kubernetes

History

Kubernetes Submit Queue 3b9eb1a875 Merge pull request #43876 from caesarxuchao/blockOwnerDeletion-admission Automatic merge from submit-queue (batch tested with PRs 44440, 44038, 44302, 44316, 43876) Extend the gc admission plugin to check ownerReference.blockOwnerDeletion #Extend the gc admission plugin to prevent user who doesn't have delete permission of the owner from changing blockOwnerDeletion field of existing ownerReferences, or adding ownerReference with blockOwnerDeletion=true. The plugin need a RESTMapper to translate ownerRef.Kind to Resource. It should be using a dynamic one. However, as discussed in https://github.com/kubernetes/kubernetes/pull/42615, such a RESTMapper will be built after watchable discovery API is implemented, so in this PR the plugin is using the `api.Registry.RESTMapper()`, which is also [used](https://github.com/kubernetes/kubernetes/blob/master/cmd/kube-controller-manager/app/core.go#L165-L166) by the garbage collector currently. ```release-note Extending the gc admission plugin so that a user who doesn't have delete permission of the owner cannot modify blockOwnerDeletion field of existing ownerReferences, or add new ownerReference with blockOwnerDeletion=true ``` cc @lavalamp		2017-04-13 23:18:06 -07:00
..
clicheck	Enable auto-generating sources rules	2017-01-05 14:14:13 -08:00
cloud-controller-manager	Bugfix: cloud-controller-manager routeController.run() block in WaitForCacheSync	2017-04-12 13:03:41 +08:00
gendocs	Enable auto-generating sources rules	2017-01-05 14:14:13 -08:00
genkubedocs	Enable auto-generating sources rules	2017-01-05 14:14:13 -08:00
genman	Enable auto-generating sources rules	2017-01-05 14:14:13 -08:00
genslateyaml	Enable auto-generating sources rules	2017-01-05 14:14:13 -08:00
genswaggertypedocs	start the apimachinery repo	2017-01-11 09:09:48 -05:00
genutils	Enable auto-generating sources rules	2017-01-05 14:14:13 -08:00
genyaml	Enable auto-generating sources rules	2017-01-05 14:14:13 -08:00
gke-certificates-controller	Better messaging when GKE certificate signing fails.	2017-03-21 21:00:47 -07:00
hyperkube	bazel: implement git build stamping	2017-04-05 11:47:39 -07:00
kube-apiserver	add gc admission plugin that prevents user who doesn't have delete permission of the owner from setting blockOwnerDeletion	2017-04-13 11:55:22 -07:00
kube-controller-manager	Merge pull request #43277 from StudyNick/zte-20170315	2017-04-13 15:01:58 -07:00
kube-proxy	Merge pull request #43702 from wojtek-t/edge_based_proxy	2017-04-12 00:30:53 -07:00
kubeadm	Merge pull request #42914 from liggitt/fix-defaulting	2017-04-13 22:07:10 -07:00
kubectl	bazel: implement git build stamping	2017-04-05 11:47:39 -07:00
kubelet	Make the dockershim root directory configurable	2017-04-12 09:06:21 -04:00
kubemark	Use shared informers for proxy endpoints and service configs	2017-04-04 12:51:41 -04:00
libs/go2idl	Merge pull request #43081 from sttts/sttts-conversion-gen-dup-func-error	2017-04-12 05:01:45 -07:00
linkcheck	Enable auto-generating sources rules	2017-01-05 14:14:13 -08:00
mungedocs	Enable auto-generating sources rules	2017-01-05 14:14:13 -08:00
BUILD	Merge pull request #42070 from luxas/remove_kube_discovery	2017-03-04 12:58:23 -08:00
OWNERS	Updated top level owners file to match new format	2017-01-19 11:29:16 -08:00