apiserver

Commit Graph

Author	SHA1	Message	Date
Alexander Zielenski	73db86feab	fix bug with param controllers being removed if used by more than one policy Kubernetes-commit: ecd267d097ec7cd26fa5a6343622c3772f66486f	2023-01-17 15:27:45 -08:00
Alexander Zielenski	9be70531b4	refactor admission controller to avoid contention refresh admission policies up to once per second based upon last known good data Kubernetes-commit: 5f59f449832e5206fe9b5fd7d9a43721c4c9ae44	2022-12-15 16:30:52 -08:00
Alexander Zielenski	3fe59ceb77	defer Done call safer in case of panic Kubernetes-commit: 517df8f3051b5b0a9eb57a5bad1d6bc16fb61985	2022-12-15 13:09:11 -08:00
Daniel Smith	f1c42beb68	Fix N^2 startup for webhook configurations Add a "lazy" type to track when an update is needed. It uses a nested locking technique to avoid extra evaluation calls. Kubernetes-commit: 5a1091d88d95bd1dd5c27f2c72cee4ecb4219dda	2023-01-09 23:29:25 +00:00
Paco Xu	d61f1147f3	remove psp in extensions api/apis Kubernetes-commit: 25686a2c772adea2088f3be087280c39daa81631	2022-11-02 21:12:43 +08:00
Daniel Smith	d053de6ca3	Enable propagration of HasSynced * Add tracker types and tests * Modify ResourceEventHandler interface's OnAdd member * Add additional ResourceEventHandlerDetailedFuncs struct * Fix SharedInformer to let users track HasSynced for their handlers * Fix in-tree controllers which weren't computing HasSynced correctly * Deprecate the cache.Pop function Kubernetes-commit: 8100efc7b3122ad119ee8fa4bbbedef3b90f2e0d	2022-11-18 00:12:50 +00:00
Cici Huang	47687312f4	Rename FG to `ValidatingAdmissionPolicy` Kubernetes-commit: 29737124860b1414affa07ed6db30fccdbae3b55	2022-11-09 17:27:20 +00:00
Cici Huang	55bc692e10	Rename admission cel package to validatingadmissionpolicy Kubernetes-commit: 40c21dafcdb7d4f7ee85c652b362632f3b620861	2022-11-08 14:18:26 +00:00
Alexander Zielenski	806e2feeca	add test for error when informers are not ready Kubernetes-commit: acf571fcbed6e762a2a654bfbe6c415e668dfed3	2022-11-09 15:28:37 -08:00
Alexander Zielenski	2167932c69	use existing admissionHandler readyfunc to wait for sync is what other plugins do, and should decrease verbosity in logs Kubernetes-commit: df315f347c911c5cc189d14f6dc70a23da52e57d	2022-11-08 13:07:42 -08:00
Kermit Alexander II	8884260fa6	Add metrics integration. Kubernetes-commit: 99494e67779d0db5a1bf304256e7df273070bf95	2022-10-31 19:22:35 +00:00
Alexander Zielenski	7c2a6f0ee8	fix possible race in admission test of listwatch Kubernetes-commit: 4e217159cfc1441f3c3234059fc6fca0eb13a66d	2022-11-07 12:01:44 -08:00
Joe Betz	0e28c0c81f	Fix params to be null instead of an empty map if paramRef is null Kubernetes-commit: 65460b14d2b9ea20aaf2c6fece191af53ae57249	2022-11-08 13:49:50 -05:00
Cici Huang	81aeb1b5e9	Integrate cel admission with API. Co-authored-by: Alexander Zielenski <zielenski@google.com> Co-authored-by: Joe Betz <jpbetz@google.com> Kubernetes-commit: e7d83a1fb7b3e4f6a75ed73bc6e410946e12ad9f	2022-11-07 21:38:55 +00:00
Cici Huang	58f75bc06a	Add match check for policy and binding. Co-authored-by: Max Smythe <smythe@google.com> Kubernetes-commit: 46f97d4662d5b403badd29675d79d0c74875b9f0	2022-11-07 21:33:17 +00:00
Cici Huang	9f6b13b337	Update admission initializers. Moved RestMapper and add DynamicClient Kubernetes-commit: c8a089de4692ef94ec25fc5874906640d0ec9a28	2022-11-07 21:24:46 +00:00
Cici Huang	464de72d97	Adding new api version of admissionregistration.k8s.io v1alpha1 for CEL in Admission Control Kubernetes-commit: 0486e062618f2181857ae7b235dcd4b8be0964e4	2022-10-04 04:46:55 +00:00
Max Smythe	95fe36122a	Fix canonical imports Signed-off-by: Max Smythe <smythe@google.com> Kubernetes-commit: 003fbae25bf4c76b8b71d56206b51e1ee6e80812	2022-10-25 20:40:27 -07:00
Max Smythe	73e7490c2b	Make interface for webhook predicates more specific Signed-off-by: Max Smythe <smythe@google.com> Kubernetes-commit: 00ebe0bf623295dc589e43e8c299003f9e939f65	2022-10-25 16:34:06 -07:00
Max Smythe	3dc8d71b8a	Move webhook scoping rules into a predicates directory Signed-off-by: Max Smythe <smythe@google.com> Kubernetes-commit: b4ee0c0574932b99a9e877c84d880a5f00fdd3cc	2022-10-25 16:28:16 -07:00
Kermit Alexander II	9129598e13	Add metrics for validation admission control. Kubernetes-commit: ac324cb30c938a6e8eb533feaba4bb4503416e26	2022-10-11 20:04:13 +00:00
David Ashpole	aa161f2fc0	migrate apiserver utiltrace usage to component-base/tracing Kubernetes-commit: de26b9023f2872c5cd7e15fad5dd5ab649222c13	2022-10-20 18:15:38 +00:00
Tim Allclair	bd7c7f52c2	Consolidate AuditContext Kubernetes-commit: f1d684b7b60b39b7dc1eb4156307c593f0ba74e1	2022-07-12 11:53:57 -07:00
Alexander Zielenski	ee983a05da	fix flaky admission tests would fllake .04% of the time on my machine. In tests waiting for objects to be reconciled, would erroneously treat the "Not Found" case as an error rather than waiting a bit. also add some more context to test errors to improve debuggability Kubernetes-commit: bfbc1f3479423b5c53231cfec58895746ef2de69	2022-10-21 09:47:18 -07:00
Alexander Zielenski	e25b9399a5	add cel admission controller tests 84% coverage Kubernetes-commit: 8b74e73e3825e725d05376de717ad96506a52eec	2022-10-12 18:03:44 -07:00
Alexander Zielenski	cd8f0b6cf7	add cel admission plugin and initializer Kubernetes-commit: a41a536dbdb72877fa48f85272e479eb628e68f8	2022-10-12 10:21:31 -07:00
Alexander Zielenski	b154760894	add generics tests 84.1% coverage Kubernetes-commit: 74b103cd52da3b0149aa9e50a569a89bdd46e1db	2022-10-13 13:44:03 -07:00
Alexander Zielenski	b1196b949c	add cel admission controller Kubernetes-commit: 2286501e227ead064e95880a6f28904526f887a6	2022-10-12 10:21:08 -07:00
Alexander Zielenski	bf7388424e	add OWNERS Kubernetes-commit: c52fae186a60f0d480f26628c55656c76c7ccac0	2022-10-12 16:11:11 -07:00
Oscar Utbult	9d3d7b483a	grammar: replace all occurrences of "the the" with "the" Kubernetes-commit: e4f776f23098ecf942cafa898777195adbc800f1	2022-09-17 22:58:01 +02:00
Abirdcfly	487ade9f5d	go1.19: change some atomic.Value to atomic.Bool Signed-off-by: Abirdcfly <fp544037857@gmail.com> Kubernetes-commit: 1d631f7eef4db32afe23460843c4084ed3a3f6bd	2022-09-06 17:13:44 +08:00
qmloong	a32e26b98a	fix: remove redundant error log print Kubernetes-commit: 45ed5ba9939c581d0633772ea3177780fae95db0	2022-09-26 14:52:25 +08:00
Davanum Srinivas	7e94033a61	Generate and format files - Run hack/update-codegen.sh - Run hack/update-generated-device-plugin.sh - Run hack/update-generated-protobuf.sh - Run hack/update-generated-runtime.sh - Run hack/update-generated-swagger-docs.sh - Run hack/update-openapi-spec.sh - Run hack/update-gofmt.sh Signed-off-by: Davanum Srinivas <davanum@gmail.com> Kubernetes-commit: a9593d634c6a053848413e600dadbf974627515f	2022-07-19 20:54:13 -04:00
HaoJie Liu	4c5e4623d3	cleanup: use append other than for loop Signed-off-by: HaoJie Liu <liuhaojie@beyondcent.com> Kubernetes-commit: 29b5cd04bd2c7e2676687d3b613c9b065b128e54	2022-07-21 15:29:30 +08:00
ialidzhikov	057c272d7b	Fix a typo Signed-off-by: ialidzhikov <i.alidjikov@gmail.com> Kubernetes-commit: b2fc44f3f064f56fd9d772f8ecc192614ed79c69	2022-05-18 13:18:47 +03:00
Wojciech Tyczyński	2428ade32a	Fix leaking goroutines in QuotaEvaluator Kubernetes-commit: 9d974e6e89285e3e0cb7ff928407a3350b224084	2022-05-26 21:10:10 +02:00
Wojciech Tyczyński	5ab2c69c4c	Fix ResourceQuota admission shutdown Kubernetes-commit: f8211d7e447cc6c29139ebf3422f0752278d6da1	2022-05-18 19:30:23 +02:00
David Eads	25c5c2ccf3	Handle panic during validating admission webhook admission Validating admission webhook evaluation can fail, if uncaught this crashes a kube-apiserver. Add handling to catch panic while preserving the behavior of "must not fail". Kubernetes-commit: d412bf92b3b02bda93707c6aaba945f28bf60c72	2022-03-16 13:47:32 -04:00
Steve Kuznetsov	80256820ce	storage: move the APIObjectVersioner definition to storage The means by which we extract and parse the version of an API object is not specific to etcd3. In order to allow for a generic suite of tests against any storage.Interface imlpementation, we need this logic to live outside of the etcd3 package, or import cycles will exist. Signed-off-by: Steve Kuznetsov <skuznets@redhat.com> Kubernetes-commit: 3939f3003e9605c06f65e64d1fc6f94b294f9d97	2022-05-11 07:44:21 -07:00
Tim Allclair	1e36b0a9fb	Don't add audit annotations directly to the audit event Kubernetes-commit: bdebc62d49293a0fbbd7e0d95bfd94b1ce21015c	2022-03-28 11:38:38 -07:00
Tim Allclair	df8fb75b75	Don't decorate admission for audit when audit is disabled Kubernetes-commit: 1b529d4f0b699de95ed09c9d59ff72a812dd840b	2022-02-15 17:20:32 -08:00
Abu Kashem	72aa2c42fc	refactor: rename webhook duration tracker Kubernetes-commit: 4a9b9028153c6984b9cf69067cc0a1aa12a00e73	2022-02-01 15:44:59 -05:00
Luigi Tagliamonte	8a2109d15b	add tests for new metric Kubernetes-commit: 08448911ae24c79b846a555c4d9a42b3f53b0b67	2021-12-28 20:38:36 -08:00
Luigi Tagliamonte	dccc77dd13	add failopen metric Kubernetes-commit: 6542f4bb993ebec23ec2198aaba89b629e3ec831	2021-12-21 14:11:12 -08:00
ialidzhikov	5832006292	Fix the doc string of GetOldObject func Signed-off-by: ialidzhikov <i.alidjikov@gmail.com> Kubernetes-commit: f79c00e8ff43b80a7fb294341027428f01e9f036	2021-10-28 17:03:18 +03:00
Davanum Srinivas	56a3a30ae1	Check in OWNERS modified by update-yamlfmt.sh Signed-off-by: Davanum Srinivas <davanum@gmail.com> Kubernetes-commit: 9405e9b55ebcd461f161859a698b949ea3bde31d	2021-12-09 21:31:26 -05:00
Paweł Banaszewski	78c055e084	Added requestSloLatencies metric Kubernetes-commit: 0afa569499d480df4977568454a50790891860f5	2021-10-25 22:19:24 +00:00
chenlinx17	f657cdaea4	Fix concurrent map writes error in kube-apiserver Kubernetes-commit: 7c67665f7fcfa74e5a573e696b6220ff062b7a34	2021-11-04 15:56:10 +08:00
Reza Karimi	193bf2c49a	making some apiserver metrics stable Kubernetes-commit: 894e31f41aed5e6db4275bf8cf89fdd62fe25b1e	2021-11-02 17:53:53 +00:00
Jordan Liggitt	18b69ef17d	Switch from json-iterator to utiljson Kubernetes-commit: bba877d3a6d0e6498d5e43a54939d5e4e8baee1a	2021-09-14 17:54:37 -04:00

1 2 3 4 5 ...

281 Commits