kubernetes
/
apiserver
mirror of https://github.com/kubernetes/apiserver.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
7,400 Commits 30 Branches 1,482 Tags 31 MiB
Commit Graph

28 Commits

Author SHA1 Message Date
Jordan Liggitt f14fc0f445 Adjust CEL cost calculation and versioning for authorization library 
Kubernetes-commit: 83bd512861aa11ec00a90e4ac382daa788dccf87
 2024-06-26 21:38:24 -04:00
David Eads efe135c937 Add CEL fieldSelector / labelSelector support to authorizer library 
Kubernetes-commit: be2e32fa3ed0a06ac9cc59d9966be0b40617c2b2
 2024-06-14 14:39:54 -04:00
Jordan Liggitt 9db3f571d5 Improve CEL cost tests to catch unhandled estimates or types 
Kubernetes-commit: 1d2ad282cff163e51e5c24569a0ac762ed814e74
 2024-06-26 21:38:48 -04:00
Alexander Zielenski 1412222ded feature: add name formats library to CEL 
Kubernetes-commit: 0ed65fca7a2e5fc643102952b5361fdeeedde4b5
 2024-02-28 18:04:33 -08:00
Alexander Zielenski 26d34beacd test: typecheck cel test cases 
Kubernetes-commit: 11a6edfc887f3bc983165d19b05fca566ed82ba7
 2024-04-19 13:52:22 -07:00
Jiahui Feng 6f6178ef97 refit cost estimator with ast.Expr 
Kubernetes-commit: ac5391fa21fc80559f70b72c42e64d3fa7569a42
 2024-04-15 13:50:04 -07:00
Cici Huang 8b49df5c88 Update env version, Add cost for previous func, add tests, etc. 
Kubernetes-commit: 3fb679016423e80b87cf3e540d296471223460e6
 2023-12-05 23:26:13 +00:00
Joel Speed ccc28d3f49 Add tests for CIDR type 
Kubernetes-commit: b3285fa8df494ef174bbee1ccffcc5e3a58afcdd
 2023-12-15 11:01:55 +00:00
Joel Speed f16e0c2a18 Add tests for IP type 
Kubernetes-commit: 31f9384646a5cfd001f176454feb9c1040591e96
 2023-12-08 18:16:30 +00:00
Joel Speed e5f605855d Add costing estimations for IP and CIDR 
Kubernetes-commit: e1f9aa450b7ecd62ce7284486a159d14f66c1761
 2023-11-17 17:34:46 +00:00
Joel Speed f4ae0b7ca6 Add CIDR network CEL extension 
This adds new CEL functions to the library for validating if a string is a CIDR notation.

This will work in conjunction with the IPAddr to allow checking if an IPAddr exists within a particular network.

Kubernetes-commit: 2f585b451232814d6563329241e96f09bfd1cb73
 2023-11-15 19:04:48 +00:00
Joel Speed 3fe1439ba9 Add special IP validations to IP CEL type 
Kubernetes-commit: 13b22b23a1a5f8976fa608c7bc8b3048470b5c51
 2023-11-17 12:51:32 +00:00
Joel Speed ccfdc9aba1 Add IP address CEL extension 
This adds new CEL functions to the library for validating if a string is an IP address,
and, if it can be parsed as an IP address, adds additional accessors to get properties
of the IP address.

Kubernetes-commit: c6aa360d3ef9895323b239686719dd9223ee4f37
 2023-11-15 18:35:34 +00:00
Cici Huang 4cd5207f69 Add set ext library into Kubernetes and pick up the new option cel provides 
Kubernetes-commit: 8d804078f9707297d1edfa26a3295d75c4f3bf40
 2023-10-17 20:27:55 +00:00
Cici Huang 00ae118a76 Add stability tests for CEL cost estimation. 
Kubernetes-commit: 93951bc00d3656c42bec050b82f2fc364b1cad31
 2023-10-22 23:12:44 -07:00
Joe Betz eedba684cf Add CEL library lifecycle linter 
Kubernetes-commit: 980fa6a2b9edae577d1b71a28834afe1ca7dfe82
 2023-08-23 17:17:32 -04:00
Joe Betz f0fbaa3fab Bump cel string lib to v2, add tests 
Kubernetes-commit: 3fb14cf4e7a0230d57f579b86262d9df6997e5e3
 2023-08-22 13:05:09 -04:00
Joe Betz c6c8291384 Update k8s code to handle cel-go changes 
Kubernetes-commit: 640a2ec33274f4b6311afc7dbb0c7e15bd5d792a
 2023-08-18 17:32:41 -04:00
Joe Betz 6f6cacf8bf check for overflow 
Co-authored-by: Jordan Liggitt <jordan@liggitt.net>

Kubernetes-commit: b1223e0d1ac626d5472436ed2cd0bc2962394004
 2023-08-22 10:02:10 -07:00
Joe Betz 3e172f1316 Fix CEL cost handling of zero length replacement strings 
Kubernetes-commit: 87cf890632c538e83e961035e73f0f2e8d3ceeba
 2023-08-21 22:48:11 -04:00
Joe Betz 539b445fa2 Add test coverage of result size of string operations 
Kubernetes-commit: e4d16f34c15affdf4411d5bd1b19991b5fa27f2a
 2023-08-07 12:41:52 -04:00
Alex Zielenski b137c25637 Add quantity library to CEL (#118803) 
* add quantity library to CEL

* add more tests to quantity

* use 1.29 env for quantity

* set CEL default env to 1.28 for 1.28 release

* add compare function

* docs and arith lib

* fixup addInt and subInt overload, add docs

* more tests

* cleanup docs

* remove old comments

* remove unnecessary cast

* add isInteger

* add overflow tests

* boilerplate

* refactor expectedResult for tests

* doc typo fix

* returns bool

* add docs link

* different dos link

* add isInteger true case

* expand iff

* add quantity back to 1.28 version, and revert change to DefaultCompatibilityVersion

* formatting

Kubernetes-commit: 423f4dfc7982136c958fc78e187c911a8896ba1b
 2023-07-13 14:43:56 -07:00
Joe Betz e04cbed587 CEL lib: Expose errors on authz decisions instead of raising them from check(). 
Co-authored-by: Ben Luddy <bluddy@redhat.com>

Kubernetes-commit: 1053d1bbcf581f20300a821a951a14ae77915246
 2023-03-10 22:38:21 -05:00
Joe Betz f32e391a45 Introduce CEL EnvSets for managing safe rollout of new CEL features, libraries and expression variables 
Kubernetes-commit: e740f8340eedc89baccd120329b454a860385e2d
 2023-04-28 14:16:56 -04:00
Tim Allclair c86f7c33d0 Clean up reference to deleted denied function 
Kubernetes-commit: d109f60a0579bcc34244cbc74068be07d18443e6
 2023-03-20 18:24:10 -07:00
Joe Betz f094db0dd5 Implement secondary authz 
Kubernetes-commit: 7bbda746fee7ae4e50647099b72c02327525ef7a
 2023-03-06 12:08:14 -05:00
A. Lombarte 1f02ef5b4e getHost and getHostname have documentation swapped for IPv6 
Kubernetes-commit: cb4637b378d464dc8622e637d0a72a29b756336f
 2023-02-08 19:50:02 +01:00
Jiahui Feng 870da5a58e move CEL package to apiserver package. 
only anything that does not require Structural

Kubernetes-commit: 0dd316a5c11261c0e5fc7928d8697754b16ad461
 2022-10-07 15:02:47 -07:00