Print information from both the original path registration and the new
path registration stack traces when encountering a duplicate. This helps
the developer determine where the duplication is coming from and makes
it much easier to resolve.
Signed-off-by: Andy Goldstein <andy.goldstein@redhat.com>
Kubernetes-commit: 04aa8f9dcdbc575fde37e25e45315359b0aa1ca6
Implements server side field validation behind the
`ServerSideFieldValidation` feature gate. With the
feature enabled, any create/update/patch request
with the `fieldValidation` query param set to
"Strict" will error if the object in the request
body have unknown fields. A value of "Warn"
(also the default when the feautre is enabled)
will succeed the request with a warning.
When the feature is disabled (or the query param
has a value of "Ignore"), the request will succeed
as it previously had with no indications of any
unknown or duplicate fields.
Kubernetes-commit: e50e2bbc889eb274ad1463a54188a2805767bfde
addresses feedback by adding a test to make sure that the manager pipeline will not return the same instance used as input, and that the output does not input managedFields
Kubernetes-commit: 68e175ef68eff1351917ac206fb29abe42128062
drop the managed fields of the objects from the audit entries when we
are logging request and response bodies.
Kubernetes-commit: bbc59348318c29199e23b27981fb56436ac68705
Split process() function into processEvents() and process().
This is done in anticipation of GetAllEventsSinceThreadUnsafe()
returning an entity using which events can be constructed and
not the events itself.
Subsequently, this commit also moves updating resource version
for initEvents from Watch() to the processEvents() func.
Signed-off-by: Madhav Jivrajani <madhav.jiv@gmail.com>
Kubernetes-commit: aab7cd3d8a66f425022ca5b2a2bd0d3019efe526
the new field exists primarily to avoid returning a 404 response when a resource actually exists but we haven't installed the path to a handler.
it is exposed for easier composition of the individual servers.
the primary users of this field are the WithMuxCompleteProtection filter and the NotFoundHandler.
Kubernetes-commit: ddfbb5d2bb57ee44b3e10f0b58f9cc7001f55802
It puts the muxCompleteProtectionKey in the context if a request has been made before muxCompleteSignal has been ready.
Putting the key protect us from returning a 404 response instead of a 503.
It is especially important for controllers like GC and NS since they act on 404s.
The presence of the key is checked in the NotFoundHandler (staging/src/k8s.io/apiserver/pkg/util/notfoundhandler/not_found_handler.go)
The race may happen when a request reaches the NotFoundHandler because not all paths have been registered in the mux
but when the registered checks are examined in the handler they indicate that the paths have been actually installed.
In that case, the presence of the key will make the handler return 503 instead of 404.
Kubernetes-commit: b71fa61b79598b723c3ee23217e0b44564d90b52
The new handler is meant to be executed at the end of the delegation chain.
It simply checks if the request have been made before the server has installed all known HTTP paths.
In that case it returns a 503 response otherwise it returns a 404.
We don't want to add additional checks to the readyz path as it might prevent fixing bricked clusters.
This specific handler is meant to "protect" requests that arrive before the paths and handlers are fully initialized.
Kubernetes-commit: 53867975e72c7a2d2dd94aac6bd2869411f92094
Andy Goldstein