kubernetes
/
website
mirror of https://github.com/kubernetes/website.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
52,439 Commits 69 Branches 73 Tags 934 MiB
Commit Graph

640 Commits

Author SHA1 Message Date
michellengnx baba5e4c35 Merge main into dev-1.32 to keep in sync 2024-12-09 23:11:06 -05:00
Kubernetes Prow Robot ee231f71d7
Merge pull request #48495 from munnerz/kep-4193-132-ga 
KEP-4193: Update ServiceAccount admin docs with additional info on bound tokens
 2024-11-26 19:22:56 +00:00
Jeffrey Ying cb8e5a7ce5
KEP-3962: Mutating admission policy documentation (#48646) 
* Introduce concept page for mutating admission policy

* add example and documentation for MAP

* fix MAP feature gate documentation

* address comments

* Apply suggestions from code review

Co-authored-by: Tim Bannister <tim@scalefactory.com>

---------

Co-authored-by: Joe Betz <jpbetz@google.com>
Co-authored-by: Tim Bannister <tim@scalefactory.com>
 2024-11-26 18:20:56 +00:00
James Munnelly 4ef866967e
Apply suggestions from code review 
Co-authored-by: Jordan Liggitt <jordan@liggitt.net>
 2024-11-26 18:09:26 +00:00
James Munnelly a3c89ce64a
Update content/en/docs/reference/access-authn-authz/service-accounts-admin.md 
Co-authored-by: Jordan Liggitt <jordan@liggitt.net>
 2024-11-26 18:08:56 +00:00
Kubernetes Prow Robot 01eccc6441
Merge pull request #48771 from ritazh/deprecate-EnforceMountableSecretsAnnotation 
Add deprecation warnings for enforce-mountable-secrets annotation
 2024-11-26 17:12:56 +00:00
James Munnelly 0c28e697d4 address review comments 2024-11-26 11:25:39 +00:00
Rita Zhang 3b8c927a3b
Address comments 
Signed-off-by: Rita Zhang <rita.z.zhang@gmail.com>
 2024-11-20 19:00:50 -08:00
Rita Zhang 926db124d0
Add deprecation warnings for enforce-mountable-secrets annotation 2024-11-19 07:59:43 -08:00
Kubernetes Prow Robot d8dbc916c4
Merge pull request #48487 from ritazh/kep_3221_ga 
KEP-3221: remove mentions of beta and featuregate, and change order of cmd line
 2024-11-19 13:30:53 +00:00
Kubernetes Prow Robot 7e26a80e3d
Merge pull request #48518 from HarshalNeelkamal/external-jwt-doc 
Docs for ExternalJWTSigner
 2024-11-19 00:32:53 +00:00
Harshal Neelkamal 9690d1f99e add doc for external JWT signer 2024-11-18 07:49:03 +00:00
michellengnx d021207741 Merge main into dev-1.32 to keep in sync 2024-11-11 17:40:26 -05:00
Tim Bannister 950a9dfdb6
Improve admission control reference 
- Change page title. The reference is about admission control (as a
  concept) as well as providing a list of all admission controllers.
- Expand the intro section to provide more of an explanation of
  admission control.
- Emphasize that ValidatingAdmissionPolicy, along with mutating and
  validating webhooks, are extension points.
 2024-11-11 22:07:22 +00:00
Marcelo Giles cdff2b4b6b
Add systems:master paragraph 2024-10-30 18:09:24 -07:00
Vinayak Goyal 7a1cdab150 KEP-4633: Graduate to BETA. 
Signed-off-by: Vinayak Goyal <vinaygo@google.com>
 2024-10-25 15:42:32 +00:00
Rodolfo Albuquerque 1de1753475 Merge main into dev-1.32 to keep in sync 2024-10-23 23:46:20 -03:00
Rita Zhang 7d8b07ef63
KEP-3221: remove mentions of beta and change order of cmd line 
Signed-off-by: Rita Zhang <rita.z.zhang@gmail.com>
 2024-10-22 21:30:28 -07:00
Kubernetes Prow Robot b92deb464a
Merge pull request #48412 from vinayakankugoyal/kep2862impl 
KEP-2862: Fine-grained Authz for Kubelet API.
 2024-10-23 00:22:52 +01:00
James Munnelly 152e83d1a1 Update ServiceAccount admin docs with additional info on bound tokens 2024-10-22 15:06:22 +01:00
Vinayak Goyal b6086ca952 KEP-2862: Fine-grained Authz for Kubelet API. 
Signed-off-by: Vinayak Goyal <vinaygo@google.com>
 2024-10-21 22:14:37 +00:00
Jordan Liggitt 32aad9dd3f
KEP-3221: Promote StructuredAuthorizationConfiguration to GA 2024-10-21 11:46:18 -04:00
Rita Zhang 1f1779e777
Update structured authz examples 
Signed-off-by: Rita Zhang <rita.z.zhang@gmail.com>
 2024-10-16 13:30:08 -07:00
Rodolfo Albuquerque ae1af38c53 Merge main into dev-1.32 to keep in sync 2024-10-08 09:34:16 -03:00
Simon Bäumer 3b267126e9
Add checkpoint subresource to Kublet authorization doc (#48012) 
* Add checkpoint subresource to Kublet authorization doc

* Update kubelet-authn-authz.md

* Replace `spec` with `checkpoint` in subresource
 2024-10-03 05:38:26 +01:00
Daniel Chan f005d8cd8b Merge main into dev-1.32 to keep in sync 2024-09-18 10:44:33 -04:00
ChinoUkaegbu 2e7c1d4935
add hyperlink for RFC3339 in bootstrap-tokens.md 2024-09-11 11:29:12 +04:00
Anish Ramasekar 3ff8a9c65a
Add note about k8s.io, kubernetes disallowed prefix for structured authn 
Signed-off-by: Anish Ramasekar <anish.ramasekar@gmail.com>
 2024-09-06 09:46:43 -07:00
Kubernetes Prow Robot 5bc26c7ff3
Merge pull request #47404 from aleskandro/patch-1 
Clarify expiration time for service accounts and tokens of pods pending deletion despite finalizers
 2024-08-14 01:15:56 -07:00
Alessandro Di Stefano 300519c850
Apply suggestions from code review 
Co-authored-by: Tim Bannister <tim@scalefactory.com>
 2024-08-09 10:06:32 -04:00
Alessandro Di Stefano 45aa0d800a
Clarify expiration time for service accounts and tokens of pods pending deletion despite finalizers 
Refers #47403

Signed-off-by: aleskandro <aleskandro@redhat.com>
 2024-08-09 09:46:08 -04:00
Daniel Chan c2ab3112f1 Merge main into dev-1.31 to keep in sync 2024-08-05 11:47:31 -04:00
Gergely Nagy d77111d096
Remove beta pre-requisites 
With 1.30 stable, the feature does not need to be enabled and the v1beta1 API group is not needed.
 2024-08-01 09:08:20 +02:00
Kubernetes Prow Robot ee1fa4340f
Merge pull request #46544 from my-git9/pt-10139 
improve format for bootstrap-tokens certificate-signing-requests
 2024-07-31 22:08:06 -07:00
xin.li 7215e3919f improve format for bootstrap-tokens certificate-signing-requests 
Signed-off-by: xin.li <xin.li@daocloud.io>
 2024-07-30 19:59:39 +08:00
Kubernetes Prow Robot ce56779401
Merge pull request #45466 from tuladhar/improve-rbac-doc 
Improve RBAC document with correct references to cluster role binding
 2024-07-30 02:18:52 -07:00
Jordan Liggitt 5dab30d474
KEP-4601: alpha docs 2024-07-26 23:27:51 -04:00
Kubernetes Prow Robot a77fcc771b
Merge pull request #46988 from vinayakankugoyal/kep4633 
KEP-4633: Add documentation for Configurable Endpoints for Anonymous Auth.
 2024-07-23 19:54:11 -07:00
Kubernetes Prow Robot 7e90855773
Merge pull request #47246 from haircommander/container_engine_t-1.31 
PSS: add container_engine_t to allowed list of selinux types
 2024-07-23 16:14:17 -07:00
Peter Hunt 06aff012a2 PSS: add container_engine_t to allowed list of selinux types 
Signed-off-by: Peter Hunt <pehunt@redhat.com>
 2024-07-23 12:19:14 -04:00
Kubernetes Prow Robot ebd7ff0b64
Merge pull request #47234 from salaxander/merged-main-dev-1.31 
Merged main dev 1.31
 2024-07-22 16:20:03 -07:00
Kubernetes Prow Robot c079d3a7cd
Merge pull request #47184 from salaxander/merged-main-dev-1.31 
Merged main dev 1.31
 2024-07-18 00:06:01 -07:00
Kubernetes Prow Robot 1f9b4761a2
Merge pull request #47193 from rodrigc/certificatesigningrequest-link 
Add links to CertificateSigningRequest API
 2024-07-18 00:02:07 -07:00
Kubernetes Prow Robot 2aa8266591
Merge pull request #47121 from micahhausler/csr-node-clarification 
Clarify kubelet serving and client cert CN values
 2024-07-17 23:53:52 -07:00
Qiming Teng 8e59b9f392
Update certificate-signing-requests.md 2024-07-18 14:52:26 +08:00
Craig Rodrigues a55b1057be Add links to CertificateSigningRequest API 
Signed-off-by: Craig Rodrigues <rodrigc@crodrigues.org>
 2024-07-17 20:41:13 -07:00
David Xia 80d2f96c93
Update extensible-admission-controllers.md 
fix typo
 2024-07-16 13:26:09 -04:00
Micah Hausler a2ca418a9a Clarify kubelet serving and client cert CN values 
Signed-off-by: Micah Hausler <mhausler@amazon.com>
 2024-07-09 08:27:50 -07:00
Vinayak Goyal 4b2940eb26 KEP-4633: Add documentation for Configurable Endpoints for Anonymous Auth. 
Signed-off-by: Vinayak Goyal <vinaygo@google.com>
 2024-06-29 06:48:39 +00:00
Puru a7fe6cf8c5
Update content/en/docs/reference/access-authn-authz/rbac.md 
Co-authored-by: Junya Okabe <86868255+Okabe-Junya@users.noreply.github.com>
 2024-06-28 15:48:33 +05:45