kubernetes
/
apiserver
mirror of https://github.com/kubernetes/apiserver.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
6,550 Commits 30 Branches 1,482 Tags 31 MiB
Commit Graph

6550 Commits

Author SHA1 Message Date
Kubernetes Publisher 8228032d4b Merge pull request #115667 from aramase/aramase/f/structured_logging 
[KMS] Use structured logging in value/encrypt

Kubernetes-commit: de4260fd659488e3f7334b836b1a5aa7b552329e
 2023-02-09 17:02:46 -08:00
Anish Ramasekar c9656aa265 [KMS] Use structured logging in value/encrypt 
Signed-off-by: Anish Ramasekar <anish.ramasekar@gmail.com>

Kubernetes-commit: 6db7496db60816c36b519a940fa1b0af1c0898da
 2023-02-09 19:54:37 +00:00
Kubernetes Publisher ea2072de7b Merge pull request #115665 from aramase/aramase/f/update_vendor_k8s_utils 
Update k8s.io/utils to `a36077c30491`

Kubernetes-commit: 9a51625ebebcc8345c851afc2b5cc98eb19ac193
 2023-02-10 01:24:10 +00:00
Kubernetes Publisher 6d27112fe5 Merge pull request #115649 from aramase/grpc-metrics 
[KMSv2] Add metrics for grpc service

Kubernetes-commit: 0698d9eb829ff0ef10d0a7e5fb525d330d332fb4
 2023-02-10 01:24:07 +00:00
Kubernetes Publisher 0307ae2c8b Merge pull request #115350 from aramase/kmsv2/cache-sha256 
[KMSv2] store hash of encrypted DEK as key in cache

Kubernetes-commit: e476c88ca868b709f7e113d9bd0ed6616b4791b8
 2023-02-10 01:24:04 +00:00
Anish Ramasekar f4bd4bf10c Update k8s.io/utils to `a36077c30491` 
Signed-off-by: Anish Ramasekar <anish.ramasekar@gmail.com>

Kubernetes-commit: 09e02052fdf3d248368b3d05d5c922d616528c4c
 2023-02-09 20:09:41 +00:00
Anish Ramasekar 63ca46e40a [KMSv2] Add metrics for grpc service 
Signed-off-by: Anish Ramasekar <anish.ramasekar@gmail.com>

Kubernetes-commit: de3b2d525b42d6eedeaa0b157f0f5ab98a4821f4
 2023-02-09 07:46:29 +00:00
Rita Zhang f471919cab kmsv2: add metrics 
Signed-off-by: Rita Zhang <rita.z.zhang@gmail.com>

Kubernetes-commit: bd0f7f8ee8f7f1c7809e17fa60804bb37f65c495
 2023-01-29 22:40:18 -08:00
Anish Ramasekar 421ef770de [KMSv2] store hash of encrypted DEK as key in cache 
Signed-off-by: Anish Ramasekar <anish.ramasekar@gmail.com>

Kubernetes-commit: f72cf5c510cf2cf7b8ee375f5c2ec835e3ed225a
 2023-01-27 00:19:32 +00:00
Kubernetes Publisher e3ca625155 Merge pull request #114376 from baomingwang/serialization-error-metric 
Added serialization from etcd error metric

Kubernetes-commit: dfb976e25a6687a2c4ff7d374e3f01006d65df66
 2023-02-08 01:15:33 +00:00
Kubernetes Publisher 3cee67d89e Merge pull request #115379 from artemvmin/serial-mkfs 
Add an option to limit the number of concurrent mkfs calls

Kubernetes-commit: 6eb008620cd0ee3501326ee003d47fbaf1fa5b52
 2023-02-07 05:23:43 +00:00
Kubernetes Publisher a0aff86839 Merge pull request #115542 from SataQiu/clean-apiserver-20230206 
Using BuildOpenAPISpecFromRoutes instead of deprecated BuildOpenAPISpec

Kubernetes-commit: daf0d8d14f2324791bb2261c3173bc1e56efe67a
 2023-02-06 21:15:47 +00:00
SataQiu 08b93a6120 using BuildOpenAPISpecFromRoutes instead of deprecated BuildOpenAPISpec 
Kubernetes-commit: 5fbd49c1023d1d92f2afad39a2ac847fd5f252a7
 2023-02-06 17:47:44 +08:00
Artem Minyaylov 4065ac43ed Update k8s.io/utils to latest version 
Update all usages of FakeExec to pointer to avoid copying the mutex

Kubernetes-commit: f573e149423dc578284789fdff8eeb3c195b5ccf
 2023-02-03 14:51:25 -08:00
Kubernetes Publisher 9bb74f3471 Merge pull request #114894 from dipankardas011/validate-admission-policy-error-handling 
Added error handling in ValidateAdmissionPolicy

Kubernetes-commit: 1ded677b2a77a764a0a0adfa58180c3705242c49
 2023-02-03 21:14:55 +00:00
Max Smythe 19d202d87c make CEL admission controller code consumable (#115412) 
* Make policy decision object public

Signed-off-by: Max Smythe <smythe@google.com>

* Separate version conversion from validation

Signed-off-by: Max Smythe <smythe@google.com>

* Address review comments

Signed-off-by: Max Smythe <smythe@google.com>

* Fix variable name

Signed-off-by: Max Smythe <smythe@google.com>

---------

Signed-off-by: Max Smythe <smythe@google.com>

Kubernetes-commit: 0ed74145fb00626ce0e900812a54ca3de5406f2e
 2023-02-01 17:29:30 -08:00
Kubernetes Publisher c02aff4b8c Merge pull request #114439 from alexzielenski/apiserver/smd/conversion-smaller 
add direct construction of TypeConverter from OpenAPI

Kubernetes-commit: d4750857760ae55802f69989dc2451feeb9a29e5
 2023-02-02 01:15:09 +00:00
Kubernetes Publisher 12885512af Merge pull request #113896 from nilekhc/kms-hot-reload-tests 
chore: improves tests for hot reload of encryptionconfig

Kubernetes-commit: abf8f35356f16796347bb6821a1c366adae5b909
 2023-02-01 01:14:43 +00:00
Kubernetes Publisher 65fb616cf1 Merge pull request #115341 from tkashem/delete-collection 
apiserver: remove 34s timeout from DELETECOLLECTION rest handler

Kubernetes-commit: c9e281df23d66ff1f886b301f15147ab3f6e0074
 2023-01-30 21:20:11 +00:00
Kubernetes Publisher 31ac30ca86 Merge pull request #115266 from pohly/gomega-update 
dependencies: update gomega to v1.26.0

Kubernetes-commit: 6d17cb2051b3a9958ed3353df242312d85e75d43
 2023-01-30 21:20:09 +00:00
Kubernetes Publisher f6a7f5dbff Merge pull request #112809 from tkashem/cors-cve 
apiserver: fix cve for CORS

Kubernetes-commit: d529048a3e7b97a29e271d358330d96a8128485b
 2023-01-30 21:20:07 +00:00
Kubernetes Publisher f77e2e3026 Merge pull request #114490 from MadhavJivrajani/update-contention-profiling-docs 
*: Make docs more accurate for the contention-profiling flag

Kubernetes-commit: a94a35293b03ca4902ec84a42278f853e3268541
 2023-01-30 05:14:39 +00:00
Kubernetes Publisher 959f724cab Merge pull request #115145 from alexzielenski/apiserver/policy/typed-params 
ValidatingAdmissionPolicy: use natively-typed informer for params

Kubernetes-commit: d7cb1c54a540c9978f3754340198aa43eec7e244
 2023-01-28 01:14:29 +00:00
Kubernetes Publisher 781007518a Merge pull request #114997 from Richabanker/metrics-slis-beta 
Enable ComponentSLI as beta feature

Kubernetes-commit: 1f02f43ec6910cbcd46222b16a2f3965458e5e45
 2023-01-27 21:14:14 +00:00
Alexander Zielenski d2e96d0915 use transformer to set gvk back 
Kubernetes-commit: 24fb6b89812ac86622a536dba861729ed5a20b74
 2023-01-26 12:14:14 -08:00
Abu Kashem 4c43232509 apiserver: remove 34s from DELETECOLLECTION rest handler 
Kubernetes-commit: 709748a34e501d75162f580b1e1e65969169d0ab
 2023-01-26 12:25:02 -05:00
Alexander Zielenski 721045969b add unfortunate deepcopy 
Kubernetes-commit: 65513eac3ab67f08745197d8af469532284b797e
 2023-01-24 14:46:35 -08:00
Alexander Zielenski f77de04c6a fix integration test by working around #3030 
test uses kind field which is not populated for native types

Kubernetes-commit: 1554e50be43660bc9f03d97cc26b235ad4f94d6c
 2023-01-24 12:00:05 -08:00
Patrick Ohly 7f86f7e402 dependencies: update gomega to v1.26.0 
If gomega.Eventually/Consistently run into a situation where it observes some
state of e.g. a pod which does not satisfy the condition and then further
polling fails with API server errors, gomega will report both the most recent
pod state and API error instead of just the API error.

Kubernetes-commit: aa1279b5eb79177f5351368d8d9159982b1bfb5e
 2023-01-23 15:19:38 +01:00
Abu Kashem cb855a88b8 apiserver: CVE-2022-1996, validate cors-allowed-origins server option 
Kubernetes-commit: 841311ada2b0ba58e623a89e2e5ac74de0d94d8c
 2023-01-20 13:54:02 -05:00
Alexander Zielenski 1b8963b016 use typedinformer if available 
reduces memory and cpu when things like configmap are used as a param

cannot be shared due to limitatoins of sharedinformerfactory

Kubernetes-commit: b969dfec9fd33f8bfff47e54f2995a4865839ea6
 2023-01-19 10:04:52 -08:00
Alexander Zielenski 2ea5662b05 use namespacedName for keys in fakeCompiler 
Kubernetes-commit: 0c495cb429e54a6d25e9252aca3e32fd9f0aef6b
 2023-01-19 10:04:46 -08:00
Dipankar Das ee11899e67 changes to the fatal message generated 
Signed-off-by: Dipankar Das <dipankardas0115@gmail.com>

Kubernetes-commit: 50bc46bd8fdc687811b3e4bba6a3d8d0706c8d59
 2023-01-11 08:08:25 +05:30
Richa Banker 6bb270e406 Enable ComponentSLIs as beta feature 
Kubernetes-commit: 452343367c21c68f325078357c5dfe794169422c
 2023-01-09 17:25:50 -08:00
Kubernetes Publisher ea4e287db4 Merge pull request #115327 from jkh52/fix-metrics 
Fix konnectivity-client metric registration.

Kubernetes-commit: 301fa8f6333fea5d53aaa3777ce12fb40cc65ecb
 2023-01-27 05:14:22 +00:00
Kubernetes Publisher 3bc34155cf Merge pull request #115271 from kevindelgado/field-validation-conformance 
Field validation e2e tests and GA graduation

Kubernetes-commit: 0e6f4d3a354e91ec0dec0c4267af5aa7e0bb47cc
 2023-01-26 21:14:50 +00:00
Kubernetes Publisher a2dd1697f2 Merge pull request #113121 from aramase/expiring-cache 
kmsv2: implement expire cache with clock

Kubernetes-commit: fab126d7f380b36525974ed69621195eb06e0d7e
 2023-01-26 05:14:29 +00:00
Joseph Anttila Hall 7fa759edb6 Fix konnectivity-client metric registration. 
Kubernetes-commit: 1a428fd1fade54513cb6f609388207ed38d20753
 2023-01-25 15:07:48 -08:00
Kubernetes Publisher e952b9f299 Merge pull request #114550 from alexzielenski/apiserver/smd/update-kube-openapi 
update kube-openapi dependency

Kubernetes-commit: df03edaf755f71a61f4f817ca374ebe3b6416270
 2023-01-25 05:21:54 +00:00
Kevin Delgado c40024ba00 drop Enabled() checks for ServerSideFieldValidation feature gate 
Kubernetes-commit: 2d5ceb9b15347b8bb5af360470b6346370157042
 2023-01-24 17:48:31 +00:00
Alexander Zielenski efccdc505d update kube-openapi 
Kubernetes-commit: 7641ff75412c1d8b547c4fa388d3901aeeda6948
 2023-01-23 15:32:33 -08:00
Kubernetes Publisher 4db4a68a3c Merge pull request #115249 from thockin/codegen-13-proto-go-packages 
Set go_package in all proto files

Kubernetes-commit: 674eb36f92dcea33e47ac07d71d88ebe9f5c4c6d
 2023-01-23 21:14:41 +00:00
Kubernetes Publisher d98f9af9c7 Merge pull request #115267 from enj/enj/i/key_id_flake 
Prime KMS v2 key ID inline with transformer construction

Kubernetes-commit: cc60df95959bc4e6422ff05dc3d7c6ba3817bff0
 2023-01-23 21:14:39 +00:00
Kubernetes Publisher 97e3e93cfd Merge pull request #115060 from pohly/logcheck-update 
hack: update logtools to v0.4.1

Kubernetes-commit: f267dd8340524851e422d70eb19423c0385b401a
 2023-01-23 21:14:37 +00:00
Kevin Delgado 3e03fc3433 Graduate field validation to GA 
Kubernetes-commit: 3b6c4d307febe24c78099515e45cd51bbba0112d
 2023-01-23 18:30:33 +00:00
Monis Khan 54f0629e69 Prime KMS v2 key ID inline with transformer construction 
Signed-off-by: Monis Khan <mok@microsoft.com>

Kubernetes-commit: 345f41f8e5256ea44066aa884f85c161d44ebd0d
 2023-01-23 09:49:18 -05:00
Patrick Ohly 8f8c30ff8f logging: fix names of keys 
The stricter checking with the upcoming logcheck v0.4.1 pointed out these names
which don't comply with our recommendations in
https://github.com/kubernetes/community/blob/master/contributors/devel/sig-instrumentation/migration-to-structured-logging.md#name-arguments.

Kubernetes-commit: bc6c7fa91201348d010b638fbadf32007c0ac546
 2023-01-16 15:04:01 +01:00
Kubernetes Publisher ce86ff4a7b Merge pull request #115238 from thockin/codegen-8-proto-bindings 
Codegen: move all proto-bindings scripts together

Kubernetes-commit: 600e46801dbda854c88019c56bfd5dea85e916fc
 2023-01-22 01:13:51 +00:00
Tim Hockin 979698ec2b Set proto go_package: kms API 
This creates some diff to the *.pb.go files to note that
in the "options".

You can dump the gzipped blob with the following program (thanks
StackOverflow!):

```go
package main

import (
	"bytes"
	"compress/gzip"
	"encoding/json"
	"fmt"
	"os"

	"io/ioutil"

	proto "github.com/golang/protobuf/proto"
	dpb "github.com/golang/protobuf/protoc-gen-go/descriptor"
)

func main() {
	m := map[string][]byte{
		"before": blobv1,
		"after": blobv2,
	}
	arg := os.Args[1]
	dump(m[arg])
}

func dump(bytes []byte) {
	fd, err := decodeFileDesc(bytes)
	if err != nil {
		panic(err)
	}
	b, err := json.MarshalIndent(fd, "", "  ")
	if err != nil {
		panic(err)
	}
	fmt.Println(string(b))
}

// decompress does gzip decompression.
func decompress(b []byte) ([]byte, error) {
	r, err := gzip.NewReader(bytes.NewReader(b))
	if err != nil {
		return nil, fmt.Errorf("bad gzipped descriptor: %v", err)
	}
	out, err := ioutil.ReadAll(r)
	if err != nil {
		return nil, fmt.Errorf("bad gzipped descriptor: %v", err)
	}
	return out, nil
}

func decodeFileDesc(enc []byte) (*dpb.FileDescriptorProto, error) {
	raw, err := decompress(enc)
	if err != nil {
		return nil, fmt.Errorf("failed to decompress enc: %v", err)
	}

	fd := new(dpb.FileDescriptorProto)
	if err := proto.Unmarshal(raw, fd); err != nil {
		return nil, fmt.Errorf("bad descriptor: %v", err)
	}
	return fd, nil
}
```

Kubernetes-commit: ab11d8a4495aa0ff03b94c8d1a5345abfcca2c59
 2023-01-14 10:21:53 -08:00
Alexander Zielenski d816cd004f add openapi typeconverter 
Kubernetes-commit: 0c0f524318d0327214580691fd3e060f178caf91
 2023-01-09 12:10:16 -08:00