kubernetes
/
apiserver
mirror of https://github.com/kubernetes/apiserver.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
7,034 Commits 30 Branches 1,482 Tags 31 MiB
Commit Graph

7034 Commits

Author SHA1 Message Date
Igor Velichkovich fc7cf5fb84 kep-3716 GA, remove feature gate 
Kubernetes-commit: a51a5b462236d5eb87e6d690065f884c281a833c
 2024-02-28 10:45:51 -06:00
Kubernetes Publisher e3922247fe Merge pull request #123458 from aramase/aramase/i/min_jwt_payload 
add min valid jwt payload to API docs for structured authn config

Kubernetes-commit: 5cf4fbe524ca1479607a4880949a032064556f76
 2024-03-01 00:40:31 +00:00
Kubernetes Publisher 3d757e5f42 Merge pull request #122676 from p0lyn0mial/upstream-watch-cache-init-events-ordering 
apiserver/storage: improve RunWatchSemanticInitialEventsExtended test

Kubernetes-commit: 234f0fcfc32919301739c39941bcf86e99666bc7
 2024-02-29 12:27:20 +00:00
Kubernetes Publisher 9ccc257322 Merge pull request #122717 from jpbetz/crd-object-filters 
KEP-4358: Custom Resource Field Selectors

Kubernetes-commit: a67973a45c4b48585e3331889eca09425caca7c2
 2024-02-29 07:01:48 +00:00
Kubernetes Publisher 0a2e73e991 Merge pull request #123562 from jpbetz/bump-cel-go-0_17_8 
Bump cel-go to v0.17.8 to pick up CEL estimated cost fix

Kubernetes-commit: fe8a12d264c88ac3cd0fb97d73c936de3fdd9788
 2024-02-28 23:18:35 +00:00
Joe Betz 414d2e2d63 Add selectableFields to CRDs 
Kubernetes-commit: 291703482d58ae030da71c6d671a96a6f960fc6f
 2024-02-28 14:06:06 -05:00
Joe Betz 5957e27e51 Bump cel-go to v0.17.8 to pick up CEL estimated cost fix 
Kubernetes-commit: d49949b64205ca68222d001806d127fc6d7489f9
 2024-02-28 10:52:36 -05:00
Kubernetes Publisher 4b96323a12 Merge pull request #120897 from wojtek-t/fix_order_of_init_events 
Ensure that initial events are sorted for WatchList

Kubernetes-commit: 54f9807e1e84981b2053f4daf779f5ed19962144
 2024-02-28 07:29:22 -08:00
Anish Ramasekar b3e4dc29ef add min valid jwt payload to API docs for structured authn config 
Signed-off-by: Anish Ramasekar <anish.ramasekar@gmail.com>

Kubernetes-commit: b57d7d6ad79ed0a2a8359144c07eadeef0ea3fd3
 2024-02-22 16:33:24 -08:00
Lukasz Szaszkiewicz 816c9a3d12 apiserver/storage: improve RunWatchSemanticInitialEventsExtended test 
changes the test to populate the underlying data store with
more data to trigger potential ordering issues.

Kubernetes-commit: 20ded275705a6e11c1113cbeedad4de94e2dc666
 2024-01-10 11:08:35 +01:00
Wojciech Tyczyński 45b7f21179 Ensure that initial events are sorted for WatchList 
Kubernetes-commit: 92bdc7b3873800e6130176e49acdf5e17110e5b9
 2023-09-26 18:39:44 +02:00
Kubernetes Publisher 04dda9abb8 Merge pull request #122830 from p0lyn0mial/upstream-watch-cache-wati-for-bk-after-rv 
storage/cacher: ensure the cache is at the Most Recent ResourceVersion when streaming was requested

Kubernetes-commit: d2b4928669c633cffb0e4aa6317d0e016ee37de6
 2024-02-28 12:29:11 +00:00
Kubernetes Publisher 3e22226ac6 Merge pull request #123281 from seans3/remote-command-websocket-beta 
RemoteCommand over WebSockets to Beta

Kubernetes-commit: f7ca532472f035db2aedc8a1f86639dfd1dc596f
 2024-02-28 12:29:10 +00:00
Kubernetes Publisher f663919323 Merge pull request #123538 from jiahuif-forks/fix/cel/mutation-library-map-support 
CEL mutation library: add support for map

Kubernetes-commit: 286cdad32d7967a5f3b84a8924448ea914d44c00
 2024-02-28 12:29:05 +00:00
Kubernetes Publisher e79edc2673 Merge pull request #123540 from enj/enj/i/jwt_iss 
jwt: strictly support compact serialization only

Kubernetes-commit: 236f1b0f6b4cbb7e372a72d181c6285bdaf74873
 2024-02-28 00:35:48 +00:00
Jiahui Feng 8485f72a96 add support for map 
to CEL mutation library.

Kubernetes-commit: dc4c92f5a5646ed8d131a8bb8ff96b5e6b3e4bb8
 2024-02-27 13:55:08 -08:00
Monis Khan 1154db23b1 jwt: strictly support compact serialization only 
Signed-off-by: Monis Khan <mok@microsoft.com>

Kubernetes-commit: e89dddd4af67d34e441ec1733bdb22ce725d621c
 2024-02-27 12:40:59 -05:00
Lukasz Szaszkiewicz e53bac21d8 storage/watch_cache: rework getAllEventsSinceLocked 
Kubernetes-commit: ecaf2093f51fed5f544520b0ac00fb33a474b7f5
 2024-02-26 12:22:05 +01:00
Sean Sullivan b5f79f8dae streamtranslator counter metric by status code 
Kubernetes-commit: 03812ddb169725b0652744c2ecaa151f5c03887b
 2024-02-24 03:55:17 +00:00
Kubernetes Publisher f08c74c02d Merge pull request #123427 from alexzielenski/apiserver/policy/matching-refactor 
ValidatingAdmissionPolicy: Factor out matching and params logic for reuse with MutatingAdmissionPolicy

Kubernetes-commit: 446afd90b2e56e3f67372f413c1be62b4fc76b6d
 2024-02-22 20:38:53 +00:00
Cici Huang c8d2257e3a [KEP-3962]Add feature gate for MAP (#123425) 
* Add feature gate for MAP

* sort feature gates.

---------

Co-authored-by: Jiahui Feng <jhf@google.com>

Kubernetes-commit: 9bc5257c450f7dfda187bfadd96f32310a2eaa18
 2024-02-21 17:00:13 -08:00
Kubernetes Publisher fe1489716d Merge pull request #123348 from hoskeri/update-go-x-crypto-19 
Update x/crypto to 0.19.

Kubernetes-commit: 9a9028983806af26e7b48223f3a92922e94725df
 2024-02-21 20:38:58 +00:00
Kubernetes Publisher 290f0e4aff Merge pull request #123392 from thockin/depreciate 
Cleanup: s/depreciated/deprecated/g

Kubernetes-commit: 11785bb815d58eb553be3a1fa305464c35d860cc
 2024-02-21 12:41:17 +00:00
Kubernetes Publisher d23525a070 Merge pull request #123342 from logicalhan/storage-metric 
bump the stability level of apiserver_storage_size_bytes to STABLE

Kubernetes-commit: e613eb33885171a0584aa58cfad9e7c157d23326
 2024-02-21 12:41:14 +00:00
Lukasz Szaszkiewicz 19bd56380e storage/cacher: add TestGetWatchCacheResourceVersion, TestGetBookmarkAfterResourceVersionLockedFunc 
Kubernetes-commit: d629d3fa355ec90f618663b0933d28d335489c54
 2024-02-21 10:06:42 +01:00
Tim Hockin d38e8187d9 Cleanup: s/depreciated/deprecated/g 
Kubernetes-commit: 9f4b82bf3b079fe868effbd2498b61464db6d459
 2024-02-18 14:50:55 -08:00
Kubernetes Publisher 4bf12f9a46 Merge pull request #123330 from alexzielenski/flake-workaround 
flake: avoid flake by ensuring params appear in the initial list

Kubernetes-commit: 8a0147c8825ddd6afa56fd3e647e2d659683483c
 2024-02-18 04:43:13 +00:00
Kubernetes Publisher c3868a06e6 Merge pull request #123333 from liggitt/authz-metrics 
Add allowed/denied metrics for authorizers

Kubernetes-commit: 6ff6b519042b40ad9d7710ac132eb4e6231940e1
 2024-02-18 04:43:11 +00:00
Abhijit Hoskeri 759c2142c7 Update x/crypto to 0.19. 
Main reason is to pick up updated CA roots.

Full diff: https://github.com/golang/crypto/compare/v0.16.0...v0.19.0

Kubernetes-commit: d3a0e296defbb0b55e591e273004e79e7ebfb1fd
 2024-02-16 20:18:14 +00:00
Han Kang f615696539 bump the stability level of apiserver_storage_size_bytes to STABLE 
Kubernetes-commit: f38852768e312fe7b9775b92f7228371a0a96f90
 2024-02-16 09:13:46 -08:00
Kubernetes Publisher f68fe095ce Merge pull request #120902 from linxiulei/watch_stack 
Add handler to run execution in separate goroutine

Kubernetes-commit: 6c046796175de51e33290804a7665db5fa752a80
 2024-02-16 12:34:38 +00:00
Jordan Liggitt fe847b31f4 Add allowed/denied metrics for authorizers 
Kubernetes-commit: d5d3eddb95b657f03677c21498f185d70d87cdda
 2024-02-16 02:26:18 -05:00
Kubernetes Publisher 7eb4cd7173 Merge pull request #121946 from liggitt/reload-authz 
KEP-3221: Implement authorization configuration file reloading

Kubernetes-commit: 66d038d84d3d7da0394aca2720823fedadec0dee
 2024-02-16 04:34:39 +00:00
Alexander Zielenski dd139db676 refactor: use shared CollectParams from VAP 
Kubernetes-commit: 4760e0cc44fb0ee2a92d12ee2b17f094e7ea94ec
 2024-02-15 17:00:45 -08:00
Alexander Zielenski 9a4b2b3543 refactor: use match from generic pkg in vap 
It is same exact code, but uses accessors now

Kubernetes-commit: 64cd09f7208e7a45d87ab6436c833c984fa6e594
 2024-02-20 09:22:18 -08:00
Alexander Zielenski ed64edd4e0 add generic policy dispatcher 
similar to the generic policy source, applies common match logic

for code sharing with validating/mutating

Kubernetes-commit: 96c418a7b73f2f85be530ad9b987d70eeeab14b0
 2024-02-21 13:09:49 -08:00
Alexander Zielenski 48e4f369ee test: infer gvk of objects 
avoids relying on the GVK to be written to the object

Kubernetes-commit: 11ed3032c091bab4c56d471c8d0049ccb9c20efb
 2024-02-16 10:43:05 -08:00
Alexander Zielenski eed515aa23 refactor: handle paramKind directly 
remove hacks that might conceal errors

Kubernetes-commit: acf1d850c6153aae10f26ef3d3e21fa8a63b20e0
 2024-02-20 09:22:35 -08:00
Alexander Zielenski 223ffcc3b0 add functions to policy accessors for getting match information and params 
Kubernetes-commit: 6d5133f3ecd4ddb38a29dac69641fb56576491a2
 2024-02-15 16:33:41 -08:00
Alexander Zielenski 8e917a7cef flake: avoid flake by ensuring params appear in the initial list 
sometimes they would not appear in the initial list if they were added while the informer was starting up due to ObjectTracker race

Kubernetes-commit: def05a20e22f069a60f4190755e8c7244d18781c
 2024-02-15 13:58:29 -08:00
Kubernetes Publisher 2c41261361 Merge pull request #123306 from alexzielenski/apiserver/policy/move-owners 
move OWNERS from validating to all new parent policy folder

Kubernetes-commit: 8a57e3cc2b57ff6889643a0900324996c52eaac0
 2024-02-15 20:34:51 +00:00
Kubernetes Publisher 53b26606c5 Merge pull request #123305 from aramase/aramase/f/kep_3331_audience_match_policy_follow_up 
Add integration test for multiple audience in structured authn

Kubernetes-commit: 50bf3a2060ea798600af1a4c125e0b62d08e9680
 2024-02-15 16:34:53 +00:00
Kubernetes Publisher 8242123b04 Merge pull request #122887 from jpbetz/retry-generate-name-create 
Implement KEP-4420: Retry Generate Name

Kubernetes-commit: 58c77d7b63d0a027b37e2189f9de2728e5674169
 2024-02-15 05:33:54 +00:00
Kubernetes Publisher aa40040fbc Merge pull request #123282 from enj/enj/i/authn_config_algs 
Support all key algs with structured authn config

Kubernetes-commit: 72c3c7c924ec88bfb852fd75740ed7b0ab915c38
 2024-02-15 05:33:52 +00:00
Kubernetes Publisher 6d4e589c29 Merge pull request #123165 from aramase/aramase/f/kep_3331_audience_match_policy 
Add `AudienceMatchPolicy` and support multiple audiences in AuthenticationConfiguration

Kubernetes-commit: ba450636a455eedb78a18d21db8919e9afdd4e77
 2024-02-15 01:39:13 +00:00
Kubernetes Publisher f980dbe8f0 Merge pull request #123250 from benluddy/dep-bump-cbor-v2.6.0 
Bump github.com/fxamacker/cbor/v2 to v2.6.0.

Kubernetes-commit: e305e773bbfe8c5bdf9c57881a875e168b004b8c
 2024-02-15 01:39:12 +00:00
Kubernetes Publisher ffe03d21f3 Merge pull request #122919 from alexzielenski/apiserver/policy/mutating-initial 
Refactor AdmissionPolicy for code sharing with mutating

Kubernetes-commit: 684a9975fe0e1dac4ffe00c9826590f231bdd030
 2024-02-15 01:39:10 +00:00
Anish Ramasekar 1bc99127a6 Add integration test for multiple audience in structured authn 
Signed-off-by: Anish Ramasekar <anish.ramasekar@gmail.com>

Kubernetes-commit: 0feb1d5173c94e28da79963fb296296b005dd6a1
 2024-02-14 17:04:21 -08:00
Alexander Zielenski 7e9e7fe668 move OWNERS from validating to all new parent policy folder 
meant to do this in refactor PR

Kubernetes-commit: bd27c99262e73955af6af19a1d6d72fce6739522
 2024-02-14 16:32:08 -08:00
Monis Khan d887d80e81 Support all key algs with structured authn config 
Signed-off-by: Monis Khan <mok@microsoft.com>

Kubernetes-commit: b5e0068325da7aa5ca42a7d5ea6b0f012a519765
 2024-02-13 13:45:53 -05:00