kubernetes
/
apiserver
mirror of https://github.com/kubernetes/apiserver.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
6,897 Commits 30 Branches 1,482 Tags 31 MiB
Commit Graph

52 Commits

Author SHA1 Message Date
Cici Huang ae9ed668d6 Address comment 
Kubernetes-commit: a5f64b743e43687029173bd390854237a24b8579
 2023-12-07 22:39:00 +00:00
Cici Huang 02998b39fe Keep presence cost to 0 to ensure backward compatibility. 
Kubernetes-commit: ed501c1f080c054bae825e2cbdbdf9a8e99378e3
 2023-12-05 23:27:51 +00:00
Jiahui Feng d463ec4cab avoid infinite recursion for type resolvers. 
Kubernetes-commit: e4776e0f85b8aceb8f1da7a87822b0d086045a8a
 2023-10-31 10:23:50 -07:00
Cici Huang 4cd5207f69 Add set ext library into Kubernetes and pick up the new option cel provides 
Kubernetes-commit: 8d804078f9707297d1edfa26a3295d75c4f3bf40
 2023-10-17 20:27:55 +00:00
Jiahui Feng a026b6fcf5 extend SchemaResolver for more types of schemas. 
Kubernetes-commit: 3f73cdcf2ad00d3200a216a9f19090950fea12f5
 2023-10-26 10:25:41 -07:00
Cici Huang cd938d26a7 Add cel new validator into Kubernetes. 
Kubernetes-commit: 04b21126e589cebf888a8839a69c81761e558861
 2023-10-17 20:27:55 +00:00
Alexander Zielenski 618cf622c1 add time tracking to CorrelatedObject 
Kubernetes-commit: d0328df04e06384a0456606c708e5b62ec18d9c2
 2023-10-18 19:31:39 -07:00
Jiahui Feng ec8ba61837 allow empty object to be CEL value. 
Kubernetes-commit: c6b3a2f477c9ed051ace8ae1c479424e4a5c066d
 2023-10-23 15:30:17 -07:00
Cici Huang 00ae118a76 Add stability tests for CEL cost estimation. 
Kubernetes-commit: 93951bc00d3656c42bec050b82f2fc364b1cad31
 2023-10-22 23:12:44 -07:00
Jiahui Feng 140ffa083d set maxLength to longest enum. 
Kubernetes-commit: 302d350e88eac519e1df020b82256371c171b861
 2023-10-09 11:00:45 -07:00
Alexander Zielenski 8a3fe0e45c ratcheting: disable correlation by index 
discussion: https://github.com/kubernetes/kubernetes/pull/121118#discussion_r1358865893

Kubernetes-commit: fb1fc8b4a72758688d1251278579b2b0ac666fc7
 2023-10-13 14:36:46 -07:00
Alexander Zielenski b5ac4f9a61 comments: clear up correlateOldValueForChildAtNewIndex godoc 
Kubernetes-commit: d991ed56c29e646c0c5c51ce1ebd2376f34fce28
 2023-10-13 14:11:02 -07:00
Alexander Zielenski fbd7474961 cleanup: use swtich in CachedDeepEqual and add more comments 
Kubernetes-commit: 0ed67c9e41dcfc3eef6953ca63082454c189443b
 2023-10-13 14:05:47 -07:00
Alexander Zielenski a504910cff cleanup: consistently support nil receiver and document 
Kubernetes-commit: 60c90fc0854eb04b95e74d445d88f45c212900fe
 2023-10-13 13:57:55 -07:00
Alexander Zielenski 541189e16c cleanup: clarify correlatedOldValueForChildAtNewIndex comment 
Kubernetes-commit: abb68591afd30cf263b0d6bb2942f9693eb420d7
 2023-10-13 13:54:53 -07:00
Alexander Zielenski 2970233dd7 cleanup: consistent interface{} and any 
Kubernetes-commit: e1fa1df3ae8414104f3710c064014e323e45aade
 2023-10-13 13:50:52 -07:00
Alexander Zielenski fecc880526 cleanup: add godoc 
Kubernetes-commit: 0495616230a13dcc19c9da8ec7b8b2a38e2b6a33
 2023-10-13 13:50:19 -07:00
Alexander Zielenski 662079f048 test: fix boilerplate 
Kubernetes-commit: 4dedabf2a659ee702cbcd93a482c63296910d5c6
 2023-10-12 15:51:25 -07:00
Alexander Zielenski e501fcbbf6 test: few more correlatedobject test cases 
Kubernetes-commit: 0149c1f8b315d704d6d80c00861526e2899001e5
 2023-10-11 15:45:48 -07:00
Alexander Zielenski 4ec87cdde2 test: add correlatedobject test cases 
Kubernetes-commit: ba9347230e6577140eaa0ac3d9ef99d0163a7934
 2023-10-11 14:03:28 -07:00
Alexander Zielenski 5edc046b33 cleanup: add header and fix spelling 
Kubernetes-commit: c08a9321eed6a917a2fbc13b8e023d2f4122ee36
 2023-10-11 13:51:49 -07:00
Alexander Zielenski 1234a74f8e refactor: move correlatedObject to its own file 
no changes except package naming

Kubernetes-commit: 27cb869e5596525cec9884ecb9b02bfcfe5273e4
 2023-10-10 10:53:12 -07:00
Alexander Zielenski 3029a9f674 add rest of accessors to common.Schema 
needed for declarative validation, CRD ratcheting

Kubernetes-commit: 438c0daab7587bdb094e714e68b5ba2f9f6ae963
 2023-10-09 17:49:37 -07:00
Joe Betz eedba684cf Add CEL library lifecycle linter 
Kubernetes-commit: 980fa6a2b9edae577d1b71a28834afe1ca7dfe82
 2023-08-23 17:17:32 -04:00
Joe Betz f0fbaa3fab Bump cel string lib to v2, add tests 
Kubernetes-commit: 3fb14cf4e7a0230d57f579b86262d9df6997e5e3
 2023-08-22 13:05:09 -04:00
Joe Betz c6c8291384 Update k8s code to handle cel-go changes 
Kubernetes-commit: 640a2ec33274f4b6311afc7dbb0c7e15bd5d792a
 2023-08-18 17:32:41 -04:00
Joe Betz 6f6cacf8bf check for overflow 
Co-authored-by: Jordan Liggitt <jordan@liggitt.net>

Kubernetes-commit: b1223e0d1ac626d5472436ed2cd0bc2962394004
 2023-08-22 10:02:10 -07:00
Joe Betz 3e172f1316 Fix CEL cost handling of zero length replacement strings 
Kubernetes-commit: 87cf890632c538e83e961035e73f0f2e8d3ceeba
 2023-08-21 22:48:11 -04:00
Joe Betz 539b445fa2 Add test coverage of result size of string operations 
Kubernetes-commit: e4d16f34c15affdf4411d5bd1b19991b5fa27f2a
 2023-08-07 12:41:52 -04:00
Jiahui Feng bf2563c6cd CEL lazy map: add test for boolean short-circuiting 
Kubernetes-commit: 66aa2af0979cc6007cd63720876fd21dda3b17dc
 2023-07-25 14:37:20 -07:00
Jiahui Feng 7eadaa66c4 ValidatingAdmissionPolicy: Variable Composition (#118642) 
* [API REVIEW] Variable Composition

* lazy map.

* variable composition implementation.

* check variables during VAP validation.

* generated: ./hack/update-vendor.sh

* generated: UPDATE_COMPATIBILITY_FIXTURE_DATA

(cd staging/src/k8s.io/api/ && env UPDATE_COMPATIBILITY_FIXTURE_DATA=true go test)

* cost calucation.

* tests for cost calculations.

* e2e test for variables.

* fix doc for Validation.Expression.

* generated: ./hack/update-codegen.sh

* fix missing utilruntime import.

* generated: ./hack/update-openapi-spec.sh

Kubernetes-commit: b635f2a401fd03715f6a33c4a19f11c509c0ce03
 2023-07-14 01:49:55 +00:00
Alex Zielenski b137c25637 Add quantity library to CEL (#118803) 
* add quantity library to CEL

* add more tests to quantity

* use 1.29 env for quantity

* set CEL default env to 1.28 for 1.28 release

* add compare function

* docs and arith lib

* fixup addInt and subInt overload, add docs

* more tests

* cleanup docs

* remove old comments

* remove unnecessary cast

* add isInteger

* add overflow tests

* boilerplate

* refactor expectedResult for tests

* doc typo fix

* returns bool

* add docs link

* different dos link

* add isInteger true case

* expand iff

* add quantity back to 1.28 version, and revert change to DefaultCompatibilityVersion

* formatting

Kubernetes-commit: 423f4dfc7982136c958fc78e187c911a8896ba1b
 2023-07-13 14:43:56 -07:00
Joe Betz e04cbed587 CEL lib: Expose errors on authz decisions instead of raising them from check(). 
Co-authored-by: Ben Luddy <bluddy@redhat.com>

Kubernetes-commit: 1053d1bbcf581f20300a821a951a14ae77915246
 2023-03-10 22:38:21 -05:00
Joe Betz f326e07f1b Enable optionals and add tests 
Kubernetes-commit: 68901de8981a0908d7cfdba0d9c19aeb50385f35
 2023-05-26 20:04:35 -04:00
Joe Betz 62e145332c Bump cel-go to v0.16.0 
Kubernetes-commit: 5c0b59891d62d72433bcfff18cd5b9718d510a8b
 2023-05-26 18:06:11 -04:00
Joe Betz f32e391a45 Introduce CEL EnvSets for managing safe rollout of new CEL features, libraries and expression variables 
Kubernetes-commit: e740f8340eedc89baccd120329b454a860385e2d
 2023-04-28 14:16:56 -04:00
Joe Betz 394de266f8 Update staging/src/k8s.io/apiserver/pkg/cel/common/values.go 
Co-authored-by: Alvaro Aleman <alvaroaleman@users.noreply.github.com>

Kubernetes-commit: a4f98e4c1e85f6665578b938c5bbb65a5f9541c3
 2023-04-25 14:22:01 -07:00
Joe Betz daf9c33de1 Fix bug where CEL listOfString.join() results in unexpected error 
Kubernetes-commit: e115d5234c208bddd1029d36f32c732b7080226f
 2023-04-25 10:21:41 -04:00
Tim Allclair c86f7c33d0 Clean up reference to deleted denied function 
Kubernetes-commit: d109f60a0579bcc34244cbc74068be07d18443e6
 2023-03-20 18:24:10 -07:00
Cici Huang 16f5e2148c Update CRD validation rules path accordingly. 
Kubernetes-commit: 1f4a9dd9187899a46a4fb86b52af50198da59aaf
 2023-03-05 20:43:58 +00:00
Jiahui Feng fb63824b7d composited type systems for CEL. 
Kubernetes-commit: 9633cb8d7e11aef2a4c0dc3de39c40e51b771e84
 2023-03-02 17:24:31 -08:00
Joe Betz f094db0dd5 Implement secondary authz 
Kubernetes-commit: 7bbda746fee7ae4e50647099b72c02327525ef7a
 2023-03-06 12:08:14 -05:00
A. Lombarte 1f02ef5b4e getHost and getHostname have documentation swapped for IPv6 
Kubernetes-commit: cb4637b378d464dc8622e637d0a72a29b756336f
 2023-02-08 19:50:02 +01:00
Jiahui Feng de2a3360b1 avoid deepcopying schemas. 
Kubernetes-commit: 7106d42a275e959d55e407180668873451399d81
 2023-02-07 18:03:58 -08:00
Jiahui Feng 5ec13b3cf1 adaptor between structral and OpenAPI. 
Kubernetes-commit: 7eb7c8b4fadc40f987de668c37abc99c1d58b557
 2023-02-06 18:56:51 -08:00
Jiahui Feng b0c0a5edc5 make structural type use OpenAPI lib. 
Kubernetes-commit: e11ea145eaa9c3261a3a6c3ef8c9c5ff29ad5e56
 2023-01-11 10:08:11 -08:00
Jiahui Feng ac15595911 create OWNERS file for cel libs. 
Kubernetes-commit: 43ef87a2680ecc007a036ca032ee17e294aff55c
 2022-12-14 09:19:25 -08:00
Jiahui Feng 46ab726885 implement OpenAPI-based schema resolver. 
Kubernetes-commit: 26089a4c957a87c27da31ecbf171e4943f5af6c0
 2022-12-14 09:18:54 -08:00
Jiahui Feng bfa588de84 refit CEL typing library 
to use OpenAPI schemas.

Kubernetes-commit: f2ee977afd72ee2a66fb491eb74713f1d14a12fd
 2022-12-14 09:18:27 -08:00
qingwave f56a6a65d1 add help for cel metrics 
Signed-off-by: qingwave <isguory@gmail.com>

Kubernetes-commit: 90357e62d200a9eb77aa0534298de46f0ae364a4
 2022-12-09 04:53:02 +00:00