kubernetes
/
apiserver
mirror of https://github.com/kubernetes/apiserver.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
7,034 Commits 30 Branches 1,482 Tags 31 MiB
Commit Graph

7034 Commits

Author SHA1 Message Date
Kubernetes Publisher 503dabd7e9 Merge pull request #123179 from aramase/aramase/f/encryption_config_reload_metric 
Add `apiserver_encryption_config_controller_automatic_reloads_total` metric and deprecate success/failure counter

Kubernetes-commit: 7abb063b42c7770628ee2b69e25370cf6334882a
 2024-02-13 17:30:58 +00:00
Ben Luddy 137045a592 Bump github.com/fxamacker/cbor/v2 to v2.6.0. 
Kubernetes-commit: aac43dc96f2b679f0ab030fd3512c7e03b0f2df4
 2024-02-12 15:46:17 -05:00
Anish Ramasekar f6b16dddb3 Add `apiserver_encryption_config_controller_automatic_reloads_total` 
metric

- Adds `apiserver_encryption_config_controller_automatic_reloads_total`
  metric with status label for encryption config reload success/failure.
- Deprecated `apiserver_encryption_config_controller_automatic_reload_failures_total` and `apiserver_encryption_config_controller_automatic_reload_success_total`

Signed-off-by: Anish Ramasekar <anish.ramasekar@gmail.com>

Kubernetes-commit: 77241d31253baf051302fff7480c9601ad817399
 2024-02-07 19:44:41 +00:00
Kubernetes Publisher 9d6ad00bf4 Merge pull request #121486 from benluddy/cbor-stub 
KEP-4222: Add stub CBOR serializer.

Kubernetes-commit: 48228bf9dbac308f43abd59a53fdc069fbddee0f
 2024-02-10 01:48:31 +00:00
Kubernetes Publisher 76d76deeaf Merge pull request #123083 from jiahuif-forks/feature/validating-admission-policy/typechecking-variables 
ValidatingAdmissionPolicy: support variables

Kubernetes-commit: 002b0f00033e3fd4650dd4da3717b9187b8621e1
 2024-02-09 01:38:56 +00:00
Jiahui Feng 6f620d4d18 add test case for error inside variables. 
Kubernetes-commit: 3e777540fda8dda01bb72702b1e39675f21d2955
 2024-02-08 13:39:25 -08:00
José Carlos Chávez f099bff723 chore: adds consistent vanity import to files and provides tooling for verifying and updating them. (#120642) 
* chore: drops update vanity imports from script.

* chore: changes copyright year to 2024.

* chore: makes lint happy.

Kubernetes-commit: 6d6398ef9266abce3518a4c9a3d4e4d8feeffdc1
 2024-02-08 14:10:27 +00:00
Kubernetes Publisher 970932bc20 Merge pull request #123001 from tkashem/apf-allow-zero-concurrency 
Allow zero value for the 'nominalConcurrencyShares' field

Kubernetes-commit: 862ff187baad9373d59d19e5d736dcda1e25e90d
 2024-02-06 17:33:50 +00:00
Kubernetes Publisher 5bcf390db2 Merge pull request #122925 from tkashem/timeout-refactor-handle-error 
apiserver: refactor handleError in endpoints/filters

Kubernetes-commit: 35b1bc45ef380f8a95ccd6d24b0485d22ac41b68
 2024-02-06 13:30:57 +00:00
Kubernetes Publisher 8340bec347 Merge pull request #123098 from munnerz/4193-jti-audit-changes 
use authentication.kubernetes.io/issued-credential-id audit annotation in serviceaccount token registry endpoint

Kubernetes-commit: 8c6e940a970e3a910b02442c001735619a8c7ba4
 2024-02-05 17:30:48 +00:00
Kubernetes Publisher 7b91578b43 Merge pull request #122557 from liangyuanpeng/anp_0.29 
Bump konnectivity-client to v0.29.0

Kubernetes-commit: 6972fd7d0be4f85b98737aaf8c2e105b42c0de6e
 2024-02-05 17:30:47 +00:00
buddie.wei 586f61dd0f Fix the syntax error in the comment of the checkQuotas method. (#121428) 
* Update controller.go

Fix comment error.
From "It there was no quota change mark the waiter as succeeded." to "If there was no quota change mark the waiter as succeeded."

* Adjust the comments to maintain consistent tense throughout.

Adjust the comments to maintain consistent tense throughout.

Kubernetes-commit: 5855f5178f42dbc114b6c5ac1964a5dd62bb0957
 2024-02-06 00:45:00 +08:00
James Munnelly c60b23f298 use authentication.kubernetes.io/issued-credential-id audit annotation in serviceaccount token registry endpoint 
Kubernetes-commit: 7f12735fffdc490eae59e98d0f03638067b028de
 2024-02-02 16:57:16 +00:00
Kubernetes Publisher 9dc08c72a8 Merge pull request #115282 from tkashem/panic-warning 
apiserver: warning.AddWarning should not panic when request times out

Kubernetes-commit: ac6d67d27c63822298a9c725daec47f70dde94dc
 2024-02-02 01:30:00 +00:00
Jiahui Feng ab64beb117 add support of variables for Type Checking. 
Kubernetes-commit: dc832c6e59e98f8b842efe42d3f18a67e781779d
 2024-02-01 15:28:21 -08:00
Jiahui Feng 1501159ecb refactor type checking to use CompositedCompiler. 
Kubernetes-commit: 21ba0d59d3a29b5668d4ba712d5b130d458121c6
 2024-02-01 13:20:21 -08:00
Kubernetes Publisher da62838474 Merge pull request #121512 from HirazawaUi/add-decod-time-trace 
Add decode time to the audit log

Kubernetes-commit: 11b974043604f5ccbeb6e5e62e1d9edcf00bc336
 2024-01-31 21:30:53 +00:00
Kubernetes Publisher c1f89863c2 Merge pull request #118511 from lowang-bh/fix_spell_error 
fix comment of rbac decision for NoOpinion

Kubernetes-commit: fb7181792b693d9248179154a2e7172f0cd405db
 2024-01-31 21:30:52 +00:00
Kubernetes Publisher 2e2157fa2f Merge pull request #123003 from alexzielenski/apiserver/policy/crd-startup 
ValidatingAdmissionPolicy: dont skip reconcile for unchanged policy if last sync failed

Kubernetes-commit: 4f910fe47cc9a0cf648a049a6cccc38be17b0ad6
 2024-01-29 20:36:41 -08:00
Alexander Zielenski 1672796601 bugfix: avoid NPE possibility by making composition environment global 
Kubernetes-commit: 3094395fa76210f33118d10d6a7c8214c50a7f33
 2024-01-29 13:45:27 -08:00
Alexander Zielenski 69adaecb9e bugfix: dont skip reconcile for unchanged policy if last sync failed 
Kubernetes-commit: 71559bd02670f53a2d6640714eeb4e7fbc554e86
 2024-01-26 18:57:30 -08:00
Kubernetes Publisher 0dd0e74922 Merge pull request #122886 from jiahuif-forks/feature/cel/mutating-library 
[CEL Library] Unstructured Object Construction Support

Kubernetes-commit: 2363cdcc399cbf428210efb2c51575ddcad2b84a
 2024-01-27 01:29:38 +00:00
Abu Kashem 554c2d262b apiserver: allow zero value for the 'nominalConcurrencyShares' field 
Kubernetes-commit: 5f75c35edf1ea0a10a64615c43b5868484c94f46
 2024-01-26 14:27:09 -05:00
Jiahui Feng 95a53374a5 convert the expectedValues to be cel.Val. 
Kubernetes-commit: c89dcf52b12bf5e32f71f3ed600315242f7e44f6
 2024-01-25 13:52:39 -08:00
Jiahui Feng f0c47558ed extra case for affirmative has(map) test. 
Kubernetes-commit: d6991638029be493e5c197b6cd0d268d8ce55457
 2024-01-25 13:36:42 -08:00
Kubernetes Publisher 9d32b8c86a Merge pull request #120631 from liyuerich/ptrderef 
Drop deprecated pointer package

Kubernetes-commit: fb1aea9a289e155fa21a57e9512acd61ed1b786b
 2024-01-24 21:29:42 +00:00
Anish Ramasekar fb760be3fc support multiple audiences with jwt authenticator 
Signed-off-by: Anish Ramasekar <anish.ramasekar@gmail.com>

Kubernetes-commit: 18c563546a764b559ce5b74f09eaaaf9c1f0e5fb
 2024-01-24 17:15:11 +00:00
Anish Ramasekar 26996e3679 Add AudienceMatchPolicy to AuthenticationConfiguration 
Signed-off-by: Anish Ramasekar <anish.ramasekar@gmail.com>

Kubernetes-commit: 19da90d6396ce9471f612d6e9a31f1b1c8d605b1
 2024-01-25 22:35:16 +00:00
Jiahui Feng eb407cc3dd fix convertField and its comments. 
Kubernetes-commit: d0c323fb8fbfa5c1b91ae445cbda60a416e85e65
 2024-01-23 16:47:33 -08:00
Jiahui Feng 3a5a43790e add support for equality check. 
Kubernetes-commit: df9620c9f6f6a60f7cbcacb3ad9fa40d79d1d73e
 2024-01-23 16:07:39 -08:00
Alexander Zielenski 9fd47abbb1 refactor: implement VAP off of policy plugin fw 
Kubernetes-commit: 18fbc48b0155485cd78ec4d0e6050ccbb7d8e058
 2024-01-22 17:31:52 -08:00
Alexander Zielenski f8d65cf3a6 refactor: create generic policy plugin type similar to webhook 
Kubernetes-commit: a6366573d5ca328438b80d72d0ae5a5bf6b178be
 2024-01-22 17:31:34 -08:00
Jiahui Feng 8b89a41f3f mutation library for CEL. 
- TypeRef, TypeProvider interfaces.
- TypeRef, TypeProvider, ObjectVal, FieldType implementations
   for unstructured.
- Tests for using optional in mutation.

Kubernetes-commit: 9bbdbc510ebf8e2dcb243d6fbbf57449f895196e
 2024-01-19 17:03:34 -08:00
Joe Betz 6f648c15a2 Add retry around create 
Kubernetes-commit: a05db0dd22a68a9c443a9f01cc1b8f6397fd6a9f
 2024-01-19 16:10:30 -05:00
Alexander Zielenski 06be9d025c refactor: move matching logic into parent policy folder 
Kubernetes-commit: d697f43d73870679ad4cd46939ad28e06926b6d3
 2024-01-17 18:12:41 -08:00
Alexander Zielenski 57e06e43f7 refactor: move vap into parent `policy` folder 
also renames to remove stutter

comment

Kubernetes-commit: 8b14116509ac19234924878ab08f7e9e8f03549a
 2024-01-17 18:09:30 -08:00
Alexander Zielenski 3769e5c054 refactor: move celmetrics close to its usage in vap 
does not need to be accessed from anywhere else, and removed an excessive lonesome `cel` pkg with just the metrics

Kubernetes-commit: 8b26b6eec1b0d99518e7c53879e1d44ade2eebc7
 2024-01-17 17:05:53 -08:00
Lukasz Szaszkiewicz 76172aaa1f storage/cacher: ensure the cache is at the Most Recent ResourceVersion when streaming was requested 
Kubernetes-commit: f90bcf649e0f3dc233f49882468f949b0f00ac4f
 2024-01-17 14:10:04 +01:00
Abu Kashem e6f368f3b9 apiserver: refactor handleError in endpoints/filters 
Kubernetes-commit: 9e37ccedc7fbbbacf07ecc79949c75e1e250ba58
 2024-01-09 13:32:09 -05:00
Lan Liang d24017c506 Update konnectivity to 0.29.0 
update konnectivity server&agent images to 0.29.0

  bump konnectivity deps to 0.29.0

Signed-off-by: Lan Liang <gcslyp@gmail.com>

Kubernetes-commit: d3b8eba690f8eeaf41b4fdf56c943004be501e4e
 2024-01-02 05:52:55 +00:00
Jordan Liggitt c2310e1279 Implement authz config file reloading 
Kubernetes-commit: 5dc92ada068cb80a2866cfaa1f9aa760d2524680
 2023-11-08 08:49:58 -06:00
HirazawaUi bc8676d59a Add decoding time to the audit log 
Kubernetes-commit: 20fe2a3539e90f7554f94359ac3b4058a5bbb363
 2023-10-25 22:52:11 +08:00
Ben Luddy f9391f6b1d Update vendoring to take new CBOR library dependency. 
Kubernetes-commit: 09a1abda998fc37e2e29a120a82be7c6271656e0
 2023-10-17 16:51:52 -04:00
Eric Lin 000601bdbe Add handler to run watch serving in separate goroutine 
This handler allows running execution prior to actual serving in a separate
goroutine when serving requests. Doing so benefits cases in serving long running
requests because it allows freeing memory used by the separate goroutine
and keeps the serving routines slim.

Signed-off-by: Eric Lin <exlin@google.com>

Kubernetes-commit: 7b2698a5e5c61b303481c2006847409fc8704746
 2023-10-10 08:53:26 +00:00
liyuerich f709e954ab drop deprecated pointer package 
Signed-off-by: liyuerich <yue.li@daocloud.io>

Kubernetes-commit: e490439262fad619d83c5647a42a5382cb9c787b
 2023-09-15 21:03:36 +08:00
Kubernetes Publisher 888034e53f Merge pull request #122518 from cici37/celEnv29 
Update env version, add cost for previous added func, add tests, etc.

Kubernetes-commit: 31197eba75040cb0b88f488caf18a4c87182abed
 2024-01-23 21:29:53 +00:00
Kubernetes Publisher 338910dbd7 Merge pull request #122873 from p0lyn0mial/upstream-reflector-usewatchlist-pointer 
client-go/reflector: make UseWatchList a pointer

Kubernetes-commit: 445869a59bdbd1c587b72b52c5da94c1d1c316a1
 2024-01-22 21:32:29 +00:00
Lukasz Szaszkiewicz ca8d0aaf91 client-go/reflector: make UseWatchList a pointer 
until #115478(use streaming against the etcd storage)
is resolved the cacher need a way to disable the streaming.

Kubernetes-commit: 41e706600aea7468f486150d951d3b8948ce89d5
 2024-01-19 13:48:29 +01:00
Kubernetes Publisher 9f9c32c4ac Merge pull request #122842 from pohly/klog-update 
dependencies: klog v2.120.1

Kubernetes-commit: b27b56a46c4c1e6be0dc2b1a0230d86223a7e903
 2024-01-18 21:34:52 +00:00
Kubernetes Publisher da46024a72 Merge pull request #122839 from pohly/ginkgo-gomega-update 
dependencies: ginkgo v2.15.0, gomega v1.31.0

Kubernetes-commit: c82da711b0e2184f851675aac4596bbd0f74763f
 2024-01-18 21:34:51 +00:00