kubernetes
/
apiserver
mirror of https://github.com/kubernetes/apiserver.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
3,407 Commits 30 Branches 1,482 Tags 31 MiB
Commit Graph

19 Commits

Author SHA1 Message Date
Mike Danese 8d1e73feab inline GC in expiring cache 
This allows us to drop the background goroutine with negligable
difference in performance.

Kubernetes-commit: d16dde36a3edf5cdb89c5d5b56d4e3c9af849c1c
 2019-11-15 17:04:28 -08:00
Mike Danese 0326ed9810 migrate token cache to cache.Expiring 
Kubernetes-commit: 3f194d5b413daeba93063f4610b9951069eaf13c
 2019-11-06 16:23:21 -08:00
Jordan Liggitt 086ad4b0b9 Switch kubelet/aggregated API servers to use v1 tokenreviews 
Kubernetes-commit: 5ef4fe959a45e423d2b992e9c21e6e9db4b950c5
 2019-11-04 22:41:32 -05:00
David Eads 80b16c1ce7 allow a verifyoptionsfunc to indicate that no certpool is available 
Kubernetes-commit: c672affad176c22da66c7ac17cc8805f08533ce9
 2019-11-06 10:38:45 -05:00
David Eads 84d21cfff4 wire up a means to dynamically reload ca bundles for kube-apiserver 
Kubernetes-commit: 6beb96261e29754f2b7d0e44829eb6d15422cebf
 2019-10-07 14:06:42 -04:00
David Eads 703545a3db add the ability for dynamic header names in delegated authentication 
Kubernetes-commit: 58256346693717fd12f121f0cf74fe1e003edb0f
 2019-10-03 12:56:42 -04:00
David Eads eee025a27a add ability to authenticators for dynamic update of certs 
Kubernetes-commit: 51195dd86012c4c4b17a1707ef50a46fa046f74f
 2019-09-05 09:59:59 -04:00
Mike Danese ae00afc213 patch webhook authenticator to support token review with arbitrary audiences 
Kubernetes-commit: effad15ecc373beb46afd2915827247da51f399d
 2018-10-29 20:45:10 -07:00
Mike Danese 0bf5dcd764 remove webhook cache implementation and replace with the token cache 
The striped cache used by the token cache is slightly more sophisticated
however the simple cache provides about the same exact behavior. I used
the striped cache rather than the simple cache because:

* It has been used without issue as the primary token cache.
* It preforms better under load.
* It is already exposed in the public API of the token cache package.

Kubernetes-commit: 0ec4d6d396f237ccb3ae0e96922a90600befb83d
 2018-10-30 12:41:46 -07:00
Dr. Stefan Schimanski 16d4968bf9 authn/z: optionally opt-out of mandatory authn/authz kubeconfig 
Kubernetes-commit: a671d65673590f0dfcf5c2b673e1518d11510bdb
 2018-08-22 11:56:07 +02:00
Kubernetes Publisher 627fa76a8b sync: initially remove files BUILD */BUILD BUILD.bazel */BUILD.bazel 2018-03-15 09:38:17 +00:00
Jeff Grafton f4dbe23125 update BUILD files 
Kubernetes-commit: aee5f457dbfd70c2d15c33e392dce6a3ca710116
 2017-10-12 13:52:10 -07:00
Jeff Grafton 6c539a43c6 Use buildozer to delete licenses() rules except under third_party/ 
Kubernetes-commit: a7f49c906df816123e7d4ccbd4cebab411519465
 2017-08-29 13:15:24 +00:00
Jeff Grafton 6caa2933ae Use buildozer to remove deprecated automanaged tags 
Kubernetes-commit: 33276f06be5e872bf53ca62a095fcf0a6b6c11a8
 2017-08-29 13:15:24 +00:00
Jeff Grafton 44942b068a Run hack/update-bazel.sh to generate BUILD files 
Kubernetes-commit: 3579017b865ddbc5449d6bba87346f086e4b93ff
 2017-08-29 13:13:51 +00:00
Jordan Liggitt 6a99774546 Use websocket protocol authenticator in apiserver 
Kubernetes-commit: 6a872c09ebc8bff4efccc6d0206b0b5639be31ae
 2017-06-28 00:14:31 +00:00
Mike Danese 2aab760a2a autogenerated 
Kubernetes-commit: a05c3c0efdc5822049e34b1a5a1ee259c5fb1906
 2017-04-15 20:35:23 +00:00
deads2k 4429450aca make the system:authenticated group adder smarter 
Kubernetes-commit: 379a73a8dbd3aa09471eab3994861ad41f548ded
 2017-03-18 19:56:09 +00:00
deads2k 9503eabb8b move genericapiserver authenticator and authorizer factories 2017-01-27 08:47:01 -05:00