kubernetes
/
apiserver
mirror of https://github.com/kubernetes/apiserver.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
6,217 Commits 29 Branches 1,436 Tags 31 MiB
Commit Graph

6217 Commits

Author SHA1 Message Date
Jiahui Feng ac15595911 create OWNERS file for cel libs. 
Kubernetes-commit: 43ef87a2680ecc007a036ca032ee17e294aff55c
 2022-12-14 09:19:25 -08:00
Jiahui Feng 46ab726885 implement OpenAPI-based schema resolver. 
Kubernetes-commit: 26089a4c957a87c27da31ecbf171e4943f5af6c0
 2022-12-14 09:18:54 -08:00
Jiahui Feng bfa588de84 refit CEL typing library 
to use OpenAPI schemas.

Kubernetes-commit: f2ee977afd72ee2a66fb491eb74713f1d14a12fd
 2022-12-14 09:18:27 -08:00
ZhangYu 7e4c7c03fd change unnecessary switch to if in metrics.go 
Kubernetes-commit: 48b9f7bb6c8298a00cdc04e394af15afe5804a3e
 2022-11-30 11:04:03 +08:00
Kubernetes Publisher 534818d7e2 Merge pull request #115394 from ritazh/kmsv2-metrics 
kmsv2: add metrics

Kubernetes-commit: 292450717cb76e0c480fa5883d18fe1245176d63
 2023-02-16 04:24:46 +00:00
Kubernetes Publisher acc030f978 Merge pull request #115802 from logicalhan/webhook-metrics 
webhook metrics top out at 2.5s but default timeout is 10s

Kubernetes-commit: a25834cb5a16bbd6a9295aeb5d1621aa8a4cd407
 2023-02-16 00:32:54 +00:00
Han Kang 6ae8541062 add 25s bucket 
Kubernetes-commit: 7b823002f3ee850b53cc0523ca271bc18661e5ef
 2023-02-15 10:27:56 -08:00
Han Kang d92f186e5f use 10 seconds as the biggest bucket for webhook metrics otherwise charts will top out at 2.5s for webhook latencies 
Kubernetes-commit: 20b5205dad419fa79b0c6cd69d01183d21f7d9c5
 2023-02-15 09:16:16 -08:00
Kubernetes Publisher 019815a2d6 Merge pull request #115786 from liggitt/net-0.7.0-master 
Update golang.org/x/net to v0.7.0

Kubernetes-commit: b3d8ac8496a23d65a907f9333d906bcd5463764e
 2023-02-15 12:11:58 +00:00
Kubernetes Publisher 4481ce46b5 Merge pull request #115626 from hh/patch-3 
Migrate apiserver tracing_test.go to registry.k8s.io

Kubernetes-commit: 62903e3de68475bccceb08735eba311f02302b3e
 2023-02-15 06:34:09 +00:00
Kubernetes Publisher 7ccdd9a293 Merge pull request #115758 from sourcelliu/storageversion 
Remove unused code

Kubernetes-commit: b8688048f8d3cca513ae36b2eb6e15f457a18df3
 2023-02-15 06:34:04 +00:00
Jordan Liggitt ea0916c5d0 Update golang.org/x/net to v0.7.0 
Kubernetes-commit: f8e00778ddca11c08117ccf1d1c410641c70c428
 2023-02-14 23:14:30 -05:00
Kubernetes Publisher fce0631cbe Merge pull request #115456 from pohly/goroutine-leak-check 
test/integration: goroutine leak check

Kubernetes-commit: 4cf352c4bba7ae7b2cf95f3278afc44a12c9b332
 2023-02-14 18:23:56 +00:00
mantuliu 24f1059004 Remove unused code 
Signed-off-by: mantuliu <240951888@qq.com>

Kubernetes-commit: bc70548c470983b2299a6d29add41ea81f676d92
 2023-02-14 20:08:11 +08:00
Hippie Hacker 90d239d3a7 Migrate apiserver to registry.k8s.io 
Part of kubernetes/k8s.io#4738

Kubernetes-commit: 75da0cc91ad5a268ef5a2b1fa0b251b81347ca56
 2023-02-09 06:49:27 +13:00
Patrick Ohly 64242c43b8 test: use go-uber/goleak for strict leak checking 
It provides more readable output and has additional APIs for using it inside a
unit test. goleak.IgnoreCurrent is needed to filter out the goroutine that gets
started when importing go.opencensus.io/stats/view.

In order to handle background goroutines that get created on demand and cannot
be stopped (like the one for LogzHealth), a helper function ensures that those
are running before calling goleak.IgnoreCurrent. Keeping those goroutines
running is not a problem and thus not worth the effort of adding new APIs to
stop them.

Other goroutines are genuine leaks for which no fix is available. Those get
suppressed via IgnoreTopFunction, which works as long as that function
is unique enough.

Example output for the leak fixed in https://github.com/kubernetes/kubernetes/pull/115423:

    E0202 09:30:51.641841   74789 etcd.go:205] "EtcdMain goroutine check" err=<
        found unexpected goroutines:
        [Goroutine 4889 in state chan receive, with k8s.io/apimachinery/pkg/watch.(*Broadcaster).loop on top of the stack:
        goroutine 4889 [chan receive]:
        k8s.io/apimachinery/pkg/watch.(*Broadcaster).loop(0xc0076183c0)
        	/nvme/gopath/src/k8s.io/kubernetes/vendor/k8s.io/apimachinery/pkg/watch/mux.go:268 +0x65
        created by k8s.io/apimachinery/pkg/watch.NewBroadcaster
        	/nvme/gopath/src/k8s.io/kubernetes/vendor/k8s.io/apimachinery/pkg/watch/mux.go:77 +0x116
    >

Kubernetes-commit: f131cabfa05d4d2867d987516c898f3a3519f21c
 2023-02-01 14:48:46 +01:00
Kubernetes Publisher 942c3101da Merge pull request #115669 from aramase/aramase/f/structured_logging_check_kms 
logcheck.conf: ensure that kms and value/encrypt uses structured logging

Kubernetes-commit: d2f40481d115155f3ce7abc0b7b2ff2cf8a0bb1e
 2023-02-09 20:37:46 -08:00
Anish Ramasekar 0304cd9f08 logcheck.conf: ensure that kms and value/encrypt uses structured logging 
Signed-off-by: Anish Ramasekar <anish.ramasekar@gmail.com>

Kubernetes-commit: b6b00e65bcfe40fdaca9ce8b214baf5015ad7c5c
 2023-02-10 00:17:54 +00:00
Kubernetes Publisher 8228032d4b Merge pull request #115667 from aramase/aramase/f/structured_logging 
[KMS] Use structured logging in value/encrypt

Kubernetes-commit: de4260fd659488e3f7334b836b1a5aa7b552329e
 2023-02-09 17:02:46 -08:00
Anish Ramasekar c9656aa265 [KMS] Use structured logging in value/encrypt 
Signed-off-by: Anish Ramasekar <anish.ramasekar@gmail.com>

Kubernetes-commit: 6db7496db60816c36b519a940fa1b0af1c0898da
 2023-02-09 19:54:37 +00:00
Kubernetes Publisher ea2072de7b Merge pull request #115665 from aramase/aramase/f/update_vendor_k8s_utils 
Update k8s.io/utils to `a36077c30491`

Kubernetes-commit: 9a51625ebebcc8345c851afc2b5cc98eb19ac193
 2023-02-10 01:24:10 +00:00
Kubernetes Publisher 6d27112fe5 Merge pull request #115649 from aramase/grpc-metrics 
[KMSv2] Add metrics for grpc service

Kubernetes-commit: 0698d9eb829ff0ef10d0a7e5fb525d330d332fb4
 2023-02-10 01:24:07 +00:00
Kubernetes Publisher 0307ae2c8b Merge pull request #115350 from aramase/kmsv2/cache-sha256 
[KMSv2] store hash of encrypted DEK as key in cache

Kubernetes-commit: e476c88ca868b709f7e113d9bd0ed6616b4791b8
 2023-02-10 01:24:04 +00:00
Anish Ramasekar f4bd4bf10c Update k8s.io/utils to `a36077c30491` 
Signed-off-by: Anish Ramasekar <anish.ramasekar@gmail.com>

Kubernetes-commit: 09e02052fdf3d248368b3d05d5c922d616528c4c
 2023-02-09 20:09:41 +00:00
Anish Ramasekar 63ca46e40a [KMSv2] Add metrics for grpc service 
Signed-off-by: Anish Ramasekar <anish.ramasekar@gmail.com>

Kubernetes-commit: de3b2d525b42d6eedeaa0b157f0f5ab98a4821f4
 2023-02-09 07:46:29 +00:00
Rita Zhang f471919cab kmsv2: add metrics 
Signed-off-by: Rita Zhang <rita.z.zhang@gmail.com>

Kubernetes-commit: bd0f7f8ee8f7f1c7809e17fa60804bb37f65c495
 2023-01-29 22:40:18 -08:00
Anish Ramasekar 421ef770de [KMSv2] store hash of encrypted DEK as key in cache 
Signed-off-by: Anish Ramasekar <anish.ramasekar@gmail.com>

Kubernetes-commit: f72cf5c510cf2cf7b8ee375f5c2ec835e3ed225a
 2023-01-27 00:19:32 +00:00
Kubernetes Publisher e3ca625155 Merge pull request #114376 from baomingwang/serialization-error-metric 
Added serialization from etcd error metric

Kubernetes-commit: dfb976e25a6687a2c4ff7d374e3f01006d65df66
 2023-02-08 01:15:33 +00:00
Kubernetes Publisher 3cee67d89e Merge pull request #115379 from artemvmin/serial-mkfs 
Add an option to limit the number of concurrent mkfs calls

Kubernetes-commit: 6eb008620cd0ee3501326ee003d47fbaf1fa5b52
 2023-02-07 05:23:43 +00:00
Kubernetes Publisher a0aff86839 Merge pull request #115542 from SataQiu/clean-apiserver-20230206 
Using BuildOpenAPISpecFromRoutes instead of deprecated BuildOpenAPISpec

Kubernetes-commit: daf0d8d14f2324791bb2261c3173bc1e56efe67a
 2023-02-06 21:15:47 +00:00
SataQiu 08b93a6120 using BuildOpenAPISpecFromRoutes instead of deprecated BuildOpenAPISpec 
Kubernetes-commit: 5fbd49c1023d1d92f2afad39a2ac847fd5f252a7
 2023-02-06 17:47:44 +08:00
Artem Minyaylov 4065ac43ed Update k8s.io/utils to latest version 
Update all usages of FakeExec to pointer to avoid copying the mutex

Kubernetes-commit: f573e149423dc578284789fdff8eeb3c195b5ccf
 2023-02-03 14:51:25 -08:00
Kubernetes Publisher 9bb74f3471 Merge pull request #114894 from dipankardas011/validate-admission-policy-error-handling 
Added error handling in ValidateAdmissionPolicy

Kubernetes-commit: 1ded677b2a77a764a0a0adfa58180c3705242c49
 2023-02-03 21:14:55 +00:00
Max Smythe 19d202d87c make CEL admission controller code consumable (#115412) 
* Make policy decision object public

Signed-off-by: Max Smythe <smythe@google.com>

* Separate version conversion from validation

Signed-off-by: Max Smythe <smythe@google.com>

* Address review comments

Signed-off-by: Max Smythe <smythe@google.com>

* Fix variable name

Signed-off-by: Max Smythe <smythe@google.com>

---------

Signed-off-by: Max Smythe <smythe@google.com>

Kubernetes-commit: 0ed74145fb00626ce0e900812a54ca3de5406f2e
 2023-02-01 17:29:30 -08:00
Kubernetes Publisher c02aff4b8c Merge pull request #114439 from alexzielenski/apiserver/smd/conversion-smaller 
add direct construction of TypeConverter from OpenAPI

Kubernetes-commit: d4750857760ae55802f69989dc2451feeb9a29e5
 2023-02-02 01:15:09 +00:00
Kubernetes Publisher 12885512af Merge pull request #113896 from nilekhc/kms-hot-reload-tests 
chore: improves tests for hot reload of encryptionconfig

Kubernetes-commit: abf8f35356f16796347bb6821a1c366adae5b909
 2023-02-01 01:14:43 +00:00
Kubernetes Publisher 65fb616cf1 Merge pull request #115341 from tkashem/delete-collection 
apiserver: remove 34s timeout from DELETECOLLECTION rest handler

Kubernetes-commit: c9e281df23d66ff1f886b301f15147ab3f6e0074
 2023-01-30 21:20:11 +00:00
Kubernetes Publisher 31ac30ca86 Merge pull request #115266 from pohly/gomega-update 
dependencies: update gomega to v1.26.0

Kubernetes-commit: 6d17cb2051b3a9958ed3353df242312d85e75d43
 2023-01-30 21:20:09 +00:00
Kubernetes Publisher f6a7f5dbff Merge pull request #112809 from tkashem/cors-cve 
apiserver: fix cve for CORS

Kubernetes-commit: d529048a3e7b97a29e271d358330d96a8128485b
 2023-01-30 21:20:07 +00:00
Kubernetes Publisher f77e2e3026 Merge pull request #114490 from MadhavJivrajani/update-contention-profiling-docs 
*: Make docs more accurate for the contention-profiling flag

Kubernetes-commit: a94a35293b03ca4902ec84a42278f853e3268541
 2023-01-30 05:14:39 +00:00
Kubernetes Publisher 959f724cab Merge pull request #115145 from alexzielenski/apiserver/policy/typed-params 
ValidatingAdmissionPolicy: use natively-typed informer for params

Kubernetes-commit: d7cb1c54a540c9978f3754340198aa43eec7e244
 2023-01-28 01:14:29 +00:00
Kubernetes Publisher 781007518a Merge pull request #114997 from Richabanker/metrics-slis-beta 
Enable ComponentSLI as beta feature

Kubernetes-commit: 1f02f43ec6910cbcd46222b16a2f3965458e5e45
 2023-01-27 21:14:14 +00:00
Alexander Zielenski d2e96d0915 use transformer to set gvk back 
Kubernetes-commit: 24fb6b89812ac86622a536dba861729ed5a20b74
 2023-01-26 12:14:14 -08:00
Abu Kashem 4c43232509 apiserver: remove 34s from DELETECOLLECTION rest handler 
Kubernetes-commit: 709748a34e501d75162f580b1e1e65969169d0ab
 2023-01-26 12:25:02 -05:00
Alexander Zielenski 721045969b add unfortunate deepcopy 
Kubernetes-commit: 65513eac3ab67f08745197d8af469532284b797e
 2023-01-24 14:46:35 -08:00
Alexander Zielenski f77de04c6a fix integration test by working around #3030 
test uses kind field which is not populated for native types

Kubernetes-commit: 1554e50be43660bc9f03d97cc26b235ad4f94d6c
 2023-01-24 12:00:05 -08:00
Patrick Ohly 7f86f7e402 dependencies: update gomega to v1.26.0 
If gomega.Eventually/Consistently run into a situation where it observes some
state of e.g. a pod which does not satisfy the condition and then further
polling fails with API server errors, gomega will report both the most recent
pod state and API error instead of just the API error.

Kubernetes-commit: aa1279b5eb79177f5351368d8d9159982b1bfb5e
 2023-01-23 15:19:38 +01:00
Abu Kashem cb855a88b8 apiserver: CVE-2022-1996, validate cors-allowed-origins server option 
Kubernetes-commit: 841311ada2b0ba58e623a89e2e5ac74de0d94d8c
 2023-01-20 13:54:02 -05:00
Alexander Zielenski 1b8963b016 use typedinformer if available 
reduces memory and cpu when things like configmap are used as a param

cannot be shared due to limitatoins of sharedinformerfactory

Kubernetes-commit: b969dfec9fd33f8bfff47e54f2995a4865839ea6
 2023-01-19 10:04:52 -08:00
Alexander Zielenski 2ea5662b05 use namespacedName for keys in fakeCompiler 
Kubernetes-commit: 0c495cb429e54a6d25e9252aca3e32fd9f0aef6b
 2023-01-19 10:04:46 -08:00