kubernetes
/
apiserver
mirror of https://github.com/kubernetes/apiserver.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
1,125 Commits 30 Branches 1,482 Tags 31 MiB
Commit Graph

79 Commits

Author SHA1 Message Date
hzxuzhonghu d14a5efcb8 remove dead code in lifecycle admission 
Kubernetes-commit: 22398f8d3c0d71db5869eace174f5721f8499224
 2017-12-05 19:40:31 +08:00
hzxuzhonghu 2d197ca9f2 fix typo and adjust import sequence 
Kubernetes-commit: 185d5c1f3debec7f7c81cd713307134103038497
 2017-11-08 11:43:56 +08:00
Joe Betz 1f633a162d Reduce memory footprint of admission metrics 
Kubernetes-commit: 92dd8b50f304ce19d62b8acf23d1b8c4f9bae00b
 2017-11-26 21:54:50 -08:00
David Eads 6d575ed0c4 require webhook admission kubeconfigfile to be absolute 
Kubernetes-commit: 7e6ce2a04ce8ede20e3bdbcb8a5680a8e54c47a2
 2017-11-22 08:17:47 -05:00
Kubernetes Submit Queue e16244b0bc Merge pull request #55812 from deads2k/admission-17-external 
Automatic merge from submit-queue (batch tested with PRs 55812, 55752, 55447, 55848, 50984). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.

Make versioned types for webhook admission config

Versioned webhook admission config type as promised in https://github.com/kubernetes/kubernetes/pull/54414.

@kubernetes/sig-api-machinery-pr-reviews
@ericchiang as promised.  fyi.

```yaml
kind: AdmissionConfiguration
apiVersion: apiserver.k8s.io/v1alpha1
plugins:
- name: GenericAdmissionWebhook
  configuration:
    kind: WebhookAdmission
    apiVersion: apiserver.config.k8s.io/v1alpha1
    kubeConfigFile: /path/to/my/file
```

`ADMISSION_CONTROL_CONFIG_FILE=../foo.yaml hack/local-up-cluster.sh`

Kubernetes-commit: 25ebf875b4235cb8f43be2aec699d62e78339cec
 2017-12-07 04:34:43 +00:00
Chao Xu 70de900800 update-all generated 
Kubernetes-commit: fcf4f15c89c8faf3f23171ea50b9c460ea67a76b
 2017-11-19 13:41:10 -08:00
Chao Xu 98e2d6d11f remove reference to v1alpha1 
Kubernetes-commit: 7945ae68d0c7cffb070d60ad4d8bfe6ef585c279
 2017-11-19 13:54:50 -08:00
Dr. Stefan Schimanski 2ee052ccdf admission: make metrics compositional and move to metrics sub-package 
Kubernetes-commit: baba0c827bfddfdc56b69c88e19406966ef900a2
 2017-11-17 11:49:55 +01:00
Joe Betz f7181e20ae #55183 follow up: Reinstate admission chain composition and ns test 
Kubernetes-commit: d82ae45a4cf7e34cf02755b7eaa6e040da590d67
 2017-11-16 21:20:14 -08:00
Chao Xu 86dc6e7b4e Update the validating webhook plugin to be a ValidatingInterface, rather than a MutatingInterface 
Kubernetes-commit: cbfc9d33b7c6b9e767e4259910f783c047e83583
 2017-11-20 14:57:07 -08:00
Dr. Stefan Schimanski 45dc4adcc3 admission/webhook: move webhook initializer into plugin 
Kubernetes-commit: e19257f2ec87d8091defb7935bb3a161fbb229d0
 2017-11-15 13:00:24 +01:00
Chao Xu 8a572a63d4 Rename GenericAdmissionWebhook to ValidatingAdmissionWebhook 
Kubernetes-commit: d3c0765780fed5576670d6624cc3cc8d691d6392
 2017-11-17 21:05:11 -08:00
Chao Xu ed64135818 Rename the testdata package to testcerts. 
`godep save` somehow fails if there is a testdata go package. See
https://github.com/kubernetes/kubernetes/pull/54892#issuecomment-345035489

Kubernetes-commit: 2052a7e2a3483e341a5a8d1fc5ae8510dd32b2c6
 2017-11-17 13:24:48 -08:00
Chao Xu 1b638a5be7 generated bazel 
Kubernetes-commit: 6193360eb52b00727df08f67eb8fc364a8df85e9
 2017-11-15 16:21:28 -08:00
Chao Xu cb8d15718f Adding the mutating webhook 
Kubernetes-commit: ea123f82aae5bc46b9a91c4543c8f742d0db52da
 2017-11-14 16:36:28 -08:00
cheftako 556a83dbf9 Admission request/response handling 
AdmissionResponse allows mutating webhook to send apiserver a json patch
to mutate the object.
This reflects the imperative nature of AdmissionReview. It adds
AdmissionRequest and AdmissionResponse in place of status/spec.
The AdmissionResponse the allows the mutating webhook
to send back a json path with the mutated version of the requested
object.
Fixed the integration test to clean up properly.
Switched test image to 1.8v5 to reflect API changes.
Make sure to cache test framework client for cleaup test code.
Switched to pointer for patch type.
Factored in @liggitt's feedback.
Factored in @lavalamp's feedback.

Kubernetes-commit: dac3c2e168784bbcf1cbfef8bf5430101e191715
 2017-11-06 15:41:26 -08:00
Chao Xu 0159c24faf generated bazel 
Kubernetes-commit: 47ef9aaf2297829998eb1a0a804de9209c1008f1
 2017-11-14 16:29:23 -08:00
Chao Xu da1d210644 Reorganize the code in webhook admission plugin. 
Move the namespace selector code to package webhook/namespace
Move the conversion related code to package to webhook/versioned
Move errors related code to package webhook/errors
Move admission review related code to package webhook/request

Kubernetes-commit: 51774697b35314b078270e9da24fbe0ff843b981
 2017-11-14 15:20:45 -08:00
Chao Xu f88f0f12a1 Reorganize the admission webhook code. 
Moved client and kubeconfig related code to webhook/config;
Moved the rule matcher to webhook/rules;
Left TODOs saying we are going to move some other common utilities;
Other code is moved to webhook/validation.

Kubernetes-commit: 1adfacc7eb41da109e970a9c2985fd55b4cbbdfd
 2017-11-05 18:11:47 -08:00
Joe Betz 5f443f1654 Align admission metric names with prometheus guidelines 
Kubernetes-commit: 369fd81ca151fe2ccb1ac0e6d44aad0eee99abf1
 2017-11-14 11:18:31 -08:00
Joe Betz 3773a59cf0 Remove is_system_ns from admission metrics 
Kubernetes-commit: 375e2d03ab8c70c8c84676a7eee8b46646036bde
 2017-11-13 12:34:36 -08:00
Joe Betz f3058e0b10 Fix admission metrics to track mutating/validating correctly 
Also update admission test mocks to better reflect typical usage and fix broken tests.

Kubernetes-commit: 2643c6ae3e7b7bc09e1d3eb695a438b190123083
 2017-11-08 17:26:31 -08:00
Joe Betz a1e35e7bfe Add system namespaces to admission metrics. Add tests and leverage test code from PR#55086 
Kubernetes-commit: 9d13d1baece20fc611176aad3b6f39ccf9fa4b36
 2017-11-06 17:48:59 -08:00
Joe Betz f2028cc5a5 Add admission metrics 
Kubernetes-commit: 3940e4f0533a7ee8e50ec939cdcb44c33d4a0ae9
 2017-11-06 14:14:33 -08:00
foxyriver dbacfae1f8 stop timer 
Kubernetes-commit: cdc4aca9a3d53e21cca4b784718732a9a0852084
 2017-11-06 09:51:39 +08:00
Chao Xu 9dda7d3efb let validation webhook convert objects to the external version before sending them 
Kubernetes-commit: ab053a224d27aa48ea4b34ba7591cfd72c3f567d
 2017-11-03 16:49:56 -07:00
Daniel Smith bee24b37a5 fix docs and validation 
Kubernetes-commit: e73fd8784484235d5010f4b2bba2251a584c5dd0
 2017-11-11 18:00:32 -08:00
Daniel Smith 51c2612984 Add URL beside service 
Kubernetes-commit: a0cb2ce697c195d22daeef4fbe6545bdaba11e2f
 2017-10-31 16:28:06 -07:00
Chao Xu 640cf74d8c generated 
Kubernetes-commit: 2f83748068e45fd548b1caaac2cc0ca06a769653
 2017-11-10 11:06:07 -08:00
Chao Xu 512274139c add NamespaceSelector to the api 
business logic in webhook plugin and unit test

add a e2e test for namespace selector

Kubernetes-commit: 7006d224bebb5a1aee9c70387a8584e0a0e8b10f
 2017-10-27 14:42:09 -07:00
hzxuzhonghu 69a65358c5 update bazel 
Kubernetes-commit: b845e26983741c5d12e621604b5e064e03d4fed1
 2017-11-03 10:06:07 +08:00
hzxuzhonghu 45d6a78b3f cache admission webhook restClient 
Kubernetes-commit: 42d9153a03e971453ccf8e46e149a20a9ff3d656
 2017-10-31 19:08:29 +08:00
hzxuzhonghu c37db061da remove redundant code in admission initializer 
Kubernetes-commit: 9d1e6d3e2cc25db8e07db446d00390059c8264f8
 2017-11-08 10:54:06 +08:00
mbohlool db766abbf7 Update generated files for MutatingWebhookConfiguration 
Kubernetes-commit: 4568e0530c53df81d1bbd5e700daca041a1d8439
 2017-11-07 17:29:01 -08:00
mbohlool 2aa55c4d47 Add MutatingWebhookConfiguration type 
Kubernetes-commit: fc5a613c17c81fdda54158d58a19bd6089ae9882
 2017-11-07 12:49:19 -08:00
mbohlool e57a4d504d Update generated files 
Kubernetes-commit: cb43840492b383f4e1b87d7108d51c6439e1dad5
 2017-11-07 12:42:06 -08:00
mbohlool 3846cb803e Rename ExternalAdmissionHookConfiguration to ValidatingWebhookConfiguration 
Kubernetes-commit: 9ddea83a2ce0937cf0fc8f8c35614bb18e74cfad
 2017-11-07 12:46:54 -08:00
Dr. Stefan Schimanski d10f10b8ac pkg/apis/core: mechanical import fixes in dependencies 
Kubernetes-commit: 012b085ac870d359131f4251213bf2fff1d15aa0
 2017-11-08 23:34:54 +01:00
supereagle 80475e014f use versiond group clients from client-go 
Kubernetes-commit: b694d518428ac655780d812f7dd4cf72d3e24763
 2017-07-28 15:54:13 +08:00
Dr. Stefan Schimanski 204da0b2db apiserver: add validating admission tests 
- in endpoint tests
- in generic registry
- in patch handler
- in admission chain

Kubernetes-commit: c558d2a3517fafdb704edd2c00b6df6738786959
 2017-11-07 10:40:43 +01:00
Mike Danese 06a5d25846 move authorizers over to new interface 
Kubernetes-commit: 12125455d84c75562e6dd6a183762549adff747f
 2017-09-29 14:21:40 -07:00
Janet Kuo 201480baa2 Add hook information when rejecting a request 
Kubernetes-commit: 948bd7bbc18b343161120b365c089528f8fc0550
 2017-10-27 14:59:54 -07:00
hzxuzhonghu 164593bb0a refactor admission handler and add UT 
Kubernetes-commit: ac7ca5bd0a3e5448a3d3ce89aeffa028f026b5ca
 2017-11-03 16:40:15 +08:00
Dr. Stefan Schimanski 45afa13373 admission: rename Validate{ -> Initialization}, Validat{ingAdmit -> e} 
Kubernetes-commit: aedcf681b32618be3cf9ad40eeb039f1bb26c5ae
 2017-10-27 17:09:39 +02:00
Dr. Stefan Schimanski 3eeded3a29 admission: wire create+update validation func into kube registries 
Kubernetes-commit: 2452afffe09e1ced9487e5a701beb1443a92b741
 2017-10-24 15:33:28 +02:00
Dr. Stefan Schimanski 441ac63056 admission: complete plumbing of validation admission 
Kubernetes-commit: 74b4223ab80fa3bbf326ac1073ef28f0b8daa304
 2017-10-24 14:08:34 +02:00
Dr. Stefan Schimanski 118e16448c admission: split MutationInterface out of Interface 
Kubernetes-commit: d4f48c931383f35e5e1a227a4291b8c0503e2433
 2017-10-24 11:24:04 +02:00
Dr. Stefan Schimanski a8fb04360a admission: { -> Mutating}Admit(admission.Attributes) 
Kubernetes-commit: 970d2553cca466c1236f1e91b3161cb1a69dbdd2
 2017-10-23 14:26:38 +02:00
David Eads a2e3d31f52 add wiring for validating admission 
Kubernetes-commit: 02e16cb253f01303d71ad4e8d6aa578d1ab79c0a
 2017-10-19 09:44:42 -04:00
Dr. Stefan Schimanski 777cf3c0ef admission: unify plugin constructors 
Kubernetes-commit: 131905cdb8b929f7c15f810e02ec9a45b306b769
 2017-10-30 14:20:40 +01:00