Commit Graph

28 Commits

Author SHA1 Message Date
Jordan Liggitt
61774cd717 Plumb context to admission Admit/Validate 2019-08-20 11:11:00 -04:00
Serguei Bezverkhi
6fe28ee957 Adding non persistent review test
Signed-off-by: Serguei Bezverkhi <sbezverk@cisco.com>
2019-04-23 18:02:40 -04:00
Mike Danese
ed17876e52 plumb apiAudience to TokenReview registry 2018-11-16 19:30:42 -05:00
Mike Danese
e5227216c0 rebase authenticators onto new interface. 2018-10-22 10:16:59 -07:00
Antoine Pelisse
03b1e14101 dry-run: Create new options for Update/Create and pass it along 2018-07-12 07:18:37 -07:00
Jeff Grafton
23ceebac22 Run hack/update-bazel.sh 2018-06-22 16:22:57 -07:00
David Eads
8ae62517da remove rootscopedkinds from groupmeta 2018-05-01 13:08:23 -04:00
Mike Danese
54fd2aaefd replace request.Context with context.Context 2018-04-24 08:59:00 -07:00
Dr. Stefan Schimanski
35bb6823ea Update bazel 2017-11-02 09:33:41 +01:00
Dr. Stefan Schimanski
2452afffe0 admission: wire create+update validation func into kube registries 2017-11-02 09:29:16 +01:00
Jeff Grafton
aee5f457db update BUILD files 2017-10-15 18:18:13 -07:00
Kubernetes Submit Queue
58c85e278b Merge pull request #49698 from m1093782566/validate-tokenreview
Automatic merge from submit-queue

Validate token length of TokenReview

**What this PR does / why we need it**:

I find API Resource TokenReview has no validation yet. Without validation, client may post unexpected data to API Server. I think we need to validate it before processing it.

This PR Validate TokenReview Resource.

Fixes #50588

**Special notes for your reviewer**:

**Release note**:

```release-note
NONE
```
2017-08-13 23:59:11 -07:00
Jeff Grafton
a7f49c906d Use buildozer to delete licenses() rules except under third_party/ 2017-08-11 09:32:39 -07:00
Jeff Grafton
33276f06be Use buildozer to remove deprecated automanaged tags 2017-08-11 09:31:50 -07:00
m1093782566
86eb95b0a8 validate token length in tokenReview 2017-08-04 13:01:04 +08:00
Clayton Coleman
2568a92119
Grow signature for predicate attributes to include init status 2017-06-02 22:09:04 -04:00
Clayton Coleman
331eea67d8
Allow initialization of resources
Add support for creating resources that are not immediately visible to
naive clients, but must first be initialized by one or more privileged
cluster agents. These controllers can mark the object as initialized,
allowing others to see them.

Permission to override initialization defaults or modify an initializing
object is limited per resource to a virtual subresource "RESOURCE/initialize"
via RBAC.

Initialization is currently alpha.
2017-06-02 22:09:03 -04:00
Mike Danese
a05c3c0efd autogenerated 2017-04-14 10:40:57 -07:00
Dr. Stefan Schimanski
3d9449a353 genericapiserver: fix imports 2017-01-19 13:06:47 +01:00
deads2k
77b4d55982 mechanical 2017-01-16 09:35:12 -05:00
deads2k
31b6ba4e94 mechanicals 2017-01-13 16:33:09 -05:00
deads2k
6a4d5cd7cc start the apimachinery repo 2017-01-11 09:09:48 -05:00
Jeff Grafton
20d221f75c Enable auto-generating sources rules 2017-01-05 14:14:13 -08:00
deads2k
4d7fcae85a mechanicals 2017-01-05 11:14:27 -05:00
Dr. Stefan Schimanski
87dd990bb7 Move pkg/api.{Context,RequestContextMapper} into pkg/genericapiserver/api/request 2017-01-03 14:57:33 +01:00
Mike Danese
c87de85347 autoupdate BUILD files 2016-12-12 13:30:07 -08:00
Mike Danese
3b6a067afc autogenerated 2016-10-21 17:32:32 -07:00
deads2k
7ee8596a02 refactor small API group packages 2016-09-21 09:14:38 -04:00