kubernetes
/
apiserver
mirror of https://github.com/kubernetes/apiserver.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
5,554 Commits 29 Branches 1,450 Tags 30 MiB
Commit Graph

51 Commits

Author SHA1 Message Date
Antonio Ojea ea69e5d51c remove DryRun feature gate checks 
Kubernetes-commit: a1bfb76458a219577884d312ceb93eb1bb3f7e39
 2022-08-26 11:33:56 +02:00
scott 91c6c18439 Fix issue that Audit Server could not correctly encode DeleteOption 
Kubernetes-commit: 286a67d78c5be2b9ee39ed9fe26aa5a232058832
 2022-05-18 20:23:16 +08:00
Tim Allclair 1e36b0a9fb Don't add audit annotations directly to the audit event 
Kubernetes-commit: bdebc62d49293a0fbbd7e0d95bfd94b1ce21015c
 2022-03-28 11:38:38 -07:00
Abu Kashem 8949a1cdfc add trace step for transformResponseObject 
Kubernetes-commit: 41cef06f66dd4d7e87ff852dc228ab69587be9de
 2021-11-22 13:18:02 -05:00
Antonio Ojea 4662dacdd3 migrate nolint coments to golangci-lint 
Kubernetes-commit: d126b1483840b5ea7c0891d3e7a693bd50fae7f8
 2021-11-16 16:57:58 +01:00
Abu Kashem fea88b8efd drop managed fields from audit entries 
drop the managed fields of the objects from the audit entries when we
are logging request and response bodies.

Kubernetes-commit: bbc59348318c29199e23b27981fb56436ac68705
 2020-10-12 13:18:59 -04:00
Abu Kashem d53acfe201 apiserver: store (event, evaluated policy) pair in request context 
Kubernetes-commit: 8be823b0b0270e1b979b3d4c6e683e1daa0f2e01
 2021-09-20 17:43:16 -04:00
Kasakaze da0758027d Simplify objGV construction 
Co-authored-by: Jordan Liggitt <jordan@liggitt.net>

Kubernetes-commit: b9b01a0f901513370cf3e981544a79f57e321d67
 2021-06-02 10:52:44 +08:00
Kasakaze e7a594074a Simplify objGV construction 
Co-authored-by: Jordan Liggitt <jordan@liggitt.net>

Kubernetes-commit: 19c72a6cd05da805b1bec9fe567614ef82bf7beb
 2021-06-02 10:52:35 +08:00
njuptlzf 790f5a21a7 Fix auditing failed of request: encoding failed 
Kubernetes-commit: 329f7d55d1344f728e28ce49728234f9f8f4c5d3
 2021-05-17 02:31:08 +08:00
Abu Kashem 28c097bee7 move FinishRequest to its own package 
Kubernetes-commit: 393a1f73fbaa1bf1facb8882eaf4fead16b94f58
 2021-03-22 16:39:14 -04:00
chymy f5152b019f Fix static failures for vendor/k8s.io/apiserver/pkg/endpoints/handlers 
Kubernetes-commit: 04515b9c0a8634ddbb48883cdceb1c265ae97015
 2021-02-26 21:01:55 -05:00
Abu Kashem 026eb846a4 apiserver: plumb context with request deadline 
- as soon as a request is received by the apiserver, determine the
  timeout of the request and set a new request context with the deadline.
- the timeout filter that times out non-long-running requests should
  use the request context as opposed to a fixed 60s wait today.
- admission and storage layer uses the same request context with the
  deadline specified.

we use the default timeout enforced by the apiserver:
- if the user has specified a timeout of 0s, this implies no timeout on the user's part.
- if the user has specified a timeout that exceeds the maximum deadline allowed by the apiserver.

Kubernetes-commit: e416c9e574c49fd0190c8cdac58322aa33a935cf
 2020-11-26 23:53:20 -05:00
lala123912 36a172d35e Code optimization for add additional information to log trace in api server 
Kubernetes-commit: 5d61e18a4343773105e39c36b944b4f223e70eaf
 2020-11-23 16:27:05 +08:00
Jordan Liggitt cec339c07a Revert "plumb context with request deadline" 
This reverts commit 83f869ee1350da1b65d508725749fb70d0f535f2.

Kubernetes-commit: afd92b3b3ea8fa8e3dbe2521d6ce213c809d25c7
 2020-11-19 18:15:04 -05:00
Abu Kashem 46e3e4810e plumb context with request deadline 
- as soon as a request is received by the apiserver, determine the
timeout of the request and set a new request context with the deadline.
- the timeout filter that times out non-long-running requests should
use the request context as opposed to a fixed 60s wait today.
- admission and storage layer uses the same request context with the
deadline specified.

Kubernetes-commit: 83f869ee1350da1b65d508725749fb70d0f535f2
 2020-10-30 16:30:05 -04:00
Ken Sipe ce7f425acc fix S1002 omit comp to bool 
Signed-off-by: Ken Sipe <kensipe@gmail.com>

Kubernetes-commit: e8878687b18fd961e9f3e29c1c46fe018157a77d
 2020-06-26 10:36:38 -05:00
Joe Betz 97937c66f2 Revert nested trace PR#88936 
Kubernetes-commit: 02cf58102a61b6d1e021e256381ff750573ce55d
 2020-07-20 09:55:05 -07:00
Joe Betz 7a467399ac Enable nested tracing, add request filter chain tracing incl. authn/authz tracing 
Kubernetes-commit: b12ac0abc64adb71d97fbde12f373b1424631f20
 2020-03-06 16:11:21 -08:00
Joe Betz ee219411ed Add ResourceVersionMatch parameter to make Resource Version semantics consistent for list 
Kubernetes-commit: e214f2408b59c745c199645547948a8ad2a87ac2
 2020-05-29 10:44:26 -07:00
ialidzhikov a521baa66a Minor nit in error message about feature gate stage 
Signed-off-by: ialidzhikov <i.alidjikov@gmail.com>

Kubernetes-commit: 1eaa0ee3f9553cce1821434ce64e745ba5b135d2
 2020-01-01 15:54:06 +02:00
Jianfei Bai a5b9ca7482 feat(apiserver): add user-agent and remote info into trace log for endpoints handlers. 
Kubernetes-commit: 91bddd13485082892be8e8e471e358be317c4e9b
 2019-10-10 21:30:05 +08:00
wojtekt ba8f49cc73 Ensure conversions are registered for metainternalversion codecs 
Kubernetes-commit: 54163527a69a8c868b87d301876559495220d1b0
 2019-09-11 16:30:08 +02:00
Jordan Liggitt aab7154c4f plumb client-specified request timeout to context 
Kubernetes-commit: 89d5c1f3ea8d8e27526e4f558872c4e24ddc526c
 2019-08-20 10:36:34 -04:00
Joe Betz f103fcda51 Replace string concatination with trace fields 
Kubernetes-commit: 46a04d50af78e01d06a9879d62cc71fbe892076f
 2019-08-02 23:47:24 -07:00
Chao Xu 5c9333e4d3 Run deleteValidation at the storage layer so that it will be retried on 
conflict.

Adding unit test verify that deleteValidation is retried.

adding e2e test verifying the webhook can intercept configmap and custom
resource deletion, and the existing object is sent via the
admissionreview.OldObject.

update the admission integration test to verify that the existing object
is passed to the deletion admission webhook as oldObject, in case of an
immediate deletion and in case of an update-on-delete.

Kubernetes-commit: 7bb4a3bace048cb9cd93d0221a7bf7c4accbf6be
 2019-04-09 13:49:16 -07:00
yue9944882 019679ce23 Cherrypicking #66535 
validate deletion admission object

backward compatibility: add validation for direct storage delete calls

apply nil validation to existing tests

revert behavior changes in deleteCollection call

fixes validation on wiring graceful deletion

remove nil validation check

continue admission check on not found error

Kubernetes-commit: 34c4a6e05767e6c6211b88ccc653f2b07021906a
 2018-07-24 12:24:59 +08:00
Joe Betz 19327df6d5 Pass {Operation}Option to Webhooks 
Kubernetes-commit: 140c8c73a64deb102b528109138ca9fb7dbb2392
 2019-05-07 13:34:18 -07:00
Clayton Coleman c8f7d5017d Make RequestScope be a pointer consistently for better memory use 
RequestScope is a large struct and causes stack growth when we pass
it by value into multiple stack levels. Avoid the allocations for
this read only struct by passing a pointer.

Kubernetes-commit: 8fede0b18a81a6fb1acc1a48857f482857c25286
 2019-03-25 23:33:48 -04:00
Mehdy Bohlool 87b5ac0c06 Add ObjectInterfaces to Admission and Validation 
Kubernetes-commit: 513a87c7b25aa58f84fafe0dc170cee4c76e481b
 2019-02-16 12:27:24 -08:00
Chao Xu 4ebbf20f41 Adding a limit on the maximum bytes accepted to be decoded in a resource 
write request.

Kubernetes-commit: b971b12d3cfa8887aa87957fbba92b90e3e99dc6
 2019-02-06 16:58:24 -08:00
Andrew Kim 2b43930b32 replace k8s.io/apiserver/pkg/util/trace with k8s.io/utils/trace 
Kubernetes-commit: 93b086f6eafc1e94214fc1d946a1917482751cf3
 2019-01-24 11:50:30 -05:00
Clayton Coleman 065e089126 Ensure all response object modification happens in one place 
Make setLink and setListLink the same, and make them happen in transformResponseObject.
Make those methods also responsible for ensuring an empty list. Then move outputMediaType
negotiation before all other calls in the specific methods, to ensure we fail fast.

Refactoring in preparation to support type conversion on watch.

Kubernetes-commit: 56a25d8c5f04ec5401b99c8eb29e980b1e8123d3
 2018-11-28 21:32:51 -05:00
Walter Fender 4749d14e11 Added tracing for long running requests. 
Added tracing for use cases where etcd is not the cause of long running
requests.
Fixed spelling.
Factored in Wojtek-t feedback.

Kubernetes-commit: 99ebe8747176a10c718d5e3276c64d8c507bfb3b
 2018-10-12 17:36:36 -07:00
jennybuckley 008018b080 fix typo in dry run disabled error 
Kubernetes-commit: 5253c7f414a686e8bcf721655b7ffe26e81765b4
 2018-09-12 14:43:18 -07:00
Antoine Pelisse 35d83292e2 dry-run: Allow dry-run flag to pass through if alpha enabled 
Kubernetes-commit: 5f364a0b84669a2dc086a35292db088b912d1c3c
 2018-06-28 08:59:58 -07:00
jennybuckley 91278157f6 Support dry run in admission plugins 
Kubernetes-commit: adafb1365e2b9f6c422c437e916e22a4fe1c2e3a
 2018-08-06 10:37:44 -07:00
Antoine Pelisse 026601bbf1 dry-run: Add DryRunTrue value 
Kubernetes-commit: e99651b34bf94fdead5a8827abe0fc98159cd16d
 2018-07-09 15:52:16 -07:00
Antoine Pelisse cc843478d7 dry-run: Create new options for Update/Create and pass it along 
Kubernetes-commit: 03b1e14101a73706980b559b4b7069ea956c80bd
 2018-06-14 09:14:59 -07:00
Jordan Liggitt 453662ac63 change field selector conversion registration to be strongly typed 
Kubernetes-commit: f51ba20cddeb44be355a79718a8274c272efc1e4
 2018-07-03 15:47:20 -04:00
Cao Shufeng 167894cc94 Log policy name from pod security policy 
Kubernetes-commit: 241422879d81ac7f8d7874d55c53df73e35d91b0
 2018-04-15 10:20:10 +08:00
Antoine Pelisse 7d9df7dc93 apiserver: Fail if dry-run query param is specified 
Kubernetes-commit: 98613924ea282ef70a6f9a14dda11e854fe02c28
 2018-05-11 14:59:47 -07:00
hzxuzhonghu c3f6af1ec1 avoid calling Handles twice 
Kubernetes-commit: 9ce6da671d7035c1f9bcc8db9c7f0c69f9701210
 2018-04-21 13:44:14 +08:00
Jordan Liggitt 25758bf0f8 Remove request context mapper 
Kubernetes-commit: 8ea88a5092c767fc3141512db924fd0435f7670e
 2018-04-18 11:12:15 -04:00
Jordan Liggitt f08677495f Return the correct set of supported mime types for non-streaming requests 
Kubernetes-commit: 7e33b128567700ef114fe15ae43f5e2e662b29cf
 2018-01-14 11:38:00 -05:00
Dr. Stefan Schimanski 45afa13373 admission: rename Validate{ -> Initialization}, Validat{ingAdmit -> e} 
Kubernetes-commit: aedcf681b32618be3cf9ad40eeb039f1bb26c5ae
 2017-10-27 17:09:39 +02:00
Dr. Stefan Schimanski 3eeded3a29 admission: wire create+update validation func into kube registries 
Kubernetes-commit: 2452afffe09e1ced9487e5a701beb1443a92b741
 2017-10-24 15:33:28 +02:00
Dr. Stefan Schimanski 441ac63056 admission: complete plumbing of validation admission 
Kubernetes-commit: 74b4223ab80fa3bbf326ac1073ef28f0b8daa304
 2017-10-24 14:08:34 +02:00
Dr. Stefan Schimanski a8fb04360a admission: { -> Mutating}Admit(admission.Attributes) 
Kubernetes-commit: 970d2553cca466c1236f1e91b3161cb1a69dbdd2
 2017-10-23 14:26:38 +02:00
David Eads a2e3d31f52 add wiring for validating admission 
Kubernetes-commit: 02e16cb253f01303d71ad4e8d6aa578d1ab79c0a
 2017-10-19 09:44:42 -04:00