github/kubernetes
4
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
121,026 Commits 1 Branch 31 Tags
4760e0cc44fb0ee2a92d12ee2b17f094e7ea94ec
Commit Graph

20205 Commits

Author SHA1 Message Date
Alexander Zielenski
4760e0cc44 refactor: use shared CollectParams from VAP 2024-02-22 09:47:18 -08:00
Alexander Zielenski
64cd09f720 refactor: use match from generic pkg in vap 
It is same exact code, but uses accessors now
 2024-02-22 09:47:18 -08:00
Alexander Zielenski
96c418a7b7 add generic policy dispatcher 
similar to the generic policy source, applies common match logic

for code sharing with validating/mutating
 2024-02-22 09:47:18 -08:00
Alexander Zielenski
11ed3032c0 test: infer gvk of objects 
avoids relying on the GVK to be written to the object
 2024-02-21 15:07:34 -08:00
Alexander Zielenski
acf1d850c6 refactor: handle paramKind directly 
remove hacks that might conceal errors
 2024-02-21 15:07:34 -08:00
Alexander Zielenski
6d5133f3ec add functions to policy accessors for getting match information and params 2024-02-15 17:01:57 -08:00
Kubernetes Prow Robot
8a57e3cc2b Merge pull request #123306 from alexzielenski/apiserver/policy/move-owners 
move OWNERS from validating to all new parent policy folder
 2024-02-15 10:57:49 -08:00
Kubernetes Prow Robot
542fe51046 Merge pull request #122881 from benluddy/cbor-serializer-only 
KEP-4222: Add CBOR Serializer implementation.
 2024-02-15 10:57:39 -08:00
Kubernetes Prow Robot
50bf3a2060 Merge pull request #123305 from aramase/aramase/f/kep_3331_audience_match_policy_follow_up 
Add integration test for multiple audience in structured authn
 2024-02-15 08:16:27 -08:00
Kubernetes Prow Robot
b65508b477 Merge pull request #123158 from AkihiroSuda/nodeconditiontype-godoc 
core/v1: remove comment about non-existing constants
 2024-02-15 08:16:20 -08:00
Ben Luddy
066421f108 Add CBOR Serializer implementation. 2024-02-15 10:31:10 -05:00
Kubernetes Prow Robot
109491f3cb Merge pull request #123299 from liggitt/guard-accepted-names 
Guard empty status.acceptedNames
 2024-02-14 22:19:02 -08:00
Kubernetes Prow Robot
58c77d7b63 Merge pull request #122887 from jpbetz/retry-generate-name-create 
Implement KEP-4420: Retry Generate Name
 2024-02-14 21:07:24 -08:00
Anish Ramasekar
0feb1d5173 Add integration test for multiple audience in structured authn 
Signed-off-by: Anish Ramasekar <anish.ramasekar@gmail.com>
 2024-02-14 18:50:46 -08:00
Kubernetes Prow Robot
72c3c7c924 Merge pull request #123282 from enj/enj/i/authn_config_algs 
Support all key algs with structured authn config
 2024-02-14 18:08:32 -08:00
Kubernetes Prow Robot
ba450636a4 Merge pull request #123165 from aramase/aramase/f/kep_3331_audience_match_policy 
Add `AudienceMatchPolicy` and support multiple audiences in AuthenticationConfiguration
 2024-02-14 17:00:04 -08:00
Alexander Zielenski
bd27c99262 move OWNERS from validating to all new parent policy folder 
meant to do this in refactor PR
 2024-02-14 16:32:08 -08:00
Kubernetes Prow Robot
e305e773bb Merge pull request #123250 from benluddy/dep-bump-cbor-v2.6.0 
Bump github.com/fxamacker/cbor/v2 to v2.6.0.
 2024-02-14 15:56:56 -08:00
Kubernetes Prow Robot
8e11104f0b Merge pull request #121461 from alexzielenski/apiserver/apiextensions/ratcheting-beta 
KEP-4008: CRDValidationRatcheting Bump Feature Gate To Beta
 2024-02-14 15:56:47 -08:00
Kubernetes Prow Robot
5b2c919583 Merge pull request #114301 from harshanarayana/kubelet/log-rotate-improvements 
kubelet: enable configurable rotation duration and parallel rotate
 2024-02-14 15:56:38 -08:00
Kubernetes Prow Robot
684a9975fe Merge pull request #122919 from alexzielenski/apiserver/policy/mutating-initial 
Refactor AdmissionPolicy for code sharing with mutating
 2024-02-14 14:52:26 -08:00
Jordan Liggitt
41435d045d Guard empty status.acceptedNames 2024-02-14 16:26:56 -05:00
Anish Ramasekar
18c563546a support multiple audiences with jwt authenticator 
Signed-off-by: Anish Ramasekar <anish.ramasekar@gmail.com>
 2024-02-14 10:47:07 -08:00
Ben Luddy
aac43dc96f Bump github.com/fxamacker/cbor/v2 to v2.6.0. 2024-02-14 10:09:15 -05:00
Monis Khan
b5e0068325 Support all key algs with structured authn config 
Signed-off-by: Monis Khan <mok@microsoft.com>
 2024-02-14 09:40:25 -05:00
Kubernetes Prow Robot
ed84e7f6d3 Merge pull request #123222 from pohly/dra-resurceclaim-lookup-race 
DRA: fix data race in resourceclaim.Lookup
 2024-02-14 03:24:57 -08:00
Patrick Ohly
008b075b46 DRA: fix data race in resourceclaim.Lookup 
This gets uses concurrently as seen by a data race reported when running
integration tests with race detection enabled. All writes would have written
the same value, but it is a race nonetheless.
 2024-02-14 08:14:47 +01:00
Alexander Zielenski
3094395fa7 bugfix: avoid NPE possibility by making composition environment global 2024-02-13 13:06:39 -08:00
Alexander Zielenski
18fbc48b01 refactor: implement VAP off of policy plugin fw 2024-02-13 13:06:39 -08:00
Alexander Zielenski
a6366573d5 refactor: create generic policy plugin type similar to webhook 2024-02-13 13:06:39 -08:00
Anish Ramasekar
19da90d639 Add AudienceMatchPolicy to AuthenticationConfiguration 
Signed-off-by: Anish Ramasekar <anish.ramasekar@gmail.com>
 2024-02-13 09:50:00 -08:00
Anish Ramasekar
77241d3125 Add apiserver_encryption_config_controller_automatic_reloads_total 
metric

- Adds `apiserver_encryption_config_controller_automatic_reloads_total`
  metric with status label for encryption config reload success/failure.
- Deprecated `apiserver_encryption_config_controller_automatic_reload_failures_total` and `apiserver_encryption_config_controller_automatic_reload_success_total`

Signed-off-by: Anish Ramasekar <anish.ramasekar@gmail.com>
 2024-02-12 21:47:46 -08:00
Alexander Zielenski
d697f43d73 refactor: move matching logic into parent policy folder 2024-02-12 10:58:25 -08:00
Alexander Zielenski
8b14116509 refactor: move vap into parent policy folder 
also renames to remove stutter

comment
 2024-02-12 10:58:24 -08:00
Alexander Zielenski
8b26b6eec1 refactor: move celmetrics close to its usage in vap 
does not need to be accessed from anywhere else, and removed an excessive lonesome `cel` pkg with just the metrics
 2024-02-12 10:58:24 -08:00
Kubernetes Prow Robot
e51e3c74f7 Merge pull request #122152 from pohly/client-go-event-context-fix 
client-go events: support context.Background() as context
 2024-02-12 06:48:06 -08:00
Akihiro Suda
5c825d8a22 core/v1: remove comment about non-existing constants 
`NodeReachable`, `NodeLive`, `NodeSchedulable`, and `NodeRunnable` are mentioned
as "built-in set of conditions" but some of them do not exist in the current API.

Updated `pkgs/apis/core/types.go` too for consistency.

Signed-off-by: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp>
 2024-02-12 23:16:43 +09:00
cpanato
a8abed8015 Update publishing-bot rules to Go 1.21.7 
Signed-off-by: cpanato <ctadeu@gmail.com>
 2024-02-11 15:09:41 +01:00
Kubernetes Prow Robot
98b589a76d Merge pull request #123224 from mmerkes/cleanup 
Clean up dead code in node controller
 2024-02-09 17:15:23 -08:00
Kubernetes Prow Robot
48228bf9db Merge pull request #121486 from benluddy/cbor-stub 
KEP-4222: Add stub CBOR serializer.
 2024-02-09 14:42:05 -08:00
Matt Merkes
75210d0840 Clean up dead code in node controller 
Signed-off-by: Matt Merkes <merkes@amazon.com>
 2024-02-09 21:39:36 +00:00
cpanato
eec508e488 use patch number 
Signed-off-by: cpanato <ctadeu@gmail.com>
 2024-02-09 14:47:56 +01:00
cpanato
ddb0b8da9d [go] Bump images, dependencies and versions to go 1.22 
Signed-off-by: cpanato <ctadeu@gmail.com>
 2024-02-09 14:43:34 +01:00
Harsha Narayana
ab8c784ee9 kubelet: enable configurable rotation duration and parallel rotate 2024-02-09 16:49:11 +05:30
Kubernetes Prow Robot
012f04b178 Merge pull request #123023 from ah8ad3/fix-kubectl-explain-show-enum 
Fix kubectl explain to shows enum for field types if they were defined
 2024-02-08 19:52:59 -08:00
Kubernetes Prow Robot
002b0f0003 Merge pull request #123083 from jiahuif-forks/feature/validating-admission-policy/typechecking-variables 
ValidatingAdmissionPolicy: support variables
 2024-02-08 15:53:00 -08:00
Jiahui Feng
3e777540fd add test case for error inside variables. 2024-02-08 13:39:25 -08:00
José Carlos Chávez
6d6398ef92 chore: adds consistent vanity import to files and provides tooling for verifying and updating them. (#120642) 
* chore: drops update vanity imports from script.

* chore: changes copyright year to 2024.

* chore: makes lint happy.
 2024-02-08 04:33:30 -08:00
Kubernetes Prow Robot
fae7ec4a37 Merge pull request #123164 from liggitt/api-validation 
Put validation utility packages used by API validation under API review
 2024-02-07 14:25:55 -08:00
bzsuni
658e3308f3 etcd: Update to version 3.5.12 
Signed-off-by: bzsuni <bingzhe.sun@daocloud.io>
 2024-02-07 21:16:08 +08:00