github/kubernetes
4
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
112,136 Commits 1 Branch 31 Tags 1,019 MiB
578ddde80e
Commit Graph

31 Commits

Author SHA1 Message Date
Arda Güçlü
578ddde80e Add singular name for the rest of types 2022-11-18 12:21:13 +03:00
Wojciech Tyczyński
f62c14a9cc Extend StandardStorage with Destroy to implement rbac storage destroy 2022-04-19 15:59:13 +02:00
Wojciech Tyczyński
80060a502c Implement Destroy() method for all registries 2022-04-19 15:59:13 +02:00
Chao Xu
3b618af0d4 Expose storage version hash 2019-03-11 10:26:56 -07:00
Antoine Pelisse
03b1e14101 dry-run: Create new options for Update/Create and pass it along 2018-07-12 07:18:37 -07:00
jennybuckley
d10e08fc89 Allow override AllowCreateOnUpdate with new argument to Update 2018-06-28 14:24:51 -07:00
Jordan Liggitt
1034efd439
Allow non-RBAC authorizers to participate in role/clusterrole escalation checks 2018-06-06 15:31:05 -04:00
David Eads
092714ea0f switch rbac to external 2018-05-22 08:17:05 -04:00
David Eads
8ae62517da remove rootscopedkinds from groupmeta 2018-05-01 13:08:23 -04:00
Mike Danese
54fd2aaefd replace request.Context with context.Context 2018-04-24 08:59:00 -07:00
David Eads
f34fb9b0ab handle clusterrole migration 2017-11-13 08:18:00 -05:00
David Eads
0f0a5223df rbac api changes for aggregation 2017-11-13 08:14:37 -05:00
Dr. Stefan Schimanski
012b085ac8 pkg/apis/core: mechanical import fixes in dependencies 2017-11-09 12:14:08 +01:00
Dr. Stefan Schimanski
2452afffe0 admission: wire create+update validation func into kube registries 2017-11-02 09:29:16 +01:00
Monis Khan
f3d9b940bb
Allow update to GC fields for RBAC resources 
This change makes it so that no escalation check is performed when
updating only the garbage collector fields (owner references and
finalizers) of RBAC resources.  This allows the
garbage collector to delete roles that grant permissions such
as "create", which it will never have.

Signed-off-by: Monis Khan <mkhan@redhat.com>
 2017-08-01 13:40:10 -04:00
Clayton Coleman
2568a92119
Grow signature for predicate attributes to include init status 2017-06-02 22:09:04 -04:00
Clayton Coleman
331eea67d8
Allow initialization of resources 
Add support for creating resources that are not immediately visible to
naive clients, but must first be initialized by one or more privileged
cluster agents. These controllers can mark the object as initialized,
allowing others to see them.

Permission to override initialization defaults or modify an initializing
object is limited per resource to a virtual subresource "RESOURCE/initialize"
via RBAC.

Initialization is currently alpha.
 2017-06-02 22:09:03 -04:00
Dr. Stefan Schimanski
536460e1d9 Mechanical fixup imports: pkg/genericapiserver 2017-02-03 08:15:45 +01:00
Dr. Stefan Schimanski
3d9449a353 genericapiserver: fix imports 2017-01-19 13:06:47 +01:00
Dr. Stefan Schimanski
5c88b7d05a Fix imports 2017-01-17 09:30:30 +01:00
deads2k
77b4d55982 mechanical 2017-01-16 09:35:12 -05:00
deads2k
31b6ba4e94 mechanicals 2017-01-13 16:33:09 -05:00
Dr. Stefan Schimanski
cf60bec396 Split out server side code from pkg/apis/rbac/validation 2017-01-11 18:31:58 +01:00
deads2k
6a4d5cd7cc start the apimachinery repo 2017-01-11 09:09:48 -05:00
Dr. Stefan Schimanski
87dd990bb7 Move pkg/api.{Context,RequestContextMapper} into pkg/genericapiserver/api/request 2017-01-03 14:57:33 +01:00
xilabao
c9525c83ed remove wrapUpdatedObjectInfo from rbac storage 2016-12-08 15:06:41 +08:00
deads2k
2923d09091 remove rbac super user 2016-12-05 13:49:54 -05:00
deads2k
f73d1ea90a make sure that the bootstrap rbac rules are getting created in test-cmd 2016-10-10 15:00:36 -04:00
deads2k
57039cfdfa make well-known users and groups into constants 2016-09-30 10:34:33 -04:00
deads2k
4c8959df59 pass loopback config to posthooks 2016-09-30 10:34:33 -04:00
deads2k
a2a6423574 separate RESTStorage by API group 2016-09-20 08:00:50 -04:00