kubernetes
/
apiserver
mirror of https://github.com/kubernetes/apiserver.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
4,377 Commits 30 Branches 1,482 Tags 31 MiB
Commit Graph

4377 Commits

Author SHA1 Message Date
Monis Khan 0ac9d4bf6d Update auth OWNERS files to only use aliases 
Signed-off-by: Monis Khan <mok@vmware.com>

Kubernetes-commit: bca4993004953041c91ad56e37ef195b32066c27
 2021-04-07 10:42:00 -04:00
Monis Khan 2ad661f8c5 Prune stale entries from OWNERS files 
Signed-off-by: Monis Khan <mok@vmware.com>

Kubernetes-commit: 91241eac9b7a7e62cc31e663147294bf6dc8f875
 2021-04-07 10:38:27 -04:00
Monis Khan 725e1d4432 oidc authenticator: allow specifying a KeySet directly 
This change updates the oidc authenticator to allow specifying an
oidc.KeySet as an input option.  This makes it possible to
synchronously initialize the KeySet instead of relying on the
asynchronous initialization that is normally done to support
self-hosted providers.  This makes it easier to use this code as a
library.

Signed-off-by: Monis Khan <mok@vmware.com>

Kubernetes-commit: b5a1a45d48b4e90e54f512fc829b2ab9866b282e
 2021-04-06 12:20:57 -04:00
Monis Khan 1fd6a1891c oidc authenticator: allow passing in CA via bytes 
This change updates the OIDC authenticator code to use a subset of
the dynamiccertificates.CAContentProvider interface to provide the
root CA bytes.  This removes the hard dependency on a file based CA
and makes it easier to use this code as a library.

Signed-off-by: Monis Khan <mok@vmware.com>

Kubernetes-commit: 5dd4c89df38d4a5389c0cbf2c7fe4f6a5d5534ce
 2021-04-06 11:04:05 -04:00
Kevin Delgado 00544e72ca Update structured-merge-diff to v4.1.1 
Kubernetes-commit: 5f1b146852124e6c5ebfc2b69aee7dfa4fe6d158
 2021-04-02 17:42:54 +00:00
pacoxu fb16abfa53 update uber zap to 1.16.0 to fix a nil pointer exception 
Signed-off-by: pacoxu <paco.xu@daocloud.io>

Kubernetes-commit: 54bc0ff250aa5615233d2f1219f2daecd73ad3c7
 2021-04-01 14:53:49 +08:00
Jordan Liggitt b97dfc761c allow evictions subresource to accept policy/v1 and policy/v1beta1 
Kubernetes-commit: 33ad842480353f2816873bf728d75333948e4817
 2021-03-31 16:54:55 -04:00
Abu Kashem 64517a3e40 apf: exempt probes /healthz /livez /readyz 
Kubernetes-commit: 4447f2459aae1d916742eb1cb129d9438adcea9a
 2021-03-30 12:55:30 -04:00
Niekvdplas c74d3bdddc Fixed several spelling mistakes 
Kubernetes-commit: fec272a7b290a34776eac6698f12be043367a4c2
 2021-03-30 15:28:23 +02:00
John Howard d7e2a0bbee Update kube-openapi and gnostic dependencies 
Pulling in https://github.com/kubernetes/kube-openapi/pull/220

Kubernetes-commit: a849c8998c1ed71f25387a560f8359596aec8bd3
 2021-03-23 08:33:15 -07:00
Abu Kashem bf34b41185 refactor finishRequest 
Kubernetes-commit: a8ff821a19b819a54a54d027ec631eab2ffaedc3
 2021-03-22 18:01:33 -04:00
Abu Kashem 28c097bee7 move FinishRequest to its own package 
Kubernetes-commit: 393a1f73fbaa1bf1facb8882eaf4fead16b94f58
 2021-03-22 16:39:14 -04:00
Brendan Burns 3ba2299cd2 Fix api installer to indicate PATCH may return a 201 for server side apply 
Kubernetes-commit: cb72ce975630b44ec8786d5b72b1e0ee8bb1a0e4
 2021-03-11 17:06:33 +00:00
Antoine Pelisse 49b6ebdaae fieldmanager: Strip managedfields BEFORE we update the timestamp 
Kubernetes-commit: c8be9651ce0de1eee3fa785882fe01dee4b15d37
 2021-03-09 12:46:07 -08:00
Lukasz Szaszkiewicz b5be45a80f DelegatingAuthOptions: allows for specifying a middleware function for custom HTTP behaviour for the auth webhook client 
Kubernetes-commit: ea7d94497b5fef2fe7b925d378f425b94448f01b
 2021-03-04 12:35:09 +01:00
Abu Kashem bb69e234a6 apiserver: improve correlation by using the audit ID 
- when we forward the request to the aggregated server, set the audit
  ID in the new request header. This allows audit logs from aggregated
  apiservers to be correlated with the kube-apiserver.
- use the audit ID in the current tracer
- use the audit ID in httplog
- when a request panics, log an error with the audit ID.

Kubernetes-commit: b607ca1bf3e1cf6152c446ea61ac7fdd9014e1f1
 2021-03-02 19:27:43 -05:00
Abu Kashem f1a76db888 apiserver: manage audit ID associated with a request 
Manage the audit ID early in the request handling logic so that it can
be used by different layers to improve correlation.
- If the caller does not specify a value for Audit-ID in the request
  header, we generate a new audit ID
- If a user specified Audit-ID is too large, we truncate it
- We echo the Audit-ID value to the caller via the response
  Header 'Audit-ID'

Kubernetes-commit: 31653bacb9b979ee2f878ebece7e25f79d3f9aa6
 2021-03-02 19:22:39 -05:00
Abu Kashem 1e7338b1ea use request received timestamp in httplog 
Kubernetes-commit: 71199664be6d26e435a78566818379ff43110352
 2021-03-02 18:05:51 -05:00
xiongzhongliang fbe8ccc9bd Optimize some codes 
Kubernetes-commit: 4a24a08f936a295bf332b9567bea182e2feff554
 2021-02-28 01:00:09 +08:00
Andrea Nodari 2ec597ed01 Add "subresource" field to ManagedFieldEntry 
This field is useful to namespace the managed field entries of a
subresource and differentiate them from the ones of the main resource.

Kubernetes-commit: 862d256195adf3be5475b1a6935e5feb78f884a5
 2021-02-27 17:16:46 +01:00
Danil-Grigorev de3d390777 Make selectors atomic 
Ensure that all label selectors are treated as atomic values,
to exclude situations when selectors are being corrupted by
different actors attempting to apply their overlapping definition
for this field with server-side-apply.

Kubernetes-commit: d8a7764b6396b90313ae7bd50a845f4da4705d67
 2021-01-12 18:29:56 +01:00
Kubernetes Publisher 8d97c871d9 Merge pull request #100638 from tkashem/fix-98697 
apf: fix data race in queueset

Kubernetes-commit: b6ff1370bd2310eab0518d22aaca303df1f17c2f
 2021-03-30 05:15:57 -07:00
Abu Kashem 7c07064678 apf: fix test flake 
Kubernetes-commit: fa0952ee778aaf7df3e593305575f5d121b55cf1
 2021-03-29 16:09:49 -04:00
Kubernetes Publisher cb7fbc9590 Merge pull request #100632 from logicalhan/etcd_deprecation 
bump the deprecated version to 1.22

Kubernetes-commit: ff09d509ca67a92638e30b2aa1d446ed46e6d0da
 2021-03-29 19:58:11 +00:00
Han Kang d21d96225a bump the deprecated version to 1.22 
Change-Id: Ibefaa94151704fcaaa920541bbb9a8ad714c1d24

Kubernetes-commit: e7ee76efc0813da419045c80cc06a513fba6fc37
 2021-03-29 07:54:12 -07:00
Kubernetes Publisher 92392ef221 Merge pull request #95783 from roycaihw/flake/wait-for-webhook-registration 
webhook config manager: HasSynced returns true when the manager is synced with existing webhookconfig objects at startup

Kubernetes-commit: ae6ceaa78d6891f97589a0ffcf405f45c2caae79
 2021-03-23 06:58:15 +00:00
Kubernetes Publisher 04bf549f9a Merge pull request #100341 from kevindelgado/apiservices-stacktrace 
Add ability to skip OpenAPI handler installation

Kubernetes-commit: 019080fc4d32bc7acc994605afbc2fac416188d7
 2021-03-18 20:58:35 -07:00
Haowei Cai 4a7c21439a webhook config manager: HasSynced returns true when the manager is synced with existing webhookconfig objects at startup 
Kubernetes-commit: 37d171e5bc6ca5b7aab7bfe52c8baabdea536415
 2021-03-17 14:34:06 -07:00
Kevin Delgado a11399dd98 Add ability to skip OpenAPI handler installation 
Kubernetes-commit: 66d2f4359efadd2cf85f9d901676f2ea28555951
 2021-03-17 00:26:23 +00:00
Kubernetes Publisher 9d40532d03 Merge pull request #99944 from marseel/fix/fix_incorrect_authenticator_metrics 
Fix incorrect authentication latency metric

Kubernetes-commit: 067ab92d9dc75828c6ad4dda6373fe93d4bc656a
 2021-03-16 03:00:50 +00:00
Kubernetes Publisher 6ba5d522d5 Merge pull request #100250 from answer1991/disable-goaway-ut 
disable flaky TestClientReceivedGOAWAY test case

Kubernetes-commit: 0ed8ee6fd7169219fbeb9bca83023a980a7a36a5
 2021-03-15 19:17:18 +00:00
answer1991 db01b261c4 disable flaky TestClientReceivedGOAWAY test case 
Kubernetes-commit: d6f9369126dcaa3c94902108ec1aa3d01f658163
 2021-03-15 21:12:22 +08:00
Kubernetes Publisher 0eb3da2e7a Merge pull request #100156 from ehashman/issue-100155 
Upgrade klog to avoid panics crashing components

Kubernetes-commit: 998f218606a149048e7b564ef27478bacab0f90f
 2021-03-13 03:21:34 +00:00
Elana Hashman 9bdbdede5b Bump klog to 2.8.0, fixing nil panics in KObj 
Kubernetes-commit: 6b70c8bd8db844a5c2c26d2814b3306d83204a7a
 2021-03-11 16:56:56 -08:00
Kubernetes Publisher ad8edb40a2 Merge pull request #100082 from logicalhan/etcd-stable 
rename apiserver_storage_object_counts to apiserver_storage_objects

Kubernetes-commit: 019c89218119ef37bf755e3717c431f4cb9469a4
 2021-03-12 03:06:47 +00:00
Kubernetes Publisher dddcd94ca0 Merge pull request #99759 from jpbetz/apply-extract 
Add Extract support to client-go apply builders

Kubernetes-commit: eb0c118a9d7a15801ec0389448a5e1bffdaa5e72
 2021-03-11 10:54:55 +00:00
Kubernetes Publisher 3c3275ad0c Merge pull request #100108 from Jefftree/ssa-revertga 
Revert SSA GA

Kubernetes-commit: 98d3738f6d3e140d193bb3fc5384d93b92fbd562
 2021-03-11 10:54:52 +00:00
Kubernetes Publisher 2fb0bdd045 Merge pull request #100055 from enj/enj/i/delegated_authn_client_ca 
delegated authn: allow client CA override based on non-empty opts

Kubernetes-commit: 98500aa6a51db77c5bd8dafc5a2bebd37e47fb65
 2021-03-11 10:54:51 +00:00
Jefftree 14406b8e7c Revert SSA GA 
Kubernetes-commit: 4a41c474cc3e8fb0320f67dca581aaea6167a72c
 2021-03-10 18:04:40 -08:00
Han Kang 4ac82c26cf rename apiserver_storage_object_counts to conform to best practices (apiserver_storage_objects) 
Change-Id: I8c08a37cd3ed7c943a6691185f750e55d389dd3a

Kubernetes-commit: 50e6f15deec3f9b9ffe52accd6aab5f9560b88ad
 2021-03-10 04:32:27 -08:00
Kubernetes Publisher 82d5aa9575 Merge pull request #99661 from kevindelgado/status-wiping 
Server-Side Apply status wiping

Kubernetes-commit: b7d23d711108805cd0dd15b1e208b30c6c3e9eec
 2021-03-10 10:50:16 +00:00
Kubernetes Publisher 2f3702e43f Merge pull request #99652 from Jefftree/ssa-ga 
Promote SSA to GA

Kubernetes-commit: e95a8c878ac21a0a38c2fb7c0ffcfa483cd8625c
 2021-03-10 10:50:14 +00:00
Monis Khan 63ca1f6039 delegated authn: allow client CA override based on non-empty opts 
Signed-off-by: Monis Khan <mok@vmware.com>

Kubernetes-commit: 6686d8b846546f682d1a449cc9cd0e3c0de977b4
 2021-03-09 22:53:04 -05:00
Kubernetes Publisher ff851b1f71 Merge pull request #99951 from deads2k/fix-decodableversions 
provide directly decodable versions for storageversion API

Kubernetes-commit: 08b11727f5b27ad1d123e3a23e769e170ed99a5a
 2021-03-10 02:54:33 +00:00
Kevin Delgado 86db6c67fb Server-Side Apply: Status Wiping/Reset Fields 
Adds and implements ResetFieldsProvder interface in order to ensure that
the fieldmanager no longer owns fields that get reset before the object
is persisted.

Co-authored-by: Kevin Wiesmueller <kwiesmul@redhat.com>
Co-authored-by: Kevin Delgado <kevindelgado@google.com>

Kubernetes-commit: a1fac8cbd9289d95db4831a83239292ed56ce59d
 2021-03-09 23:54:55 +00:00
Kubernetes Publisher 605b55af85 Merge pull request #99875 from bobbypage/bump-cadvisor 
vendor: cAdvisor v0.39.0

Kubernetes-commit: a10a694f56bc008426ff1ffc1cb29f76e0068e00
 2021-03-09 23:00:16 +00:00
Kubernetes Publisher 3819542a11 Merge pull request #99785 from erain/issue/98270 
metrics: etcd_object_counts->apiserver_storage_object_counts(stable)

Kubernetes-commit: afca3dace4a242e8e638552a41903a3351603128
 2021-03-09 23:00:14 +00:00
Kubernetes Publisher a39f4252a3 Merge pull request #99935 from MikeSpreitzer/ratelimit-realtest 
Enable, rate limit, and test APF controller fights

Kubernetes-commit: 8a599510d3f209d7a03ab0b7849c26ae8956e5c7
 2021-03-09 18:48:52 +00:00
Kubernetes Publisher ff6c32ff42 Merge pull request #98809 from answer1991/feature/enable-goaway-ut 
enable goaway testcases

Kubernetes-commit: a27a6e78f2b2916c6306cdb5bfbbacd2c2a8d3c9
 2021-03-09 14:49:17 +00:00
Kubernetes Publisher 13082be927 Merge pull request #98946 from monopole/upgradeKustomize 
Upgrade kustomize-in-kubectl to v4.0.5

Kubernetes-commit: ff3ccc58cd926260731c5e6f4a9405d595916369
 2021-03-09 11:22:12 +00:00