time.Since 
Kubernetes-commit: 0205215425607a7a390eaa6493033511626bb189
 2019-09-03 20:43:32 +08:00
Jordan Liggitt 25bf5d3b30 Add integration test for webhook client auth 
Kubernetes-commit: e734c70e037cf1311581eb61ae3e45adaa76771b
 2019-09-02 22:37:07 -04:00
Jordan Liggitt 80b9dc503b Plumb service port, URL port to webhook client auth resolution 
Kubernetes-commit: d127042cb81cbf545332ec3124161525ef84183c
 2019-09-02 22:38:36 -04:00
Jordan Liggitt 2de636a948 Search client auth with and without port 
Kubernetes-commit: 2f5dde7672eaf90c7086f86a5a4ee190559f3bb2
 2019-09-02 22:38:55 -04:00
Kubernetes Publisher fa157b05a9 Merge pull request #81413 from Bisnode/OIDC-honour-nbf 
bump github.com/coreos/go-oidc dep to pick up nbf enforcement

Kubernetes-commit: 443002fcb7bdd5261e383b6da358a16e43183415
 2019-08-31 11:53:05 +00:00
Kubernetes Publisher d70030a0cf Merge pull request #77354 from jennybuckley/crd-apply 
Use CRD validation field in server-side apply

Kubernetes-commit: ab162cd28c332d0ecfb4f918d5f91e9e57acdb61
 2019-08-31 07:56:30 +00:00
Kubernetes Publisher c6d374fefe Merge pull request #82048 from cheftako/kas-np4 
Add support for konnectivity service to the etcd3 client.

Kubernetes-commit: c86da8e2c190c7e47d68d1863f9753ca6d7f2ba5
 2019-08-30 23:56:34 +00:00
Ted Yu a50931ba7e Move Update Apply conflict test to field manager test 
Kubernetes-commit: 9828f986afd4db79a10c78bee1cc2e449faee3a6
 2019-08-30 14:47:39 -07:00
jennybuckley 53464e32f4 Update generated 
Kubernetes-commit: badd5b9a26026138e4fc44a643ec1c6b65a7891b
 2019-08-29 19:10:28 -07:00
jennybuckley b1cbdafe99 Use CRD validation field in server-side apply 
Kubernetes-commit: c0617933d4bec5b00dbbfcd24edb7d7e7fc5509d
 2019-08-28 15:28:49 -07:00
Walter Fender da748a626b Add support for konnectivity service to the etcd3 client. 
If konnectivity service is enabled, the etcd client will now use it.
This did require moving a few methods to break circular dependencies.

Factored in feedback from lavalamp and wenjiaswe.

Kubernetes-commit: edbb0fa2fe2084d5d9ce0cf9dc0d1b2d820bb392
 2019-08-27 15:58:06 -07:00
Kubernetes Publisher 8531f088b9 Merge pull request #82090 from liggitt/webhook-http2 
Use http/1.1 for apiserver->webhook clients

Kubernetes-commit: f442b6ef320140730f544527597a140e535f1e1d
 2019-08-30 15:56:26 +00:00
Kubernetes Publisher d04458daaa Merge pull request #81969 from logicalhan/livez 
add `/livez` endpoint for liveness probing on the kube-apiserver

Kubernetes-commit: 7acb066dbcd7d05106609711fc4ec110fec1d1a4
 2019-08-30 03:56:33 +00:00
Kubernetes Publisher f2daa6c116 Merge pull request #81956 from apelisse/server-side-apply-beta 
Server side apply beta

Kubernetes-commit: 991d71e9fe7da2035e06101f1b47cb8544592335
 2019-08-30 03:56:32 +00:00
Kubernetes Publisher 087fed4186 Merge pull request #81399 from roycaihw/webhook-rejection-metrics 
Fix the rejected label semantics in webhook metrics, add a counter metrics for webhook rejection with details

Kubernetes-commit: 34605737b9a96ee4b94ebf8f970501e238086370
 2019-08-30 03:56:31 +00:00
Kubernetes Publisher 3a80fb09e3 Merge pull request #81770 from Hyzhou/fix_link 
Fix broken link to api-conventions doc.

Kubernetes-commit: a9f0db16614ae62563ead2018f1692407bd93d8f
 2019-08-30 03:56:29 +00:00
Kubernetes Publisher 26bbd75f8c Merge pull request #81435 from gyuho/with-block 
Block etcd client creation until connection is up

Kubernetes-commit: 6c62ddc85bd7fdacbbd423ddf9f9fea376978f28
 2019-08-30 03:56:27 +00:00
misakazhou 330a638869 Fix broken link to api-conventions doc. 
Signed-off-by: misakazhou <misakazhou@tencent.com>

Kubernetes-commit: f0323a2030c7adae0e0965a7d3b455dd416472a0
 2019-08-29 08:35:16 +08:00
Haowei Cai 8d86fef522 wire up the webhook rejection metrics in webhook handlers 
Kubernetes-commit: 620f5f2c587971be50cb27bb2a2d35209b3dc058
 2019-08-28 17:32:07 -07:00
Haowei Cai 466e192e26 test 
Kubernetes-commit: 71d7477c2187c0f956b90b7b55e8beee449229a2
 2019-08-28 16:54:39 -07:00
Haowei Cai c5bca07c6b add webhook rejection metrics 
Kubernetes-commit: 714dced0d1c7fbb703fa55c39a071a8a97db9176
 2019-08-28 16:49:47 -07:00
Haowei Cai e248b8b513 fix semantics of the rejected label in webhook metrics 
when error calling webhook is ignored, do not log the request as
rejected

Kubernetes-commit: f3c793512b45ea3910d5e5a379292c13b62ab64b
 2019-08-28 15:31:27 -07:00
Jordan Liggitt 956977bd20 Use http/1.1 in apiserver->webhook clients 
Kubernetes-commit: ddc697866afd1e58cd2ee504277b405052546202
 2019-08-28 13:37:50 -04:00
Jordan Liggitt ce4eaaeeb3 Make webhook benchmarks parallel 
Kubernetes-commit: 601b7d33a9cf0b724cdabb5de81b0bf2821f0fca
 2019-08-28 13:27:38 -04:00
Robert Bailey 1d85fa9bea Remove myself from reviewers across the repo so that PRs are no 
longer assigned to me by blunderbuss.

Move myself to be an emeritus approver for the cluster directory.

Kubernetes-commit: 9d211ab352f78482fde7ec593b3dcacea9bcc139
 2019-08-27 15:57:09 -07:00
Han Kang 050d1b223c add /livez as a liveness endpoint for kube-apiserver 
go fmt

make func private

refactor config_test

Two primary refactorings:

1. config test checkPath method is now each a distinct test
run (which makes it easier to see what is actually failing)

2. TestNewWithDelegate's root path check now parses the json output and
does a comparison against a list of expected paths (no more whitespace
and ordering issues when updating this test, yay).

go fmt

modify and simplify existing integration test for readyz/livez

simplify integration test

set default rbac policy rules for livez

rename a few functions and the entrypoint command line argument (and etcetera)

simplify interface for installing readyz and livez and make auto-register completion a bootstrapped check

untangle some of the nested functions, restructure the code

Kubernetes-commit: aa1b2d6d35c92a31be17357fc66cfc1eca8a67e0
 2019-08-26 16:57:25 -07:00
Antoine Pelisse a0d01904a5 Make ServerSideApply beta, and enable by default (on the server) 
Kubernetes-commit: 66f24a73083fc0673721c9d099eef723b98fb198
 2019-08-26 09:11:04 -07:00
Elana Hashman 754a749970 Fix typo in EnableInf*l*ightQuotaHandler flag 
Kubernetes-commit: a71178ef62053555592c37caec8cd4c635231970
 2019-08-23 15:16:29 -07:00
Gyuho Lee 1d75397d46 k8s/apiextensions-apiserver/test/integration: block etcd client creation until connection is up 
The new etcd balancer (>3.3.14, 3.4.0) uses an asynchronous resolver for
endpoints. Without "WithBlock", the client may return before the
connection is up.

Signed-off-by: Gyuho Lee <leegyuho@amazon.com>

Kubernetes-commit: a254d0e2a67645948c9631d4bf11ef60aa26f5ae
 2019-08-14 17:28:54 -07:00
Kubernetes Publisher 10e972dc08 Merge pull request #81509 from RainbowMango/pr_add_authentication_metrics 
Add authentication metrics: failure, error count

Kubernetes-commit: 30f2545364f3225b62651e26b872e5abdf21ab0b
 2019-08-29 03:52:48 +00:00
RainbowMango a9e8b3830d Add authentication metrics: overall failure and error count 
Kubernetes-commit: a7ac3b9bbe3f3e35117bd7109997e58ce467f0a9
 2019-08-16 19:30:43 +08:00
Kubernetes Publisher ff4d6509a8 Merge pull request #81946 from deads2k/cache 
add cache-control headers to kube-apiserver

Kubernetes-commit: 8af33f9733d8905c76fd3db85b541943b89f67d7
 2019-08-28 16:00:19 +00:00
Kubernetes Publisher f4165ded8c Merge pull request #81896 from liggitt/webhook-efficiency 
Compute webhook selectors and client once per webhookconfig revision

Kubernetes-commit: 273e1a4605e438ccfcfe5c2080e08d308b9b9066
 2019-08-28 11:56:47 +00:00
Kubernetes Publisher a7bb1804a7 Merge pull request #81871 from prameshj/vendor-update 
Update vendor k8s-cloud-provider and google API

Kubernetes-commit: 91bec13163b18238a8ed3d9b872cd27b1193077d
 2019-08-28 11:56:45 +00:00
Kubernetes Publisher 5e753bafc7 Merge pull request #81754 from apelisse/version-fields 
Add FieldsType field to ManagedFields to track content format

Kubernetes-commit: 61e2f52e38ff73f0704b12a0edfa94c8a6619a45
 2019-08-28 11:56:40 +00:00
Kubernetes Publisher d4d82326ad Merge pull request #81531 from logicalhan/kas-migration 
migrate kube-apiserver metrics to stability framework

Kubernetes-commit: f24aa47ceab19d174117d80eec657875c06aeb0c
 2019-08-28 11:56:38 +00:00