github
/
k3s
mirror of https://github.com/k3s-io/k3s
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
67,465 Commits
32 Branches
881 Tags
633 MiB
Commit Graph

145 Commits (1c012f1c4966dfe6124192abafeba892ae9510a0)

Author SHA1 Message Date
jennybuckley d10e08fc89 Allow override AllowCreateOnUpdate with new argument to Update 2018-06-28 14:24:51 -07:00
Jeff Grafton 23ceebac22 Run hack/update-bazel.sh 2018-06-22 16:22:57 -07:00
Kubernetes Submit Queue d1f5cb2348
Merge pull request #65050 from sttts/sttts-deepcopy-update 
Automatic merge from submit-queue (batch tested with PRs 64895, 64938, 63700, 65050, 64957). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.

Bump gengo to include uniform pointer deepcopy

This bumps k8s.io/gengo with uniform pointer support in deepcopy-gen.

Fixes https://github.com/kubernetes/code-generator/issues/45.
 2018-06-21 04:15:16 -07:00
Dr. Stefan Schimanski 1208437f84 Update generated files 2018-06-13 12:35:13 +02:00
Jordan Liggitt 1034efd439
Allow non-RBAC authorizers to participate in role/clusterrole escalation checks 2018-06-06 15:31:05 -04:00
David Eads 092714ea0f switch rbac to external 2018-05-22 08:17:05 -04:00
Jordan Liggitt a674335ccc
Avoid copying aggregated admin/edit/view roles during bootstrap 2018-05-13 15:21:05 -04:00
David Eads c5445d3c56 simplify api registration 2018-05-08 18:33:50 -04:00
David Eads 8ae62517da remove rootscopedkinds from groupmeta 2018-05-01 13:08:23 -04:00
David Eads a89291a5de stop duplicating preferred version order 2018-04-26 10:03:36 -04:00
Mike Danese 54fd2aaefd replace request.Context with context.Context 2018-04-24 08:59:00 -07:00
Kubernetes Submit Queue ccc1fc4197
Merge pull request #61461 from WanLinghao/cluster_role_error_fix 
Automatic merge from submit-queue (batch tested with PRs 61396, 61321, 61443, 60911, 61461). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.

	fix a error in return value

**What this PR does / why we need it**:
This patch fix a small bug in function GetClusterRole() which returns with wrong error info.
**Which issue(s) this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close the issue(s) when PR gets merged)*:
Fixes #

**Special notes for your reviewer**:

**Release note**:

```release-note
NONE
```
 2018-03-22 03:37:22 -07:00
WanLinghao f35402e515 fix a error in return value 
modified:   pkg/registry/rbac/validation/rule.go
 2018-03-21 14:52:52 +08:00
fisherxu b49ef6531c regenerated all files and remove all YEAR fields 2018-03-08 17:52:48 +08:00
Maciej Szulik 5630d29552
Add missing table converters for server side printing 2018-02-28 17:27:45 +01:00
jennybuckley c8dacd8e63 Run hack/update-all.sh 2018-02-26 17:16:14 -08:00
Jeff Grafton ef56a8d6bb Autogenerated: hack/update-bazel.sh 2018-02-16 13:43:01 -08:00
Di Xu 48388fec7e fix all the typos across the project 2018-02-11 11:04:14 +08:00
hzxuzhonghu d0d1e1dcc4 refactor resource_config.go thoroughly and remove useless code in registry 2018-01-27 16:10:58 +08:00
Jordan Liggitt b4fb25261e
return reason for allowed rbac authorizations 
includes the binding, role, and subject that allowed a request so audit can make use of it
 2018-01-19 14:32:39 -05:00
Christoph Blecker 80e344644e
Regenerate all generated code 2018-01-02 00:21:07 -08:00
Jeff Grafton efee0704c6 Autogenerate BUILD files 2017-12-23 13:12:11 -08:00
Marcin Owsiany f9ff53d06e Do not log trailing whitespace. 2017-11-27 14:49:17 +01:00
David Eads c22fbadc0f clear resourceversion for migrated cluster roles 2017-11-22 16:16:01 -05:00
David Eads f34fb9b0ab handle clusterrole migration 2017-11-13 08:18:00 -05:00
David Eads a53e5de3db generated 2017-11-13 08:18:00 -05:00
David Eads 0f0a5223df rbac api changes for aggregation 2017-11-13 08:14:37 -05:00
Dr. Stefan Schimanski 1e79dfb959 Update generated code 2017-11-10 18:26:46 +01:00
Dr. Stefan Schimanski bec617f3cc Update generated files 2017-11-09 12:14:08 +01:00
Dr. Stefan Schimanski 012b085ac8 pkg/apis/core: mechanical import fixes in dependencies 2017-11-09 12:14:08 +01:00
Mike Danese 12125455d8 move authorizers over to new interface 2017-11-03 13:46:28 -07:00
Dr. Stefan Schimanski 2452afffe0 admission: wire create+update validation func into kube registries 2017-11-02 09:29:16 +01:00
Kubernetes Submit Queue 900c0761e3 Merge pull request #53722 from deads2k/rbac-01-allow-star 
Automatic merge from submit-queue. If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.

allow */subresource in rbac policy rules

xref #29698
xref #38756
xref #49504
xref #38810

Allow `*/subresource` format in RBAC policy rules to support polymorphic subresources like `*/scale` for HPA.

@DirectXMan12 fyi

```release-note
RBAC PolicyRules now allow resource=`*/<subresource>` to cover `any-resource/<subresource>`.   For example, `*/scale` covers `replicationcontroller/scale`.
```
 2017-10-18 14:02:05 -07:00
Dr. Stefan Schimanski cad0364e73 Update bazel 2017-10-18 17:24:04 +02:00
Dr. Stefan Schimanski 7773a30f67 pkg/api/legacyscheme: fixup imports 2017-10-18 17:23:55 +02:00
David Eads e8a703b651 allow */subresource in rbac policy rules 2017-10-16 16:17:51 -04:00
Jordan Liggitt 34ed25cf52
GC: Add check for nil interface 2017-10-16 02:21:11 -04:00
Jeff Grafton aee5f457db update BUILD files 2017-10-15 18:18:13 -07:00
Dr. Stefan Schimanski ecb65a6a71 Update generated files 2017-10-07 11:28:47 +02:00
Dr. Stefan Schimanski 509df603b1 apimachinery: mechanical removal of ObjectCopier plumbing 2017-10-06 19:21:03 +02:00
Dr. Stefan Schimanski 19285b7357 apimachinery: remove Scheme.Copy 2017-10-06 14:24:05 +02:00
Jordan Liggitt 232db3b888
Change RBAC storage version to v1 for 1.9 2017-09-25 10:02:21 -04:00
Clayton Coleman fc2d201e15
Allow watch cache to be disabled per type 
Currently setting watch cache size for a given resource does not disable
the watch cache. This commit adds a new `default-watch-cache-size` flag
to map to the existing field, and refactors how watch cache sizes are
calculated to bring all of the code into one place. It also adds debug
logging to startup to allow us to verify watch cache enablement in
production.
 2017-09-08 13:42:28 -04:00
David Eads aa637502e0 add reconcile command to kubectl auth 2017-08-30 16:04:00 -04:00
Monis Khan dd06794bc2
Add enj as reviewer to OWNERS 
Adding myself as a reviewer for the following areas:

- API
- auth
- registry
- storage (etcd)

Signed-off-by: Monis Khan <mkhan@redhat.com>
 2017-08-17 20:42:46 -04:00
Kubernetes Submit Queue f6929fc089 Merge pull request #50702 from enj/enj/r/inject_policy_hook 
Automatic merge from submit-queue (batch tested with PRs 50694, 50702)

Allow injection of policy in RBAC post start hook

This change allows the RBAC PostStartHook logic to be reused with different policy data when bootstrapping the cluster.  Thus any changes to the bootstrap logic are separated from the policy data.

Signed-off-by: Monis Khan <mkhan@redhat.com>

```release-note
NONE
```

@kubernetes/sig-auth-pr-reviews
 2017-08-15 14:28:27 -07:00
Monis Khan 751741df59
Allow injection of policy in RBAC post start hook 
This change allows the RBAC PostStartHook logic to be reused with
different policy data when bootstrapping the cluster.  Thus any
changes to the bootstrap logic are separated from the policy data.

Signed-off-by: Monis Khan <mkhan@redhat.com>
 2017-08-15 14:25:11 -04:00
Dr. Stefan Schimanski 4df0eec4df registries: simplify deepcopy calls 2017-08-15 15:49:52 +02:00
ymqytw 7500b55ce4 move retry to client-go 2017-08-14 14:16:26 -07:00
Jeff Grafton a7f49c906d Use buildozer to delete licenses() rules except under third_party/ 2017-08-11 09:32:39 -07:00