kubernetes
/
apiserver
mirror of https://github.com/kubernetes/apiserver.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
7,505 Commits 30 Branches 1,482 Tags 31 MiB
Commit Graph

18 Commits

Author SHA1 Message Date
Anish Ramasekar 13c06f3696 Set credential-id in userinfo.extra for jwt authenticators if jti claim present 
Signed-off-by: Anish Ramasekar <anish.ramasekar@gmail.com>

Kubernetes-commit: c22a41e879e72ba4c925b06d8aa00e43160a0f86
 2024-08-29 17:09:07 -07:00
Taahir Ahmed 72a449fe98 Define credential IDs for X.509 certificates 
This commit expands the existing credential ID concept to cover X.509
certificates.  We use the certificate's signature as the credential ID,
since this safe and unique.

Kubernetes-commit: 2ad2bd8907d979f709cd924af7986be71c31ce12
 2024-06-21 16:21:35 -07:00
Anish Ramasekar 43a56206a7 cleanup unused fn GetOrCreateServiceAccount in serviceaccount/util 
Signed-off-by: Anish Ramasekar <anish.ramasekar@gmail.com>

Kubernetes-commit: 2f96a788e299ef3cea08d0cb03b13c584496891c
 2024-08-18 21:04:51 -07:00
James Munnelly c60b23f298 use authentication.kubernetes.io/issued-credential-id audit annotation in serviceaccount token registry endpoint 
Kubernetes-commit: 7f12735fffdc490eae59e98d0f03638067b028de
 2024-02-02 16:57:16 +00:00
James Munnelly f2ba735b90 KEP-4193: bound service account token improvements 
Kubernetes-commit: 76463e21d4dec90b4d49975b182a13e1fdb6b20a
 2023-09-19 15:23:28 +01:00
cici37 4ab24fc5f7 Move client_builder to k8s.io/controller-manager 
Kubernetes-commit: 95acec5a3b4c07afba17b526e5cb031f8bb88630
 2020-05-26 17:01:36 -07:00
Clayton Coleman 49ac3bd853 Avoid allocating when performing VisitRulesFor on service accounts 
Service account authorization checks are done frequently and were
observed to perform 7% of allocations on a system running e2e tests.
The allocation comes from when we walk the authorization rules to
find matching service accounts.

Optimize the check for service account names to avoid allocating.

Kubernetes-commit: 4c87a14e6b1809359fcb6566d883a169ff0db259
 2019-03-11 11:50:44 -04:00
Kubernetes Publisher 627fa76a8b sync: initially remove files BUILD */BUILD BUILD.bazel */BUILD.bazel 2018-03-15 09:38:17 +00:00
Jeff Grafton 1ab12b2dc8 Autogenerated: hack/update-bazel.sh 
Kubernetes-commit: ef56a8d6bb3800ab7803713eafc4191e8202ad6e
 2018-02-16 13:43:01 -08:00
Jeff Grafton c8a97ee31a Autogenerate BUILD files 
Kubernetes-commit: efee0704c60a2ee3049268a41535aaee7f661f6c
 2017-12-23 13:06:26 -08:00
Jeff Grafton f4dbe23125 update BUILD files 
Kubernetes-commit: aee5f457dbfd70c2d15c33e392dce6a3ca710116
 2017-10-12 13:52:10 -07:00
Cao Shufeng 81eb3429e7 remove useless argument "name" 
Kubernetes-commit: 2e97611bc62b88c48777d6209a0ed28d17d0e52d
 2017-08-29 13:16:16 +00:00
Jeff Grafton 6c539a43c6 Use buildozer to delete licenses() rules except under third_party/ 
Kubernetes-commit: a7f49c906df816123e7d4ccbd4cebab411519465
 2017-08-29 13:15:24 +00:00
Jeff Grafton 6caa2933ae Use buildozer to remove deprecated automanaged tags 
Kubernetes-commit: 33276f06be5e872bf53ca62a095fcf0a6b6c11a8
 2017-08-29 13:15:24 +00:00
Jeff Grafton 44942b068a Run hack/update-bazel.sh to generate BUILD files 
Kubernetes-commit: 3579017b865ddbc5449d6bba87346f086e4b93ff
 2017-08-29 13:13:51 +00:00
Mike Danese 2aab760a2a autogenerated 
Kubernetes-commit: a05c3c0efdc5822049e34b1a5a1ee259c5fb1906
 2017-04-15 20:35:23 +00:00
Dr. Stefan Schimanski 05c91315e2 Move first pkg/api/validation's into apimachinery 2017-01-17 10:46:17 -05:00
Dr. Stefan Schimanski c0fd39038a genericapiserver: cut off pkg/serviceaccount dependency 2017-01-17 10:46:17 -05:00