github/kubernetes
4
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
122,284 Commits 1 Branch 31 Tags 1,019 MiB
f3a7aa7f92
Commit Graph

695 Commits

Author SHA1 Message Date
jwcesign
f0aa62bc96 upgrade: upgrade dependencies github.com/prometheus/common to the newest version 
Signed-off-by: jwcesign <jwcesign@gmail.com>
 2024-04-20 09:53:16 +08:00
Ziqi Zhao
1aeb0ba314 add http method to span name 
Signed-off-by: Ziqi Zhao <zhaoziqi9146@gmail.com>
 2024-03-13 13:25:36 +08:00
Ziqi Zhao
02154293c7 change the integration test 
Signed-off-by: Ziqi Zhao <zhaoziqi9146@gmail.com>
 2024-03-12 22:49:38 +08:00
Anish Ramasekar
51c26b7002
fix test flake in TestStructuredAuthenticationConfigReload 
Signed-off-by: Anish Ramasekar <anish.ramasekar@gmail.com>
 2024-03-10 22:36:26 -07:00
Anish Ramasekar
62ac88b9ea
Add metrics for authentication config reload 
Signed-off-by: Anish Ramasekar <anish.ramasekar@gmail.com>
 2024-03-09 14:40:22 -08:00
Monis Khan
b4935d910d
Add dynamic reload support for authentication configuration 
Signed-off-by: Monis Khan <mok@microsoft.com>
 2024-03-09 14:29:33 -05:00
Kubernetes Prow Robot
46f017a90b
Merge pull request #123770 from Jefftree/go-restful 
fix aggregator path filtering to include /
 2024-03-07 10:21:53 -08:00
Kubernetes Prow Robot
c726b2b3a3
Merge pull request #123431 from aramase/aramase/f/kep_3331_multiple_jwt_authenticator 
Support multiple JWT authenticators with structured authn config
 2024-03-06 17:37:29 -08:00
Kubernetes Prow Robot
05cb0a55c8
Merge pull request #123696 from aramase/aramase/f/kep_3331_v1beta1_api 
Duplicate v1alpha1 AuthenticationConfiguration to v1beta1
 2024-03-06 15:35:28 -08:00
Anish Ramasekar
39e1c9108c
Support multiple JWT authenticators with structured authn config 
Signed-off-by: Anish Ramasekar <anish.ramasekar@gmail.com>
 2024-03-06 14:42:32 -08:00
Jefftree
8373f3035a fix aggregator path filtering to include / 2024-03-06 13:33:33 -05:00
cici37
de506ce7ac Promote ValidatingAdmissionPolicy to GA. 2024-03-05 16:00:21 -08:00
Anish Ramasekar
b502aa6f31
Duplicate v1alpha1 AuthenticationConfiguration to v1beta1 
Signed-off-by: Anish Ramasekar <anish.ramasekar@gmail.com>
 2024-03-05 09:10:34 -08:00
Kubernetes Prow Robot
50f4b1ea47
Merge pull request #123568 from enj/enj/i/jwt_username_required 
jwt: fail on empty username via CEL expression
 2024-03-04 20:07:33 -08:00
Sean Sullivan
8b447d8c97 portforward: tunnel spdy through websockets 2024-03-04 11:10:30 -08:00
Monis Khan
8345ad0bac
jwt: fail on empty username via CEL expression 
Signed-off-by: Monis Khan <mok@microsoft.com>
 2024-03-04 12:51:19 -05:00
Anish Ramasekar
78fb0bae22
wire up discovery url in authenticator 
Signed-off-by: Anish Ramasekar <anish.ramasekar@gmail.com>
 2024-03-03 17:34:51 -08:00
Jefftree
462dd326c2 Use v2 types with agg discovery 2024-03-01 13:15:22 -05:00
Kubernetes Prow Robot
ed1cc43cf7
Merge pull request #123399 from pohly/test-context-use-cancellation 
test: use cancellation from ktesting
 2024-03-01 01:03:23 -08:00
Kubernetes Prow Robot
6cc77a577e
Merge pull request #123560 from ivelichkovich/master 
kep-3716 GA, remove feature gate
 2024-02-29 22:53:38 -08:00
Patrick Ohly
1d653e6185 test: use cancelation from ktesting 
The return type of ktesting.NewTestContext is now a TContext. Code
which combined it WithCancel often didn't compile anymore (cannot overwrite
ktesting.TContext with context.Context). This is a good thing because all of
that code can be simplified to let ktesting handle the cancelation.
 2024-03-01 07:51:22 +01:00
Kubernetes Prow Robot
5cf4fbe524
Merge pull request #123458 from aramase/aramase/i/min_jwt_payload 
add min valid jwt payload to API docs for structured authn config
 2024-02-29 15:11:40 -08:00
Igor Velichkovich
a51a5b4622 kep-3716 GA, remove feature gate 2024-02-29 14:14:19 -06:00
Jiahui Feng
e257522889 add transient types to admission test. 2024-02-29 12:08:43 -08:00
Anish Ramasekar
b57d7d6ad7
add min valid jwt payload to API docs for structured authn config 
Signed-off-by: Anish Ramasekar <anish.ramasekar@gmail.com>
 2024-02-29 11:08:39 -08:00
Jiahui Feng
64ee859aa8 make ValidatingAdmissionPolicy ignore excluded resources. 2024-02-28 15:31:44 -08:00
Jiahui Feng
5b1fffa3e4 add resource filter to admission initializer. 2024-02-28 15:31:18 -08:00
Kubernetes Prow Robot
38638adaee
Merge pull request #123418 from rikatz/kep-1860-to-beta 
Promote LoadBalancerIPMode to Beta
 2024-02-24 12:48:07 -08:00
Ricardo Katz
d816ab7657 Promote LoadBalancerIPMode to Beta 2024-02-22 08:35:12 -03:00
Kubernetes Prow Robot
3d3d705a6d
Merge pull request #122883 from Jefftree/agg-discovery-block-stale 
Aggregated Discovery, mark APIServices stale before initial health check
 2024-02-21 12:02:41 -08:00
Jefftree
6726e65619 Aggregated Discovery, mark stale before initial health check 2024-02-20 18:15:13 -05:00
Anish Ramasekar
0feb1d5173
Add integration test for multiple audience in structured authn 
Signed-off-by: Anish Ramasekar <anish.ramasekar@gmail.com>
 2024-02-14 18:50:46 -08:00
Kubernetes Prow Robot
72c3c7c924
Merge pull request #123282 from enj/enj/i/authn_config_algs 
Support all key algs with structured authn config
 2024-02-14 18:08:32 -08:00
Anish Ramasekar
18c563546a
support multiple audiences with jwt authenticator 
Signed-off-by: Anish Ramasekar <anish.ramasekar@gmail.com>
 2024-02-14 10:47:07 -08:00
Monis Khan
b5e0068325
Support all key algs with structured authn config 
Signed-off-by: Monis Khan <mok@microsoft.com>
 2024-02-14 09:40:25 -05:00
Monis Khan
b8a59346fe
test/oidc: extract key type to allow testing different algs 
Signed-off-by: Monis Khan <mok@microsoft.com>
 2024-02-13 17:05:33 -05:00
Alexander Zielenski
b636984004 test: remove unnecessary skip healthz check from test 
snuck in there while I was working on the test, but is ultimately not necessary to test the functionality.

skipping healthz check resulted in leaking goroutines from poststarthooks.
 2024-02-01 14:50:54 -08:00
Alexander Zielenski
71559bd026 bugfix: dont skip reconcile for unchanged policy if last sync failed 2024-01-29 11:16:59 -08:00
Eric Lin
246e69fb99 Use http/2 for localhost webhook 
Signed-off-by: Eric Lin <exlin@google.com>
 2024-01-04 09:09:10 +00:00
Kubernetes Prow Robot
f68a965e5a
Merge pull request #122032 from carlory/remove-fg-APISelfSubjectReview 
remove feature-gate APISelfSubjectReview in 1.30
 2023-12-20 16:46:53 +01:00
Jordan Liggitt
233949e05d
Add an integration test to verify root path cleanup 2023-11-30 14:57:21 -05:00
carlory
57a5db8da3 remove feature-gate APISelfSubjectReview 2023-11-24 16:59:21 +08:00
bzsuni
003e4886c6 Fix parameter passing error 
Signed-off-by: bzsuni <bingzhe.sun@daocloud.io>
 2023-11-02 01:14:45 +08:00
Kubernetes Prow Robot
6abff7457e
Merge pull request #116516 from aojea/servicecidr 
KEP-1880 Multiple ServiceCIDR ( and IPAddress allocation)
 2023-11-01 03:52:24 +01:00
Kubernetes Prow Robot
593a17d3b6
Merge pull request #121575 from apelisse/update-smd 
Update sigs.k8s.io/structured-merge-diff to v4.4.0
 2023-11-01 01:51:17 +01:00
Kubernetes Prow Robot
fafccc0c9a
Merge pull request #121078 from aramase/aramase/f/kep_3331_cel_integration 
Implement CEL for StructuredAuthenticationConfig
 2023-11-01 00:33:21 +01:00
Antonio Ojea
46b13d48e2 etcd data 
Change-Id: I31c3a1c8fee7f3a681186b934bd7c6b36baee6df
 2023-10-31 21:05:05 +00:00
Jordan Liggitt
df80775693 Include managed field comparison in test 2023-10-31 14:03:39 -07:00
Anish Ramasekar
cc190e0ace
add integration tests 
Signed-off-by: Anish Ramasekar <anish.ramasekar@gmail.com>
 2023-10-31 20:16:12 +00:00
Jiahui Feng
e4776e0f85 avoid infinite recursion for type resolvers. 2023-10-31 10:23:50 -07:00