kubernetes
/
apiserver
mirror of https://github.com/kubernetes/apiserver.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
4,710 Commits 30 Branches 1,482 Tags 31 MiB
Commit Graph

4710 Commits

Author SHA1 Message Date
Lukasz Szaszkiewicz a9e68c9b32 let objects without metadata pass through the managedFields admission controller 
Not all objects provide metadata. There might be extention servers that allow for creating objects without the metadata field.

This PR changes the managedFileds admission to deal with objects without the metadata field.
Object without that field will be passed directly to the wrapped admission controller for further validation.

Kubernetes-commit: 3dbaf305ae1e52105a338987f3770ff104def68b
 2021-04-29 14:08:36 +02:00
Kubernetes Publisher 28df761863 Merge pull request #101532 from stevekuznetsov/skuznets/wrap-admission-error-reasons 
apiserver: wrap errors in admission with context

Kubernetes-commit: 50e319767cc4aad5c6ff56a8d002c406cdcc3e0e
 2021-05-18 11:27:49 +00:00
Mengxue Zhang 15750850e0 specify pod name and hostname in indexed job 
Kubernetes-commit: e64e34e0298d27d4099b632f5b7c1ba38fc66561
 2021-04-29 03:33:36 +00:00
Steve Kuznetsov 8c01d7fe18 apiserver: wrap errors in admission with context 
When the API server encounters an error during admission webhook
handling, lower-level errors are bubbled up without any additional
context added. This leads to fairly opaque and unintelligible errors. It
is not clear to users if the API server itself is having an error (for
instance, fetching the REST client) or if the request to the webhook
failed in some way.

Signed-off-by: Steve Kuznetsov <skuznets@redhat.com>

Kubernetes-commit: ae9e71ba68cb1dd00bb5ed2635bac9aab2abbafe
 2021-04-27 11:19:01 -07:00
Kubernetes Publisher f9a92cec2f Merge pull request #95387 from JAORMX/logperms 
Ensure audit log permissions are restricted

Kubernetes-commit: b81a36021f0a6d3d4944c3aba779e0174955515c
 2021-05-18 11:27:46 +00:00
Kubernetes Publisher 16ed1713d9 Merge pull request #100139 from Jefftree/ssa-ga2 
Promote SSA GA

Kubernetes-commit: 6067d8556a017102fcd92c6a06738524c36847a9
 2021-05-18 11:27:44 +00:00
Kubernetes Publisher 9427d805d6 Merge pull request #99452 from xiaoanyunfei/bugfix/legacy_user-agent 
add user-agent for audit log format legacy

Kubernetes-commit: 0da2e97ac112baaf9c2d8d723f7c4805f57dd363
 2021-05-18 11:27:40 +00:00
Kubernetes Publisher b8afabd522 Merge pull request #101357 from feiskyer/update-vendor 
Update Azure Go SDK version to v53.1.0

Kubernetes-commit: 253685779f15d2bf1ebf8354474761752edd8d6e
 2021-05-18 11:27:38 +00:00
Zhou Peng c233874954 [k8s.io/apiserver/pkg/endpoints/discovery/]: improve readability 
Do not wrap code here

Signed-off-by: Zhou Peng <p@ctriple.cn>

Kubernetes-commit: 95f7b4d8544eeba0bc06122b1a35db1ab603f19d
 2021-04-27 13:55:31 +08:00
Chao Xu 8f650d1e76 Move the comment to the right line 
Kubernetes-commit: 6001c70c7274d88b566ac3ff40e4f8900cc23c54
 2021-04-23 00:05:15 +00:00
Chao Xu 218926b065 Switch the order of adding SNICert and creating LoopbackClientConfig 
Kubernetes-commit: 1df4503b859a2b7b2b7f9c5bcf400f61cc29d349
 2021-04-22 23:17:39 +00:00
Pengfei Ni df1dd422c7 Update Azure Go SDK version to v53.1.0 
Kubernetes-commit: bee44da7a258bbe3996ad3cc38d905ae9a28271e
 2021-04-22 11:45:39 +08:00
Kubernetes Publisher e25550bce3 Merge pull request #101119 from BinacsLee/binacs-cmd-reuse-function 
code cleanup: Abstract repetitive codes in `cmd` as a function

Kubernetes-commit: ed4fa17d01545b33562aea91b7f3487a872bf8fb
 2021-05-18 11:27:35 +00:00
BinacsLee 9e0dad9438 code cleanup: Abstract repetitive codes in cmd as a function 
Kubernetes-commit: 75dde4dce4d5e9825490d9e77329b73501529a39
 2021-04-22 22:34:50 +08:00
Kubernetes Publisher 1a1fa2aa6b Merge pull request #98377 from nodo/scale-ownership-tracking-deployment 
Track ownership of scale subresource

Kubernetes-commit: f1e51ceb3c58da272bc0fc68e200db6fd12121dd
 2021-05-18 11:27:31 +00:00
Andrea Nodari ca3910bf4a Add nil path to mapping when a CR has no "scale" subresource 
This is to prevent the ScaleHandler to drop the entry. In this way
entries just get ignored.

Kubernetes-commit: 5b666a61a170f61c7e223085478b24a03612fa99
 2021-04-18 13:55:15 +02:00
mozillazg eca89e844c Fix staticcheck failures for vendor/k8s.io/apiserver/pkg/registry/rest/resttest 
Kubernetes-commit: 92ece853be2969fd8f9716434c8fb062e1ebef9b
 2021-04-17 16:07:19 +08:00
Dinghua Li a2b831d599 Extend the max of admission latency buckets to 10s. 
Kubernetes-commit: 2dbdfd0902e2625d40f338fdbb814ada63720d32
 2021-04-17 00:59:25 +00:00
Dinghua Li bbc089727a Add a namespace label to admission metrics. 
Kubernetes-commit: e7db88b0b65cf685ccae804ff2d073169ed9637e
 2021-04-17 00:58:11 +00:00
caozhiyuan 5a479e600e fix hardcoding and format error log 
Kubernetes-commit: c468a02718402bf42ffc0cd8cdbdf805fdf903a2
 2021-04-14 20:19:41 +08:00
卢振兴10069964 549cbbf8de fix broken link in some files 
Kubernetes-commit: b29a5fb0746f772b38da570cd8fdc77396ffca31
 2021-04-13 08:43:24 +08:00
Abu Kashem b84fa01322 add more context to post timeout request activities 
Kubernetes-commit: 66587afb60b10569aa4ed35d53a4a91fcc40abd2
 2021-04-09 12:09:35 -04:00
Andrea Nodari a178a9c5d1 Drop managed fields entries with unknown fields 
This is aligned to the behaviour of server-side apply on main resources.

Kubernetes-commit: c10dd884c494734d12aceb41daaccd1d8da9356b
 2021-04-09 17:17:23 +02:00
Andrea Nodari 9c3786c066 Do not add managed fields if a scale entry doesn't own replicas 
This happens when a request changes the .status.replicas but not
.spec.replicas

Kubernetes-commit: 8e4b5c849b67b3a12dbd63391a4e75234382ba2c
 2021-04-04 19:05:45 +02:00
Jordan Liggitt 689a6cc12f Graduate WarningHeader feature to GA 
Kubernetes-commit: e3ea169d7d8b2c1417ef5a71ee1015f186ca0e3c
 2021-04-01 02:51:48 -04:00
Jordan Liggitt 754e90a0a3 Promote apiserver_requested_deprecated_apis metric to stable 
Kubernetes-commit: 7877539e3095669629e81633019836d2cdb7c368
 2021-05-11 16:24:58 -04:00
Abu Kashem 4e12e0cd34 apf: use a list instead of slice for queueset 
Kubernetes-commit: 69f9bc181f155ded7c5d5cc0ca9f026a6b42f431
 2021-03-29 11:31:12 -04:00
Antonio Ojea 04c8c14809 admission metrics reset metrics after tests 
Kubernetes-commit: b1a81d2fb8b4528172a8de6de01b53526b7b2277
 2021-03-13 21:26:22 +01:00
JUN YANG 2a99e7e764 Fix misspelling of condition. 
Signed-off-by: JUN YANG <yang.jun22@zte.com.cn>

Kubernetes-commit: 6c566f6dfa5b76d105ce24b3b0cb7f5e3d50d018
 2021-03-14 00:17:58 +08:00
Andrea Nodari 8c0975e184 Check request info when updating managed fields during scale 
- Test all versions to make sure each resource version is in the
  mappings
- Fail when request info contains an unrecognized version. We have tests
  that guarantee that all known versions are in the mappings. If we
  get a version in request info that is not there we should fail fast to
  prevent inconsistent behaviour (e.g. for some reason the mappings is
  not up to date).

Ensure all known versions are in mappings

Kubernetes-commit: 09649e58b5a1368929e194991a763afc8011795e
 2021-03-11 16:51:46 +01:00
Antoine Pelisse ddd271ff4e Use ScaleHandler for all scalable resources 
Kubernetes-commit: 816e80206c169006de9d0a76cd385ee31c5aff39
 2021-03-11 11:05:05 -08:00
Jefftree 285024a6b7 Promote SSA GA 
Kubernetes-commit: 94cf48a2d16d7eaa915b7f685746a0e63870d5ff
 2021-03-11 06:40:43 -08:00
David Eads 526d12c09b prevent mutation of deletion options during delete collection 
Kubernetes-commit: 649b87aaf85dbb6e8190bf7d16c5dc903b5ecedc
 2021-03-10 15:41:03 -05:00
Margo Crawford 6c62752c02 This introduces an Impersonate-Uid header to server side code. 
UserInfo contains a uid field alongside groups, username and extra.
This change makes it possible to pass a UID through as an impersonation header like you
can with Impersonate-Group, Impersonate-User and Impersonate-Extra.

This PR contains:

* Changes to impersonation.go to parse the Impersonate-Uid header and authorize uid impersonation
* Unit tests for allowed and disallowed impersonation cases
* An integration test that creates a CertificateSigningRequest using impersonation,
  and ensures that the API server populates the correct impersonated spec.uid upon creation.

Kubernetes-commit: 74f5ed6b17287100b339a2b3a43fd4c6fb200978
 2021-03-04 15:19:52 -08:00
xiaofei.sun e9a1de1bba add user-agent for audit log format legacy 
Kubernetes-commit: 358b33519cdcb3561b41a665558306967cc1d1b9
 2021-02-25 20:23:51 +08:00
zhuangqh 640ba0e40e docs: fix outdated enhancement doc link 
Signed-off-by: zhuangqh <zhuangqhc@gmail.com>

Kubernetes-commit: adf28648cb32d17cd186a6c7e8b264419e6d0759
 2021-02-24 15:22:50 +08:00
Shihang Zhang 4a6863aa9a the last upperbound of kms latency metric is too small 
Kubernetes-commit: 6d7c83f2cd19455107bc02bc98fed2296bb46dca
 2021-02-23 14:19:25 -08:00
Lukasz Szaszkiewicz 69433684ce adds metrics for authentication webhook 
Kubernetes-commit: 322c18c147da08dd2eea25ba3c2b9630a228cf5f
 2021-02-23 08:39:25 +01:00
Andrea Nodari 8df8282eaf Track ownership of deployments scale subresource 
Kubernetes-commit: a9ea98b3b9272a7f7788a0d37891e4b13b9be38d
 2021-01-23 18:50:14 +01:00
Kubernetes Publisher c883d6c994 Merge pull request #101234 from gautierdelorme/rm-go-openapi-spec 
eliminate dependency on go-openapi/spec

Kubernetes-commit: 565d5f456242fcc79b7540a4c4913c7577cbfc7d
 2021-05-18 11:27:27 +00:00
Gautier Delorme af9424d2c9 remove go-openapi/spec 
Signed-off-by: Gautier Delorme <gautier.delorme@gmail.com>

Kubernetes-commit: 34b0fcef5fc47e3fcddf7f6ca1b3e6176b2a5323
 2021-04-20 17:48:33 +02:00
Gautier Delorme 4a8e81fac6 bump k8s.io/kube-openapi 
Signed-off-by: Gautier Delorme <gautier.delorme@gmail.com>

Kubernetes-commit: bcdde6bf75c7e177b44e58c5313e405c22d8d46d
 2021-04-20 17:43:59 +02:00
Kubernetes Publisher f48391aefe Merge pull request #100964 from njuptlzf/SelectionPredicateUT 
Add more unit tests for SelectionPredicate

Kubernetes-commit: 90e599f56a931f9ba32244c7f6250db27cb61af5
 2021-05-18 11:27:23 +00:00
Kubernetes Publisher b9ad7382f7 Merge pull request #100979 from mikedanese/tlscleanup 
force implementors of dyanmiccertificates providers to think about notify

Kubernetes-commit: 496a94bf98c86abea5c18395880340ad64dcb9dd
 2021-05-18 11:27:20 +00:00
Kubernetes Publisher 0be3b21634 Merge pull request #100490 from howardjohn/gnostic-v051 
Update kube-openapi and gnostic dependencies

Kubernetes-commit: c555b23f1c84bcdd1d87a7ae831675281f5c0c94
 2021-05-18 11:27:17 +00:00
Kubernetes Publisher 152ef2fa3b Merge pull request #101155 from zshihang/bound 
allow multiple of --service-account-issuer

Kubernetes-commit: 6157361dd758dc5774b7776d897727b53d696d57
 2021-05-18 11:27:13 +00:00
Shihang Zhang 87ac3f57d4 allow multiple of --service-account-issuer 
Kubernetes-commit: 925900317e43e58435082f624f5969e3cfe25c67
 2021-04-15 09:50:43 -07:00
Kubernetes Publisher 940c107184 Merge pull request #100970 from apelisse/add-subresource-managedfields 
Add subresource managedfields

Kubernetes-commit: 0f1d105f8d3e114f0bf47307513fe519a71351a2
 2021-04-17 16:17:57 +00:00
Kubernetes Publisher 64747d3be0 Merge pull request #101151 from mborsz/nodehealth 
Add "node-high" priority-level

Kubernetes-commit: 09bd59687500e6b3c53e34cf20ef7727a1886c22
 2021-04-17 11:54:00 +00:00
Kubernetes Publisher 16fda89d29 sync: update go.mod 2021-04-17 03:58:27 +00:00