kubernetes
/
apiserver
mirror of https://github.com/kubernetes/apiserver.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
4,362 Commits 30 Branches 1,482 Tags 31 MiB
Commit Graph

4362 Commits

Author SHA1 Message Date
Kubernetes Publisher f48391aefe Merge pull request #100964 from njuptlzf/SelectionPredicateUT 
Add more unit tests for SelectionPredicate

Kubernetes-commit: 90e599f56a931f9ba32244c7f6250db27cb61af5
 2021-05-18 11:27:23 +00:00
Kubernetes Publisher b9ad7382f7 Merge pull request #100979 from mikedanese/tlscleanup 
force implementors of dyanmiccertificates providers to think about notify

Kubernetes-commit: 496a94bf98c86abea5c18395880340ad64dcb9dd
 2021-05-18 11:27:20 +00:00
Kubernetes Publisher 0be3b21634 Merge pull request #100490 from howardjohn/gnostic-v051 
Update kube-openapi and gnostic dependencies

Kubernetes-commit: c555b23f1c84bcdd1d87a7ae831675281f5c0c94
 2021-05-18 11:27:17 +00:00
Kubernetes Publisher 152ef2fa3b Merge pull request #101155 from zshihang/bound 
allow multiple of --service-account-issuer

Kubernetes-commit: 6157361dd758dc5774b7776d897727b53d696d57
 2021-05-18 11:27:13 +00:00
Shihang Zhang 87ac3f57d4 allow multiple of --service-account-issuer 
Kubernetes-commit: 925900317e43e58435082f624f5969e3cfe25c67
 2021-04-15 09:50:43 -07:00
Kubernetes Publisher 940c107184 Merge pull request #100970 from apelisse/add-subresource-managedfields 
Add subresource managedfields

Kubernetes-commit: 0f1d105f8d3e114f0bf47307513fe519a71351a2
 2021-04-17 16:17:57 +00:00
Kubernetes Publisher 64747d3be0 Merge pull request #101151 from mborsz/nodehealth 
Add "node-high" priority-level

Kubernetes-commit: 09bd59687500e6b3c53e34cf20ef7727a1886c22
 2021-04-17 11:54:00 +00:00
Kubernetes Publisher 16fda89d29 sync: update go.mod 2021-04-17 03:58:27 +00:00
Kubernetes Publisher 66df8c7bf0 Merge pull request #100963 from enj/enj/i/authz_func_ctx 
authorizer func: pass through context

Kubernetes-commit: f1c1379defd362a7156b0568c77b2f41583b1e00
 2021-04-16 23:54:04 +00:00
Kubernetes Publisher db0339edde Merge pull request #100969 from enj/enj/i/audit_stage_const 
audit: make stage consts use correct type

Kubernetes-commit: 2ec888b2d0a23861a93e6599e0f993e12c7a79f4
 2021-04-16 19:57:58 +00:00
Kubernetes Publisher 4004e014d5 Merge pull request #100724 from liggitt/eviction-v1beta1 
Add policy/v1 Eviction support

Kubernetes-commit: 27a625cf8921007eaf115425b6d61587eb253e92
 2021-04-16 19:57:56 +00:00
Kubernetes Publisher f09aa9568e Merge pull request #101086 from enj/enj/i/auth_owners_gen 
Prune stale entries from OWNERS files

Kubernetes-commit: 24350a922ea2b1b2a8aeba58e150fa90370a282b
 2021-04-15 15:59:31 +00:00
Maciej Borsz b0d1b1af17 Add "node-high" priority-level 
Kubernetes-commit: 8d6e76f2766e51177ee50a1fba09bc5b04d6ce53
 2021-04-15 16:24:02 +02:00
Kubernetes Publisher 781f4a4107 Merge pull request #100959 from p0lyn0mial/upstream-delegated-authn-timeout 
DelegatingAuthenticationOptions: TokenReview request timeout

Kubernetes-commit: dc2020eb9d59a19952cbdabd3d4f819c6f307899
 2021-04-15 03:54:50 +00:00
Kubernetes Publisher 584a6d3ae5 Merge pull request #101076 from kevindelgado/fix-diff 
Chain the field manager creation calls in newDefaultFieldManager 

Kubernetes-commit: 6cc27991e95a4bd242a9c631d520a909778d05e6
 2021-04-13 21:08:42 -07:00
Kevin Delgado ea32c4f47f Chain the field manager creation calls in newDefaultFieldManager and test 
Kubernetes-commit: d37461180a1e5a52aeb85cf5853e000acfeb852d
 2021-04-13 16:15:25 +00:00
Kubernetes Publisher 56981b814f Merge pull request #99237 from tkashem/audit-correlation 
Use the audit ID of a request for better correlation

Kubernetes-commit: 46563b0abebbb00e21db967950a1343e83a0c6a2
 2021-04-13 15:55:56 +00:00
Kubernetes Publisher 3f59c51398 Merge pull request #100885 from enj/enj/i/auth_owners 
Update sig-auth OWNERS

Kubernetes-commit: d51f15ed0d47aa81c572076877c69e3107ad3bfc
 2021-04-13 07:30:31 +00:00
Kubernetes Publisher c5d971fadc Merge pull request #100739 from pacoxu/update-zap 
update uber zap to 1.16.0 to fix a nil pointer exception

Kubernetes-commit: 0b0727b563502e45802e2fc4536b2c6734781261
 2021-04-12 03:34:26 +00:00
Kubernetes Publisher 42edede127 Merge pull request #100868 from enj/enj/f/oidc_controller 
oidc authenticator: make library usage easier

Kubernetes-commit: 7f200cb75b62647c0e0d7d7aa8ecf5129cd6b293
 2021-04-11 03:30:42 +00:00
Kubernetes Publisher cba9cd88c4 Merge pull request #100784 from kevindelgado/smd-to-4-1-1 
Update structured-merge-diff to v4.1.1

Kubernetes-commit: 442b3218b3d3eecdd9e55bffcb2c6b135f3084b7
 2021-04-11 03:30:40 +00:00
Mike Danese a6a121887a force implementors of dyanmiccertificates providers to think about notify 
Right now, `_, ok := provider.(Notifier); !ok` can mean one of two
things:

1. The provider does not support notification because the provided
   content is static.
2. The implementor of the provider hasn't gotten around to implementing
   Notifier yet.

These have very different implications. We should not force consumers of
these interfaces to have to figure out the static of Notifier across
sometimes numerous different implementations. Instead, we should force
implementors to implement Notifier, even if it's a noop.

Change-Id: Ie7a26697a9a17790bfaa58d67045663bcc71e3cb

Kubernetes-commit: 9b7d654a08d694d20226609f7075b112fb18639b
 2021-04-09 16:59:17 -07:00
Monis Khan bd0605a728 audit: make stage consts use correct type 
Signed-off-by: Monis Khan <mok@vmware.com>

Kubernetes-commit: 84ac2398da2be7810d311c4bc9f7358618ed193b
 2021-04-09 12:29:20 -04:00
Kubernetes Publisher 2cc2936b04 Merge pull request #100678 from tkashem/apf-exempt-probes 
apf: exempt probes /healthz /livez /readyz

Kubernetes-commit: 3294787f572e0fb22ce81c6fba89f631652e13b7
 2021-04-09 15:37:41 +00:00
Kubernetes Publisher 0ae9575f8c Merge pull request #100671 from Niekvdplas/spelling-mistakes 
Fixed several spelling mistakes

Kubernetes-commit: 4959cd6339ca5d44df5121efd86bb7b17f7a088b
 2021-04-09 15:37:39 +00:00
Kubernetes Publisher 0f7cee9856 Merge pull request #100141 from brendandburns/master 
Fix api installer to indicate PATCH may return a 201 for server side apply

Kubernetes-commit: e5e18d5266413fa56cc1b708f3c9e6772e6690e8
 2021-04-09 15:37:36 +00:00
njuptlzf b86a0eee08 Add more test code for SelectionPredicate 
Kubernetes-commit: 5468db05f0ca33e78ebf96420281097d28971140
 2021-04-09 22:28:51 +08:00
Monis Khan e14444ffc5 authorizer func: pass through context 
Signed-off-by: Monis Khan <mok@vmware.com>

Kubernetes-commit: 8f00e918d84a76ea43d76a8d5b96c3f2535afa99
 2021-04-09 09:33:46 -04:00
Lukasz Szaszkiewicz 49d90ce0ad DelegatingAuthenticationOptions TokenReview request timeout 
it turns out that setting a timeout on HTTP client affect watch requests made by the delegated authentication component.
with a 10 second timeout watch requests are being re-established exactly after 10 seconds even though the default request timeout for them is ~5 minutes.

this is because if multiple timeouts were set, the stdlib picks the smaller timeout to be applied, leaving other useless.
for more details see a937729c2c/src/net/http/client.go (L364)

instead of setting a timeout on the HTTP client we should use context for cancellation.

Kubernetes-commit: d690d71d27c78f2f7981b286f5b584455ff30246
 2021-04-09 13:20:51 +02:00
Kubernetes Publisher faa33164d5 Merge pull request #100523 from tkashem/refactor-finish-request 
Refactor rest.FinishRequest function

Kubernetes-commit: a5489431cfc0598dad421fccd2d713f84bf520bd
 2021-04-09 07:50:34 +00:00
Kubernetes Publisher 6de9cb2087 Merge pull request #100032 from apelisse/strip-before-updating-timestamp 
fieldmanager: Strip managedfields BEFORE we update the timestamp

Kubernetes-commit: 53fac160e530311703d77c2e23f2dcd633b628b6
 2021-04-09 03:27:41 +00:00
Kubernetes Publisher fa8a40ce7f Merge pull request #99868 from tkashem/httplog-started-timestamp 
Use the 'request received timestamp' value inside httplog

Kubernetes-commit: ff7ac966267c68400ac2d3c9b8681fb7f0482858
 2021-04-08 23:31:35 +00:00
Kubernetes Publisher 6baff345cb Merge pull request #99775 from p0lyn0mial/upstream-delegated-auth-custom-rt 
DelegatingAuthOptions: custom RoundTripper

Kubernetes-commit: 8fb400c475cefb8a40898d29a086a9b0fc20eb02
 2021-04-08 23:31:32 +00:00
Kubernetes Publisher 13b386f3f6 Merge pull request #99528 from pandaamanda/apiserver_validation_code_optimization 
fix log message and optimize log format check logic

Kubernetes-commit: 26fba1403b6189537be75325a484aeb04144b36e
 2021-04-08 23:31:30 +00:00
Kubernetes Publisher e61fc2bced Merge pull request #97989 from Danil-Grigorev/atomic-label-selectors 
Make selectors atomic

Kubernetes-commit: 1e05d25890afa9b4547c5585d0978ef56dcf07ca
 2021-04-08 23:31:28 +00:00
Monis Khan 0ac9d4bf6d Update auth OWNERS files to only use aliases 
Signed-off-by: Monis Khan <mok@vmware.com>

Kubernetes-commit: bca4993004953041c91ad56e37ef195b32066c27
 2021-04-07 10:42:00 -04:00
Monis Khan 2ad661f8c5 Prune stale entries from OWNERS files 
Signed-off-by: Monis Khan <mok@vmware.com>

Kubernetes-commit: 91241eac9b7a7e62cc31e663147294bf6dc8f875
 2021-04-07 10:38:27 -04:00
Monis Khan 725e1d4432 oidc authenticator: allow specifying a KeySet directly 
This change updates the oidc authenticator to allow specifying an
oidc.KeySet as an input option.  This makes it possible to
synchronously initialize the KeySet instead of relying on the
asynchronous initialization that is normally done to support
self-hosted providers.  This makes it easier to use this code as a
library.

Signed-off-by: Monis Khan <mok@vmware.com>

Kubernetes-commit: b5a1a45d48b4e90e54f512fc829b2ab9866b282e
 2021-04-06 12:20:57 -04:00
Monis Khan 1fd6a1891c oidc authenticator: allow passing in CA via bytes 
This change updates the OIDC authenticator code to use a subset of
the dynamiccertificates.CAContentProvider interface to provide the
root CA bytes.  This removes the hard dependency on a file based CA
and makes it easier to use this code as a library.

Signed-off-by: Monis Khan <mok@vmware.com>

Kubernetes-commit: 5dd4c89df38d4a5389c0cbf2c7fe4f6a5d5534ce
 2021-04-06 11:04:05 -04:00
Kevin Delgado 00544e72ca Update structured-merge-diff to v4.1.1 
Kubernetes-commit: 5f1b146852124e6c5ebfc2b69aee7dfa4fe6d158
 2021-04-02 17:42:54 +00:00
pacoxu fb16abfa53 update uber zap to 1.16.0 to fix a nil pointer exception 
Signed-off-by: pacoxu <paco.xu@daocloud.io>

Kubernetes-commit: 54bc0ff250aa5615233d2f1219f2daecd73ad3c7
 2021-04-01 14:53:49 +08:00
Jordan Liggitt b97dfc761c allow evictions subresource to accept policy/v1 and policy/v1beta1 
Kubernetes-commit: 33ad842480353f2816873bf728d75333948e4817
 2021-03-31 16:54:55 -04:00
Abu Kashem 64517a3e40 apf: exempt probes /healthz /livez /readyz 
Kubernetes-commit: 4447f2459aae1d916742eb1cb129d9438adcea9a
 2021-03-30 12:55:30 -04:00
Niekvdplas c74d3bdddc Fixed several spelling mistakes 
Kubernetes-commit: fec272a7b290a34776eac6698f12be043367a4c2
 2021-03-30 15:28:23 +02:00
John Howard d7e2a0bbee Update kube-openapi and gnostic dependencies 
Pulling in https://github.com/kubernetes/kube-openapi/pull/220

Kubernetes-commit: a849c8998c1ed71f25387a560f8359596aec8bd3
 2021-03-23 08:33:15 -07:00
Abu Kashem bf34b41185 refactor finishRequest 
Kubernetes-commit: a8ff821a19b819a54a54d027ec631eab2ffaedc3
 2021-03-22 18:01:33 -04:00
Abu Kashem 28c097bee7 move FinishRequest to its own package 
Kubernetes-commit: 393a1f73fbaa1bf1facb8882eaf4fead16b94f58
 2021-03-22 16:39:14 -04:00
Brendan Burns 3ba2299cd2 Fix api installer to indicate PATCH may return a 201 for server side apply 
Kubernetes-commit: cb72ce975630b44ec8786d5b72b1e0ee8bb1a0e4
 2021-03-11 17:06:33 +00:00
Antoine Pelisse 49b6ebdaae fieldmanager: Strip managedfields BEFORE we update the timestamp 
Kubernetes-commit: c8be9651ce0de1eee3fa785882fe01dee4b15d37
 2021-03-09 12:46:07 -08:00
Lukasz Szaszkiewicz b5be45a80f DelegatingAuthOptions: allows for specifying a middleware function for custom HTTP behaviour for the auth webhook client 
Kubernetes-commit: ea7d94497b5fef2fe7b925d378f425b94448f01b
 2021-03-04 12:35:09 +01:00