github/kubernetes
4
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
93,054 Commits 1 Branch 31 Tags 1,019 MiB
479249b3a3
Commit Graph

182 Commits

Author SHA1 Message Date
Timothy St. Clair
fbc5323dad Refactor registry to use store vs. etcd 2017-01-12 09:23:38 -06:00
deads2k
c4fae4e690 mechanical repercussions 2017-01-11 15:20:36 -05:00
deads2k
6a4d5cd7cc start the apimachinery repo 2017-01-11 09:09:48 -05:00
Jordan Liggitt
a2670d3b9d
Allow rolebinding/clusterrolebinding with explicit bind permission check 2017-01-10 14:34:33 -05:00
deads2k
4d7fcae85a mechanicals 2017-01-05 11:14:27 -05:00
deads2k
ca58ec0237 mechanical changes for move 2017-01-04 10:27:05 -05:00
Jordan Liggitt
742ef34484
Convert user/group * to match authenticated users only in ABAC 2016-12-19 13:41:35 -05:00
Monis Khan
a6bafbacbf
Refactor REST storage to use generic defaults 
Signed-off-by: Monis Khan <mkhan@redhat.com>
 2016-12-08 17:24:21 -05:00
deads2k
2923d09091 remove rbac super user 2016-12-05 13:49:54 -05:00
Jordan Liggitt
d3991aa7c6
Cleanup auth logging, allow starting secured kubelet in local-up-cluster.sh 2016-11-03 16:17:11 -04:00
deads2k
f56cbfa8d5 add healthz to genericapiserver 2016-11-01 14:39:33 -04:00
deads2k
ceaf026881 slim down authorization listing interfaces 2016-10-13 07:50:01 -04:00
deads2k
518d5500c7 remove testapi.Default.GroupVersion 2016-10-07 10:10:54 -04:00
deads2k
9f4f6a1cba fix integration tests for loopback client 2016-10-04 08:40:59 -04:00
Dr. Stefan Schimanski
61409c821b Turn embedding into composition: master.Config.{Config -> GenericConfig} 2016-09-29 08:09:39 +02:00
Dr. Stefan Schimanski
b4c6a68036 Unify genericapiserver Config.New() and master Config.New() 2016-09-28 19:19:54 +02:00
deads2k
b330b0a220 start creating controller SA roles. start with just one 2016-09-26 09:31:36 -04:00
deads2k
a2a6423574 separate RESTStorage by API group 2016-09-20 08:00:50 -04:00
deads2k
7d1f13d3e0 add GenericAPIServer posthooks for initialization 2016-09-19 14:58:27 -04:00
deads2k
8fac64b43f add localSAR 2016-09-13 08:54:23 -04:00
deads2k
8c788233e7 change rbac roleref type 2016-09-09 09:55:51 -04:00
deads2k
97529e3687 add selfsubjectaccessreview API 2016-08-29 09:51:54 -04:00
Eric Chiang
b4eaf625a0 pkg/genericapiserver/options: don't import pkg/apiserver 
Refactor the authorization options for the API server so
pkg/apiserver isn't directly imported by the options package.
 2016-08-18 13:01:50 -07:00
Hongchao Deng
d0938094d9 move new etcd storage into cacher 2016-08-12 18:40:20 -07:00
deads2k
32920b5617 add subjectaccessreviews resource 2016-08-05 11:20:56 -04:00
deads2k
60dd4a5d26 interesting changes to add tokenreviews endpoint to implement webhook 2016-08-03 08:37:45 -04:00
deads2k
aa3db4d995 make the resource prefix in etcd configurable for cohabitation 2016-07-27 07:51:40 -04:00
Wojciech Tyczynski
4d0d115690 Revert "add tokenreviews endpoint to implement webhook" 2016-07-21 09:40:35 +02:00
deads2k
2c4a9f2e8d interesting changes to add tokenreviews endpoint to implement webhook 2016-07-20 15:11:56 -04:00
Michal Rostecki
fa0dd46ab7 Return (bool, error) in Authorizer.Authorize() 
Before this change, Authorize() method was just returning an error,
regardless of whether the user is unauthorized or whether there
is some other unrelated error. Returning boolean with information
about user authorization and error (which should be unrelated to
the authorization) separately will make it easier to debug.

Fixes #27974
 2016-07-18 12:06:54 +02:00
deads2k
f6f1ab34aa authorize based on user.Info 2016-07-14 07:48:42 -04:00
Mike Danese
f3de21bdf0
move integration tests into individual pacakges 
Signed-off-by: Mike Danese <mikedanese@google.com>
 2016-07-07 00:54:15 -07:00