github/kubernetes
4
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
111,183 Commits 1 Branch 31 Tags 1,019 MiB
5a6acf85fa
Commit Graph

196 Commits

Author SHA1 Message Date
Abirdcfly
00b9ead02c cleanup: remove duplicate import 
Signed-off-by: Abirdcfly <fp544037857@gmail.com>
 2022-07-14 11:25:19 +08:00
Daniel Smith
331525670b Remove ClusterName 2022-05-05 20:12:50 +00:00
Wojciech Tyczyński
f62c14a9cc Extend StandardStorage with Destroy to implement rbac storage destroy 2022-04-19 15:59:13 +02:00
Wojciech Tyczyński
80060a502c Implement Destroy() method for all registries 2022-04-19 15:59:13 +02:00
Daniel Smith
2831f9a343 remove unneeded references 2022-03-23 15:26:38 +00:00
David Eads
a59b92e8c0 reduce API surface area of whether a resource is enabled 2022-02-23 13:36:33 -05:00
David Eads
0ec20f97d2 migrate more rest handlers to select by resource enablement 2022-02-22 12:07:43 -05:00
Davanum Srinivas
9405e9b55e
Check in OWNERS modified by update-yamlfmt.sh 
Signed-off-by: Davanum Srinivas <davanum@gmail.com>
 2021-12-09 21:31:26 -05:00
Jordan Liggitt
39a1293cbc Drop beta REST APIs removed in 1.22 2021-08-09 11:10:16 -04:00
Jordan Liggitt
8c8a4cf3e4 Add WarningsOnCreate,WarningsOnUpdate 2021-05-18 10:42:36 -04:00
Monis Khan
8f00e918d8
authorizer func: pass through context 
Signed-off-by: Monis Khan <mok@vmware.com>
 2021-04-09 09:47:19 -04:00
Benjamin Elder
56e092e382 hack/update-bazel.sh 2021-02-28 15:17:29 -08:00
drfish
5711625518 Add benchmark for ensureRBACPolicy 2021-01-02 11:03:06 +08:00
Haowei Cai
9bf7fcfc76 actually retry if we failed to reconcile some objects 
retry RBAC initialization for up to 30 seconds, kill server on failure
 2020-11-11 15:39:12 -08:00
Chao Xu
22452917c2 make some rbac and scheduling post start hooks tolerate the apiserver 
bootstrap delay caused by installing storage versions.
 2020-11-08 18:53:40 -08:00
Jan Chaloupka
a5920f7edb Move helpers from pkg/registry/rbac/reconciliation and pkg/registry/rbac/validation under k8s.io/component-helpers 2020-11-02 17:51:16 +01:00
Davanum Srinivas
07d88617e5
Run hack/update-vendor.sh 
Signed-off-by: Davanum Srinivas <davanum@gmail.com>
 2020-05-16 07:54:33 -04:00
Davanum Srinivas
442a69c3bd
switch over k/k to use klog v2 
Signed-off-by: Davanum Srinivas <davanum@gmail.com>
 2020-05-16 07:54:27 -04:00
Antoine Pelisse
89b68bacf1 Changes to ManagedFields is not mutation for GC 2020-04-29 09:29:43 -07:00
Jordan Liggitt
96fadf9ed2 Define default table converters for missing resources 2020-03-10 15:22:37 -04:00
Mike Danese
c58e69ec79 automated refactor 2020-03-05 14:59:46 -08:00
Mike Danese
25651408ae generated: run refactor 2020-02-08 12:30:21 -05:00
Mike Danese
3aa59f7f30 generated: run refactor 2020-02-07 18:16:47 -08:00
Kubernetes Prow Robot
dff236e3b2
Merge pull request #82078 from SeongJuMoon/fix/storage-wrong-typo 
fix wrong typo stoageMap to storageMap
 2019-11-11 23:14:06 -08:00
yuxiaobo
81e9f21f83 Correct spelling mistakes 
Signed-off-by: yuxiaobo <yuxiaobogo@163.com>
 2019-11-06 20:25:19 +08:00
Jordan Liggitt
92eb072989 Propagate context to Authorize() calls 2019-09-24 11:14:54 -04:00
Moon SeongJu
23b2eadf88 fix wrong typo stoageMap to storageMap 2019-08-28 23:19:10 +09:00
Ted Yu
87b2a3129b Propagate error from NewREST 2019-08-12 13:55:35 -07:00
Jordan Liggitt
2899abb65c Populate API version in synthetic authorization requests 2019-07-10 21:29:25 -04:00
Kubernetes Prow Robot
b07f311322
Merge pull request #76882 from SataQiu/fix-golint-controller-20190422 
Fix golint failures of pkg/controller/certificates/approver, etc
 2019-05-02 03:16:18 -07:00
SataQiu
538776d6ad fix golint failures of pkg/registry/rbac/role 2019-05-02 10:36:35 +08:00
SataQiu
55d1b5e3d4 fix golint failures of pkg/registry/rbac/clusterrole 2019-05-02 10:35:47 +08:00
Jordan Liggitt
aee1997a19 quiet integration test logs 2019-04-20 02:20:31 -04:00
Sean Sullivan
abfc5bbbf7 Rename TablePrinter interface to TableGenerator 2019-04-16 12:55:30 -07:00
Kubernetes Prow Robot
ed4258e5c0
Merge pull request #75264 from smarterclayton/optimize_rbac_visit 
Avoid allocating when performing VisitRulesFor on service accounts
 2019-03-20 19:19:35 -07:00
Clayton Coleman
4c87a14e6b
Avoid allocating when performing VisitRulesFor on service accounts 
Service account authorization checks are done frequently and were
observed to perform 7% of allocations on a system running e2e tests.
The allocation comes from when we walk the authorization rules to
find matching service accounts.

Optimize the check for service account names to avoid allocating.
 2019-03-13 17:40:21 -04:00
Chao Xu
3b618af0d4 Expose storage version hash 2019-03-11 10:26:56 -07:00
Kubernetes Prow Robot
f16035600a
Merge pull request #73807 from dekkagaijin/discovery-hardening 
harden the default RBAC discovery clusterrolebindings
 2019-03-01 21:49:30 -08:00
Jake Sanders
9c7d31928d harden the default RBAC discovery clusterrolebindings 2019-03-01 18:45:05 -08:00
Kubernetes Prow Robot
a887ae8344
Merge pull request #74208 from lrx0014/unittest 
fixes: some wrong comments
 2019-02-18 22:45:49 -08:00
renxiang
8c8a9f850b fixes: some wrong comments 2019-02-18 19:02:28 +08:00
Kubernetes Prow Robot
808f2cf0ef
Merge pull request #72525 from justinsb/owners_should_not_be_executable 
Remove executable file permission from OWNERS files
 2019-02-14 23:55:45 -08:00
Kubernetes Prow Robot
ce4fd07b06
Merge pull request #71564 from liggitt/reconcile-details 
Improve reconcile output to explain what changes are being made
 2019-02-12 18:45:13 -08:00
Roy Lenferink
b43c04452f Updated OWNERS files to include link to docs 2019-02-04 22:33:12 +01:00
Justin SB
dd19b923b7
Remove executable file permission from OWNERS files 2019-01-11 16:42:59 -08:00
Jordan Liggitt
74ecf8d978 Improve reconcile output to explain what changes are being made 2018-11-29 10:55:38 -05:00
Davanum Srinivas
954996e231
Move from glog to klog 
- Move from the old github.com/golang/glog to k8s.io/klog
- klog as explicit InitFlags() so we add them as necessary
- we update the other repositories that we vendor that made a similar
change from glog to klog
  * github.com/kubernetes/repo-infra
  * k8s.io/gengo/
  * k8s.io/kube-openapi/
  * github.com/google/cadvisor
- Entirely remove all references to glog
- Fix some tests by explicit InitFlags in their init() methods

Change-Id: I92db545ff36fcec83afe98f550c9e630098b3135
 2018-11-10 07:50:31 -05:00
Jordan Liggitt
9ae79f9653 authorizers subproject approvers/reviewers 2018-11-06 00:57:38 -05:00
Monis Khan
543dcb6de5
Tolerate lack of namespace permissions in RBAC reconciliation 
This change updates the RBAC reconciliation logic to not fail if the
user does not have the ability to create namespaces.  Thus if the
namespace already exists, the user only needs to pass the standard
escalation check for RBAC roles and role bindings.

Signed-off-by: Monis Khan <mkhan@redhat.com>
 2018-10-29 11:30:04 -04:00
Antoine Pelisse
03b1e14101 dry-run: Create new options for Update/Create and pass it along 2018-07-12 07:18:37 -07:00