github/kubernetes
4
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
92,976 Commits 1 Branch 31 Tags 1,019 MiB
ff33efc164
Commit Graph

264 Commits

Author SHA1 Message Date
jennybuckley
b33fbc84d9 Update Structured Merge Diff to V3 2020-01-21 15:23:13 -08:00
Mike Spreitzer
ce12105edc Added server-side printers for the API object types for API priority and fairness 2020-01-20 01:49:05 -05:00
gavinfish
68532e0c0f Remove redundant nil check 2020-01-08 15:28:46 +08:00
danielqsj
6596a14d39 add missing alias of api errors under test 2019-12-26 17:29:38 +08:00
Jordan Liggitt
749eea7e0f Prune server-side print exemption list 2019-12-13 12:23:39 -05:00
Jordan Liggitt
0387cc7cb3 Update generated files 2019-12-13 12:23:39 -05:00
Jordan Liggitt
f2f22b84cd Delete ReplicationControllerDummy 2019-12-13 12:21:33 -05:00
Jordan Liggitt
18ba6f9482 Remove references to unserved types 2019-12-13 12:21:33 -05:00
tanjunchen
06c5901769 fix staticcheck in test/integration/apiserver 2019-12-06 23:05:20 +08:00
Jordan Liggitt
d620493b74 Ensure webhook backend requests are not artificially rate-limited 2019-12-02 12:01:51 -05:00
Kubernetes Prow Robot
567b13487f
Merge pull request #85162 from apelisse/strip-nullable 
Strip nullable for Server-side apply
 2019-11-14 11:19:48 -08:00
Kubernetes Prow Robot
64f4be5b32
Merge pull request #84390 from robscott/endpointslice-beta 
Promoting EndpointSlices to beta
 2019-11-13 17:27:50 -08:00
Kubernetes Prow Robot
02af1dd62c
Merge pull request #85004 from deads2k/dynamic-agg-cert 
dynamic reload cluster authentication info for aggregated API servers
 2019-11-13 14:50:54 -08:00
Rob Scott
a7e589a8c6
Promoting EndpointSlices to beta 2019-11-13 14:20:19 -08:00
Antoine Pelisse
5038f80b45 Strip nullable for Server-side apply 2019-11-13 10:43:51 -08:00
David Eads
e44352f31a create utilities inspecting server TLS certs 2019-11-12 12:34:19 -05:00
Rob Scott
0fa9981e01
Splitting IP address type into IPv4 and IPv6 for EndpointSlices 2019-11-12 09:03:53 -08:00
Kubernetes Prow Robot
15f586a6c1
Merge pull request #84963 from liggitt/feature-json-codes 
Fix json patch limit check
 2019-11-08 10:12:51 -08:00
Jordan Liggitt
3d5f11bda3 Add testcases covering large valid patches 2019-11-07 22:58:46 -05:00
David Eads
7351c86860 publish cluster authentication trust via controller 2019-11-06 10:17:19 -05:00
Mike Danese
a4ca9e6c93 migrate callers to g/g/uuid 2019-11-04 23:15:29 -08:00
Kubernetes Prow Robot
510fb38f27
Merge pull request #83671 from yue9944882/flow-control-api-model 
Apiserver flowcontrol api models
 2019-11-01 22:49:40 -07:00
yue9944882
6db3edff10 [generated] ./hack/update-all.sh 
generated

generated

generated

rule

generated

generated
 2019-10-29 12:59:17 +08:00
yue9944882
7c28a4b70e non-generated api models misc 
rule list

rule

rule 2
 2019-10-29 12:26:12 +08:00
Jack Kleeman
d9adf535f3 Dynamic SNI certificates 
Reload SNI certificate cert and key file from disk every minute and notify
the dynamic certificate controller when they change, allowing serving
tls config to be updated.
 2019-10-25 16:38:51 +01:00
Jack Kleeman
4e99b5d26a Add integration test for serving cert rotation 2019-10-24 09:15:44 +01:00
David Eads
6beb96261e wire up a means to dynamically reload ca bundles for kube-apiserver 2019-10-23 11:01:56 -04:00
David Eads
867ee1d5ff add insecurebackendproxy 2019-10-16 11:43:17 -04:00
jennybuckley
61b19c7298 Cap the number of managedFields entries for updates at 10 2019-10-03 16:24:58 -07:00
jennybuckley
d72260b9da Refactor fieldmanager to be more modular 2019-10-03 16:24:58 -07:00
Jordan Liggitt
8ef4566cef Limit YAML/JSON decode size 2019-10-02 21:52:19 -04:00
Joe Betz
2c8ffc329b Fix reinvokation test flake by isolating webhooks and markers 2019-09-17 15:30:37 -07:00
Ted Yu
5e5824f9c5 Check the length of recorder.invocations 2019-09-15 16:43:12 -07:00
Kubernetes Prow Robot
4dd1e3fa43
Merge pull request #82585 from wojtek-t/fix_meta_internalversion_codecs 
Ensure conversions are registered for metainternalversion codecs
 2019-09-12 17:26:31 -07:00
wojtekt
54163527a6 Ensure conversions are registered for metainternalversion codecs 2019-09-12 19:32:02 +02:00
Kubernetes Prow Robot
50b8b42c1b
Merge pull request #82498 from liggitt/race-flake 
Avoid encoding from competing goroutines
 2019-09-11 21:23:50 -07:00
Kubernetes Prow Robot
f5ae0604ad
Merge pull request #82175 from yutedz/fld-mgr-conflict 
Move Update Apply conflict test to field manager test
 2019-09-11 10:40:14 -07:00
Jordan Liggitt
510140ee27 Avoid encoding from competing goroutines 2019-09-09 12:03:38 -04:00
Jordan Liggitt
3904e14b40 Fallback to schemaless apply behavior for custom resources with unhandled schemas 2019-09-06 15:39:28 -04:00
Jordan Liggitt
e734c70e03 Add integration test for webhook client auth 2019-09-03 13:58:54 -04:00
Kubernetes Prow Robot
ab162cd28c
Merge pull request #77354 from jennybuckley/crd-apply 
Use CRD validation field in server-side apply
 2019-08-30 23:53:47 -07:00
Ted Yu
9828f986af Move Update Apply conflict test to field manager test 2019-08-30 14:47:39 -07:00
Kubernetes Prow Robot
81f997b3c8
Merge pull request #82129 from liggitt/webhook-timeout-flake 
Fix out of bounds error in timeout tests
 2019-08-30 09:40:35 -07:00
Kubernetes Prow Robot
f442b6ef32
Merge pull request #82090 from liggitt/webhook-http2 
Use http/1.1 for apiserver->webhook clients
 2019-08-30 06:26:54 -07:00
jennybuckley
badd5b9a26 Update generated 2019-08-29 19:10:28 -07:00
jennybuckley
cf24968309 Fix validation and add many tests 2019-08-29 19:10:28 -07:00
jennybuckley
c0617933d4 Use CRD validation field in server-side apply 2019-08-29 18:42:24 -07:00
Jordan Liggitt
b451b86131 Fix out of bounds error in timeout tests 2019-08-29 10:33:20 -04:00
Kubernetes Prow Robot
6c9f26ca3a
Merge pull request #80766 from robscott/discovery-api 
Adding Discovery API for EndpointSlice
 2019-08-28 14:44:09 -07:00
Jordan Liggitt
ddc697866a Use http/1.1 in apiserver->webhook clients 2019-08-28 16:51:57 -04:00
Kubernetes Prow Robot
61e2f52e38
Merge pull request #81754 from apelisse/version-fields 
Add FieldsType field to ManagedFields to track content format
 2019-08-28 01:37:50 -07:00
Kubernetes Prow Robot
0a784c5dc9
Merge pull request #78738 from jennybuckley/apply-only 
Don't start tracking field management until object has been applied
 2019-08-27 22:41:18 -07:00
Jennifer Buckley
f99252f2c6
Add issue to TODO 2019-08-27 15:00:15 -07:00
Antoine Pelisse
ff4e1f3592 Add new FieldsType to clarify the format of Fields 2019-08-27 14:52:36 -07:00
Rob Scott
f80cee9280
Adding discovery/v1alpha1 API for EndpointSlices 2019-08-26 14:50:00 -07:00
Kubernetes Prow Robot
e2f57be0c0
Merge pull request #77824 from roycaihw/webhook-trace 
mutating webhook: audit log mutation existence and patch
 2019-08-23 22:26:24 -07:00
jennybuckley
2e669a7f22 Fix failing test 2019-08-23 13:11:09 -07:00
jennybuckley
3279c73945 Add tests 2019-08-23 12:45:36 -07:00
jennybuckley
9a12e37a6d Only update managedFields on update if it already exists 2019-08-23 12:38:08 -07:00
Haowei Cai
98ad20cc8f generated 2019-08-23 11:08:54 -07:00
Haowei Cai
d35757c653 tests 2019-08-23 11:08:54 -07:00
Kubernetes Prow Robot
9ac0c5942d
Merge pull request #81673 from jennybuckley/grouping-etcd 
Make sure no op updates don't affect the resource version due to serverside apply
 2019-08-22 20:07:57 -07:00
Di Xu
2771503626 drop unused check 2019-08-22 11:46:12 +08:00
jennybuckley
aa1f01ec7e Make sure no op updates don't affect the resource version 2019-08-21 10:27:01 -07:00
Jordan Liggitt
c63284b1f3 Use lesser of context or webhook-specific timeout in webhooks 2019-08-20 22:20:19 -04:00
Kubernetes Prow Robot
6f13032fb4
Merge pull request #81524 from jennybuckley/apply-group-updates-by-manager 
Group managedFieldsEntries for update by manager name
 2019-08-20 01:59:46 -07:00
jennybuckley
87eabcdbfa Group update managedFieldsEntries by manager name 2019-08-19 13:50:15 -07:00
Kubernetes Prow Robot
3f00331452
Merge pull request #80944 from apelisse/add-update-bench 
Add benchmark for updates and get with/without server-side apply
 2019-08-17 13:30:06 -07:00
Antoine Pelisse
4de7b6ddfb Add benchmark for updates and get with/without server-side apply 2019-08-16 15:18:22 -07:00
Kubernetes Prow Robot
44c0f64411
Merge pull request #80801 from SataQiu/fix-cert-length 
Follow up #80734: update RSA keys to 2048 bits
 2019-08-14 21:44:44 -07:00
Jordan Liggitt
0feb99f9bd Remove unnecessary serializer override for CRD status, test proto requests on CRD status 2019-08-08 12:49:08 -04:00
Jordan Liggitt
38ec458703 Test webhooks with and without watch cache enabled 2019-08-07 00:45:25 -04:00
Kubernetes Prow Robot
9743d7f270
Merge pull request #80730 from jennybuckley/apply-raw 
Use raw bytes instead of nested map in metav1.Fields
 2019-08-01 20:11:52 -07:00
Kubernetes Prow Robot
c981c65c90
Merge pull request #80231 from liggitt/admissionreview-v1 
Promote admissionreview to v1
 2019-08-01 17:20:05 -07:00
Jordan Liggitt
308c23cf89 Generated 2019-08-01 17:17:42 -04:00
Jordan Liggitt
dda9bcb082 AdmissionReview: Allow webhook admission to dispatch v1 or v1beta1 2019-08-01 17:17:42 -04:00
jennybuckley
addad99b6f Use raw bytes in metav1.Fields instead of map 
Also define custom proto unmarshaller that understands the old format
 2019-07-31 16:05:54 -07:00
SataQiu
b5d5e7a9b4 update RSA keys to 2048 bits 2019-07-31 17:48:35 +08:00
Sean Sullivan
6c96a059dd Move pkg/kubectl/cmd/util and subdirs to staging 2019-07-29 13:08:41 -07:00
Lee Verberne
013f049ce0 Add Ephemeral Containers to the Kubernetes core API 2019-07-22 11:19:22 +00:00
Kubernetes Prow Robot
3dd8add5d2
Merge pull request #79549 from liggitt/admission-webhooks-v1 
Promote admission webhook API to v1
 2019-07-11 17:01:34 -07:00
Clayton Coleman
98d87a4f03
Rename metadata.NewConfigOrDie to be consistent 
Updated name to match dynamic client
 2019-07-11 12:18:51 -04:00
Kubernetes Prow Robot
4c68fa8243
Merge pull request #79239 from apelisse/400-instead-of-500 
Return 400 on invalid patch requests
 2019-07-10 21:39:20 -07:00
Antoine Pelisse
7e96438748 Return 400 on invalid patch requests 2019-07-10 15:22:10 -07:00
Jordan Liggitt
e24377f190 Install/register v1 admission registration types 2019-07-08 09:49:29 -04:00
Clayton Coleman
21f5e643d9
Add a metadata client to client-go that can read PartialObjectMetadata 
This client exposes operations on generic metadata (get, list, watch, delete)
and allows patch operations. The client always uses protobuf and requests
the server transform the response into the appropriate object. Using this
client simplifies the work of generic controllers by allowing them to treat
all objects the same, and also improves performance both in the amount of
data sent as well as allowing protobuf on CRD resources.
 2019-07-02 16:42:41 -04:00
Kevin Wiesmüller
49abd3b3ab add more tests on clearing managedFields 2019-06-11 20:30:53 +02:00
Joe Betz
e51320f69d Flake fix: poll for webhook registration to complete in reinvocation integration tests 2019-06-04 15:52:55 -07:00
Kubernetes Prow Robot
bada1c6b1e
Merge pull request #78505 from caesarxuchao/dynamic-object-selector 
Adding ObjectSelector to admission webhooks
 2019-06-01 04:45:09 -07:00
Kubernetes Prow Robot
227f34b33a
Merge pull request #77817 from smarterclayton/apicrd 
CRDs should support watch of protobuf PartialObjectMetadata
 2019-05-31 20:44:35 -07:00
Chao Xu
6cf499db6c object matcher 2019-05-30 17:23:35 -07:00
Clayton Coleman
26a6cdda86
Set integration tests to use distinct namespaces 
TestWatchBasedManager was racing with the default namespace creation.
To fix that flake and to ensure integration tests using a shared etcd
don't accidentally overlap in the future, move the three main tests
using the default namespace to separate namespaces, and have
TestWatchBasedManager create that namespace before it runs.

Make StartTestServer wait for default namespace creation, which will
reduce other flakes until future changes completely remove use of default
namespace.

From a failed integration run:

	watch_manager_test.go:66: namespaces "default" not found
	watch_manager_test.go:66: namespaces "default" not found
	watch_manager_test.go:66: namespaces "default" not found
 2019-05-30 19:11:50 -04:00
Joe Betz
95fa928ecb Add mutating admission webhook reinvocation 2019-05-30 14:31:09 -07:00
Joe Betz
55ecc45455 split admissionregistration.v1beta1/Webhook into MutatingWebhook and ValidatingWebhook 2019-05-30 14:31:09 -07:00
Clayton Coleman
89e752add0
CRDs should support watch of protobuf PartialObjectMetadata 
Correctly ensure CRDs can be watched using protobuf when transformed to
PartialObjectMetadata. To do this we add a set of serializers allowed to
be used for "normal" requests (that return CRDs) while the serializers
supported by the infrastructure is broader and includes protobuf. During
negotatiation we check for transformation requests and protobuf is
excluded from non-transform requests.

As part of the change, correct an error message when the server returns
a 406 but the client doesn't accept the format to avoid confusing users
who set impossible Accept rules for CRDs (the dynamic client doesn't
support Protobuf, so if the server responds with a protobuf status the
message from the server is lost and the generic error was confusing).
 2019-05-30 10:47:35 -04:00
Kubernetes Prow Robot
3978d13d45
Merge pull request #78086 from lubinsz/pr_bzl_api 
data attribute was missing for apiextensions-apiserver test cases
 2019-05-29 09:44:38 -07:00
Jordan Liggitt
8c194ea615 Add webhook admission conversion test 2019-05-28 14:30:20 -04:00
Bin Lu
b121545b70 data attribute was missing for apiserver integration test cases 
Signed-off-by: Bin Lu <bin.lu@arm.com>
 2019-05-19 20:04:35 +08:00
Jordan Liggitt
0b88095a17 Switch admission webhook test to work with shared etcd 2019-05-17 09:54:14 -07:00
Chao Xu
7bb4a3bace Run deleteValidation at the storage layer so that it will be retried on 
conflict.

Adding unit test verify that deleteValidation is retried.

adding e2e test verifying the webhook can intercept configmap and custom
resource deletion, and the existing object is sent via the
admissionreview.OldObject.

update the admission integration test to verify that the existing object
is passed to the deletion admission webhook as oldObject, in case of an
immediate deletion and in case of an update-on-delete.
 2019-05-17 09:54:11 -07:00