kubernetes
/
apiserver
mirror of https://github.com/kubernetes/apiserver.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
Library for writing a Kubernetes-style API server.
2,952 Commits 30 Branches 1,482 Tags 31 MiB
Go 99.8%
Shell 0.2%
Go to file
Monis Khan 298cf1beec Encryption config: correctly handle overlapping providers 
This change updates NewPrefixTransformers to not short-circuit on
the first transformer that has a matching prefix.  If the same type
of encryption ProviderConfiguration is used more than once, they
will share the same prefix.  A failure in the first one should not
prevent a later match from being attempted.

Added TestCBCKeyRotationWithOverlappingProviders unit test to
prevent regressions.  Note that this test explicitly exercises this
flow using an EncryptionConfiguration object as the structure of the
resulting transformer is an important part of the check.

Signed-off-by: Monis Khan <mkhan@redhat.com>

Kubernetes-commit: 4dc16f29a7285a4bcaff1915728953d8a55e1b6e
 		2019-09-06 12:09:43 -04:00
.github delete all duplicate empty blanks 2019-02-22 09:43:51 +08:00
Godeps Merge pull request #81453 from joshmsamuels/master 2019-09-13 08:22:53 +00:00
pkg Encryption config: correctly handle overlapping providers 2019-09-06 12:09:43 -04:00
plugin/pkg Constant time password comparison 2019-08-07 22:07:56 -07:00
.import-restrictions move pkg/auth/user to staging 2017-01-13 13:38:43 -05:00
CONTRIBUTING.md Update deprecated links 2019-02-04 13:28:31 -05:00
LICENSE Add README and LICENSE to staging repos 2017-10-23 16:39:02 +05:30
OWNERS Add server-side apply members on some apiserver OWNERS 2019-02-08 16:10:25 -08:00
README.md delete all duplicate empty blanks 2019-02-22 09:43:51 +08:00
SECURITY_CONTACTS Update SECURITY_CONTACTS with current PSC 2019-05-29 15:22:35 +05:30
code-of-conduct.md Add code-of-conduct.md to staging repos 2017-12-20 15:21:56 -05:00
go.mod Merge pull request #81453 from joshmsamuels/master 2019-09-13 08:22:53 +00:00
go.sum Merge pull request #81453 from joshmsamuels/master 2019-09-13 08:22:53 +00:00

README.md

apiserver

Generic library for building a Kubernetes aggregated API server.

Purpose

This library contains code to create Kubernetes aggregation server complete with delegated authentication and authorization, kubectl compatible discovery information, optional admission chain, and versioned types. It's first consumers are k8s.io/kubernetes, k8s.io/kube-aggregator, and github.com/kubernetes-incubator/service-catalog.

Compatibility

There are NO compatibility guarantees for this repository, yet. It is in direct support of Kubernetes, so branches will track Kubernetes and be compatible with that repo. As we more cleanly separate the layers, we will review the compatibility guarantee. We have a goal to make this easier to use in the future.

Where does it come from?

apiserver is synced from https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apiserver. Code changes are made in that location, merged into k8s.io/kubernetes and later synced here.

Things you should NOT do

  1. Directly modify any files under pkg in this repo. Those are driven from k8s.io/kubernetes/staging/src/k8s.io/apiserver.
  2. Expect compatibility. This repo is changing quickly in direct support of Kubernetes and the API isn't yet stable enough for API guarantees.