kubernetes
/
apiserver
mirror of https://github.com/kubernetes/apiserver.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
5,971 Commits 30 Branches 1,482 Tags 31 MiB
Commit Graph

65 Commits

Author SHA1 Message Date
Krzysztof Ostrowski a85078bf03 apiserver/kmsv2: mv Service interface into kmsv2 
Signed-off-by: Krzysztof Ostrowski <kostrows@redhat.com>

Kubernetes-commit: b7701b00eaa8cdc2103beb8ab78f625cc3b62d90
 2023-01-09 14:36:06 +01:00
lixiaobing1 c144979a82 replace WithInsecure() with WithTransportCredentials() 
Kubernetes-commit: 7892175acdb329d44cf1f34230f78e608b3cb736
 2022-10-15 16:41:53 +08:00
Harsha Narayana 1da54ec21a kmsv2: enable logging for kmsv2 enc/dec operations 
Kubernetes-commit: 79d741f1f8efcfc75cecd22898c7b6b689449f0a
 2022-08-31 22:08:55 +05:30
Anish Ramasekar 1411f0e151 kmsv2: validate annotations key and size 
Signed-off-by: Anish Ramasekar <anish.ramasekar@gmail.com>

Kubernetes-commit: d1fb258ff2d009f202cff3fdd25e6fd2bbda08ef
 2022-09-14 21:58:17 +00:00
Monis Khan c602291fa1 encryption config: no-op refactor to prepare for single loading 
Signed-off-by: Monis Khan <mok@microsoft.com>

Kubernetes-commit: db850931a8699e780dd794e1763fd0e54b4239b5
 2022-08-29 17:25:48 -04:00
Anish Ramasekar c027ae3881 Add staging directory for kms 
- Moves kms proto apis to the staging repo
- Updates generate and verify kms proto scripts to check staging repo

Signed-off-by: Anish Ramasekar <anish.ramasekar@gmail.com>

Kubernetes-commit: c3794e2377016b1c18b1dcb63dc61d686c8ebcbf
 2022-08-23 20:22:09 +00:00
Anish Ramasekar ec520ccd91 [KMS]: update envelope caching unit tests 
Signed-off-by: Anish Ramasekar <anish.ramasekar@gmail.com>

Kubernetes-commit: 92dce5de71f752c8c136ec7c7417a73d50317cf5
 2022-09-15 18:01:48 +00:00
Monis Khan 70b4742ce2 kms: fix go routine leak in gRPC connection 
Signed-off-by: Monis Khan <mok@microsoft.com>

Kubernetes-commit: 4e68e9b5ad70ae074b3fb20f0fb2ba25d0792274
 2022-08-24 01:51:19 +00:00
Anish Ramasekar bdd7082eed chore(kms): remove unused plugin name and migrate from deprecated `io/ioutil` pkg 
Signed-off-by: Anish Ramasekar <anish.ramasekar@gmail.com>

Kubernetes-commit: 7db7a63959162d743f771183bf4e88e82afef868
 2022-08-23 22:55:22 +00:00
Anish Ramasekar 225e26ac4a Implement KMS v2alpha1 
- add feature gate
- add encrypted object and run generated_files
- generate protobuf for encrypted object and add unit tests
- move parse endpoint to util and refactor
- refactor interface and remove unused interceptor
- add protobuf generate to update-generated-kms.sh
- add integration tests
- add defaulting for apiVersion in kmsConfiguration
- handle v1/v2 and default in encryption config parsing
- move metrics to own pkg and reuse for v2
- use Marshal and Unmarshal instead of serializer
- add context for all service methods
- check version and keyid for healthz

Signed-off-by: Anish Ramasekar <anish.ramasekar@gmail.com>

Kubernetes-commit: f19f3f409938ff9ac8a61966e47fbe9c6075ec90
 2022-06-29 20:51:35 +00:00
Mikko Ylinen 12a8b7fef3 grpc: move to use grpc.WithTransportCredentials() 
v1.43.0 marked grpc.WithInsecure() deprecated so this commit moves to use
what is the recommended replacement:

grpc.WithTransportCredentials(insecure.NewCredentials())

Signed-off-by: Mikko Ylinen <mikko.ylinen@intel.com>

Kubernetes-commit: 2c8bfad9106039aa15233b5bf7282b25a7b7e0a0
 2022-05-11 12:13:28 +03:00
Anish Ramasekar c6c1465ed7 Add KMS v2alpha1 API 
Signed-off-by: Anish Ramasekar <anish.ramasekar@gmail.com>

Kubernetes-commit: 907545445ab8b4e34c1068ab9828a930c30cbfc4
 2022-05-24 23:43:09 +00:00
Steve Kuznetsov af1cb1cefe storage: transformers: pass a context.Context 
When an envelope transformer calls out to KMS (for instance), it will be
very helpful to pass a `context.Context` to allow for cancellation. This
patch does that, while passing the previously-expected additional data
via a context value.

Signed-off-by: Steve Kuznetsov <skuznets@redhat.com>

Kubernetes-commit: 27312feb9983c18d1daf00afba788727d024cdd0
 2022-02-17 07:29:44 -08:00
tiloso ab3cca3647 Fix staticcheck in apiserver and client-go pkgs 
Kubernetes-commit: 830a137d2ea70663cd94403595313b95ac40ffe8
 2021-06-19 22:03:46 +02:00
Stephen Augustus 771ffe6475 generated: Run hack/update-gofmt.sh 
Signed-off-by: Stephen Augustus <foo@auggie.dev>

Kubernetes-commit: 481cf6fbe753b9eb2a47ced179211206b0a99540
 2021-08-12 17:13:11 -04:00
Davanum Srinivas fe1610f3fe switch from golang-lru to the one in k8s.io/utils 
Signed-off-by: Davanum Srinivas <davanum@gmail.com>

Kubernetes-commit: 79d0c6cdc10293c9bfe644ce31dc186a936579b0
 2021-07-07 13:45:07 -04:00
卢振兴10069964 549cbbf8de fix broken link in some files 
Kubernetes-commit: b29a5fb0746f772b38da570cd8fdc77396ffca31
 2021-04-13 08:43:24 +08:00
Jiaxin Shan dfad5032fb Fix ALPHA stability level reference link 
Kubernetes-commit: e01a21469b9719f7d0e84021c032cd8f0016b5d2
 2021-01-31 15:37:07 -08:00
Davanum Srinivas 5879417a28 switch over k/k to use klog v2 
Signed-off-by: Davanum Srinivas <davanum@gmail.com>

Kubernetes-commit: 442a69c3bdf6fe8e525b05887e57d89db1e2f3a5
 2020-04-17 15:25:06 -04:00
immutablet 66b663f223 Instrument DEK cache fill and request inter-arrival times. 
Kubernetes-commit: 684d6fb0ade6ac088af391cedd70bc847941a54f
 2020-02-18 16:39:53 -08:00
Davanum Srinivas cde2338e26 update generated files 
Kubernetes-commit: b3853138a4f1a0637ec3c38a5c59f8228765b261
 2020-01-13 17:56:56 -05:00
immutablet 5cec6b4746 Add defaulting logic for EncryptionConfiguration. 
Kubernetes-commit: a151aa35dc21881d178e498141e5f58df13fb400
 2019-11-14 22:53:18 -08:00
immutablet 29f5d9ba4a Move the common logic of checking for kms-plugin's version into gRPC client interceptor. 
Kubernetes-commit: d2b4723302e61efdd942d59801f18ae3ec24887a
 2019-10-25 15:08:52 -07:00
immutablet 3079381054 Use single kms-plugin mock in unit and integration tests. 
Kubernetes-commit: 4d24b41410f2253c7b2f9e2b6d56910894016c61
 2019-10-11 15:25:05 -07:00
immutablet 5035dae3d5 Replace deprecated methods in the logic involved in the construction of gRPC connection to kms-plugin. 
Kubernetes-commit: e50c264c35a32200febde3b10838b2ef2f986c39
 2019-10-07 15:57:47 -07:00
chenyaqi01 4f9778fb9d replace bytes.Compare() with bytes.Equal() 
Kubernetes-commit: 66be69bb0e7fd147be650385d272ae14ee2857c8
 2019-09-27 10:06:50 +08:00
Shihang Zhang 53db7e198a change envelope transformer to return status error for better monitoring 
Change-Id: I8263c4673d5f57617acf315c7af6ebe5aacd9c7c

Kubernetes-commit: cba43530d77d7f28bc302912e8f43c4a69fdec3b
 2019-09-10 13:12:31 -07:00
Antoine Pelisse 0c3358252b Regenerate 
Kubernetes-commit: 6568325ca2bef519e5c8228cd33887660b5ed7b0
 2019-07-24 15:21:55 -07:00
Vallery Lancey 6e15e9a893 Updated github.com/gogo/protobuf from SHA to nearest-pinnable tag (v1.0.0), as part of dependency management cleanup: #79234 
Kubernetes-commit: fe59ee8aaf8c7399476d286349caca9e3c05c522
 2019-07-02 21:44:06 -07:00
Jordan Liggitt 8b9440cfa5 Fix spurious .sock files running envelope unit tests 
Kubernetes-commit: 04b6f1ea03f88abd9eb3a2635995a405f68527e0
 2019-06-13 10:52:59 -04:00
immutableT 9c474d9c53 require timeout to be greater than zero. 
add unit test to cover timeout behaviour.

Kubernetes-commit: 39aca564749cd92ed1cfec7129eb3f6593549137
 2019-01-04 17:06:07 -08:00
Nikhita Raghunath e6d011f6fa Add license header to non-generated proto files 
Kubernetes-commit: 6285db6576553e40aacb74579de57a77e19bb434
 2018-10-30 22:29:07 +05:30
Davanum Srinivas 2710b17b80 Move from glog to klog 
- Move from the old github.com/golang/glog to k8s.io/klog
- klog as explicit InitFlags() so we add them as necessary
- we update the other repositories that we vendor that made a similar
change from glog to klog
  * github.com/kubernetes/repo-infra
  * k8s.io/gengo/
  * k8s.io/kube-openapi/
  * github.com/google/cadvisor
- Entirely remove all references to glog
- Fix some tests by explicit InitFlags in their init() methods

Change-Id: I92db545ff36fcec83afe98f550c9e630098b3135

Kubernetes-commit: 954996e231074dc7429f7be1256a579bedd8344c
 2018-11-09 13:49:10 -05:00
Joe Betz 5c1ed41d69 Update etcd client to 3.3.9 
Kubernetes-commit: 4263c752115c3796ee5715c7de4cbc2e237809d3
 2018-10-01 16:53:57 -07:00
immutableT d0ea04d52d Increase time-out of kms-service concurrency tests. 
Kubernetes-commit: fd64c3bac6f2a611a154c86c93fd77404404aba5
 2018-10-05 16:22:00 +00:00
Mike Danese 93a015d36a refactor envelope to use cryptobytes 
Kubernetes-commit: 36ab52b428f6b87df5bdd85f253758967bf0a240
 2018-09-28 23:02:42 -07:00
immutablet e9bce895cf Lazily dial kms-plugin. 
Kubernetes-commit: 07cbf2545f705d0448631f479a18d0b86b7055dc
 2018-09-12 14:56:44 -07:00
fisherxu 164f30a663 use dailcontext 
Kubernetes-commit: 89f3fa3d62791e756dcbd645818ea03d7c1a86b8
 2018-08-24 10:18:21 +08:00
immutablet 842873f83e Add support for linux abstract socket namespace. 
Kubernetes-commit: 01008911687c27b15aee4766a70786684bdb3f01
 2018-05-31 14:00:42 -07:00
immutablet 5ae492efc5 Add metrics for envelop transformer: 
transformation_operation_count
    transformation_failures_count
    envelope_transformation_cache_misses_count
    data_key_generation_latencies_microseconds
    data_key_generation_failures_count

Kubernetes-commit: 695c3e32ad0ff144b36e4deed13a678120f5b6fb
 2018-05-29 14:40:39 -07:00
Justin Santa Barbara f9ec73e95b Fix typo in envelope transform error message 
Kubernetes-commit: 8f87e5c7dab27671e1f68356e825deab879630bf
 2018-05-09 09:36:29 -04:00
hzxuzhonghu 6ab99203b7 Replace "golang.org/x/net/context" with "context" 
Kubernetes-commit: 70e45eccf27726f0e63dd1024924ccc7e2cd35a0
 2018-02-28 12:20:22 +08:00
fisherxu 716af975eb regenerated all files and remove all YEAR fields 
Kubernetes-commit: b49ef6531c11f1c834e0d7591f5c965f6193c711
 2018-01-22 20:37:53 +08:00
Kubernetes Publisher 627fa76a8b sync: initially remove files BUILD */BUILD BUILD.bazel */BUILD.bazel 2018-03-15 09:38:17 +00:00
Ryan Hitchman 43796a9895 Fix build tag for grpc_service_unix_test.go. 
Kubernetes-commit: 4d2e43f53f3c057e7bddd6f09e5a82b0b97d276f
 2018-02-09 12:10:25 -08:00
Wang Guoliang 32fe314a1e fix some syntax related errors 
Kubernetes-commit: d065157dd74fa02eec87f5849528b079a3736c3d
 2018-02-11 19:50:49 +08:00
Mike Danese 3ec7dfbb59 kms: rename KMSService to KeyManagmentService 
KMSService is redundent.

Kubernetes-commit: fc8ff61eb9e153d9e3f67549b8454cdea89bab30
 2018-02-22 19:36:03 -08:00
Jeff Grafton 1ab12b2dc8 Autogenerated: hack/update-bazel.sh 
Kubernetes-commit: ef56a8d6bb3800ab7803713eafc4191e8202ad6e
 2018-02-16 13:43:01 -08:00
Di Xu 9beeb59216 fix all the typos across the project 
Kubernetes-commit: 48388fec7eaad4ac8d84fbe20673ffacf41964a1
 2018-02-09 14:53:53 +08:00
Wu Qiang bed3e4f9ab Add generated script for kms api pb file 
Kubernetes-commit: 9825018e4a004523492893433604439b1f2acd22
 2018-01-29 06:00:57 +00:00