github
/
k3s
mirror of https://github.com/k3s-io/k3s
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
57,129 Commits
32 Branches
881 Tags
633 MiB
Commit Graph

62 Commits (40212c17cdf4d7bc2a45c495cf0d37ebab032578)

Author SHA1 Message Date
Dr. Stefan Schimanski aedcf681b3 admission: rename Validate{ -> Initialization}, Validat{ingAdmit -> e} 2017-11-02 09:29:55 +01:00
Dr. Stefan Schimanski 2452afffe0 admission: wire create+update validation func into kube registries 2017-11-02 09:29:16 +01:00
Kubernetes Submit Queue 2d914ee703 Merge pull request #53984 from sttts/sttts-legacyscheme 
Automatic merge from submit-queue. If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.

pkg/api: extract Scheme/Registry/Codecs into pkg/api/legacyscheme

This serves as

- a preparation for the pkg/api->pkg/apis/core move
- and makes the dependency to the scheme explicit when vizualizing
  left depenncies.

The later helps with our our efforts to split up the monolithic repo
into self-contained sub-repos, e.g. for kubectl, controller-manager
and kube-apiserver in the future.
 2017-10-18 10:49:10 -07:00
Dr. Stefan Schimanski cad0364e73 Update bazel 2017-10-18 17:24:04 +02:00
Dr. Stefan Schimanski 7773a30f67 pkg/api/legacyscheme: fixup imports 2017-10-18 17:23:55 +02:00
Slava Semushin 1a3a2d47c8 admission_test.go: remove unused createNamespaceForTest() and createSAForTest() functions. 2017-10-17 12:03:46 +02:00
Jordan Liggitt 8c5b01376a
PodSecurityPolicy: Order by name, prefer non-mutating policies, require *api.Pod, allow GC updates 2017-10-16 02:22:11 -04:00
Jordan Liggitt abc7c077e1
PodSecurityPolicy: avoid unnecessary mutation of supplemental groups 2017-10-16 02:21:10 -04:00
Jordan Liggitt b45b809f4c
PodSecurityPolicy: Do not mutate nil privileged field to false 2017-10-16 02:21:10 -04:00
Jeff Grafton aee5f457db update BUILD files 2017-10-15 18:18:13 -07:00
p0lyn0mial 475493ced6 moved admission interfaces WantsClientCert, WantsAuthorizer and WantsExternalKubeClientSet to apiserver 2017-10-01 15:03:08 +02:00
Slava Semushin 9015a82692 PodSecurityPolicy.allowedCapabilities: add support for using * to allow to request any capabilities. 
Also modify "privileged" PSP to use it and allow privileged users to use
any capabilities.
 2017-09-06 12:18:09 +02:00
Jeff Grafton a7f49c906d Use buildozer to delete licenses() rules except under third_party/ 2017-08-11 09:32:39 -07:00
Jeff Grafton 33276f06be Use buildozer to remove deprecated automanaged tags 2017-08-11 09:31:50 -07:00
mbohlool 70c4fe7f4f update generated files 2017-06-21 04:09:08 -07:00
mbohlool c91a12d205 Remove all references to types.UnixUserID and types.UnixGroupID 2017-06-21 04:09:07 -07:00
p0lyn0mial d0e89577db Simply changed the names of packages of some admission plugins. 2017-06-05 22:23:42 +02:00
p0lyn0mial c5019bf696 remove init blocks from all admission plugins 2017-05-23 22:00:32 +02:00
p0lyn0mial 3f8d6e9210 Change all the existing admission init blocks to call a Register function 
this is a two stage refactor when done there will be no init block in admission plugins.
Instead all plugins expose Register function which accept admission.Plugins instance.
The registration to global plugin registry happens inside Register func.
 2017-05-18 22:25:01 +02:00
Jamie Hannaford 9440a68744 Use dedicated Unix User and Group ID types 2017-05-05 14:07:38 +02:00
FengyunPan 3856b5d76c Check errors before logging providers 
The logProviders() should check errors firstly, and do not log
providers when providers is null.
 2017-04-22 16:55:32 +08:00
Mike Danese a05c3c0efd autogenerated 2017-04-14 10:40:57 -07:00
Dr. Stefan Schimanski 63f547e1b1 pkg/admission: make plugin registry non-global 2017-04-12 11:37:25 +02:00
Chao Xu 08aa712a6c move helpers.go to helper 2017-04-11 15:49:11 -07:00
Jordan Liggitt 5d839d0d0b
Avoid nil user special-casing in unsecured endpoint 2017-03-31 13:28:59 -04:00
Jordan Liggitt 829e6f6cfb
Include pod namespace in PSP 'use' authorization check 2017-03-24 15:14:52 -04:00
Jordan Liggitt dd7561801a
Authorize PSP usage for pods without service accounts 2017-03-21 19:54:39 -04:00
Kubernetes Submit Queue 2be623b14f Merge pull request #38805 from xilabao/add-err-info-to-authorize-in-psp 
Automatic merge from submit-queue

add err info to authorize in psp

It's unwise to ignore the err in my view.
 2017-03-10 13:32:19 -08:00
deads2k d89862beca update names for kube plugin initializer to avoid conflicts 2017-03-06 10:18:21 -05:00
xilabao 35d926d8d3 add err info to authorize in psp 2017-02-27 10:24:01 +08:00
Andy Goldstein 022bff7fbe Switch admission to use shared informers 2017-02-23 11:16:09 -05:00
deads2k b0b156b381 make tools/cache authoritative 2017-01-25 08:29:45 -05:00
Clayton Coleman 469df12038
refactor: move ListOptions references to metav1 2017-01-23 17:52:46 -05:00
deads2k 01b3b2b461 move admission to genericapiserver 2017-01-18 08:15:19 -05:00
Clayton Coleman 9a2a50cda7
refactor: use metav1.ObjectMeta in other types 2017-01-17 16:17:19 -05:00
Clayton Coleman 36acd90aba
Move APIs and core code to use metav1.ObjectMeta 2017-01-17 16:17:18 -05:00
deads2k 77b4d55982 mechanical 2017-01-16 09:35:12 -05:00
deads2k 6a4d5cd7cc start the apimachinery repo 2017-01-11 09:09:48 -05:00
Jeff Grafton 20d221f75c Enable auto-generating sources rules 2017-01-05 14:14:13 -08:00
deads2k 4d7fcae85a mechanicals 2017-01-05 11:14:27 -05:00
deads2k ca58ec0237 mechanical changes for move 2017-01-04 10:27:05 -05:00
deads2k 2861509b6d refactored admission to avoid internal client references 2017-01-03 15:50:12 -05:00
Mike Danese 161c391f44 autogenerated 2016-12-29 13:04:10 -08:00
Mike Danese c87de85347 autoupdate BUILD files 2016-12-12 13:30:07 -08:00
Chao Xu bcc783c594 run hack/update-all.sh 2016-11-23 15:53:09 -08:00
Chao Xu 1044aa4500 plugin/admission; including resourcequota admission 2016-11-23 15:53:09 -08:00
pweil- bbe9c8f96d add authz checks to allowed policies admission 2016-11-08 08:36:27 -05:00
Mike Danese 3b6a067afc autogenerated 2016-10-21 17:32:32 -07:00
pweil- 49e14744db support seccomp in psp 2016-10-17 14:49:02 -04:00
Dr. Stefan Schimanski 4cc1e63856 Complete sysctl PSP tests 2016-09-30 17:56:11 +02:00