kubernetes
/
apiserver
mirror of https://github.com/kubernetes/apiserver.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
2,013 Commits 29 Branches 1,436 Tags 31 MiB
Commit Graph

46 Commits

Author SHA1 Message Date
Mike Danese 908a04653f make token cache include audience in hash key 
Kubernetes-commit: 809f278b032103cd24fcbb5ea2196c6c7caa6f63
 2018-10-16 10:02:01 -07:00
Mike Danese 2ced48ac6e rebase authenticators onto new interface. 
Kubernetes-commit: e5227216c0796d725c695e36cfc1d54e7631d3a6
 2018-10-15 15:17:36 -07:00
Mike Danese b411a20b15 tokenreview: authenticator interface changes 
Kubernetes-commit: 11be17175798773a1011afad8d0a9119254e728c
 2018-10-09 10:22:06 -07:00
Mike Danese adddd63698 add some helpers to Audiences to find intersecting audiences 
Kubernetes-commit: 01ce5bb8a470280d1a8ce68d5b2b4f1b2ac283cf
 2018-10-16 20:01:58 -07:00
Mike Danese 37ab80320b tokenreview: add APIAudiences config to generic API server and augment context 
Kubernetes-commit: 21fd8f204128a7847786927b460d95be34a6dbde
 2018-10-09 22:04:52 -07:00
David McCormick a948ad1df7 Remove excessive warnings with x509 certificate auth 
Suppress common name verify warning log and roll up into returned error

remove glog test dependency

Kubernetes-commit: bb3124c48a4d276ed280175e5825ea9db022d699
 2018-09-24 17:15:27 +01:00
Dr. Stefan Schimanski 16d4968bf9 authn/z: optionally opt-out of mandatory authn/authz kubeconfig 
Kubernetes-commit: a671d65673590f0dfcf5c2b673e1518d11510bdb
 2018-08-22 11:56:07 +02:00
Jake Sanders 41bff9cd5e Escape illegal characters in remote extra keys 
Signed-off-by: Jake Sanders <jsand@google.com>

Kubernetes-commit: f35e3d07c9898f8ec156209a868fa4451eb9afe2
 2018-07-03 21:19:15 -07:00
Jordan Liggitt 524198321e Remove unused x509 code 
Kubernetes-commit: 82f603c3274e3a1c2927a019670ec17f15281a28
 2018-07-10 13:22:24 -04:00
Kubernetes Publisher 627fa76a8b sync: initially remove files BUILD */BUILD BUILD.bazel */BUILD.bazel 2018-03-15 09:38:17 +00:00
Wang Guoliang 32fe314a1e fix some syntax related errors 
Kubernetes-commit: d065157dd74fa02eec87f5849528b079a3736c3d
 2018-02-11 19:50:49 +08:00
Jeff Grafton 1ab12b2dc8 Autogenerated: hack/update-bazel.sh 
Kubernetes-commit: ef56a8d6bb3800ab7803713eafc4191e8202ad6e
 2018-02-16 13:43:01 -08:00
Jeff Grafton c8a97ee31a Autogenerate BUILD files 
Kubernetes-commit: efee0704c60a2ee3049268a41535aaee7f661f6c
 2017-12-23 13:06:26 -08:00
Mike Danese c463eb3137 certs: add month buckets 
Kubernetes-commit: e08c98b171ff9dd3982377103f9e43c311c7a78d
 2017-11-27 10:59:56 -08:00
hzxuzhonghu c79bc73664 verify token file 
Kubernetes-commit: 62c170fc1da2a94cd4dacd56f8f798f491b29ae1
 2017-11-10 11:30:51 +08:00
Jeff Grafton f4dbe23125 update BUILD files 
Kubernetes-commit: aee5f457dbfd70c2d15c33e392dce6a3ca710116
 2017-10-12 13:52:10 -07:00
Jeff Grafton eabf5a2c6e Use buildozer to delete licenses() rules 
Kubernetes-commit: 02fb4200dcdf8636eac5953d04b2c4af912f443b
 2017-09-21 14:54:29 -07:00
Jeff Grafton ecbbfb0461 Use buildozer to remove deprecated automanaged tags 
Kubernetes-commit: 532bd482dfbe25c6fc970d2175f7e02fec2fc8c0
 2017-09-21 14:53:56 -07:00
Cao Shufeng 81eb3429e7 remove useless argument "name" 
Kubernetes-commit: 2e97611bc62b88c48777d6209a0ed28d17d0e52d
 2017-08-29 13:16:16 +00:00
Jacob Simpson 68a92a4526 Add metric for remaining life of authenticating certificates 
When incoming requests to the API server are authenticated by a
certificate, the expiration of the certificate can affect the validity
of the authentication. With auto rotation of certificates, which is
starting with kubelet certificates, the goal is to use shorter lifetimes
and let the kubelet renew the certificate as desired. Monitoring
certificates which are approaching expiration and not renewing would be
an early warning sign that nodes are about to stop participating in the
cluster.

Kubernetes-commit: 49a19c6011e05363a8baf8e99c917d11a9496568
 2017-08-29 13:16:14 +00:00
Jordan Liggitt be8f046a0c Add union token authenticator 
Kubernetes-commit: 4fd8196cf56aa7884f5a385017b2be651a259e59
 2017-08-29 13:15:24 +00:00
Jordan Liggitt 80d2e2dae5 Add token cache component 
Kubernetes-commit: 1670ba58d5425caecbde8871b07521e9e5888f78
 2017-08-29 13:15:24 +00:00
Jordan Liggitt dcfd8acc4d Add token group adder component 
Kubernetes-commit: 15d8509a711efa062a1357cf1cfb398ec6e91023
 2017-08-29 13:15:24 +00:00
Jeff Grafton 6c539a43c6 Use buildozer to delete licenses() rules except under third_party/ 
Kubernetes-commit: a7f49c906df816123e7d4ccbd4cebab411519465
 2017-08-29 13:15:24 +00:00
Jeff Grafton 6caa2933ae Use buildozer to remove deprecated automanaged tags 
Kubernetes-commit: 33276f06be5e872bf53ca62a095fcf0a6b6c11a8
 2017-08-29 13:15:24 +00:00
Jeff Grafton 44942b068a Run hack/update-bazel.sh to generate BUILD files 
Kubernetes-commit: 3579017b865ddbc5449d6bba87346f086e4b93ff
 2017-08-29 13:13:51 +00:00
John Millikin 431caeab63 Use case-insensitive header keys for `--requestheader-group-headers`. 
This flag is documented as being case-insensitive, but the code was
doing a case-sensitive map lookup.

Kubernetes-commit: 0acdc0cdb369372e06c202aea162bce04410f643
 2017-07-28 13:56:11 +00:00
Haoran Wang da548f4af1 fix error type 
Kubernetes-commit: 45ec7d9f51c54c8312579c9a0eab83c29d6d7d06
 2017-07-05 23:59:23 +00:00
Jordan Liggitt 6a99774546 Use websocket protocol authenticator in apiserver 
Kubernetes-commit: 6a872c09ebc8bff4efccc6d0206b0b5639be31ae
 2017-06-28 00:14:31 +00:00
Jordan Liggitt 5c2f76950a Add websocket protocol authentication method 
Kubernetes-commit: e2a03bcf2a568b5c40e8f92e1009440038f5e5ee
 2017-06-28 00:14:31 +00:00
deads2k 9250b02a30 remove bearer token from headers after we consume it 
Kubernetes-commit: 641b83877a5bd01f87f3e4db53917e854b581be7
 2017-05-12 17:30:08 +00:00
Mike Danese fda6fe0d70 add testdata for tests in //vendor/k8s.io/... 
Kubernetes-commit: 981dd8dc6615f397a9b85c5b965998dc8a0b1338
 2017-04-15 20:35:23 +00:00
Mike Danese 2aab760a2a autogenerated 
Kubernetes-commit: a05c3c0efdc5822049e34b1a5a1ee259c5fb1906
 2017-04-15 20:35:23 +00:00
deads2k 4429450aca make the system:authenticated group adder smarter 
Kubernetes-commit: 379a73a8dbd3aa09471eab3994861ad41f548ded
 2017-03-18 19:56:09 +00:00
Dr. Stefan Schimanski 73c30cda7e staging/src/*: run gofmt 2017-02-23 09:48:09 -05:00
Jordan Liggitt 2ad7085dba Create bootstrap system:kube-scheduler role 2017-02-15 07:28:56 -05:00
deads2k 9503eabb8b move genericapiserver authenticator and authorizer factories 2017-01-27 08:47:01 -05:00
deads2k 3ac45aec91 move authoritative client-go utils out of pkg 2017-01-25 07:42:18 -05:00
Dr. Stefan Schimanski 05c91315e2 Move first pkg/api/validation's into apimachinery 2017-01-17 10:46:17 -05:00
Dr. Stefan Schimanski c0fd39038a genericapiserver: cut off pkg/serviceaccount dependency 2017-01-17 10:46:17 -05:00
deads2k 708baaf567 move no k8s.io/kubernetes deps to apiserver 2017-01-16 15:01:42 -05:00
deads2k d2037a9447 use apimachinery packages instead of client-go packages 2017-01-13 16:24:57 -05:00
deads2k 2284cd2bb7 mechanical repercussions 2017-01-13 13:38:51 -05:00
deads2k 6687ea314a moves of genericapiserver packages without dependencies 2017-01-13 13:38:51 -05:00
deads2k f22426d63f move no k8s.io/kubernetes dependencies round one 2017-01-13 13:38:51 -05:00
deads2k eee88cccbf move pkg/auth/user to staging 2017-01-13 13:38:43 -05:00