kubernetes
/
apiserver
mirror of https://github.com/kubernetes/apiserver.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
6,596 Commits 30 Branches 1,482 Tags 31 MiB
Commit Graph

6596 Commits

Author SHA1 Message Date
Joe Betz c6c8291384 Update k8s code to handle cel-go changes 
Kubernetes-commit: 640a2ec33274f4b6311afc7dbb0c7e15bd5d792a
 2023-08-18 17:32:41 -04:00
Joe Betz 0c5d0edf6d Bump cel-go to v0.17.6 
Kubernetes-commit: 1a850a00630ebefcef6ba56349277ca127983c11
 2023-08-18 14:20:35 -04:00
Kubernetes Publisher 01011a76dc Merge pull request #120087 from divyasri537/incorporating-feedback-PR-119341 
Incorporating feedback on 119341

Kubernetes-commit: 8290c4c9c1904f160b8d297ffc052ce58222bc91
 2023-08-24 03:01:39 +00:00
Kubernetes Publisher 3780c610f6 Merge pull request #119503 from wojtek-t/pagination_ga 
Graduate APIListChunking to GA

Kubernetes-commit: 2e6eafca3f466b072f23aff4ff4d6d8a973f5606
 2023-08-23 21:40:56 +00:00
Kubernetes Publisher 2538d7ca48 Merge pull request #120097 from jpbetz/fix-ppc64le 
Fix CEL cost handling of zero length replacement strings

Kubernetes-commit: 07f47d8b407ace1cf85f814b787718ba1e65ef6a
 2023-08-23 00:01:40 +00:00
Kubernetes Publisher 6ab39bb78f Merge pull request #120090 from MikeSpreitzer/fix-120032 
Handle edge cases in seat demand stats

Kubernetes-commit: 2792d913674ae44983505a3265df2ac6408b85b9
 2023-08-22 20:02:09 +00:00
Joe Betz 6f6cacf8bf check for overflow 
Co-authored-by: Jordan Liggitt <jordan@liggitt.net>

Kubernetes-commit: b1223e0d1ac626d5472436ed2cd0bc2962394004
 2023-08-22 10:02:10 -07:00
Joe Betz 3e172f1316 Fix CEL cost handling of zero length replacement strings 
Kubernetes-commit: 87cf890632c538e83e961035e73f0f2e8d3ceeba
 2023-08-21 22:48:11 -04:00
Mike Spreitzer 7c7ff34a5a Handle edge cases in seat demand stats 
Signed-off-by: Mike Spreitzer <mspreitz@us.ibm.com>

Kubernetes-commit: b0e249f657a18c1435ace391fa752711dafce732
 2023-08-21 15:26:38 -04:00
Kubernetes Publisher 08f8ff0d3f Merge pull request #119790 from seantywork/added-comment 
added comment for clarifying steps related to kubernetes mutual (2-wa…

Kubernetes-commit: 55c86d6ad930d437931079318d740bdf8dac34f0
 2023-08-21 20:27:23 +00:00
Divya Sri Sanaganapalli 956f1b4799 Incorporating feedback on 119341 
Kubernetes-commit: 24877f96fbb60f34c1c808e7ac76870019eee86b
 2023-08-21 15:20:30 +00:00
Kubernetes Publisher d5379f908e Merge pull request #120081 from p0lyn0mial/upstream-storage-etcd-watcher-refactor 
storage/etcd: no-op, simplify watcher construction

Kubernetes-commit: bcbceea11778ae5316bc02da904a17758c1ea2c7
 2023-08-21 05:37:22 -07:00
Lukasz Szaszkiewicz 7ecfbf7914 storage/etcd: simplify passing the transformer 
Kubernetes-commit: a5600b6925169a7d99376d52472e5f8e8635082b
 2023-08-21 12:27:41 +02:00
Lukasz Szaszkiewicz dc7ff6e034 storage/etcd: remove newWatcher function 
Kubernetes-commit: 6161752ecbe434b8fb157dd3a30bb5c0cef7a23e
 2023-08-21 12:13:12 +02:00
Kubernetes Publisher 6ca5f179c2 Merge pull request #119975 from p0lyn0mial/upstream-storage-get-current-rv 
storage/util: move GetCurrentResourceVersionFromStorage

Kubernetes-commit: ba10ee7671099254db18f9fe9e779ef6339e935b
 2023-08-21 12:27:16 +00:00
Kubernetes Publisher 634c3a6da4 Merge pull request #119972 from p0lyn0mial/upstream-storage-etcd-ref-watcher-method 
storage/etcd: no-op, refactor watcher.Watch method signature

Kubernetes-commit: 2f729f05b6ec4c348cf1b3f8792f94f3defae968
 2023-08-21 12:27:15 +00:00
Kubernetes Publisher ba70a1768a Merge pull request #119824 from aojea/deflake_TestCreateHealthcheck 
fix race creating etcd client for healthchecks

Kubernetes-commit: f46583dcaafc1b5d47b79ceb17ea78e7781f7014
 2023-08-21 12:27:13 +00:00
Kubernetes Publisher d4f3c15bbd Merge pull request #119714 from ritazh/kmsv2-feature-enablement-ut 
kmsv2 test feature enablement unit test

Kubernetes-commit: db64cc4a55f826ac83b7f64b1ca124b0b318e932
 2023-08-19 04:02:54 +00:00
Kubernetes Publisher 5711af83ff Merge pull request #119878 from ritazh/kmsv2-metrics-dekcachesize 
kmsv2: add metric for DEK cache filled

Kubernetes-commit: 16310c959dfc5fefc70e9041e0029feffa62d791
 2023-08-19 04:02:53 +00:00
seantywork bf05e35835 kubernetes mutual (2-way) x509 comment 
Kubernetes-commit: 48260b4a77b423b178ec5e262ac67be52d49f455
 2023-08-18 01:31:22 +00:00
Kubernetes Publisher 9d077dc364 Merge pull request #119800 from jpbetz/cost-fix 
Fixes CEL estimated cost to propagate result sizes correctly

Kubernetes-commit: 210a97e48bc6caac338663cfb917f60e61c84962
 2023-08-17 00:17:04 +00:00
Kubernetes Publisher 3981055a63 Merge pull request #119844 from enj/enj/i/upgrade_regex 
wsstream: use a single approach to detect connection upgrade

Kubernetes-commit: 1ebb5e608b34b02d466181866d2fe64bac8565a4
 2023-08-16 08:13:04 +00:00
Kubernetes Publisher 41188ea6a1 Merge pull request #119825 from Jefftree/add-gv 
Move adding GroupVersion log until after an update is confirmed

Kubernetes-commit: 47f75709326a737ea1880c9fd148ab32771d797c
 2023-08-16 08:13:03 +00:00
Kubernetes Publisher 1f19e00d1c Merge pull request #119795 from sttts/sttts-httplog-impersonation 
apiserver/httplog: pretty up impersonation output

Kubernetes-commit: 19f6d5be8269d4051acffc5709ec4bee7274268a
 2023-08-16 08:12:58 +00:00
Kubernetes Publisher a11da9bae8 Merge pull request #119577 from jiahuif-forks/tests/validating-admission-policy/lazy-map-short-circuiting 
CEL lazy map: add test for boolean short-circuiting

Kubernetes-commit: 112a4726a4af33b5e3d7cb3f6d51547262587669
 2023-08-16 04:21:03 +00:00
Kubernetes Publisher 6b6cfe5d12 Merge pull request #119385 from andrewsykim/current_inqueue_seats_metric 
Add apiserver flowcontrol metric `current_inqueue_seats`

Kubernetes-commit: 338d68bbc2b5e69c18fed5eea11cc683e72dcbdf
 2023-08-16 00:32:47 +00:00
Kubernetes Publisher 9ece5c3b70 Merge pull request #118399 from skitt/ioutil-sig-api-machinery 
api-machinery: stop using deprecated io/ioutil

Kubernetes-commit: 10beda334e360b6b2988d5d2d30c011cc50d4aa8
 2023-08-16 00:32:44 +00:00
Kubernetes Publisher e78a7391c4 Merge pull request #119888 from dgrisonnet/panic-storage-metric 
Fix segfault during storage size metric collection

Kubernetes-commit: 8a7df727820bafed8cef27e094a0212d758fcd40
 2023-08-11 04:46:45 +00:00
Damien Grisonnet 245d131967 apiserver/etcd3: fix segv during metric collection 
Fix a segfault when collecting the storage size metrics when the getters
used to collect the data on etcd haven't been initialized properly. This
happens when the EtcdOptions are not applied which is the case for
aggregated apiservers that don't care about storage.

Signed-off-by: Damien Grisonnet <dgrisonn@redhat.com>

Kubernetes-commit: c6efaf16c1ed07ce37485b7a272628f653cbf06f
 2023-08-10 17:01:17 +02:00
Kubernetes Publisher e7a7329b64 Merge pull request #119835 from liggitt/mitigate-aggregated-discovery-npe 
Avoid returning nil responseKind in v1beta1 aggregated discovery

Kubernetes-commit: 3d941afece97b284c764e5320cc8c80b0e88cba8
 2023-08-10 01:27:20 +00:00
Rita Zhang 7ebae7f76f kmsv2: add metric for DEK cache filled 
Signed-off-by: Rita Zhang <rita.z.zhang@gmail.com>

Kubernetes-commit: 3cbecf218dfea2e99ae95310ac03406d1d87a072
 2023-08-09 12:28:01 -07:00
Jordan Liggitt 1edd7d6157 Avoid returning nil responseKind in v1beta1 aggregated discovery 
Kubernetes-commit: 1876ddf71497bad349f7c4df24c2e22356d3bad9
 2023-08-08 14:25:56 -04:00
Jefftree 35302d6383 Move adding GroupVersion log until after an update is confirmed 
Kubernetes-commit: 49e00e8bdeec6b1cdaf691ec85ba8510892ebbc2
 2023-08-08 14:28:54 +00:00
Antonio Ojea 49f7deccb5 fix race on etcd client constructor for healthchecks 
Change-Id: Id29b5b377989dcb5377316cfcdea367071a47365

Kubernetes-commit: 77b3bb0f69bfa4e5eb56ba484f724476304616cc
 2023-08-08 13:55:14 +00:00
Kubernetes Publisher cc544e7bf1 Merge pull request #119725 from MadhavJivrajani/bump-net-dep 
[CVE-2023-3978] .*: bump golang.org/x/net to v0.13.0

Kubernetes-commit: 1620473a9a01dd6bbef3398c0acb2e581d0a13c3
 2023-08-07 21:21:27 +00:00
Joe Betz 539b445fa2 Add test coverage of result size of string operations 
Kubernetes-commit: e4d16f34c15affdf4411d5bd1b19991b5fa27f2a
 2023-08-07 12:41:52 -04:00
Joe Betz a1fc973692 Bump cel-go to v0.16.1 
Kubernetes-commit: 69a5a528967500199a6748d0b7fac2a0fcc6df6d
 2023-08-07 15:51:36 -04:00
Dr. Stefan Schimanski 13a3aab581 apiserver/httplog: pretty up impersonation output 
```
I0807 09:09:16.419239       1 httplog.go:132] "HTTP" verb="GET" URI="/apis/batch/v1?timeout=32s" latency="214.666µs" userAgent="kubernetes-provider/v0.0.0 (linux/arm64) kubernetes/$Format" audit-ID="948ef6b2-474d-45a7-ad5f-894ce93d05f7" srcIP="192.168.139.202:35542" apf_pl="exempt" apf_fs="exempt" apf_execution_time="129.5µs" resp=200 addedInfo=<

      &{kubernetes-admin  [system:masters system:authenticated] map[]} is acting as &{foo  [system:authenticated] map[]}
       >
```

to

```
I0807 09:09:16.419239       1 httplog.go:132] "HTTP" verb="GET" URI="/apis/batch/v1?timeout=32s" latency="214.666µs" userAgent="kubernetes-provider/v0.0.0 (linux/arm64) kubernetes/$Format" audit-ID="948ef6b2-474d-45a7-ad5f-894ce93d05f7" srcIP="192.168.139.202:35542" apf_pl="exempt" apf_fs="exempt" apf_execution_time="129.5µs" resp=200 addedInfo="kubernetes-admin[system:masters system:authenticated] is impersonating foo[system:authenticated]"
```

Signed-off-by: Dr. Stefan Schimanski <stefan.schimanski@gmail.com>

Kubernetes-commit: 37730c07dd658ba585ffee3861780e18947ca534
 2023-08-07 11:23:30 +02:00
Madhav Jivrajani 499e610e3d .*: bump golang.org/x/net to v0.13.0 
Signed-off-by: Madhav Jivrajani <madhav.jiv@gmail.com>

Kubernetes-commit: 1b90dff5276f3cb37236b446f1821175dad802c4
 2023-08-02 11:11:22 +05:30
Monis Khan 64eaf11221 wsstream: use a single approach to detect connection upgrade 
Signed-off-by: Monis Khan <mok@microsoft.com>

Kubernetes-commit: 62b063b74b5eb1b7e72ebac7b5348593249f732b
 2023-08-01 18:37:34 -04:00
Rita Zhang 2eac3ca68c kmsv2 test feature enablement unit test 
Signed-off-by: Rita Zhang <rita.z.zhang@gmail.com>

Kubernetes-commit: d86e72202c4b039e1dceccbfbae559fb1c54471d
 2023-08-01 10:17:01 -07:00
Lukasz Szaszkiewicz 6f2daefacf storage/util: move GetCurrentResourceVersionFromStorage 
Kubernetes-commit: 9a253d896a096b4e1ffccf4b1f84e5cac1e1aad0
 2023-07-26 15:53:13 +02:00
Jiahui Feng bf2563c6cd CEL lazy map: add test for boolean short-circuiting 
Kubernetes-commit: 66aa2af0979cc6007cd63720876fd21dda3b17dc
 2023-07-25 14:37:20 -07:00
Kubernetes Publisher d2172f30e1 Merge pull request #119409 from alexzielenski/apiserver/policy/vap-tests 
Add test cases for ValidatingAdmissionPolicy

Kubernetes-commit: b53830590fc2eff8a219d7bc225091878263ebe6
 2023-07-24 15:12:13 -07:00
Andrew Sy Kim 066c7cb8cc apiserver: add flow control metric current_inqueue_seats 
Signed-off-by: Andrew Sy Kim <andrewsy@google.com>

Kubernetes-commit: fb9646fd60d4b8e79223b729c1cb54fc6818fdd1
 2023-07-24 19:40:05 +00:00
Lukasz Szaszkiewicz 2d9be35745 storage/etcd: no-op, refactor watcher.Watch method signature 
Kubernetes-commit: f7e659db236286ca15707bf08acb08dc0ac4ab0e
 2023-07-24 12:33:03 +02:00
Alexander Zielenski 09a47412b5 bugfix: use matched resource for AdmissionRequest.resource, not the resource it was converted from 
use existing admission request for audit annotation eval

populate matchResource in empty rules case

Kubernetes-commit: e1b0bc3d0a7fb89a1e60f4ec1ee34b10de22d00a
 2023-07-21 18:13:24 -07:00
Alexander Zielenski eea6b57f73 bump validatingadmissionpolicy alpha->beta 
Kubernetes-commit: 5e2e8c806475d21bc22f10ccc810451c1bcb21a7
 2023-07-21 16:27:51 -07:00
Kubernetes Publisher 62fa4fb0fe Merge pull request #118644 from alexzielenski/apiserver/policy/namespaceParamRef 
KEP-3488: Promote ValidatingAdmissionPolicy to Beta

Kubernetes-commit: 18f8cb83989ff64beb0c7f47cdd3ad9df7bdbbeb
 2023-07-22 03:29:38 +00:00
Kubernetes Publisher 1b09d3c04f Merge pull request #118828 from enj/enj/f/kms_v2_hkdf_expand 
kmsv2: KDF based nonce extension

Kubernetes-commit: 773a6b1e460360538ce4d85a7c0d009efed81836
 2023-07-22 03:29:36 +00:00