kubernetes
/
apiserver
mirror of https://github.com/kubernetes/apiserver.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
6,177 Commits 30 Branches 1,482 Tags 31 MiB
Commit Graph

16 Commits

Author SHA1 Message Date
Igor Velichkovich 9608de14c4 migrate versionedattr to avoid circular dependency 
Kubernetes-commit: 64c426a90232e34853d9b9cfdaad5409371c191a
 2023-03-03 14:04:29 -06:00
Cici Huang 19b3ccef1c Rebase changes. 
Kubernetes-commit: 1445e0371f83895c19b740bead95d1cd1c81f5a2
 2023-03-07 06:50:33 +00:00
Cici Huang f58819aa69 Apply context cancellation to ValidatingAdmissionPolicy. 
Kubernetes-commit: c400002facd01a8b0fc10ca4f5a66c8b8abd94c4
 2023-03-03 00:18:47 +00:00
Joe Betz 265820879d Implement validationActions and auditAnnotations 
Kubernetes-commit: d221ddb89a5dde5a6f55674dc38aa71cc842d481
 2023-03-06 17:29:28 -05:00
Cici Huang c4a92f1b65 Apply resource constraints to ValidatingAdmissionPolicy. 
Kubernetes-commit: 244c63a2e6c8d859be8f4c6c23fbe1263dbfab0a
 2023-02-14 06:37:57 +00:00
Joe Betz f094db0dd5 Implement secondary authz 
Kubernetes-commit: 7bbda746fee7ae4e50647099b72c02327525ef7a
 2023-03-06 12:08:14 -05:00
Igor Velichkovich 0b1f199d07 refactor admission cel validator and compiler to be reusable 
Kubernetes-commit: e96ef311872ee6429a54e4580528717238a6816b
 2023-02-15 16:08:59 -06:00
Dipankar Das ee11899e67 changes to the fatal message generated 
Signed-off-by: Dipankar Das <dipankardas0115@gmail.com>

Kubernetes-commit: 50bc46bd8fdc687811b3e4bba6a3d8d0706c8d59
 2023-01-11 08:08:25 +05:30
Dipankar Das 41fdf0ebe7 Added fatalf for error handling 
Signed-off-by: Dipankar Das <dipankardas0115@gmail.com>

Kubernetes-commit: 526b4b4ce226349b1e0587db14d1321d0b27bbff
 2023-01-07 15:45:45 +05:30
Max Smythe 19d202d87c make CEL admission controller code consumable (#115412) 
* Make policy decision object public

Signed-off-by: Max Smythe <smythe@google.com>

* Separate version conversion from validation

Signed-off-by: Max Smythe <smythe@google.com>

* Address review comments

Signed-off-by: Max Smythe <smythe@google.com>

* Fix variable name

Signed-off-by: Max Smythe <smythe@google.com>

---------

Signed-off-by: Max Smythe <smythe@google.com>

Kubernetes-commit: 0ed74145fb00626ce0e900812a54ca3de5406f2e
 2023-02-01 17:29:30 -08:00
Alexander Zielenski 1b8963b016 use typedinformer if available 
reduces memory and cpu when things like configmap are used as a param

cannot be shared due to limitatoins of sharedinformerfactory

Kubernetes-commit: b969dfec9fd33f8bfff47e54f2995a4865839ea6
 2023-01-19 10:04:52 -08:00
Alexander Zielenski 2ea5662b05 use namespacedName for keys in fakeCompiler 
Kubernetes-commit: 0c495cb429e54a6d25e9252aca3e32fd9f0aef6b
 2023-01-19 10:04:46 -08:00
Alexander Zielenski 73db86feab fix bug with param controllers being removed if used by more than one policy 
Kubernetes-commit: ecd267d097ec7cd26fa5a6343622c3772f66486f
 2023-01-17 15:27:45 -08:00
Alexander Zielenski 9be70531b4 refactor admission controller to avoid contention 
refresh admission policies up to once per second based upon last known good data

Kubernetes-commit: 5f59f449832e5206fe9b5fd7d9a43721c4c9ae44
 2022-12-15 16:30:52 -08:00
Cici Huang 47687312f4 Rename FG to `ValidatingAdmissionPolicy` 
Kubernetes-commit: 29737124860b1414affa07ed6db30fccdbae3b55
 2022-11-09 17:27:20 +00:00
Cici Huang 55bc692e10 Rename admission cel package to validatingadmissionpolicy 
Kubernetes-commit: 40c21dafcdb7d4f7ee85c652b362632f3b620861
 2022-11-08 14:18:26 +00:00