github/kubernetes
4
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
99,449 Commits 1 Branch 31 Tags
d8f3794b83c20a0ebafa09a0742a53a76d2786c2
Commit Graph

175 Commits

Author SHA1 Message Date
Random-Liu
88fb149cf5 Add seccomp and apparmor support. 2016-09-27 16:33:02 -07:00
Tim St. Clair
15d336272e Fix PSP volumes error message 2016-09-01 15:55:34 -07:00
Tim St. Clair
3808243b9e Append "AppArmor enabled" to the Node ready condition message 2016-08-31 09:27:47 -07:00
Kubernetes Submit Queue
3c23d68b66 Merge pull request #31471 from timstclair/aa-beta 
Automatic merge from submit-queue

[AppArmor] Promote AppArmor annotations to beta

Justification for promoting AppArmor to beta:

1. We will provide an upgrade path to GA
2. We don't anticipate any major changes to the design, and will continue to invest in this feature
3. We will thoroughly test it. If any serious issues are uncovered we can reevaluate, and we're committed to fixing them.
4. We plan to provide beta-level support for the feature anyway (responding quickly to issues).

Note that this does not include the yet-to-be-merged status annotation (https://github.com/kubernetes/kubernetes/pull/31382). I'd like to propose keeping that one alpha for now because I'm not sure the PodStatus is the right long-term home for it (I think a separate monitoring channel, e.g. cAdvisor, would be a better solution).

/cc @thockin @matchstick @erictune
 2016-08-28 12:19:56 -07:00
Tim St. Clair
9bde6f0770 Add AppArmor feature gate 2016-08-25 17:40:18 -07:00
Tim St. Clair
a5b7212453 Promote AppArmor annotations to beta 2016-08-25 15:40:32 -07:00
Dr. Stefan Schimanski
ed36baed20 Add sysctl PodSecurityPolicy support 2016-08-25 13:22:01 +02:00
Huamin Chen
dea4b0226d support Azure data disk volume 
Signed-off-by: Huamin Chen <hchen@redhat.com>
 2016-08-23 13:23:07 +00:00
Tim St. Clair
293770ef31 AppArmor PodSecurityPolicy implementation 2016-08-21 23:10:45 -07:00
Tim St. Clair
f94df59791 Remove apparmor dependency on pkg/kubelet/lifecycle 2016-08-21 20:59:11 -07:00
Johannes Scheuermann
eed42380f9 Initial Quobyte support 2016-08-18 17:13:50 +02:00
Tim St. Clair
c99d7fddc1 Add alpha annotations support to the PodSecurityPolicy provider 2016-08-17 10:14:36 -07:00
Tim St. Clair
db6629228f Add AppArmor E2E test 2016-08-15 13:25:22 -07:00
Tim St. Clair
3c7896719b Implement AppArmor Kubelet support 2016-08-15 13:25:17 -07:00
Kubernetes Submit Queue
2c28b88efb Merge pull request #29812 from timstclair/aa-validation 
Automatic merge from submit-queue

Add AppArmor validation logic

The validation checks the prerequisites described in the [AppArmor proposal](https://github.com/kubernetes/kubernetes/blob/master/docs/proposals/apparmor.md#prerequisites).

In order to unblock the AppArmor implementation from waiting on the APIs to merge, this PR uses 2 helper stubs for handling the Pod API.

<!-- Reviewable:start -->
---
This change is [<img src="https://reviewable.kubernetes.io/review_button.svg" height="34" align="absmiddle" alt="Reviewable"/>](https://reviewable.kubernetes.io/reviews/kubernetes/kubernetes/29812)
<!-- Reviewable:end -->
 2016-08-11 15:49:55 -07:00
Tim St. Clair
bdc306bbfe Add AppArmor validation logic 
The validation checks the prerequisites described in the [AppArmor
proposal](https://github.com/kubernetes/kubernetes/blob/master/docs/proposals/apparmor.md#prerequisites)
 2016-08-11 10:31:25 -07:00
Jess Frazelle
c0f4bd38ff enable golint for pkg/security/podsecuritypolicy/capabilities 
Signed-off-by: Jess Frazelle <me@jessfraz.com>
 2016-08-10 16:46:19 -07:00
Lucas Käldström
c88a07ce1a Run goimports 2016-08-02 15:12:39 +03:00
k8s-merge-robot
3301f6d14f Merge pull request #29356 from smarterclayton/init_containers 
Automatic merge from submit-queue

LimitRanger and PodSecurityPolicy need to check more on init containers

Container limits not applied to init containers. HostPorts not checked on podsecuritypolicy

@pweil- @derekwaynecarr
 2016-07-27 16:09:34 -07:00
Paul Morie
66e7257a81 Add package docs for pod security policy 2016-07-22 13:35:37 -04:00
Clayton Coleman
affd79fdc0 InitContainers are not checked for hostPort ranges 
PodSecurityPolicy must verify that host port ranges are guarded on init
containers.
 2016-07-20 23:19:34 -04:00
Davanum Srinivas
2b0ed014b7 Use Go canonical import paths 
Add canonical imports only in existing doc.go files.
https://golang.org/doc/go1.4#canonicalimports

Fixes #29014
 2016-07-16 13:48:21 -04:00
David McMahon
ef0c9f0c5b Remove "All rights reserved" from all the headers. 2016-06-29 17:47:36 -07:00
Abitha Palaniappan
11397654b6 Adding volume plugin to api/v1 and updating auto-generated files 2016-05-21 12:53:03 -07:00
Paul Weil
56193b7140 PSP types 2016-05-11 18:07:35 -04:00