github/kubernetes
4
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
110,850 Commits 1 Branch 31 Tags 1,019 MiB
85e7ddbcfb
Commit Graph

22 Commits

Author SHA1 Message Date
BinacsLee
80b43075c9 cleanup: use sets.Len() insead of len(sets.List()) 2022-07-21 20:13:30 +08:00
xiongzhongliang
4a24a08f93 Optimize some codes 2021-03-05 18:23:39 +08:00
Abu Kashem
53a1307f68
make backoff parameters configurable for webhook 
Currently webhook retry backoff parameters are hard coded, we want
to have the ability to configure the backoff parameters for webhook
retry logic.
 2020-11-01 10:18:25 -05:00
yiduyangyi
e6c4633232 fix golint failures in pkg/kubeapiserver/options, fix some incorrect replace of receiver name 2020-07-23 19:02:07 +08:00
yiduyangyi
0520d75838 fix golint failures in pkg/kubeapiserver/options, rename receiver name of BuiltInAuthorizationOptions to o 2020-07-23 18:52:15 +08:00
yiduyangyi
e441c07fe2 fix golint failures in pkg/kubeapiserver/options, use API Server in commemts instead of APIServer 2020-07-23 18:41:37 +08:00
yiduyangyi
e2838df7c7 fix golint failures in pkg/kubeapiserver/options 2020-07-15 16:03:08 +08:00
Jordan Liggitt
dc0e51dd18 Plumb authorization webhook version from CLI to config 2019-11-18 23:58:05 -08:00
Jordan Liggitt
d54a70db5c Switch kubelet/aggregated API servers to use v1 subjectaccessreviews 2019-11-11 17:19:11 -05:00
mengyang02
da072063d1 to use existing validating function 2019-09-24 20:16:17 +08:00
lovejoy
d437305cbf
Fix the authorization-policy-file description 
Actually this is in a format like below not a csv format
```json
{"apiVersion": "abac.authorization.kubernetes.io/v1beta1", "kind": "Policy", "spec": {"group":"system:authenticated",  "namespace": "*", "resource": "*","apiGroup": "*"}}
{"apiVersion": "abac.authorization.kubernetes.io/v1beta1", "kind": "Policy", "spec": {"group":"system:authenticated",  "namespace": "*", "resource": "ingresses","apiGroup": "extensions"}}
{"apiVersion": "abac.authorization.kubernetes.io/v1beta1", "kind": "Policy", "spec": {"group":"system:authenticated",  "namespace": "*", "resource": "*","apiGroup": "apiextensions.k8s.io"}}
```
 2018-12-24 14:54:34 +08:00
walter
2af982abb9 Fixes lint errors in kubeapiserver packages 
Fixes lint errors in kubeapiserver/admission, kubeapiserver/authorizer,
kubeapiserver/authenticator. Also enables lint testing of these
directories.
Fixed go format.
Fixed changes from config.
 2018-11-04 17:22:41 -08:00
Christoph Blecker
97b2992dc1
Update gofmt for go1.11 2018-10-05 12:59:38 -07:00
yue9944882
f624a4efb8 externalize node admission 
fixes internal pod annotation reference

completely strip internal informers from authz initialization
 2018-08-21 23:33:03 +08:00
hzxuzhonghu
755df0461d validate authorization flags in BuiltInAuthorizationOptions.Validate 2018-03-26 20:37:02 +08:00
junxu
8461d5f8d9 Remove deprecated paramter "authorization-rbac-super-user" 2018-03-15 02:22:55 -04:00
Jordan Liggitt
ba09fadecf
Plumb versioned informers to authz config 2018-01-16 23:30:53 -05:00
xiangpengzhao
420caf200c
Delete "hard-coded" default value in flags usage. 2017-04-07 11:21:37 +08:00
Jordan Liggitt
890894ac4f
Disable RBAC post-start hook if not using the RBAC authorizer 2017-03-30 23:30:04 -04:00
Andy Goldstein
022bff7fbe Switch admission to use shared informers 2017-02-23 11:16:09 -05:00
Lucas Käldström
ab344da565
Move the authorization mode constants into a separate package 2017-02-23 15:27:16 +02:00
deads2k
a3564c0aa8 start kubeapiserver package for sharing between kubeapiserver and federation 2016-12-22 07:43:42 -05:00