125611e8cd
hack/pin-dependency.sh sigs.k8s.io/structured-merge-diff/v4 v4.4.2
...
Kubernetes-commit: 6fe51403665f1b6e820226004817b92e3118cabc
2024-10-31 21:19:15 -04:00
30be0a3c20
Allow nondeterministic object encoding in HTTP response bodies.
...
Kubernetes-commit: dee76a460ec80f15dc199c93e506586687d42291
2024-10-28 12:09:02 -04:00
9843fd95fb
Rename dispatcher Run to Start to match naming conventions
...
Kubernetes-commit: 0dfbc85cd9f7c0578ed385928e6990a496112e6c
2024-10-25 18:44:10 -04:00
b738c82d70
Fix comment in mutating webhook dispatcher
...
Kubernetes-commit: 1031e07e8325fc043d741b697c197d5416bfcc98
2024-10-25 14:37:39 -04:00
c259217340
Improve error messaging for validating admission policy authz
...
Kubernetes-commit: 1ad6fd7a0fa454cc3302b579dc73eb5c9afec49a
2024-10-25 13:52:34 -04:00
9da95682e0
Add jsonpatch.escapeKey CEL function
...
Kubernetes-commit: 712cc20996aedad5ac525184d76ea581f98d6e35
2024-10-25 13:50:25 -04:00
a5e93cb37c
Add MutatingAdmissionPolicy plugin to admission chain
...
This expands the generic plugin support to both validating and mutating policies. It also adds the
mutating policy admission plugin using the generics plugin support.
This also implements both ApplyConfiguration and JSONPatch support.
Co-authored-by: Alexander Zielensk <alexzielenski@gmail.com>
Kubernetes-commit: 25e11cd1c143ef136418c33bfbbbd4f24e32e529
2024-10-25 13:46:58 -04:00
0e6467b270
Add mutation support into CompositedCompiler and reorganize for clarity
...
Kubernetes-commit: 081353bf8ad963d43c5da6714a24f62cfe0b8401
2024-10-25 14:37:17 -04:00
9ead80d1bb
Add MutatingAdmissionPolicy API
...
This is closely aligned with ValidatingAdmissionPolicy
except that instead of validations that can fail with
messages, there are mutations, which can be defined
either with as an ApplyConfiguration or JSONPatch.
Co-authored-by: cici37 <cicih@google.com>
Kubernetes-commit: 3a1733f302d0fe9994bcc8e91fa2191c94606c2b
2024-10-25 13:25:46 -04:00
bd808a01a1
Add feature gate
...
Co-authored-by: cici37 <cicih@google.com>
Kubernetes-commit: 4b13362dda020f80cf961dbeefae750f63f803f9
2024-10-25 13:22:58 -04:00
8794780f6a
Clean up Object initialization support
...
The initial work of this had been merged before
this PR but was not yet in use. This simplifies
the implementation and adds some basic type
sanity checking.
Co-authored-by: Jiahui Feng <jhf@google.com>
Kubernetes-commit: 9ee1ea9d37c25d8151aad18d5a2a959836dcbe12
2024-10-25 13:22:06 -04:00
b09b8016b6
Move caching authorizer to shared location to be used by mutating and validating policy
...
Kubernetes-commit: 910c2e2dad58b08d7a5ee6c59a2970454e241e2a
2024-10-25 13:20:14 -04:00
78628824cd
Merge pull request #128243 from benluddy/cbor-dynamic-integration
...
KEP-4222: Add CBOR variant of admission webhook integration test.
Kubernetes-commit: 5147eebf224ae41892b736179ca91c47fd794565
2024-10-25 02:15:46 +00:00
00c7d5a4e1
use require
...
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Kubernetes-commit: ea1bd956c57f23b4ac5feb0b24ea79bbbe3b31ff
2024-10-24 22:25:37 +02:00
b432ca9bc1
add test
...
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Kubernetes-commit: 0d825361e6d31171b77a00665fdb63816b8b6e00
2024-10-24 21:57:51 +02:00
5913dac984
Implement btree based storage indexer
...
Kubernetes-commit: 50d2fab27903c66837d625b6ff702cf7873e3c7f
2024-10-24 18:17:56 +02:00
781f771b86
Merge pull request #125258 from serathius/etcd-kubernetes-interface
...
Etcd kubernetes interface
Kubernetes-commit: cadb1508a99580a3fec27da8d75c432756275fc4
2024-10-24 14:08:46 +00:00
f27bb5491e
Wire test-only feature gate for CBOR serving.
...
To mitigate the risk of introducing a new protocol, integration tests for CBOR will be written using
a test-only feature gate instance that is not wired to runtime options. On alpha graduation, the
test-only feature gate instance will be replaced by a normal feature gate in the existing apiserver
feature gate instance.
Kubernetes-commit: 0cad1a89b6721308746cc1a12f12de31a259a0d3
2024-10-23 16:36:25 -04:00
15220968e1
fix: cel type provider should return a type type
...
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Kubernetes-commit: 1518c4ec16d06b7281f0b6c9a0e8c40952475f6b
2024-10-22 22:21:51 +02:00
cf0dbba4e6
Support application/apply-patch+cbor in patch requests.
...
Kubernetes-commit: 37ed906a33211c7d578cab2d681941ebfd2f2f23
2024-10-22 16:08:24 -04:00
81796a85a6
use same name for package than the folder
...
Kubernetes-commit: aa7d0b00944958c9898bace86f5bc77cdcba24c9
2024-10-16 10:38:57 +00:00
2bfdf1d736
AdmissionConfiguration now uses strict validation
...
Kubernetes-commit: ae20937ea6e8532da05899ed158152288d764ee0
2024-10-11 16:58:04 -07:00
641a07c997
feat(apiserver): set stream param in LogLocation
...
Signed-off-by: Jian Zeng <anonymousknight96@gmail.com>
Kubernetes-commit: d9687a8c3adaf48d398237328a8db510f3b9399d
2024-09-13 22:22:59 +08:00
9b88185823
remove general avaliable feature-gate ZeroLimitedNominalConcurrencyShares
...
Kubernetes-commit: f68dc137609d6ceb2b4e66bd746bbf9f9e92ce25
2024-09-05 10:53:51 +08:00
518e8ed25c
Adding tests for using indexers in tests
...
Kubernetes-commit: 711772a1e15288d813a830780317a134df9acb5c
2024-08-22 20:04:37 +02:00
e85d45c0a4
Use btree for watch cache storage to serve LIST more efficiently
...
Can be disabled via BtreeWatchCache feature flag.
Kubernetes-commit: 5ea427ebb508ce2871d4d0f9869959275c0d3bce
2024-08-17 11:01:41 +02:00
334b2d8b10
Fix docs for apiserver admission metrics
...
Kubernetes-commit: 97872c48a9a8dbc76b0d5f869215cd53a12fe773
2024-08-05 16:42:09 -07:00
eb7f648085
Migrate GetList to Kubernetes client
...
Kubernetes-commit: a16a364324c218b703d033edf89187aa60d9dd87
2024-05-31 14:36:22 +02:00
de27d754e6
Migrate Count to Kubernetes client
...
Kubernetes-commit: e192ac31a425e186230285829947df3854d08125
2024-05-31 11:08:48 +02:00
fd6565d201
Migrate Delete and GuaranteedUpdate to Kubernetes client
...
Kubernetes-commit: 2fcd321c426d2567e74b97da38b4860638385007
2024-05-31 11:07:38 +02:00
fc6b2587cc
Migrate Create to Kubernetes client
...
Kubernetes-commit: 53ca81da29511596cac0301e7a4f527309d380e3
2024-05-31 10:57:41 +02:00
187d1ad94a
Migrate Get to Kubernetes client
...
Kubernetes-commit: 092a6d1e0d9f91d543369f40a1fb65e9c3bff034
2024-05-31 10:54:49 +02:00
37f422396a
Update recorders to wrap kubernetes.Client
...
Kubernetes-commit: 066c1c05d73690b48c872f3fbc23b7722cd44fe3
2024-07-05 14:19:49 +02:00
b43a2467d5
Add etcd kubernetes interface package to vendor
...
Kubernetes-commit: 249ad2a6137cc8f1e0ccb7f0aef9ff4ba38927b9
2024-05-31 10:27:51 +02:00
7dd4904f18
Merge pull request #127341 from mjudeikis/mjudeikis/deprecate.ch.fully
...
Fully deprecate StopCh
Kubernetes-commit: 035e272cb1efb6ad22171b2eb44fca353583112c
2024-10-23 14:21:14 +00:00
9d850afe6f
Merge pull request #127915 from omerap12/apiserver-util-PollUntilContextTimeout
...
Use PollUntilContextTimeout in flowcontrol
Kubernetes-commit: 9c430b2f7760eca131a56b9c6b96ca4a66d26bf8
2024-10-23 02:17:03 +00:00
54b4c4f8a1
Merge pull request #124945 from hoskeri/remove-unused-field
...
Remove unused field from APIGroupVersion
Kubernetes-commit: 447fca25b1bf01894fca3bf296f4ffb67e359d42
2024-10-23 02:16:53 +00:00
c6b840aa24
Merge pull request #126900 from deveshgoyal1000/fix/typo-flowcontrol-request-width
...
Updated width.go
Kubernetes-commit: 43ad87b85a39344db31323b59c2eab4adc73b66e
2024-10-23 02:16:52 +00:00
d0f54d5993
Merge pull request #128172 from liggitt/3221-ga
...
KEP-3221: Promote StructuredAuthorizationConfiguration to GA
Kubernetes-commit: 79cca2786e037d8c8ae7fe856c5ae158b100ce71
2024-10-18 20:41:47 +00:00
ec228a4021
Merge pull request #128168 from liggitt/4601-beta
...
KEP-4601: AuthorizeNodeWithSelectors / AuthorizeWithSelectors to beta
Kubernetes-commit: d7bd7284035e7debd5406d375cd366b164cf358f
2024-10-18 20:41:46 +00:00
1ea7befac3
Merge pull request #128165 from liggitt/prune-self-require
...
Drop self-referencing replace directives
Kubernetes-commit: a8fc7ae761c19ab436cf513c9eed877f08961cf7
2024-10-18 04:49:01 +00:00
6600cfa976
Merge pull request #126347 from vinayakankugoyal/kep2862impl
...
KEP-2862: Fine-grained Kubelet API Authorization
Kubernetes-commit: f5ae0413cadb1d2d3d3d47857cdd65b4b6d194ba
2024-10-18 04:49:00 +00:00
08766af90d
KEP-3221: Promote StructuredAuthorizationConfiguration to GA
...
Kubernetes-commit: ad808e609a599723cf17f7fcdfb73ca37bcf78fc
2024-10-17 21:48:30 -04:00
e784492b06
Merge pull request #127504 from sttts/sttts-authz-cel-compiler-once
...
apiserver/authconfig: make CEL compiler shareable
Kubernetes-commit: 90ee68948d23b9a22b3b48ecf819604bd4f27217
2024-10-18 00:49:07 +00:00
b907ccabbe
Merge pull request #128144 from cheftako/updateANP
...
Bump konnectivity-client to v0.31.0
Kubernetes-commit: bd00406951a04967577d5ac7c2fbe7989f3653da
2024-10-18 00:49:06 +00:00
08c82454ed
Merge pull request #128120 from aojea/celmetrics
...
use same name as the folder for the package
Kubernetes-commit: 42b388b068b23b8ebf6e54e0fb4b9b1ddb22dea0
2024-10-18 00:49:05 +00:00
1e62dc23aa
KEP-4601: AuthorizeNodeWithSelectors / AuthorizeWithSelectors to beta
...
Kubernetes-commit: 9caca7312645b5ffba964cc8170484b4e7f7b602
2024-10-17 19:51:07 -04:00
d1d8d5e02d
Drop self-referencing replace directives
...
Kubernetes-commit: 3be1109829d4b0921972bb8b5f66a4d179ff6255
2024-10-17 15:51:15 -04:00
aeae19662f
Promote WatchList feature to Beta ( #128053 )
...
* e2e/apimachinery/watchlist: always run WatchList e2e tests
* kube-controller-manager: enable WatchListClient
* kube-apiserver: promote WatchList feature to beta
Kubernetes-commit: 06a15c5cf96131faaf44f93f1be228a013ae5c0d
2024-10-17 12:39:53 +00:00
1f585b076f
Bump konnectivity-client to v0.30.0
...
Bump konnectivity network proxy to v0.30.0.
Lease-based server counting logic for agent and lease controller for ANP server
reran hack/update-vendor.sh
Kubernetes-commit: f72c37418725457bc8ce1e58d40264bca05b6054
2024-10-16 22:30:10 -07:00
Joe Betz