github/kubernetes
4
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
124,096 Commits 1 Branch 31 Tags
b51d68bb87ba4fa47eb760f8a5e0baf9cf7f5b53
Commit Graph

66 Commits

Author SHA1 Message Date
Patrick Ohly
b51d68bb87 DRA: bump API v1alpha2 -> v1alpha3 
This is in preparation for revamping the resource.k8s.io completely. Because
there will be no support for transitioning from v1alpha2 to v1alpha3, the
roundtrip test data for that API in 1.29 and 1.30 gets removed.

Repeating the version in the import name of the API packages is not really
required. It was done for a while to support simpler grepping for usage of
alpha APIs, but there are better ways for that now. So during this transition,
"resourceapi" gets used instead of "resourcev1alpha3" and the version gets
dropped from informer and lister imports. The advantage is that the next bump
to v1beta1 will affect fewer source code lines.

Only source code where the version really matters (like API registration)
retains the versioned import.
 2024-07-21 17:28:13 +02:00
Jordan Liggitt
4d535db8be Add selector authorization to the Node authorizer 2024-07-19 15:06:51 -04:00
Jeffrey Ying
1c8204ded1 Remove impossible error check controlplane/apiserver/server.go 2024-07-02 20:41:54 -04:00
Wojciech Tyczyński
a5772bd425 Implement resilient watchcache initialization post-start-hook 2024-07-01 12:54:57 +02:00
Davanum Srinivas
a88dc632a4 kube-apiserver: default --enable-logs-handler flag to false 
Co-Authored-By: Iceber Gu <wei.cai-nat@daocloud.io>
Signed-off-by: Davanum Srinivas <davanum@gmail.com>
 2024-06-28 15:22:22 -04:00
Kubernetes Prow Robot
522e2e5066 Merge pull request #124917 from vinayakankugoyal/kep4633 
KEP-4633: Only allow anonymous auth for configured endpoints.
 2024-06-27 20:39:51 -07:00
Vinayak Goyal
5e6a4937f5 KEP-4633: Allow health-only anonymous auth mode. 
Signed-off-by: Vinayak Goyal <vinaygo@google.com>
 2024-06-28 00:30:05 +00:00
Kubernetes Prow Robot
ef1d28aa52 Merge pull request #125177 from liggitt/dynamic-public-key 
Move public key serviceaccount getter to interface, filter by key id
 2024-06-27 11:57:06 -07:00
Kubernetes Prow Robot
44c1a0eec2 Merge pull request #124667 from linxiulei/trim 
controlplane/apiserver: Trim managedFields off self-requested informers
 2024-06-26 08:10:20 -07:00
Siyuan Zhang
379676c4be add DefaultComponentGlobalsRegistry flags in ServerRunOptions 
Signed-off-by: Siyuan Zhang <sizhang@google.com>
 2024-06-25 22:12:11 +00:00
Siyuan Zhang
4352c4ad27 Add version mapping in ComponentGlobalsRegistry. 
Signed-off-by: Siyuan Zhang <sizhang@google.com>
 2024-06-25 22:12:11 +00:00
Siyuan Zhang
701e5fc374 Add composition flags for emulation version and feature gate. 
Signed-off-by: Siyuan Zhang <sizhang@google.com>
 2024-06-25 22:12:11 +00:00
Siyuan Zhang
403301bfdf apiserver: Add API emulation versioning. 
Co-authored-by: Siyuan Zhang <sizhang@google.com>
Co-authored-by: Joe Betz <jpbetz@google.com>
Co-authored-by: Alex Zielenski <zielenski@google.com>

Signed-off-by: Siyuan Zhang <sizhang@google.com>
 2024-06-25 22:12:11 +00:00
Jordan Liggitt
3e037070bb Move public key getter to interface 2024-06-25 18:10:08 -04:00
Jordan Liggitt
b8be6275b9 Clean up service account options completion and fallback 
- Remove unused fallback to TLS serving key as service account verifying key
- Separate ServiceAccountTokenMaxExpiration setup from signer setup
- Separate the check for a signing method (private key) from the existence of issuers
 2024-06-12 21:59:39 -04:00
Eric Lin
3730f2614a controlplane/apiserver: Trim managedFields off self-requested informers 
Signed-off-by: Eric Lin <exlin@google.com>
 2024-06-12 08:53:52 +00:00
TommyStarK
cce8551272 kube-apiserver: remove deprecated otel NewNoopTracerProvider 
Signed-off-by: TommyStarK <thomasmilox@gmail.com>
 2024-06-07 19:57:37 +02:00
Dr. Stefan Schimanski
3a3be8c704 controlplane: add generic storage construction 
Signed-off-by: Dr. Stefan Schimanski <stefan.schimanski@gmail.com>
 2024-06-03 13:50:04 +02:00
Dr. Stefan Schimanski
89bafb2fed controlplane/apiserver: unify options package name 
Signed-off-by: Dr. Stefan Schimanski <stefan.schimanski@gmail.com>
 2024-05-01 20:08:20 +02:00
Dr. Stefan Schimanski
1aa24b0951 Make linter happy 
Signed-off-by: Dr. Stefan Schimanski <stefan.schimanski@gmail.com>
 2024-05-01 19:44:20 +02:00
Dr. Stefan Schimanski
1d0c72d15a aggregator: move construction to generic controlplane 
Signed-off-by: Dr. Stefan Schimanski <stefan.schimanski@gmail.com>
 2024-05-01 19:44:20 +02:00
Dr. Stefan Schimanski
d8c5f71403 kube-apiserver: split up config creation into generic and non-generic part 
Signed-off-by: Dr. Stefan Schimanski <stefan.schimanski@gmail.com>
 2024-05-01 11:28:25 +02:00
Kubernetes Prow Robot
6abdfb97c0 Merge pull request #124621 from sttts/sttts-controlplane-admission-initializers 
kube-apiserver: split admission initializers into generic and non-generic
 2024-05-01 01:10:15 -07:00
Kubernetes Prow Robot
79c81fab61 Merge pull request #124620 from sttts/sttts-controlplane-cosmetics 
controlplane: cosmetics
 2024-04-30 01:30:16 -07:00
Dr. Stefan Schimanski
acbb89d9b9 kube-apiserver: split admission initializers into generic and non-generic 
Signed-off-by: Dr. Stefan Schimanski <stefan.schimanski@gmail.com>
 2024-04-29 23:28:42 +02:00
Dr. Stefan Schimanski
b8d7e2edd7 controlplane: cosmetics 
Signed-off-by: Dr. Stefan Schimanski <stefan.schimanski@gmail.com>
 2024-04-29 21:24:41 +02:00
Dr. Stefan Schimanski
8c9bad8503 controlplane: return client error 
Signed-off-by: Dr. Stefan Schimanski <stefan.schimanski@gmail.com>
 2024-04-29 21:24:41 +02:00
Dr. Stefan Schimanski
be7b6c90bf Address comments 
Signed-off-by: Dr. Stefan Schimanski <stefan.schimanski@gmail.com>
 2024-04-29 21:22:35 +02:00
Dr. Stefan Schimanski
03ae7fcbdf aggregator: split API priority map into generic and non-generic 
Signed-off-by: Dr. Stefan Schimanski <stefan.schimanski@gmail.com>
 2024-04-29 16:19:51 +02:00
Dr. Stefan Schimanski
3b6d2a66a4 pkg/controlplane: split apart generic server part of instance.go 
Signed-off-by: Dr. Stefan Schimanski <stefan.schimanski@gmail.com>
 2024-04-29 10:15:02 +02:00
Kubernetes Prow Robot
c6b6163e2e Merge pull request #124576 from sttts/sttts-peer-proxy-generic-move 
controlplane/apiserver: move peer proxy code to allow generic aggregator construction
 2024-04-29 01:11:06 -07:00
Dr. Stefan Schimanski
c252ebe50c controlplane/apiserver: move peer proxy code to allow aggregator construction 
This reverts commit 0bb6ff5e454cfc99c0b611e22162391eaa31e103.

Signed-off-by: Dr. Stefan Schimanski <stefan.schimanski@gmail.com>
 2024-04-29 08:13:43 +02:00
Dr. Stefan Schimanski
3daae717c3 controlplane: split out SystemNamespaces 
Signed-off-by: Dr. Stefan Schimanski <stefan.schimanski@gmail.com>
 2024-04-27 14:19:56 +02:00
Dr. Stefan Schimanski
96a144c977 Address comments 
Signed-off-by: Dr. Stefan Schimanski <stefan.schimanski@gmail.com>
 2024-04-26 17:47:30 +02:00
Dr. Stefan Schimanski
e37917fea7 pkg/controlplane: split up config into generic controlplane and kube-related part 
Signed-off-by: Dr. Stefan Schimanski <stefan.schimanski@gmail.com>
 2024-04-26 14:14:06 +02:00
Marek Siarkowicz
3ee8178768 Cleanup defer from SetFeatureGateDuringTest function call 2024-04-24 20:25:29 +02:00
chenk008
c5d0e59d45 Update pkg/controlplane/apiserver/config_test.go 
Co-authored-by: Paco Xu <paco.xu@daocloud.io>
 2024-04-19 11:11:21 +08:00
chenk008
4abc2b387b Fix: StorageObjectCountTracker is nil, apf estimator got ObjectCountNotFoundErr 2024-04-18 22:50:18 +08:00
Anish Ramasekar
62ac88b9ea Add metrics for authentication config reload 
Signed-off-by: Anish Ramasekar <anish.ramasekar@gmail.com>
 2024-03-09 14:40:22 -08:00
Monis Khan
b4935d910d Add dynamic reload support for authentication configuration 
Signed-off-by: Monis Khan <mok@microsoft.com>
 2024-03-09 14:29:33 -05:00
Jordan Liggitt
5dc92ada06 Implement authz config file reloading 2024-02-14 18:09:15 -05:00
weilaaa
eb8f3f194f use build-in max and min func to instead of k8s.io/utils/integer funcs 2023-12-15 15:09:11 +08:00
Jordan Liggitt
264cd64824 Run RBAC hook correctly when running from authz config file 2023-11-08 14:36:01 -06:00
Jordan Liggitt
1f40e0916e Only default mode to AlwaysAllow when config file is unspecified 2023-11-08 11:24:28 -06:00
Abu Kashem
c7fcef1875 apiserver: set APF featuregate to ga 2023-10-31 08:46:24 -04:00
Abu Kashem
233bc2449d apiserver: fix apf enablement with runtime-config 2023-10-30 08:18:41 -04:00
Abu Kashem
b24dd44904 apiserver: enable apf v1 API 2023-10-30 07:48:22 -04:00
Ben Luddy
83f5b5c240 Deep disablement for APF based on --enable-priority-and-fairness. 
Avoids starting informers or the config-consuming controller when
--enable-priority-and-fairness=false. For kube-apiserver, the config-producing controller runs if
and only if flowcontrol API storage is enabled.
 2023-10-24 17:53:51 -04:00
Kubernetes Prow Robot
722503e9e5 Merge pull request #121390 from wojtek-t/disable_paging 
Remove ability to disable pagination at store level
 2023-10-24 18:55:16 +02:00
Wojciech Tyczyński
b386120da2 Remove storageConfig.Paging parameter 2023-10-20 15:35:58 +02:00