kubernetes
/
apiserver
mirror of https://github.com/kubernetes/apiserver.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
6,709 Commits 30 Branches 1,482 Tags 31 MiB
Commit Graph

6709 Commits

Author SHA1 Message Date
Lukasz Szaszkiewicz f75c503352 storage/factory: extend the Create method by newList and resourcePrefix params 
Kubernetes-commit: ccabc01093a1344ebb27c32c946e9da3b8e91fd2
 2023-07-28 09:53:01 +02:00
Lukasz Szaszkiewicz 6f2daefacf storage/util: move GetCurrentResourceVersionFromStorage 
Kubernetes-commit: 9a253d896a096b4e1ffccf4b1f84e5cac1e1aad0
 2023-07-26 15:53:13 +02:00
Jiahui Feng bf2563c6cd CEL lazy map: add test for boolean short-circuiting 
Kubernetes-commit: 66aa2af0979cc6007cd63720876fd21dda3b17dc
 2023-07-25 14:37:20 -07:00
Kubernetes Publisher d2172f30e1 Merge pull request #119409 from alexzielenski/apiserver/policy/vap-tests 
Add test cases for ValidatingAdmissionPolicy

Kubernetes-commit: b53830590fc2eff8a219d7bc225091878263ebe6
 2023-07-24 15:12:13 -07:00
Andrew Sy Kim 066c7cb8cc apiserver: add flow control metric current_inqueue_seats 
Signed-off-by: Andrew Sy Kim <andrewsy@google.com>

Kubernetes-commit: fb9646fd60d4b8e79223b729c1cb54fc6818fdd1
 2023-07-24 19:40:05 +00:00
Lukasz Szaszkiewicz 2d9be35745 storage/etcd: no-op, refactor watcher.Watch method signature 
Kubernetes-commit: f7e659db236286ca15707bf08acb08dc0ac4ab0e
 2023-07-24 12:33:03 +02:00
Alexander Zielenski 09a47412b5 bugfix: use matched resource for AdmissionRequest.resource, not the resource it was converted from 
use existing admission request for audit annotation eval

populate matchResource in empty rules case

Kubernetes-commit: e1b0bc3d0a7fb89a1e60f4ec1ee34b10de22d00a
 2023-07-21 18:13:24 -07:00
Alexander Zielenski eea6b57f73 bump validatingadmissionpolicy alpha->beta 
Kubernetes-commit: 5e2e8c806475d21bc22f10ccc810451c1bcb21a7
 2023-07-21 16:27:51 -07:00
Kubernetes Publisher 62fa4fb0fe Merge pull request #118644 from alexzielenski/apiserver/policy/namespaceParamRef 
KEP-3488: Promote ValidatingAdmissionPolicy to Beta

Kubernetes-commit: 18f8cb83989ff64beb0c7f47cdd3ad9df7bdbbeb
 2023-07-22 03:29:38 +00:00
Kubernetes Publisher 1b09d3c04f Merge pull request #118828 from enj/enj/f/kms_v2_hkdf_expand 
kmsv2: KDF based nonce extension

Kubernetes-commit: 773a6b1e460360538ce4d85a7c0d009efed81836
 2023-07-22 03:29:36 +00:00
Wojciech Tyczyński f56b9ee7f5 Graduate RemainingItemCount to GA 
Kubernetes-commit: 4e2e059c7b205d2e4b246a262128223258a49498
 2023-07-21 15:22:51 +02:00
Wojciech Tyczyński 3030f660a8 Graduate APIListChunking to GA 
Kubernetes-commit: 6acfa3cb4ac876e46ead5ba4772ba18e480435ce
 2023-07-21 11:35:21 +02:00
Kubernetes Publisher cf66e8fde8 Merge pull request #119437 from serathius/etcd-semantics 
Fix the semantic meaning of etcd server within component statuses and metrics.

Kubernetes-commit: 5766947ab87d459266210945d6d1df9e138f3908
 2023-07-20 23:08:44 +00:00
Kubernetes Publisher 06c891133c Merge pull request #119215 from alexzielenski/apiserver/policy/namespaceParamRef-alpha 
KEP-3488: Per namespace policy params

Kubernetes-commit: 8a053c700a3abc30717860e0b6a13243a7250743
 2023-07-20 23:08:43 +00:00
Alexander Zielenski a690957dd1 update codegen 
Kubernetes-commit: d6479587445a5a6fa736ee7fb3012a29f4e6e5e7
 2023-07-19 16:21:22 -07:00
Alexander Zielenski df86e524c7 refactor: replace usage of v1alpha1 with v1beta1 
v1alpha -> v1beta

fill in DenyAction where there is no ParameterNotFoundAction

Kubernetes-commit: ef8670c946d53fda523341658919f9d8bd242d40
 2023-07-19 15:53:31 -07:00
Marek Siarkowicz e9acd0c76d Fix the semantic meaning of etcd server within component statuses and metrics. 
Instead of numerating all the etcd endpoints known by apiserver, we will
group them by purpose. `etcd-0` will be the default etcd, `etcd-1` will
be the first resource override, `etcd-2` will be the second override and
so on.

Kubernetes-commit: 03aad1f823cb719fa6e6b6d33fefa2a2140cc760
 2023-07-19 14:25:54 +02:00
Keerthan Reddy Mala a94f726abf update the dependency sigs.k8s.io/structured-merge-diff/v4 to latest tag 
Kubernetes-commit: d2df65ba6c91c1337e07373c254c2118aec3700a
 2023-07-14 09:47:59 -07:00
Alexander Zielenski d501de662c feature: add multiple params capability to VAP controller 
Kubernetes-commit: b5e9e0168cf9383dacbd730893c6bc426581e64b
 2023-07-10 18:40:45 -07:00
Alexander Zielenski 1f9118f187 refactor: make scope of ParamKind available to vap controller 
Kubernetes-commit: 3f63a2d17d4f70dc3ac191a52ad36897086efa7c
 2023-07-11 12:04:07 -07:00
Anish Ramasekar fdfc990c33 wiring existing oidc flags with internal API struct 
Signed-off-by: Anish Ramasekar <anish.ramasekar@gmail.com>

Kubernetes-commit: 1bad3cbbf59a61805a48f609b8cc0a2a40c168ef
 2023-06-28 06:04:45 +00:00
Anish Ramasekar 496ba1943b add AuthenticationConfiguration v1alpha1 api 
Signed-off-by: Anish Ramasekar <anish.ramasekar@gmail.com>

Kubernetes-commit: f909eb630cac310adf7267b85922f1340508ca79
 2023-06-27 21:07:47 +00:00
Alexander Zielenski 6a8d8652f7 refactor: use the provided sharedInformerFactory for params 
Kubernetes-commit: 6323c106e9b5b0edd452a2a223d569a5dae8a832
 2023-06-12 18:19:33 -07:00
Kubernetes Publisher 00a0da2cb8 Merge pull request #119166 from nilekhc/log-decryption-failure 
feat: improves metric and logging

Kubernetes-commit: 90c362b3430bcbbf8f245fadbcd521dab39f1d7c
 2023-07-19 10:07:21 +00:00
Kubernetes Publisher 0e9644ed24 Merge pull request #117740 from Richabanker/uvip-impl 
Unknown Version Interoperability Proxy Impl

Kubernetes-commit: 66e99b3ff1649fc9bd3d9ef36affa1b16c5e2e21
 2023-07-19 06:04:00 +00:00
Nilekh Chaudhari 3373784322 feat: improves metric and logging 
Signed-off-by: Nilekh Chaudhari <1626598+nilekhc@users.noreply.github.com>

Kubernetes-commit: 2c8288ac873b89ae6e351df5e805b1a825aae60d
 2023-07-07 23:01:05 +00:00
Stephen Kitt 7fb4ad7511 api-machinery: stop using deprecated io/ioutil 
This replaces deprecated ioutil functions as follows:

* ioutil.ReadAll -> io.ReadAll
* ioutil.ReadFile -> os.ReadFile
* ioutil.TempDir -> os.MkdirTemp
* ioutil.TempFile -> os.CreateTemp
* ioutil.WriteFile -> os.WriteFile

Signed-off-by: Stephen Kitt <skitt@redhat.com>

Kubernetes-commit: b60a3a58df2791ae67764f6325be31aea5eca5a0
 2023-05-02 15:08:18 +02:00
Richa Banker 8a38d429d8 Add impl for uvip 
Kubernetes-commit: cd5f3d9f9d5ae3153206178e6114d573dc24ad73
 2023-03-29 17:20:25 -07:00
Kubernetes Publisher f100f84ac4 Merge pull request #119009 from MikeSpreitzer/track-executing-requests 
Track executing requests

Kubernetes-commit: 31d662e58e9679ada73208fe63759c06793b013c
 2023-07-18 21:53:00 +00:00
Kubernetes Publisher 367a5f819d Merge pull request #118601 from andrewsykim/apf-tune-max-seats 
priority & fairness: support dynamic max seats

Kubernetes-commit: f6bcef0fd36f2f8312d8c6f14f17d804dcf97600
 2023-07-18 10:03:54 +00:00
Kubernetes Publisher 149a4e6556 Merge pull request #119321 from mingregister/mingregister-patch-1 
replace strings.Index  with strings.Contains

Kubernetes-commit: b2a9c06b2e7419691de5ea4f7d112baa2e00bc29
 2023-07-18 06:14:23 +00:00
Kubernetes Publisher 8e2b0eca2e Merge pull request #118204 from sttts/sttts-openapi-v2-parameter-refs 
openapi: reference shared parameters

Kubernetes-commit: f42ff8687026f8e12fb3d3b0da0760525d8d8ab2
 2023-07-18 06:14:21 +00:00
Kubernetes Publisher b2ff4347db Merge pull request #119380 from A-Hilaly/api-server/webhooks/match-conditions-beta-graduations 
Graduate `AdmissionWebhookMatchCondition` to beta

Kubernetes-commit: 704970877e827908fc231d76f545feaa376bb6ed
 2023-07-18 02:20:14 +00:00
Kubernetes Publisher bb61e75257 Merge pull request #119341 from divyasri537/remove-ctx-canceled-failopen 
Ignore context canceled from validate and mutate webhook failopen metric

Kubernetes-commit: fab1f606ddaa640629d25f5f3e63c21582476ce1
 2023-07-18 02:20:10 +00:00
Kubernetes Publisher 90b43d6784 Merge pull request #119312 from pacoxu/prometheus/common-v0.44 
upgrade prometheus common to v0.44.0

Kubernetes-commit: d627c4b41cdd9ef08b13604ce1c460eca26684f8
 2023-07-18 02:20:08 +00:00
Kubernetes Publisher 085dadbea3 Merge pull request #118959 from MikeSpreitzer/fix-118957b 
Fix, deprecate apiserver_flowcontrol_request_concurrency_limit

Kubernetes-commit: af33d7a5af49cc841f8b58466b59e8dfdfe185ed
 2023-07-17 22:22:43 +00:00
Divya Sri Sanaganapalli e613190aba Skip apiserver_admission_webhook_request_total during context-canceled 
Kubernetes-commit: d3c506133f1d5da6b8681423fc855d0513e8647e
 2023-07-17 19:52:43 +00:00
Kubernetes Publisher 6704aba021 Merge pull request #119110 from andrewsykim/apf-metrics-beta 
Promote kube-apiserver flowcontrol metrics to Beta

Kubernetes-commit: 4f60a8d493ab9571eb328b9d98da477a50bc7446
 2023-07-17 18:29:55 +00:00
Amine 623afac324 Enable admissionWebhookMatchCondition by default 
Kubernetes-commit: 94c8ad289bb83c6457d1711a94c8a2cce9a7e8bc
 2023-07-17 18:40:07 +01:00
Amine 5782becb79 Graduate AdmissionWebhookMatchCondition to beta 
Kubernetes-commit: 0074b24ca42c8afca43f4ef3360f2d101594a567
 2023-07-17 18:19:35 +01:00
Cici Huang 04b26c4697 ValidatingAdmissionPolicy: support namespace access (#118267) 
* Support namespace access from cel expression in validatingadmissionpolicy.

* Whitelist the exposed fields in namespace object and add test

* better handling of cluster-scoped resources.

* [API REVIEW] namespaceObject in Expression doc.

* compatibility with composition.

* generated: ./hack/update-codegen.sh && ./hack/update-openapi-spec.sh

* workaround namespace of namespace is unexpectedly set.

* basic test coverage for namespaceObject.

---------

Co-authored-by: Jiahui Feng <jhf@google.com>

Kubernetes-commit: 13172cba5c0e1c6a076dbda4aeebbccaf658c7f1
 2023-07-15 01:33:59 +00:00
Kubernetes Publisher 2af49f82c0 Merge pull request #119311 from ivelichkovich/metrics 
matchCondition metrics for beta graduation

Kubernetes-commit: d5a653fd8791f25f44109e4626c1b34a7eec4164
 2023-07-15 01:33:56 +00:00
Kubernetes Publisher eb9d761704 Merge pull request #119272 from deads2k/resources 
add list of served versions to storage version

Kubernetes-commit: 47aeec63a839703e962ebd97e26edbc86fe6d99c
 2023-07-14 21:44:27 +00:00
Kubernetes Publisher e725ece543 Merge pull request #119330 from bertinatto/fix-conn-reuse-test 
Proactively bump golang.org/x/net to v0.12.0

Kubernetes-commit: c79be34fba3ad20532c9648216924afaa8434e06
 2023-07-14 21:44:24 +00:00
Divya Sri Sanaganapalli 437ae54e84 Ignore context canceled from validate and mutate webhook failopen metric 
Kubernetes-commit: 1732b23a343bc0cedbab3dd1df3b7eee4d280036
 2023-07-14 20:20:33 +00:00
Kubernetes Publisher 616472f02a Merge pull request #118782 from MikeSpreitzer/exempt-borrowing-impl 
Exempt borrowing implementation

Kubernetes-commit: 2a91bd1dfdd2e293b9ec017ea3a976ecc2ecd545
 2023-07-14 17:45:44 +00:00
Kubernetes Publisher 643497556b Merge pull request #118051 from A-Hilaly/api-server/webhooks/smart-reload 
support `WebhookAccessors` smart reload

Kubernetes-commit: 4e9b487e7e6f23234fc60c6fcb09544185f6d174
 2023-07-14 17:45:39 +00:00
Igor Velichkovich a541a7b473 remove todo/spelling 
Kubernetes-commit: 8a4a29d59177699a78f6194861f83789763aac25
 2023-07-14 11:08:00 -05:00
Igor Velichkovich c0cd27c353 update histogram 
Kubernetes-commit: bef43788fc01775ea156be26d6731c87efbd7b37
 2023-07-14 10:10:56 -05:00
Fabio Bertinatto c0cdd97787 Proactively bump golang.org/x/net to v0.12.0 
Proactively bump to v0.12.0 to avoid v0.10.0 and v0.11.0, which contain
a regression added by commit
82780d606d.
This commit was later reverted in v0.12.0.

Generated with:

hack/pin-dependency.sh golang.org/x/net v0.12.0 && hack/update-vendor.sh

Kubernetes-commit: d9bd413f991958492602c4bf51c43d6edca0e5cd
 2023-07-14 10:25:23 -03:00