kubernetes
/
apiserver
mirror of https://github.com/kubernetes/apiserver.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
7,085 Commits 30 Branches 1,482 Tags 31 MiB
Commit Graph

77 Commits

Author SHA1 Message Date
Tim Hockin 5624a05672 Remove defunct references to "vendor" 
Kubernetes-commit: d772f7719dc55ebfec2e9461b6e14bf17f5301df
 2024-01-15 15:56:21 -08:00
Divya Sri Sanaganapalli 956f1b4799 Incorporating feedback on 119341 
Kubernetes-commit: 24877f96fbb60f34c1c808e7ac76870019eee86b
 2023-08-21 15:20:30 +00:00
Divya Sri Sanaganapalli e613190aba Skip apiserver_admission_webhook_request_total during context-canceled 
Kubernetes-commit: d3c506133f1d5da6b8681423fc855d0513e8647e
 2023-07-17 19:52:43 +00:00
Divya Sri Sanaganapalli 437ae54e84 Ignore context canceled from validate and mutate webhook failopen metric 
Kubernetes-commit: 1732b23a343bc0cedbab3dd1df3b7eee4d280036
 2023-07-14 20:20:33 +00:00
Igor Velichkovich 05d2078e68 Matchconditions admission webhooks alpha implementation for kep-3716 (#116261) 
* api changes adding match conditions

* feature gate and registry strategy to drop fields

* matchConditions logic for admission webhooks

* feedback

* update test

* import order

* bears.com

* update fail policy ignore behavior

* update docs and matcher to hold fail policy as non-pointer

* update matcher error aggregation, fix early fail failpolicy ignore, update docs

* final cleanup

* openapi gen

Kubernetes-commit: 5e5b3029f3bbfc93c3569f07ad300a5c6057fc58
 2023-03-15 07:36:02 +00:00
Igor Velichkovich 9608de14c4 migrate versionedattr to avoid circular dependency 
Kubernetes-commit: 64c426a90232e34853d9b9cfdaad5409371c191a
 2023-03-03 14:04:29 -06:00
David Ashpole aa161f2fc0 migrate apiserver utiltrace usage to component-base/tracing 
Kubernetes-commit: de26b9023f2872c5cd7e15fad5dd5ab649222c13
 2022-10-20 18:15:38 +00:00
David Eads 25c5c2ccf3 Handle panic during validating admission webhook admission 
Validating admission webhook evaluation can fail, if uncaught this
crashes a kube-apiserver.  Add handling to catch panic while preserving
the behavior of "must not fail".

Kubernetes-commit: d412bf92b3b02bda93707c6aaba945f28bf60c72
 2022-03-16 13:47:32 -04:00
Abu Kashem 72aa2c42fc refactor: rename webhook duration tracker 
Kubernetes-commit: 4a9b9028153c6984b9cf69067cc0a1aa12a00e73
 2022-02-01 15:44:59 -05:00
Luigi Tagliamonte dccc77dd13 add failopen metric 
Kubernetes-commit: 6542f4bb993ebec23ec2198aaba89b629e3ec831
 2021-12-21 14:11:12 -08:00
Paweł Banaszewski 78c055e084 Added requestSloLatencies metric 
Kubernetes-commit: 0afa569499d480df4977568454a50790891860f5
 2021-10-25 22:19:24 +00:00
Ryan Moriarty 0741f109f6 Add a new webhook metric tracking request totals. 
Also add a 1.0s bucket boundary to the webhook latency metric.

Kubernetes-commit: 8ed1628a6e75f4029853502dbac44fdb0edac5fc
 2021-06-22 22:32:47 +00:00
Sergiusz Urbaniak 2402d951d2 Revert "Add a namespace label to admission metrics and expand histogram range to 0-10s" 
Kubernetes-commit: 1a87ae19a62d0c61afa6b381a54c6798effa49eb
 2021-07-30 14:34:45 +02:00
Dinghua Li 7edb7c1c1e Add attr to the argument list of ObserveWebhookRejection, and remove 
operation, as it is included in attr.

Kubernetes-commit: fb23e449ab680bc53fc1aae826e377c1153d51e4
 2021-05-18 17:42:02 +00:00
Xiaojun Hu f9b4d95442 add fail-open audit logs to validating and mutating admission webhook 
Kubernetes-commit: 9fe7c8955bcb1edbb5aa4fe6bfb8bb6d93d381de
 2021-05-18 13:31:03 -04:00
yoyinzyc 4c292300d7 add context to metrics in apiserver admission webhook 
Kubernetes-commit: b3aeaa4ed7bf8d419a96b4456a97bdf4c29e4330
 2020-12-09 16:46:15 -08:00
Joe Betz 97937c66f2 Revert nested trace PR#88936 
Kubernetes-commit: 02cf58102a61b6d1e021e256381ff750573ce55d
 2020-07-20 09:55:05 -07:00
Joe Betz 7a467399ac Enable nested tracing, add request filter chain tracing incl. authn/authz tracing 
Kubernetes-commit: b12ac0abc64adb71d97fbde12f373b1424631f20
 2020-03-06 16:11:21 -08:00
Jordan Liggitt ff5372c83d Add warnings capability for admission webhooks 
Kubernetes-commit: 5eef60a00aeb18eda4238dbd8f6dc96930a6a05a
 2020-06-30 16:27:56 -04:00
Davanum Srinivas 5879417a28 switch over k/k to use klog v2 
Signed-off-by: Davanum Srinivas <davanum@gmail.com>

Kubernetes-commit: 442a69c3bdf6fe8e525b05887e57d89db1e2f3a5
 2020-04-17 15:25:06 -04:00
Mike Danese f7c2e26715 cleanup req.Context() and ResponseWrapper 
Kubernetes-commit: 968adfa99362f733ef82f4aabb34a59dbbd6e56a
 2020-01-27 18:52:27 -08:00
Mike Danese 5737088b7f refactor 
Kubernetes-commit: d55d6175f8e2cfdab0b79aac72046a652c2eb515
 2020-01-27 18:19:44 -08:00
Jordan Liggitt c51b9411f6 Switch admission webhook config manager to v1 
Kubernetes-commit: f247e75980061d7cf83c63c0fb1f12c7060c599f
 2019-08-01 21:57:39 -04:00
Jordan Liggitt ce4eaaeeb3 Make webhook benchmarks parallel 
Kubernetes-commit: 601b7d33a9cf0b724cdabb5de81b0bf2821f0fca
 2019-08-28 13:27:38 -04:00
Haowei Cai 8d86fef522 wire up the webhook rejection metrics in webhook handlers 
Kubernetes-commit: 620f5f2c587971be50cb27bb2a2d35209b3dc058
 2019-08-28 17:32:07 -07:00
Haowei Cai e248b8b513 fix semantics of the rejected label in webhook metrics 
when error calling webhook is ignored, do not log the request as
rejected

Kubernetes-commit: f3c793512b45ea3910d5e5a379292c13b62ab64b
 2019-08-28 15:31:27 -07:00
Jordan Liggitt 58f780d1e2 Use cached selectors/client for webhooks 
Kubernetes-commit: 8c10d929cac13dc50ca4ffaca83e7ae5c8e41292
 2019-08-24 17:12:14 -04:00
Jordan Liggitt b7340127c3 Add admission benchmarks 
go test ./vendor/k8s.io/apiserver/pkg/admission/plugin/webhook/validating -bench . -benchmem -run DoNotRun
go test ./vendor/k8s.io/apiserver/pkg/admission/plugin/webhook/mutating -bench . -benchmem -run DoNotRun

Kubernetes-commit: 27f535e26ad88fa30d5c0fcde4bc31897b9d521c
 2019-08-24 17:40:07 -04:00
Haowei Cai 70c200c6a0 audit & admission: associate annotation with audit level 
Kubernetes-commit: 318226f3403f56aaf796af3f439c13674aa2b7ab
 2019-05-31 15:36:29 -07:00
Jordan Liggitt 71ef46fa12 Use lesser of context or webhook-specific timeout in webhooks 
Kubernetes-commit: c63284b1f3996e7830c1aca85281d349d0091c82
 2019-08-19 11:23:05 -04:00
Jordan Liggitt 0c706a033c Plumb context to admission Admit/Validate 
Kubernetes-commit: 61774cd7176cae0c0324d23ab20e6c6b3038153f
 2019-08-19 10:48:08 -04:00
Joe Betz f103fcda51 Replace string concatination with trace fields 
Kubernetes-commit: 46a04d50af78e01d06a9879d62cc71fbe892076f
 2019-08-02 23:47:24 -07:00
Joe Betz 81b56d7030 Add trace to webhook invocations 
Kubernetes-commit: 31799ebe88534272d45c2a33396e343a5083c773
 2019-05-31 16:50:54 -07:00
Jordan Liggitt 90d670a108 AdmissionReview: Allow webhook admission to dispatch v1 or v1beta1 
Kubernetes-commit: dda9bcb082be058c30c83d45e757edbaac8dc65f
 2019-07-12 08:44:24 -04:00
Chao Xu 8658264258 object matcher 
Kubernetes-commit: 6cf499db6c1dd464c6072706106dec6c5284dff7
 2019-05-29 15:56:52 -07:00
Joe Betz b2b1ef14ec split admissionregistration.v1beta1/Webhook into MutatingWebhook and ValidatingWebhook 
Kubernetes-commit: 55ecc45455f191c404e355097bf1beae9c42f895
 2019-05-29 21:30:45 -07:00
Jordan Liggitt d555b9c5d2 Move object conversion to webhook dispatch point 
convert versionedattrs as needed

Allow per-webhook kind/version

Kubernetes-commit: fc495f457f8b7c58d062d12b03a96abd0879e4d2
 2019-05-20 12:10:49 -04:00
Mehdy Bohlool 81939cee8f Add AdmissionReviewVersions to admissionregistration and default it 
Kubernetes-commit: f7dff4725f8dc694a852e7fdbdde2c8a6dd5b7d4
 2019-03-04 20:52:57 -08:00
Haowei Cai 30a9fb6e25 honor timeout when dispatch 
Kubernetes-commit: e1e9ee53113413a1038a3f12c87acc61baaf726b
 2019-02-26 14:42:55 -08:00
Mehdy Bohlool 0fbb46dc25 Remove the propagated scheme from the Admission chain 
Kubernetes-commit: cebb4ee2ac9e19fe90f78c3285978e585e67a3ac
 2019-02-16 13:28:14 -08:00
Mehdy Bohlool 87b5ac0c06 Add ObjectInterfaces to Admission and Validation 
Kubernetes-commit: 513a87c7b25aa58f84fafe0dc170cee4c76e481b
 2019-02-16 12:27:24 -08:00
Davanum Srinivas 2710b17b80 Move from glog to klog 
- Move from the old github.com/golang/glog to k8s.io/klog
- klog as explicit InitFlags() so we add them as necessary
- we update the other repositories that we vendor that made a similar
change from glog to klog
  * github.com/kubernetes/repo-infra
  * k8s.io/gengo/
  * k8s.io/kube-openapi/
  * github.com/google/cadvisor
- Entirely remove all references to glog
- Fix some tests by explicit InitFlags in their init() methods

Change-Id: I92db545ff36fcec83afe98f550c9e630098b3135

Kubernetes-commit: 954996e231074dc7429f7be1256a579bedd8344c
 2018-11-09 13:49:10 -05:00
tanshanshan 8d99f185d1 fix some golint in staging/src/k8s.io/apiserver/pkg/admission/plugin/ 
Kubernetes-commit: 3de8767dc6ca8d47d29f99c2956a5fcf54df84d9
 2018-09-26 14:30:50 +08:00
Mehdy Bohlool 21f6e2bcdd Refactor addmission webhook hook client to a util package 
Kubernetes-commit: 5652d5cffadcd8a2f107b6aecf5fc06c0fc473f1
 2018-08-26 23:20:23 +10:00
jennybuckley 817f61120c Support dry run in admission webhooks 
Kubernetes-commit: 2d0ec48f9beea6182a9a3bfdcc5eb98e50b44f77
 2018-08-21 16:06:27 -07:00
Cao Shufeng 9ee094cdf2 support annotations for admission webhook 
Kubernetes-commit: 0ebfc3e07866494049f44cd008e5cbfe4d81d4af
 2018-07-31 13:25:53 +08:00
jennybuckley fef02d6bec Add test cases for webhook dry run 
Kubernetes-commit: 3a506be626398f927049c3ce735fd29ac0efd5f1
 2018-08-07 14:59:29 -07:00
jennybuckley 53e7058d7c Fix typo in webhook dry-run check 
Kubernetes-commit: aa36dc94cd7a2e538ad5e6ef8999fbbe9dc0df78
 2018-08-07 14:37:24 -07:00
jennybuckley dc1d8e7050 block dry run if a webhook would be called 
Kubernetes-commit: e4c219df42c77ecb8f0588197072bef81bca7429
 2018-08-07 09:27:18 -07:00
Cao Shufeng 0511e4e41d fix a TODO in ValidatingAdmissionWebhook 
Kubernetes-commit: 162499515c0813f579770091dc30925207d063b2
 2018-06-04 14:55:46 +08:00