github/kubernetes
4
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
3,738 Commits 1 Branch 31 Tags 1,019 MiB
c688bd402f
Commit Graph

187 Commits

Author SHA1 Message Date
Jordan Liggitt
c895331277 Make master take authenticator.Request interface instead of tokenfile 2014-11-19 15:07:51 -05:00
Eric Paris
4e95104953 update code.goole.com/p/go.net to golang.org/x/net 
https://groups.google.com/forum/#!topic/golang-nuts/eD8dh3T9yyA
 2014-11-16 22:10:24 -05:00
Brian Grant
7583e1a643 Automatic API generation by adopting go-restful 2014-11-14 16:49:19 +00:00
Clayton Coleman
21a6e96418 Merge pull request #2126 from brendandburns/validatez 
Add etcd to the list of services to validate.
 2014-11-10 14:53:41 -05:00
Clayton Coleman
4acb8e5eaf Merge pull request #2189 from lavalamp/fix 
Add self links to objects sent down the watch channel.
 2014-11-06 12:57:07 -05:00
Brendan Burns
d7dc20fd6a Add etcd to the list of services to validate. 
Also add minions.
 2014-11-05 21:22:01 -08:00
Daniel Smith
4196780eda Add self links to objects sent down the watch channel. 2014-11-05 17:22:18 -08:00
Eric Tune
6e81e8c896 Basic ACL file. 
Added function to read basic ACL from a CSV file.
Added implementation of Authorize based on that file's policies.
Added docs on authentication and authorization.
Added example file and tested it.
 2014-11-05 16:06:22 -08:00
Eric Tune
1668c6f107 Authorization based on namespace, kind, readonly. 
Also, pass Authorizer into master.Config.
 2014-11-03 17:45:15 -08:00
Eric Tune
3045035512 Get user from request and put in authz attribs. 
Added integration tests for user-based auth.
 2014-11-03 16:38:56 -08:00
Brendan Burns
f02fe2da1b Deflake the TestCreate test, by adding an explicit wait. 2014-11-02 12:38:31 -08:00
Eric Tune
55c2d6bbbb Add basic Authorization. 
Added basic interface for authorizer implementations.
Added default "authorize everything" and "authorize nothing
implementations.
Added authorization check immediately after authentication check.
Added an integration test of authorization at the HTTP level of
abstraction.
 2014-10-31 12:04:33 -07:00
Brendan Burns
563311071d Merge pull request #2090 from ddysher/stop-httptest-server 
Stop httptest server.
 2014-10-30 21:44:53 -07:00
Deyuan Deng
acf9d23b32 Stop httptest server. 2014-10-30 21:37:08 -04:00
Daniel Smith
b28234fac6 Fix self linking of objects returned in lists. 2014-10-30 15:04:11 -07:00
derekwaynecarr
dda19071e3 Fix watch by namespace 2014-10-30 12:56:50 -04:00
Daniel Smith
3045311398 Fix subtle bug when proxy constructs outgoing URL. 2014-10-29 11:29:28 -07:00
Daniel Smith
7209ca1543 Make redirect handle namespaces just like proxy (which is weird and needs to be fixed but at least this will be consistent). 2014-10-29 11:29:28 -07:00
Daniel Smith
dca7363459 Serve API version list, test with an integration test. 2014-10-28 17:35:56 -07:00
Clayton Coleman
5cb3c10289 Merge pull request #1782 from smarterclayton/allow_put_to_set_create 
Allow clients to determine the difference between create or update on PUT
 2014-10-28 13:40:41 -04:00
Eric Tune
40a5ca034d Integration test on master, not just apiserver. 
Moved code from cmd/apiserver to pkg/master.

test/integration/client_test made to use a master object,
instead of an apiserver.Handle.

Subsequent PRs will move more handler-installation into
pkg/master, with the goal that every http.Handler of a
standalone apiserver process can also be tested
in a "testing"-style go test.

In particular, a subsequent PR will test
authorization.
 2014-10-27 09:14:58 -07:00
Clayton Coleman
d5ee171410 Allow clients to determine the difference between create or update on PUT 
PUT allows an object to be created (http 201).  This allows REST code to
indicate an object has been created and clients to react to it.

APIServer now deals with <-chan RESTResult instead of <-chan runtime.Object,
allowing more data to be passed through.
 2014-10-24 14:41:15 -04:00
Clayton Coleman
644eb70085 Refactor tests to split ObjectMeta from TypeMeta 2014-10-24 11:22:21 -04:00
Clayton Coleman
7550c146dc Replace struct initializers for TypeMeta with ObjectMeta 2014-10-24 11:22:21 -04:00
Clayton Coleman
1ccb86c760 Rename methods in api/meta to be cleaner 2014-10-22 22:59:12 -04:00
Clayton Coleman
bb77a5d15f Rename ID -> Name 2014-10-22 15:00:26 -04:00
Daniel Smith
91efe51770 Merge pull request #1829 from jhadvig/proxy_flush 
Flush data periodically instead of their buffering
 2014-10-21 17:01:15 -07:00
Tim Hockin
e8686429c4 Merge pull request #1916 from lavalamp/fix 
Add read-only, rate limited endpoint
 2014-10-20 16:42:46 -07:00
jhadvig
69c7228006 Flush data periodically instead of their buffering 2014-10-21 01:39:01 +02:00
Daniel Smith
9356ed7fe7 Add read-only, rate limited endpoint 2014-10-20 16:32:52 -07:00
derekwaynecarr
51aeb6bcd1 Add unit test for namespace aware proxy 2014-10-20 16:26:51 -04:00
Tim Hockin
c5388e9a30 Merge pull request #1884 from lavalamp/fix4 
Get rid of old minion proxy code in favor of new, better proxy code
 2014-10-20 11:50:52 -07:00
Daniel Smith
bf942e859f remove old proxy code. 2014-10-20 11:28:12 -07:00
derekwaynecarr
5e01c804fd Fixup apiserver proxy to be namespace aware 2014-10-20 10:39:16 -04:00
deads2k
2c35c06727 report originating error for GetReference failure 2014-10-17 12:52:41 -04:00
bgrant0607
9edd8a104c Merge pull request #1833 from erictune/authz 
Add forbidden error.
 2014-10-16 13:39:17 -07:00
derekwaynecarr
085ca40291 Enforce unique constraint at namespace boundary in etcd, make client and server namespace aware 2014-10-16 13:02:52 -04:00
Eric Tune
26a2bab797 Add forbidden error. 
Will be used in subsequent PRs that add authorization.
 2014-10-16 09:25:54 -07:00
Haney Maxwell
c0bf974871 Allow disabling non-necessary kubelet and apiserver endpoints 2014-10-09 16:49:27 -07:00
Clayton Coleman
82bcdd3b3b Make ResourceVersion a string internally instead of uint64 
Allows us to define different watch versioning regimes in the future
as well as to encode information with the resource version.

This changes /watch/resources?resourceVersion=3 to start the watch at
4 instead of 3, which means clients can read a resource version and
then send it back to the server. Clients should no longer do math on
resource versions.
 2014-10-07 19:00:26 -04:00
Clayton Coleman
d3e51a0f24 Rename JSONBase -> TypeMeta in preparation for v1beta3 
Will make subsequent refactor much easier
 2014-10-07 11:12:16 -04:00
derekwaynecarr
e4ec49ee6b Require namespace on controller, pod, service objects 2014-10-01 10:57:50 -04:00
Tim Hockin
e73de49f81 Caps on StatusReason* 2014-09-27 21:38:51 -07:00
Daniel Smith
37e505601e add self linking to apiserver 2014-09-26 15:08:02 -07:00
derekwaynecarr
ee19ba186d Update to use api.Context 2014-09-26 11:50:34 -04:00
derekwaynecarr
be85ad7a3d Add context object in test cases flows 2014-09-26 11:50:34 -04:00
derekwaynecarr
3e685674e7 Add context object to interfaces 2014-09-26 11:50:34 -04:00
Clayton Coleman
74db9a1b20 Log apiserver errors that are not of an expected type 
Currently HttpLog only expected status range - this logs errors
that come back from a REST storage object without being first
converted to something in pkg/api/errors.  This usually indicates
unexpected error conditions that a programmer didn't explicitly
check for - the kinds of problems that may need debugging by
an operator later.  Set to V(1) because they don't impair normal
operation.
 2014-09-25 16:21:48 -04:00
Clayton Coleman
e3da2ba2c8 Cleanup watch encoding (remove dupe Encoding) 
Move standard watch encode / decode streams to use
runtime.RawExtension and embed API decoding based on
a provided codec.
 2014-09-22 16:03:07 -04:00
Brendan Burns
a4912d7203 Merge pull request #1342 from jwforres/websocket_connection_header 
Match any Connection header that contains the Upgrade token for websocke...
 2014-09-18 09:47:07 -07:00