90b43d6784
Merge pull request #119312 from pacoxu/prometheus/common-v0.44
...
upgrade prometheus common to v0.44.0
Kubernetes-commit: d627c4b41cdd9ef08b13604ce1c460eca26684f8
2023-07-18 02:20:08 +00:00
085dadbea3
Merge pull request #118959 from MikeSpreitzer/fix-118957b
...
Fix, deprecate apiserver_flowcontrol_request_concurrency_limit
Kubernetes-commit: af33d7a5af49cc841f8b58466b59e8dfdfe185ed
2023-07-17 22:22:43 +00:00
6704aba021
Merge pull request #119110 from andrewsykim/apf-metrics-beta
...
Promote kube-apiserver flowcontrol metrics to Beta
Kubernetes-commit: 4f60a8d493ab9571eb328b9d98da477a50bc7446
2023-07-17 18:29:55 +00:00
04b26c4697
ValidatingAdmissionPolicy: support namespace access ( #118267 )
...
* Support namespace access from cel expression in validatingadmissionpolicy.
* Whitelist the exposed fields in namespace object and add test
* better handling of cluster-scoped resources.
* [API REVIEW] namespaceObject in Expression doc.
* compatibility with composition.
* generated: ./hack/update-codegen.sh && ./hack/update-openapi-spec.sh
* workaround namespace of namespace is unexpectedly set.
* basic test coverage for namespaceObject.
---------
Co-authored-by: Jiahui Feng <jhf@google.com>
Kubernetes-commit: 13172cba5c0e1c6a076dbda4aeebbccaf658c7f1
2023-07-15 01:33:59 +00:00
2af49f82c0
Merge pull request #119311 from ivelichkovich/metrics
...
matchCondition metrics for beta graduation
Kubernetes-commit: d5a653fd8791f25f44109e4626c1b34a7eec4164
2023-07-15 01:33:56 +00:00
eb9d761704
Merge pull request #119272 from deads2k/resources
...
add list of served versions to storage version
Kubernetes-commit: 47aeec63a839703e962ebd97e26edbc86fe6d99c
2023-07-14 21:44:27 +00:00
e725ece543
Merge pull request #119330 from bertinatto/fix-conn-reuse-test
...
Proactively bump golang.org/x/net to v0.12.0
Kubernetes-commit: c79be34fba3ad20532c9648216924afaa8434e06
2023-07-14 21:44:24 +00:00
616472f02a
Merge pull request #118782 from MikeSpreitzer/exempt-borrowing-impl
...
Exempt borrowing implementation
Kubernetes-commit: 2a91bd1dfdd2e293b9ec017ea3a976ecc2ecd545
2023-07-14 17:45:44 +00:00
643497556b
Merge pull request #118051 from A-Hilaly/api-server/webhooks/smart-reload
...
support `WebhookAccessors` smart reload
Kubernetes-commit: 4e9b487e7e6f23234fc60c6fcb09544185f6d174
2023-07-14 17:45:39 +00:00
a541a7b473
remove todo/spelling
...
Kubernetes-commit: 8a4a29d59177699a78f6194861f83789763aac25
2023-07-14 11:08:00 -05:00
c0cd27c353
update histogram
...
Kubernetes-commit: bef43788fc01775ea156be26d6731c87efbd7b37
2023-07-14 10:10:56 -05:00
c0cdd97787
Proactively bump golang.org/x/net to v0.12.0
...
Proactively bump to v0.12.0 to avoid v0.10.0 and v0.11.0, which contain
a regression added by commit
82780d606d
2023-07-14 10:25:23 -03:00
b928ae8c42
Merge pull request #119008 from nilekhc/hotreload-update-metrics
...
[KMSv2] feat: implements metrics for encryption config hot reload
Kubernetes-commit: e3bc35bc1bc7b399b564f2c4efc75eb9959e70f7
2023-07-14 09:41:20 +00:00
a3103f0437
Merge pull request #118933 from wojtek-t/apf_watchlist_support
...
Add support for watchlist to APF
Kubernetes-commit: 18e0e668ca62087075d7c657fd6728a07c65235c
2023-07-14 09:41:18 +00:00
7d09f203d9
upgrade prometheus common to v0.44.0
...
Kubernetes-commit: 9b6af80a631f5659ea62d552d595b3dd137525a0
2023-07-14 11:05:46 +08:00
7eadaa66c4
ValidatingAdmissionPolicy: Variable Composition ( #118642 )
...
* [API REVIEW] Variable Composition
* lazy map.
* variable composition implementation.
* check variables during VAP validation.
* generated: ./hack/update-vendor.sh
* generated: UPDATE_COMPATIBILITY_FIXTURE_DATA
(cd staging/src/k8s.io/api/ && env UPDATE_COMPATIBILITY_FIXTURE_DATA=true go test)
* cost calucation.
* tests for cost calculations.
* e2e test for variables.
* fix doc for Validation.Expression.
* generated: ./hack/update-codegen.sh
* fix missing utilruntime import.
* generated: ./hack/update-openapi-spec.sh
Kubernetes-commit: b635f2a401fd03715f6a33c4a19f11c509c0ce03
2023-07-14 01:49:55 +00:00
4ef8c89d7d
Merge pull request #118988 from nilekhc/hash-keyid
...
[KMSv2] chore: hashes keyID being logged
Kubernetes-commit: 1e21da87b8e70b71f635c72914a15fd4ec0c576c
2023-07-14 01:49:48 +00:00
496cd9c142
matchCondition metrics
...
Kubernetes-commit: 01b9f4b6eb819e4cd4a6d192d703961b34841f18
2023-07-13 19:59:27 -05:00
4f6b63aa11
Pre-allocate webhook accessors arrays for mutating and validating
...
webhooks
Kubernetes-commit: 49d03468021e24434171fde5458df34f6a753a32
2023-07-13 23:43:12 +01:00
b137c25637
Add quantity library to CEL ( #118803 )
...
* add quantity library to CEL
* add more tests to quantity
* use 1.29 env for quantity
* set CEL default env to 1.28 for 1.28 release
* add compare function
* docs and arith lib
* fixup addInt and subInt overload, add docs
* more tests
* cleanup docs
* remove old comments
* remove unnecessary cast
* add isInteger
* add overflow tests
* boilerplate
* refactor expectedResult for tests
* doc typo fix
* returns bool
* add docs link
* different dos link
* add isInteger true case
* expand iff
* add quantity back to 1.28 version, and revert change to DefaultCompatibilityVersion
* formatting
Kubernetes-commit: 423f4dfc7982136c958fc78e187c911a8896ba1b
2023-07-13 14:43:56 -07:00
36de07c4e7
ValidatingAdmissionPolicy controller for Type Checking ( #117377 )
...
* [API REVIEW] ValidatingAdmissionPolicyStatucController config.
worker count.
* ValidatingAdmissionPolicyStatus controller.
* remove CEL typechecking from API server.
* fix initializer tests.
* remove type checking integration tests
from API server integration tests.
* validatingadmissionpolicy-status options.
* grant access to VAP controller.
* add defaulting unit test.
* generated: ./hack/update-codegen.sh
* add OWNERS for VAP status controller.
* type checking test case.
Kubernetes-commit: 049614f884e61d87fc5e277cf9fd7cb2e6571217
2023-07-13 13:41:50 -07:00
a3799aea9e
Merge pull request #118804 from benluddy/authz-deferred-errors
...
CEL lib: Expose errors on authz decisions instead of raising them from check()
Kubernetes-commit: 1d846a12da5b05e9b9e50b30fdaae2ea269822a0
2023-07-13 22:03:57 +00:00
5ed33dc31d
add list of served versions to storage version
...
Kubernetes-commit: 90ab7580aaeca1c6e949df15554ad5bc408dca8e
2023-07-12 18:27:27 -04:00
1f1467cf86
Merge pull request #119226 from enj/enj/i/kms_owners
...
Add enj to apiserver options approver
Kubernetes-commit: 374866eaf0ddf16442fc61464f4d5887026441b0
2023-07-12 22:06:54 +00:00
3cebba9887
Merge pull request #118812 from serathius/storage-metric
...
Improve apiserver storage size metric
Kubernetes-commit: 2ec4e14bfa0cec1f22919ea862c45b1501187e20
2023-07-12 22:06:52 +00:00
7f9444fbee
Merge pull request #118508 from serathius/kep2340
...
Implement Alpha state for KEP #2340
Kubernetes-commit: be13c6a884248c40cb3a50a24a622b4403138444
2023-07-12 09:33:11 -07:00
408cf7b500
Improve naming and code comments
...
Kubernetes-commit: 0695853a3061ece0f602c1f267c82ced3f8c880d
2023-07-12 16:20:14 +01:00
c534f8e2b9
Add enj to apiserver options approver
...
Signed-off-by: Monis Khan <mok@microsoft.com>
Kubernetes-commit: b81f07ac9a61d425f1e457132803ed94f6b8a52d
2023-07-11 16:07:44 -04:00
1668629f57
feat: implements metrics for encryption config hot reload
...
Signed-off-by: Nilekh Chaudhari <1626598+nilekhc@users.noreply.github.com>
Kubernetes-commit: c291e6355c44e84c2e1d503d1d9bf3e8fab9e194
2023-07-05 22:28:15 +00:00
73f18d34af
promote the following APF metrics to beta:
...
apiserver_flowcontrol_request_wait_duration_seconds
apiserver_flowcontrol_request_concurrency_in_use
apiserver_flowcontrol_request_concurrency_limit
apiserver_flowcontrol_rejected_requests_total
apiserver_flowcontrol_dispatched_requests_total
apiserver_flowcontrol_current_inqueue_requests
apiserver_flowcontrol_current_executing_requests
Signed-off-by: Andrew Sy Kim <andrewsy@google.com>
Kubernetes-commit: 0bb419b1498a664d1dda3b487e9f15fd220ea363
2023-07-05 18:19:36 +00:00
36a1803532
chore: hashes keyID
...
Signed-off-by: Nilekh Chaudhari <1626598+nilekhc@users.noreply.github.com>
Kubernetes-commit: 131216fa8f2dd13f2585e2010717733f4cb2c1e2
2023-06-29 20:32:27 +00:00
003feef4b3
Fix, deprecate apiserver_flowcontrol_request_concurrency_limit
...
Because it is redundant and has a bad name and its HELP string was
outdated.
Also note intended retention period for request_concurrency_in_use.
Signed-off-by: Mike Spreitzer <mspreitz@us.ibm.com>
Kubernetes-commit: 75186b1c32a7e9e92ced270eb303a686315a5c44
2023-06-29 01:29:15 -04:00
c7b06c9136
Add support for watchlist to APF
...
Kubernetes-commit: c0030a4d27e0a30d89b1b0fddb32928942ca8085
2023-06-27 16:08:33 +02:00
573a8d6d05
Improve apiserver storage size metric to allow it's graduation
...
Change name to make it compliant with prometheus guidelines.
Calculate it on demand instead of periodic to comply with prometheus standards.
Replace "endpoint" with "server" label to make it semantically consistent with storage factory
Kubernetes-commit: 7a63997c8a1a9ba14f2bdc478fdf33cf88f48d80
2023-06-22 11:56:09 +02:00
90abb3933b
QueueSet and controller part of borrowing by exempt PLs
...
Signed-off-by: Mike Spreitzer <mspreitz@us.ibm.com>
Kubernetes-commit: 7305c967101813f794449db21a6edfbc05df2575
2023-06-20 23:35:21 -04:00
9002dac854
Implement ConsistentListFromCache feature gate
...
Request bookmark every 100ms when there is at least one request blocked on revision not present in watch cache.
Kubernetes-commit: 39bb8f4bb1d013937aceac6c387563ffe13545c5
2023-06-06 15:49:46 +02:00
6c99c223c9
Merge pull request #119252 from serathius/flakes
...
Fix TestConditionalProgressRequester and TestWaitUntilFreshAndListTimeout flakes
Kubernetes-commit: da2d500c80968aacf4dfa9e32f5e6ccc06dc33c7
2023-07-12 17:19:51 +00:00
23cd6bbea9
Fix TestConditionalProgressRequester and TestWaitUntilFreshAndListTimeout flakes
...
Kubernetes-commit: c1decb6763d2abf76d96aee8641ad56a23e0ba52
2023-07-12 13:36:51 +02:00
65a9d05461
Merge pull request #119209 from jiahuif-forks/feature/validating-admission-policy/typechecking-expension
...
ValidatingAdmissionPolicy: expended type checking to messageExpression
Kubernetes-commit: da8974157faea86d15bb54e01eb946f9c4928e8c
2023-07-11 14:19:12 -07:00
ef6545eca1
expended type checking.
...
Kubernetes-commit: e655931274f91a7023fc2d5a26d8fe8ecaa1fa39
2023-07-09 19:41:44 -07:00
ef1db3a01a
Merge pull request #118540 from jiahuif-forks/feature/validating-admission-policy/authorizer-typechecking-support
...
add support for authorizer to type checking.
Kubernetes-commit: 4954c7bac4029d2f2e4b305fdba41f81b718aefc
2023-07-11 21:25:41 +00:00
8f12a0306b
Merge pull request #116443 from benluddy/secondary-authz-decision-caching
...
Cache authz decisions within the scope of validating policy admission.
Kubernetes-commit: 6ffca501361adadfb133ec1b8f76a2c2a23836dc
2023-07-11 21:25:40 +00:00
44c9069e7a
Merge pull request #119207 from serathius/progress-notify
...
Implement conditionalProgressRequester that allows requesting watch progress notification if watch cache is not fresh
Kubernetes-commit: e1fbd0c113af4b4c835ed2355b725506dfeda9e7
2023-07-11 17:20:05 +00:00
6e247788f7
Merge pull request #119198 from jadhaj/fix-115385
...
Document address family of listening INET sockets
Kubernetes-commit: 50782ce5abfd75c644564dcfd2e96c2ae49921d5
2023-07-11 13:21:18 +00:00
cd751eb82e
Implement conditionalProgressRequester that allows requesting watch progress notification if watch cache is not fresh
...
Kubernetes-commit: 98461be8ffa7383152c442414a16adb217e98080
2023-07-10 18:10:49 +02:00
a01ccc2e32
Document address family of listening INET sockets
...
Kubernetes-commit: de0764309571f0989847b2322db1906c5b34949e
2023-07-10 15:01:13 +03:00
0d62f07a5d
Merge pull request #119127 from Mskxn/fix_leak
...
use stopCh to avoid goroutine leak in tests
Kubernetes-commit: 4c7cda3e55736822bdee4c2ac93f989cf8f1501c
2023-07-06 23:55:51 +00:00
5d08b1abe9
[KMSv2] Mark KMS v1beta1 as deprecated with no further fixes ( #119007 )
...
* add feature gate
Signed-off-by: Anish Ramasekar <anish.ramasekar@gmail.com>
* add validation and warning in load config
Signed-off-by: Anish Ramasekar <anish.ramasekar@gmail.com>
* mark v1beta1 proto message deprecated
Signed-off-by: Anish Ramasekar <anish.ramasekar@gmail.com>
---------
Signed-off-by: Anish Ramasekar <anish.ramasekar@gmail.com>
Kubernetes-commit: 1acdb4ae86e0e43475c31f108a6106b1f5ea5027
2023-07-06 23:55:47 +00:00
24d5ac4b98
Merge pull request #118960 from MikeSpreitzer/add-seat-occupancy-metric
...
Introduce apiserver_flowcontrol_current_executing_seats metric
Kubernetes-commit: fbb2f89668bd07a96adc8a1f4f0819e769255703
2023-07-06 11:25:19 +00:00
2595ae0416
use stopCh to avoid goroutine leak in tests
...
Kubernetes-commit: 132d477cb7aa323c0eae6dd9a09f9c93fb570b83
2023-07-06 16:24:58 +08:00
Kubernetes Publisher
Cici Huang
Igor Velichkovich
Fabio Bertinatto
Paco Xu
Jiahui Feng
Amine
Alex Zielenski
David Eads
Monis Khan
Nilekh Chaudhari
Andrew Sy Kim
Mike Spreitzer
Wojciech Tyczyński
Marek Siarkowicz
Jad Haj Yahya
Anish Ramasekar
Mskxn