kubernetes
/
apiserver
mirror of https://github.com/kubernetes/apiserver.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
7,050 Commits 30 Branches 1,482 Tags 31 MiB
Commit Graph

14 Commits

Author SHA1 Message Date
Rita Zhang b7a30e3bfb add authz webhook matchcondition metrics 
Signed-off-by: Rita Zhang <rita.z.zhang@gmail.com>
Signed-off-by: Jordan Liggitt <liggitt@google.com>
Co-authored-by: Jordan Liggitt <liggitt@google.com>

Kubernetes-commit: e76fce75666beb2771dfa15a10700f18d2d15d85
 2024-02-29 20:55:32 -08:00
Rita Zhang c4ab5aa41a add false matchCondition benchmark 
Signed-off-by: Rita Zhang <rita.z.zhang@gmail.com>

Kubernetes-commit: 7c5dfceff8a4de3387b48e941d098a3957de2870
 2023-11-13 09:22:24 -08:00
Rita Zhang e319da4264 split compile and eval 
Signed-off-by: Rita Zhang <rita.z.zhang@gmail.com>

Kubernetes-commit: 11cdb8fd011a931d34506ade65e966f7c5208ae7
 2023-11-08 16:37:10 -08:00
Rita Zhang f0d5068944 authz: add benchmark for webhook authorizer 
Signed-off-by: Rita Zhang <rita.z.zhang@gmail.com>

Kubernetes-commit: fe53db0dbdc25c9b2f87adbd53f1ebe4b6c1169d
 2023-11-08 15:38:11 -08:00
Jordan Liggitt 2a9f8b8d15 Include empty string attributes for CEL authz evaluation 
Kubernetes-commit: 44d89c8cf8c1ba883029e1244492a523d6b50b92
 2023-11-02 15:14:06 -04:00
Jordan Liggitt 4eacc8425d Plumb failure policy from config to webhook construction 
Kubernetes-commit: 2e2f51a4417d93b5505091d28b319365dc95e137
 2023-11-02 13:55:35 -04:00
Rita Zhang cca4910d25 authz: add cel expression to webhook matchconditions 
Signed-off-by: Rita Zhang <rita.z.zhang@gmail.com>

Kubernetes-commit: 31c76e9abb22faaf833acd54ce75cc71465136e4
 2023-10-06 17:47:23 -07:00
HirazawaUi 709ca925ae fix fd leaks and failed file removing for pkg controller-manager and apiserver 
Kubernetes-commit: 982d2966cd33d79026a5d111dcb8bfeae62e657f
 2023-05-03 01:36:00 +08:00
Tim Hockin aa9b8ec0fe Replace uses of ObjectGoPrintDiff with cmp.Diff 
ObjectGoPrintDiff is already a shim over cmp.Diff, so no actual output
or behavior changes

Kubernetes-commit: 9627c50ef37f3b5274486e6f5ad37b73b1b69bf0
 2023-03-23 11:31:25 -07:00
Monis Khan 2d35015235 webhook: use rest.Config instead of kubeconfig file as input 
This change updates the generic webhook logic to use a rest.Config
as its input instead of a kubeconfig file.  This exposes all of the
rest.Config knobs to the caller instead of the more limited set
available through the kubeconfig format.  This is useful when this
code is being used as a library outside of core Kubernetes. For
example, a downstream consumer may want to override the webhook's
internals such as its TLS configuration.

Signed-off-by: Monis Khan <mok@vmware.com>

Kubernetes-commit: fef7d0ef1e1fbff65e8d445256036704bb9dbcbd
 2021-07-23 11:15:47 -04:00
Lukasz Szaszkiewicz 9ff2637133 adds metrics for authorization webhook 
Kubernetes-commit: 4a2aef00d6dd2543b011aa7e5af28df598a0cd72
 2021-03-17 16:30:40 +01:00
Abu Kashem 5254108841 make backoff parameters configurable for webhook 
Currently webhook retry backoff parameters are hard coded, we want
to have the ability to configure the backoff parameters for webhook
retry logic.

Kubernetes-commit: 53a1307f68ccf6c9ffd252eeea2b333e818c1103
 2020-10-30 11:25:32 -04:00
Jefftree f1c9537c7b pass Dialer instead of egressselector to webhooks 
Kubernetes-commit: 1b38199ea8b220be0b645af8a4cbdef4c87ce7fc
 2019-12-05 17:28:59 -08:00
Jordan Liggitt 52b3bfb8fa Switch kubelet/aggregated API servers to use v1 subjectaccessreviews 
Kubernetes-commit: d54a70db5cfc0887e2f5177b0c3f795947be6eb4
 2019-11-04 23:29:56 -05:00