b1f08321f6
Simplify the resource_encoding_config.go, since we don't need per group override at all
...
Kubernetes-commit: 4ea07084dddde5be97d5405696fae47bca4d4663
2018-09-28 16:07:31 -07:00
f516170e82
Remove unnecessary group storage version defaults. The storage version
...
is either decided by the schema's version priority, or by the per
resource override.
This fixes a bug where the "batch" group is encoded in v1beta1, which
was hidden when --storage-versions is a valid flag.
Kubernetes-commit: 98a1003f57988ccc361af7aee5d0ae49de66dbb4
2018-08-21 17:45:14 -07:00
9c9f2c012a
apiserver: fix openapi extension types to be JSON
...
Kubernetes-commit: e67d5f2d8dbbc45d28d0fd5566747ef0df93eb6d
2019-02-07 15:34:42 +01:00
b8e8ca734e
Fix function comment
...
Signed-off-by: PingWang <wang.ping5@zte.com.cn>
Kubernetes-commit: 7750422a9d5038a2b9da5b79990ceff406434f77
2018-11-10 15:38:56 +08:00
4c9524b9fb
Updated OWNERS files to include link to docs
...
Kubernetes-commit: b43c04452f3b563473b5c2a765d4ac18cc0ff58f
2019-01-30 20:05:00 +01:00
f60d1ce95c
Set the maximum size increase the copy operations in a json patch can cause
...
Kubernetes-commit: f001f9e1dbce644a1b7d22b370ab37fc7d770c7e
2019-02-04 11:15:16 -08:00
337fc9ccde
API Machinery, Kubectl and tests
...
Kubernetes-commit: 0e1d50e70fdc9ed838d75a7a1abbe5fa607d22a1
2019-01-16 21:14:42 -08:00
77c59f4906
update docs.go files under staging/src/k8s.io/apiserver/pkg/server
...
Kubernetes-commit: 03d892a44df6dbcac7ad28f1519d7d606f42e1ee
2019-02-03 20:43:13 +00:00
15d93876c8
Wait for post-hooks to run before checking the healthz output
...
Kubernetes-commit: 8a2f709b35e750a40b12ccf287e279b1da0f07ec
2019-01-30 09:34:43 +01:00
cb1e16cec7
sync: squashed up to merge 1f7e9fd9a2b31ee21babef2cbdd18caeb8c14cdc in e72b32558c8e9ed16690ef5a8e909c12fcc47f87
2019-02-01 14:44:40 +00:00
123cf8011f
Remove alpha InitializerConfiguration types, Initializers admission plugin
...
Kubernetes-commit: dc1fa870bff65c20f48a83ea3af54adb3f526e28
2019-01-16 10:19:44 -05:00
35fe690052
remove deprecated openapi paths in favor of /openapi/v2
...
Kubernetes-commit: 52519ecb1cfd1b55995684520196dd71e1886754
2019-01-21 16:33:41 -05:00
db5a1882b5
apiserver: sync with https server shutdown to flush existing connections
...
Kubernetes-commit: 5b47f99164d76b6b043d7de2d3834abeda6685b0
2019-01-16 15:58:53 +01:00
e0406b8675
Change endpoints metrics to conform guideline
...
Kubernetes-commit: 88c4b644005c5f674e9d03abae7e1cccda4fd23e
2018-12-26 22:29:13 +08:00
3039935d60
adds dynamic audit integration test
...
Kubernetes-commit: d995047366153d86f0061b829ee4e7657f17996b
2018-10-16 16:17:33 -06:00
0550db794e
move logs into component-base
...
all the code changes to move move /apiserver/pkg/util/logs into /component-base/logs
Kubernetes-commit: ba81a5409affb6b861d5994c1e2f7c74a05826e5
2019-01-17 09:06:12 -05:00
1e20513561
fix typo and instead of amd
...
Kubernetes-commit: 3e83f0f08abab4c10dfab7053529709883c9b834
2018-10-30 01:27:50 +08:00
2109711572
Remove build/verify scripts for swagger 1.2 API docs, API server swagger ui / swagger 1.2 config
...
Kubernetes-commit: 9229399bd6049bc7766829b436d5cb5fe0dfe2f1
2019-01-15 10:44:36 -05:00
0202761ce2
Ensure we set a content-type for healthz
...
Change-Id: I453b1433c69bf26c28da873dbdd1ac25006b8d60
Co-Authored-By: Tim Allclair (St. Clair) <tallclair@google.com>
Kubernetes-commit: eedb70355ad59f9d7054dba198a8352554274e0a
2019-01-03 10:05:58 -05:00
9c474d9c53
require timeout to be greater than zero.
...
add unit test to cover timeout behaviour.
Kubernetes-commit: 39aca564749cd92ed1cfec7129eb3f6593549137
2019-01-04 17:06:07 -08:00
d9414ee2ab
Expose kms timeout value via encryption config.
...
Kubernetes-commit: a4dc53cfeb91ee07cedcc6959e88e30cb0c3cca8
2019-01-03 14:26:57 -08:00
efb664a483
kube-apiserver: add e2e graceful shutdown integration test
...
Kubernetes-commit: a2e19f1228b365f17401b1e958a6bb684e65fd65
2018-12-19 12:42:22 +01:00
12d1c63697
apiserver: check that request fail after shutdown
...
Kubernetes-commit: c0d8ad1578efe52df3ca6bc57a90a623d1d2e482
2018-12-19 12:41:58 +01:00
b87560e3bd
Log Health Check failure at Verbosity Level - 4
...
Our default recommendation as well as our CI default is 4, so we should
be able to see the health check errors at the same level 4 itself.
Change-Id: I388f945d3522d1f63f0a85f35e765c2d4f2c548a
Kubernetes-commit: 3d6b3857b29b9c738f258344781ce4a9b40b9a0b
2019-01-06 21:32:57 -05:00
e2884e1186
Revert "Generate Stack Traces for http response with status code zero"
...
Does not help with the bug investigation. the http server is designed to
panic when the http status code is `0`.
This reverts commit 72792d59f46f822cf360e797d886e582a6a2dc60.
Kubernetes-commit: 85ae15621af1d71caf5d0bac2299d17ec1020664
2019-01-04 15:26:07 -05:00
fe4a2dbfb0
preserve behavior of ignoring invalid --runtime-config keys and api/all=false
...
Kubernetes-commit: fc3fca2857a18464cfff8aff5f9e4b062f293ac5
2019-01-04 13:50:21 -05:00
1702e95788
fix typo in warning advice for permissions
...
Kubernetes-commit: 1105e4e0d1c0e78e2a203a136e9f8bcaff5c36ab
2019-01-04 09:58:06 -05:00
e16a86073e
add a content-type filter to apiserver filters to autoset nosniff
...
Kubernetes-commit: d0532bdb9ab40e06ee0702481f623d5054c8831a
2019-01-04 14:06:46 -08:00
2b1eeee742
Generate Stack Traces for http response with status code zero
...
When we spit out a http reponse with a `0` http status code we
should log a trace back so we can easily find where things went wrong.
Change-Id: Ic2aadec3a3de85fbdf64da66d6d12e3c631f409d
Kubernetes-commit: 72792d59f46f822cf360e797d886e582a6a2dc60
2019-01-03 16:52:36 -05:00
7d47897b55
apiserver: separate transport setting from storagebackend.Config
...
Kubernetes-commit: 7b242533a217bd809e2c846c3e3fadf7bf6edee8
2018-09-12 10:59:01 +02:00
837d33c6f5
Allow enabling/disabling specific extensions/v1beta1 resources
...
Kubernetes-commit: e016e132f519dbfb63ce09f6084d6dd64617f615
2018-12-20 13:08:14 -05:00
7b0f961e27
Remove uses of extensions/v1beta1 clients
...
Kubernetes-commit: fd9e9b01b1c79c47c7edb4980468f2675daebf27
2018-12-19 11:18:53 -05:00
a3f2a871b3
Surface help for insecure ports to explain how to disable
...
Kubernetes-commit: 819b502768034b8104904cd7031db8c4838f900a
2018-11-30 10:52:37 -05:00
232ebfaeaf
Allow kube-scheduler to tolerate cluster auth config lookup failure
...
Kubernetes-commit: 416e11421590838f0022242bff1db10da595b074
2018-12-05 13:51:06 -05:00
b4ca200ede
apiserver: add component label to request metrics
...
Kubernetes-commit: 7190b17e5a52a7c0673c2e8a30cbe95f2847a6df
2018-11-29 16:30:15 +01:00
cc459864cf
remove duplicate word
...
Signed-off-by: Jintao Zhang <zhangjintao9020@gmail.com>
Kubernetes-commit: b32bd6e812138faa218a0ab906989fdca27843a2
2018-12-03 19:24:45 +08:00
d294e6b5b4
Update non-test code to use DefaultMutableFeatureGate
...
Kubernetes-commit: d440ecdd3b41a4fc4a207195e1bb976422d6d35e
2018-11-20 23:59:52 -05:00
ee7fb67d6e
Clarified syntax doc on --watch-cache-sizes
...
Noted that group must be omitted for resources of apiVersion v1 (the
legacy core API) and included for others.
Fixes #65393
Kubernetes-commit: fc20359fed5e3d0e89a60653b9b0d638d4d757d8
2018-11-12 14:45:45 -05:00
e485f8578d
kubeapiserver: rename '--experimental-encryption-provider-config' to '--encryption-provider-config'.
...
This change renames the '--experimental-encryption-provider-config'
flag to '--encryption-provider-config'. The old flag is accepted but
generates a warning.
In 1.14, we will drop support for '--experimental-encryption-provider-config'
entirely.
Co-authored-by: Stanislav Laznicka <slaznick@redhat.com>
Kubernetes-commit: 21c1bb883081b13244002271bccc9cf119d4db4f
2018-03-23 14:16:04 +03:00
877329b0f3
Add option to k8s apiserver to reject incoming requests upon audit failure
...
Kubernetes-commit: 7a10f4eda725f55bec9893eb1c03f2402dbcd32f
2018-07-03 14:40:55 +02:00
a7180e74a2
Revert "Merge pull request #67205 from roycaihw/crd-openapi-spec"
...
This reverts commit 54ee58b2d613c636f972312ca80357563292b57d, reversing
changes made to 9e2820e4c9541a7718e9d5b7a0ee62429552023a.
Kubernetes-commit: 8799eb4e2e12e5d144871a35c6288b8433a74c9b
2018-11-16 16:36:24 -05:00
e2bc8e4617
Introduce kubeapiserver.config.k8s.io/v1 with EncryptionConfiguration and use a standard method for parsing config file.
...
Co-authored-by: Stanislav Laznicka <slaznick@redhat.com>
Kubernetes-commit: c21cb548e6c7d4ab019fce8a35c9b99c035c2071
2018-05-02 18:21:38 +02:00
f78d7e624c
fix a description error in DynamicAuditing feature
...
Kubernetes-commit: 84aa00c03df00eade6615ca009fa9b2943a98b8c
2018-11-17 01:49:02 +08:00
3c9d1f5b21
Apiextensions-apiserver aggregates CRD schemas
...
efficiently without checking conflicts, and wire up CRD discovery
controller to serve OpenAPI spec.
Kubernetes-commit: 3222a7033cf9128b76c0677887f4e383821d0475
2018-11-15 11:02:11 -08:00
bb8c155568
apiserver: preserve stack trace in handler panic beyond timeout handler
...
Kubernetes-commit: 96fd0482f41ff34ef7d9b7de07ded38152a35141
2018-11-15 09:56:49 +01:00
0837aa9e3a
apiserver: in timeout_test separate out handler
...
Kubernetes-commit: e43e5e2e4547c7cfb50190d67556352ef0aee9e8
2018-11-15 09:26:02 +01:00
7cc3f112fb
Build OpenAPI Definitions per group instead of per resource
...
Kubernetes-commit: 758e8623e9b08065f053bedf4474626696b6346c
2018-11-14 12:50:02 -08:00
9fd62b6f47
adds dynamic audit configuration
...
Kubernetes-commit: eb89d3dddd3792b0a6cd724e64bbbc11d6c15380
2018-10-18 21:34:17 -05:00
f61020971c
add ability to exclude health checks from failing healthz by passing in a query param
...
Kubernetes-commit: f1f1bc83fd07450a191ecf94b945f1b772d1dc7c
2018-11-12 16:17:36 -08:00
2710b17b80
Move from glog to klog
...
- Move from the old github.com/golang/glog to k8s.io/klog
- klog as explicit InitFlags() so we add them as necessary
- we update the other repositories that we vendor that made a similar
change from glog to klog
* github.com/kubernetes/repo-infra
* k8s.io/gengo/
* k8s.io/kube-openapi/
* github.com/google/cadvisor
- Entirely remove all references to glog
- Fix some tests by explicit InitFlags in their init() methods
Change-Id: I92db545ff36fcec83afe98f550c9e630098b3135
Kubernetes-commit: 954996e231074dc7429f7be1256a579bedd8344c
2018-11-09 13:49:10 -05:00
85a1725c91
fix healthz checkerNames test so that it tests against the expected output
...
Kubernetes-commit: 0623f630ab37ad75961bf836195e190e6bcf560e
2018-11-07 09:26:11 -08:00
631dda550e
kube-scheduler: enable secure ports 10259
...
Kubernetes-commit: cb95edafe8bf4f294beb53d0a7bc04d62584577c
2018-09-05 16:42:16 +08:00
032ec9d79b
Switch to sigs.k8s.io/yaml from ghodss/yaml
...
Change-Id: Ic72b5131bf441d159012d67a6a3d87088d0e6d31
Kubernetes-commit: 43f523d405b012fa8d90dd95b667f520e036f6bc
2018-11-02 16:41:57 -04:00
257a06e88a
add With method for allowed URL options on delegated authorization
...
Kubernetes-commit: 77b56ec9e36dd721c341ce838d608e8af10ce51f
2018-11-06 10:44:29 -05:00
136e478e9f
encryption-at-rest approvers/reviewers
...
Kubernetes-commit: 666c93a8343029a499ea64de8a6d09596097ccb3
2018-11-02 17:38:17 -04:00
83c8e657ed
allow delegated authorization to have privileged groups
...
Kubernetes-commit: 0b70b7a7c975589f7019e5017c334cf0ee6b819f
2018-11-05 16:23:20 -05:00
f8fa426bd3
Use `audit.k8s.io/v1` as default value of option --audit-webhook-version and --audit-log-version in release 1.13
...
Kubernetes-commit: 9671a035f7e7308ac804b4637af19bac2ecce0f4
2018-10-31 17:22:37 +08:00
1692373df9
move audience context functions to authenticator package
...
Kubernetes-commit: 817cf70191b73d1ee9f4e7af83089e5854e5131d
2018-10-31 14:50:11 -07:00
22df332aff
Allow components to generate certificates in-memory
...
Kubernetes-commit: b7160d4ee2073f06293d7c3b20acdf4620fadf61
2018-10-16 17:22:13 -04:00
7c1e7ec029
echo audiences in anonymous and insecure authenticators
...
part of https://github.com/kubernetes/kubernetes/issues/69893
Kubernetes-commit: f94bc6193e1e299b1cb258b59504fab81cf8da1c
2018-10-26 15:29:55 -07:00
47845b88c3
Update usages of http.ResponseWriter.WriteHeader to use http.Error
...
Signed-off-by: Ibrahim AshShohail <me@ibrasho.com>
Kubernetes-commit: 2fb3ba71f196031e9b36095d64c921cacc54f44e
2018-10-08 22:20:52 +03:00
2ced48ac6e
rebase authenticators onto new interface.
...
Kubernetes-commit: e5227216c0796d725c695e36cfc1d54e7631d3a6
2018-10-15 15:17:36 -07:00
c7c9a358c2
etcd2 code cleanup, remove deserialization cache
...
Kubernetes-commit: c8db31b84adc40aa875917fbca27b2a787902088
2018-10-15 22:17:44 -04:00
37ab80320b
tokenreview: add APIAudiences config to generic API server and augment context
...
Kubernetes-commit: 21fd8f204128a7847786927b460d95be34a6dbde
2018-10-09 22:04:52 -07:00
13ab2dca08
Remove ericchiang from OWNERS files
...
Kept myself in the OpenID Connect ones for now.
Kubernetes-commit: 766f5875bfa0d8ce4d52cdb87d12faea527e1492
2018-10-11 18:11:15 -07:00
bd604a62aa
Remove deprecated --etcd-quorum-read flag
...
Kubernetes-commit: cff79c542130831f4a212099974570244a0c9586
2018-10-08 11:04:28 -04:00
92e87e143a
Update gofmt for go1.11
...
Kubernetes-commit: 97b2992dc191a357e2167eff5035ce26237a4799
2018-10-05 12:59:38 -07:00
fbe89f5f9b
Remove useless named return value
...
This cleans up the useless named return value stopCh at
SetupSignalHandler().
Kubernetes-commit: 2e560e797e22c44ac628581486d847c2d5bdbd59
2018-08-02 19:28:17 +08:00
41e5031224
Populate ClientCA in delegating auth setup
...
kubernetes/kubernetes#67768 accidentally removed population of the the ClientCA
in the delegating auth setup code. This restores it.
Kubernetes-commit: 65cea86e4413cb5899c3b89bda375bb326de5093
2018-10-04 12:48:18 -04:00
3b6fc08803
Remove etcd2 storage backend
...
Kubernetes-commit: 85ae79500fba7d6e51292b12daff829027b59872
2018-10-01 16:48:14 -04:00
e9bce895cf
Lazily dial kms-plugin.
...
Kubernetes-commit: 07cbf2545f705d0448631f479a18d0b86b7055dc
2018-09-12 14:56:44 -07:00
1a58e1c6ad
apiserver: make InClusterConfig errs for delegated authn/z non-fatal
...
Kubernetes-commit: 04e793e65ad70df5c4ab280c42740864e54163cd
2018-09-05 09:12:19 +02:00
c8f47fd79c
apiserver: fix misleading delegated authn/z warnings
...
Kubernetes-commit: 059fce63b755ef6052db273fd6c91f3090036389
2018-09-05 09:11:45 +02:00
f91709c7f9
kube-controller-manager: disable authn/z on insecure port
...
This is the old behaviour and we did not intent to change it due to enabled authn/z in general.
As the kube-apiserver this sets the "system:unsecured" user info.
Kubernetes-commit: 8aa0eefce8fbd801a38da46c8704f2d74996e5cd
2018-08-30 19:20:19 +02:00
ecbc9eada2
Fix grammar in secure-port flag help
...
The phrasing made it difficult to understand the message.
Kubernetes-commit: c0ded2d9f5beb5eb02b356076166c365073a639a
2018-08-30 18:50:26 -04:00
c726863192
apiserver: make not-found external-apiserver-authn configmap non-fatal
...
Kubernetes-commit: 5d56e791bb932cc297de08db302540684e6f9d4c
2018-08-24 18:30:58 +02:00
7dbcbd39e2
Remove deprecated legacy audit logging code.
...
Kubernetes-commit: 3f730d4c255e7c8ee67a020eed0b8f0a8f634750
2018-07-05 13:57:17 +02:00
fdd6b9e860
apiserver: forward panic in WithTimeout filter
...
Kubernetes-commit: eec1b521117aa7271be3a3f0919c88caf5b73c54
2018-08-29 13:44:16 +02:00
16d4968bf9
authn/z: optionally opt-out of mandatory authn/authz kubeconfig
...
Kubernetes-commit: a671d65673590f0dfcf5c2b673e1518d11510bdb
2018-08-22 11:56:07 +02:00
24a0ab5db2
Size http2 buffers to allow concurrent streams
...
Kubernetes-commit: 554c0d73282ce7c30f11e0f4d985a6c30cf6e418
2018-08-27 11:46:49 -04:00
34ff0933dd
expose generic storage factory primitives
...
Kubernetes-commit: 81b9213ac2cc7744b8a62ac42b269b97c1d17b5a
2018-08-27 10:45:52 -04:00
cfb1e16b55
apiserver: unify handling of unspecified options in authn+z
...
Kubernetes-commit: 0ede948e47d33474a4e30c845d7896c58a319e39
2018-08-21 16:42:13 +02:00
a8bd1ddbf7
delegated authz: add AlwaysAllowPaths mechanism to exclude e.g. /healthz
...
Kubernetes-commit: 6142e2f8f7c8b1c5d32a2f9aa3715ea0b5baf167
2018-08-17 17:03:16 +02:00
c27f181946
add unit test func TestServerRunOptionsValidate
...
Kubernetes-commit: cdef8029d4aea52e607da4101ad44b1b4163f869
2018-08-22 10:19:13 +08:00
7e18a5d0a6
add unit test func TestToAuthenticationRequestHeaderConfig
...
Kubernetes-commit: 0da04d61ab4b70817083c8208af12397b818546a
2018-08-22 10:18:30 +08:00
769565b214
add unit test func TestAPIEnablementOptionsValidate
...
Kubernetes-commit: 73ee10495b5be414b9fae718e5129765c7c3ed19
2018-08-22 10:17:58 +08:00
c872082b0a
add unit test func TestEtcdOptionsValidate and TestParseWatchCacheSizes
...
Kubernetes-commit: 67a1d53bd74265637718b67c80f48a26b6e653cf
2018-08-22 10:17:26 +08:00
a549f2934f
kube-apiserver: switch apiserver's DeprecatedInsecureServingOptions
...
Kubernetes-commit: d787213d1b8802d370032d17157ac1de7573ad15
2018-08-06 16:31:23 +02:00
3698d7a898
apiserver: move controller-manager's insecure config into apiserver
...
Kubernetes-commit: 1d9a896066b3e10e8c1a0d506e00bc354b7772f0
2018-08-16 20:47:15 +02:00
8e1390d9d4
Synchronous & unbatched audit log writes
...
Kubernetes-commit: c9670d0652f8d7da662f71caac6fca2044296ae6
2018-03-15 00:44:46 -07:00
e767cd8dbf
kube-apiserver make use of GlogSetter
...
Kubernetes-commit: 38d48e8d025a9cceccfc8a80d72f751b8bb65dab
2018-06-05 10:32:46 +08:00
0fc525d3c8
fix typo
...
fix typo
Kubernetes-commit: 18f1ad7dc5392cb4537fa33bd73cdb8dc2c1e523
2018-08-13 17:36:15 +08:00
b0b043eda2
list the default enabled admission plugins
...
Kubernetes-commit: ee96a5638d21f0da111b1106a82976cc59bbbf67
2018-08-06 17:25:24 +08:00
4e7be504bf
Support pulling requestheader CA from extension-apiserver-authentication ConfigMap without client CA
...
This commit prevents extension API server from erroring out during bootstrap when the core
API server doesn't support certificate based authentication for it's clients i.e. client-ca isn't
present in extension-apiserver-authentication ConfigMap in kube-system.
This can happen in cluster setups where core API server uses Webhook token authentication.
Fixes: https://github.com/kubernetes/kubernetes/issues/65724
Kubernetes-commit: db828a44406efe09e2db91e6dc88d1292c9a29e1
2018-07-18 15:07:09 -07:00
b40373204e
use Audit v1 api and add it to some unit tests
...
Kubernetes-commit: 716dc87a1095027f9ab08ee59abfffab1d15ec29
2018-07-27 14:06:29 +08:00
300db50c66
fix apiserver pprof redirect bug
...
Kubernetes-commit: 981f2397815248e12663b01d6cc6d6d963012c95
2018-08-06 19:35:01 +08:00
42da2694e6
Autoset OpenAPI version w/o SecurityDefinitions
...
There's code to automatically populate OpenAPI info based on existing
generic apiserver config, but it only fires if securitydefinitions are
present. This doesn't make much sense, since this info is both required
and independent of security definitions, and there's no easy, generic
way to generate security definitions for an aggregated API server.
Kubernetes-commit: ef73bb684bcc4402f66160f254193d2690b80f11
2018-07-19 17:32:40 -04:00
0ba502e8f9
Handle errors
...
Kubernetes-commit: 5cab7f9a57dbbd6e2a181018aae523235843f77d
2018-07-17 20:29:55 +10:00
4c6f8fdc17
apiserver: make loopback logic in SecureServingOptions reusable
...
Kubernetes-commit: dc0a736d1ea924dfa35ece64cb59d551c2a0b51f
2018-07-04 17:08:23 +02:00
55957fdc66
apiserver: add SecureServingOptions.ExternalAddress
...
Before this the advertised IP (which shows up in the server cert) in case of
listening to loopback was the first host interface IP. This makes self-signed
certs non-constant, such that we cannot use fixtures.
Kubernetes-commit: c1c564fd4d21dd68ea14d7ea678d8619f47fe445
2018-07-06 12:32:01 +02:00
fa6b67b429
apiserver: use fixtures for self-signed certs in test server
...
Kubernetes-commit: 7deccb5b7a7c5224d3d90e1391dd22b2d1f1b9b9
2018-07-06 12:04:38 +02:00
9cfed8df8c
Convert TestServerRunWithSNI to subtests to isolate flake
...
This test is flaking - make it easier to pin down where and why by
converting to subtests and making cleanup logic easier. Also turn an
ignored listen error into a "fatal".
Make the test run in parallel to speed up individual runs and hopefully
flush out issues.
Kubernetes-commit: 09463975c379114ef9cd42d3c7efb6254b2c3b33
2018-07-09 21:32:15 -04:00
9fb7dcda85
kube-apiserver: fix tests which don't use tls yet
...
Kubernetes-commit: 6bb3aba23dfbfd8b145a33e9d1a461658bd60fc0
2018-07-06 19:20:45 +02:00
ad29bd83ae
kube-apiserver: disallow --secure-port 0
...
Kubernetes-commit: e15ac9eb72c4e105e7a3d84711e5a6056c0f6a48
2018-07-06 12:58:59 +02:00
25a00cd3c1
apiserver: get rid of ReadWritePort in config
...
Kubernetes-commit: e32f380fa5df4361894570787814d0459baada93
2018-07-04 17:01:49 +02:00
a2bfc0e5f0
apiextensions-apiserver: add pkg/cmd/server/testing pkg for integration bootstrapping
...
In analogy to kube-apiserver.
Kubernetes-commit: 42f1e81488d8599c6874e467fe39b91a23654886
2018-06-13 15:53:41 +02:00
5746122767
apiserver: don't create self-signed certs with disabled secure serving
...
Kubernetes-commit: 798535164ae11a7e3c036ed7793aa884942edc88
2018-07-04 19:09:26 +02:00
ea67b81061
use request.UserAgent()
...
Kubernetes-commit: 82003bd9acfd15011a205d938f622d9a9efcaf31
2018-07-03 16:56:15 +08:00
6c34ac4aa5
Add healthz check to ensure logging is not blocked
...
Kubernetes-commit: b7b4b84afe4405cde976ceeeccb62acecac1c4f0
2018-06-09 17:32:14 -04:00
900791d3ac
Add additional authorization check for create-on-update
...
Kubernetes-commit: cc5c17e554a4d8f802043b337ca0787ec0ce7475
2018-07-03 11:20:16 -07:00
47a9a6d77a
fix go import
...
Kubernetes-commit: 57393ec932398b6f53c6593421bfe0b12d445518
2018-06-01 14:05:44 +08:00
8fe5561ce7
[trivial] fix option help message.
...
s/andif/and if/
Kubernetes-commit: 42b93ab7244765dd744257a793b0b9c138146bb3
2018-06-13 09:07:34 +08:00
0f7bbcadfb
Add missing error handling in schema-related code
...
Kubernetes-commit: bfe313d5f351dfae086a85a97e7103183173e5b5
2018-06-03 14:59:58 +10:00
42319038f6
simplify httplog.LogOf
...
Kubernetes-commit: 1c5a0218ed6c1b283eb6d99d54a865d2ec99ec4b
2018-07-02 11:47:42 +08:00
a8cd668cfc
legacy api endpoints only support v1 ever
...
Kubernetes-commit: b063e9f85ee28233241ae4f9071a62ac6c9b499c
2018-06-22 08:58:32 -04:00
554c4f1986
Fix MaxAge default audit log option
...
Kubernetes-commit: 3dae49c6977526aba09dc070639ebc789b458411
2018-06-18 14:36:50 -07:00
65f0646df4
apiserver: add context to authn/authz kubeconfig errors
...
Kubernetes-commit: 99eda24de01c8b1b84b54cb763b540de35084ade
2018-06-14 15:30:25 +02:00
8d6d8aa36e
Use actual etcd client for /healthz/etcd checks
...
Kubernetes-commit: b39cd00982c1696d8ae8afc99931919894044ee2
2018-06-12 14:33:48 -04:00
b29c7b3192
Improve unit tests for InstallPathHandler
...
When adding InstallPathHandler it was suggested to follow-up with an improvement to the unit tests.
Kubernetes-commit: 1a0eb8c7b6fc0e07e8823d635db9b70f128dee4f
2018-05-21 11:09:13 -04:00
de5159703b
Modify LoopbackHostPort() so it returns an IPv6 Loopback address when given [::] address
...
Currently when LoopbackHostPort() is called with 0.0.0.0 and [::] it returns the first loopback
address returned from net.InterfaceAddrs() which is typically 127.0.0.1 (golang does not
specify an order that interfaces are returned). It would be more appropriate if when calling
LoopbackHostPort() with [::] that an IPv6 loopback address is returned, this prevents some cert.
generation failures.
Kubernetes-commit: 14a03dd646e992c06a3fdfb9bd60f58ef542066e
2018-05-22 11:03:47 -04:00
f0fd6a74c2
Support dynamicly set logging verbosity
...
Kubernetes-commit: 73a22b2e611647de04aa8d7fe910fd4657e6a9d8
2018-05-14 16:19:38 +08:00
fd93a41263
Remove some unnecessarily gendered pronouns in comments
...
Kubernetes-commit: ffeca161018fd6218532786876070a5fcfe96542
2018-05-25 17:48:17 -04:00
37be5e4c9f
Possible cipher suites values and tls versions in help for apiserver and kubelet
...
Kubernetes-commit: 3dfa22e3fd8c650789176b9f4a8e46ab43ef5ebf
2018-01-24 22:51:27 -05:00
f87486fed9
Expose openapi schema to handlers
...
Kubernetes-commit: dee088586a76b876c473418efba8190be7fa6b26
2018-05-24 09:55:19 -07:00
4645ab9a4c
Correctly identify types served in the kube-apiserver openapi doc
...
Kubernetes-commit: 43551e82081a1fa364879bd49e67095a3fc0926b
2018-05-22 19:29:00 -04:00
ee6252d015
Fix cyclic dependency of apiserver test for OpenAPI test
...
Kubernetes-commit: e979b1698779b49002c3cffca70b05059773603d
2018-02-06 04:10:18 -08:00
6a0cc50341
Add InstallPathHandler which allows for more then one path to be associated with health checking.
...
Currently it is only possible to have one group of checks which must all pass for the handler to report success.
Allowing multiple paths for these checks allows use of the same machinery for other kinds of checks, i.e. readiness.
Kubernetes-commit: 2082a0f42851c47620ce31f257dcb5536abae014
2018-05-10 16:21:39 -04:00
f38497678f
add checks validation MinRequestTimeout of ServerRunOptions
...
Kubernetes-commit: ba20be9911091f16bb3987815172b3a348754fc2
2018-04-26 16:02:31 +08:00
ba35c04ba6
sync: squashed up to merge f8386d5b0f6d1bf69f67b01c0854b4171bca0318 in e59ae29fbc8158503538faa3f6c7f07711a412e8
2018-05-11 14:52:34 +00:00
f9c5e9f3a1
should return error when has no RequestInfo
...
Kubernetes-commit: 483ce1b1f3caf16cfda20f16bf65742fc43cff79
2018-05-08 21:44:17 +08:00
c41d1d0993
simplify api registration
...
Kubernetes-commit: c5445d3c56e06ab366b9cca34bd69c5cc386ec47
2018-05-07 08:32:20 -04:00
b534ae405b
Don't panic is admission options is nil
...
Kubernetes-commit: bc04c091c3ca0320a6fa83ef35f891d21423afbb
2018-05-05 11:59:28 -07:00
b7f90743d0
remove rootscopedkinds from groupmeta
...
Kubernetes-commit: 8ae62517da5eff6d6bad21badfd39ee88463ad42
2018-04-30 13:27:01 -04:00
00386b3bb0
remove incorrect static restmapper
...
Kubernetes-commit: ef0d1ab81927214db80c30d5af491f67546d790b
2018-04-26 11:55:50 -04:00
d250da9d7f
remove self linker from group info
...
Kubernetes-commit: 22410d4b4c0478033d5f33d68303a60866e98ce1
2018-04-26 11:31:04 -04:00
0d65d340ea
remove versioning interface
...
Kubernetes-commit: e2fc5cf259463f896213afdef15d58ef9a91eb35
2018-04-25 10:55:17 -04:00
14e43f49d6
rest mappings cannot logically be object converters
...
Kubernetes-commit: 6900f8856f8cd9a6c94a156b9e4a9fee0c16f807
2018-04-24 18:31:41 -04:00
3fa442d40a
stop duplicating preferred version order
...
Kubernetes-commit: a89291a5dec0b63809b875e912b1563d50f86dba
2018-04-26 09:38:43 -04:00
bf8532c54e
remove KUBE_API_VERSIONS
...
Kubernetes-commit: a68c57155e728b2782408cbab88ecee0444a4ba8
2018-04-25 16:07:15 -04:00
3c79460222
Register Prometheus etcdmetrics only for apiserver
...
Removed automatic registration with `init` funciton and use `Register` function
to register metrics for etcd storage only when requested.
Kubernetes-commit: 40cf7880135b56e2d88a04d5fce08303b249eb34
2018-04-20 17:19:13 +03:00
b26d126ba9
core v1 API requires autoscaling/v1 to serve the Scale endpoint
...
Kubernetes-commit: 1a753659cfc973e900620bf1443178b6cdda27e0
2018-04-24 10:16:59 -04:00
88d943c0e6
eliminate indirection from type registration
...
Kubernetes-commit: e7fbbe0e3c91f34836b999e695aa133503cfdae5
2018-04-24 08:21:23 -04:00
cd0258b4d7
replace request.Context with context.Context
...
Kubernetes-commit: 54fd2aaefd11e12a3ecb6d1a1326f04cdc8ea1a3
2018-04-24 08:10:34 -07:00
5ac4802a22
remove confusing flexibility for metadata interpretation
...
Kubernetes-commit: 0710f72c65ad23e7a3726b345898ef4aaaac26fa
2018-04-23 10:23:01 -04:00
53e0783ab7
Implemented truncating audit backend
...
Signed-off-by: Mik Vyatskov <vmik@google.com>
Kubernetes-commit: 52fae991305e3252ccc5c9c86a9b7abc04c149af
2018-03-23 16:13:34 +01:00
25758bf0f8
Remove request context mapper
...
Kubernetes-commit: 8ea88a5092c767fc3141512db924fd0435f7670e
2018-04-18 11:12:15 -04:00
cc0f17a725
Fix to avoid REST API calls at log level 2.
...
Kubernetes-commit: 6a5c248bbb6a06a0c171f7171d3583cd006350db
2017-02-03 12:47:03 -05:00
490c9a96c3
fix typo
...
Kubernetes-commit: 549fb0cad39daa74c528f7f775d627f908785b61
2018-04-04 16:03:17 +08:00
adb35656a1
apiserver: cancel context on timeout in WithTimeoutForNonLongRunningRequests
...
Kubernetes-commit: f3ba7f95585cdcce19579d757dadbf3c8a9f8e0b
2018-03-12 17:11:11 +01:00
1075399c96
apiserver: enforce shared RequestContextMapper in delegation chain
...
Kubernetes-commit: 9f906618f04baceaf923e873530f9741e80ad2cb
2018-04-04 10:05:06 +02:00
Chao Xu