github
/
k3s
mirror of https://github.com/k3s-io/k3s
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
73,894 Commits
32 Branches
881 Tags
633 MiB
Commit Graph

150 Commits (44d1859205e22c6e86a3a1eecc599ac4279e9780)

Author SHA1 Message Date
Davanum Srinivas 954996e231
Move from glog to klog 
- Move from the old github.com/golang/glog to k8s.io/klog
- klog as explicit InitFlags() so we add them as necessary
- we update the other repositories that we vendor that made a similar
change from glog to klog
  * github.com/kubernetes/repo-infra
  * k8s.io/gengo/
  * k8s.io/kube-openapi/
  * github.com/google/cadvisor
- Entirely remove all references to glog
- Fix some tests by explicit InitFlags in their init() methods

Change-Id: I92db545ff36fcec83afe98f550c9e630098b3135
 2018-11-10 07:50:31 -05:00
Jordan Liggitt 9ae79f9653 authorizers subproject approvers/reviewers 2018-11-06 00:57:38 -05:00
Monis Khan 543dcb6de5
Tolerate lack of namespace permissions in RBAC reconciliation 
This change updates the RBAC reconciliation logic to not fail if the
user does not have the ability to create namespaces.  Thus if the
namespace already exists, the user only needs to pass the standard
escalation check for RBAC roles and role bindings.

Signed-off-by: Monis Khan <mkhan@redhat.com>
 2018-10-29 11:30:04 -04:00
Antoine Pelisse 03b1e14101 dry-run: Create new options for Update/Create and pass it along 2018-07-12 07:18:37 -07:00
Jordan Liggitt 3710ce3561
make RBAC escalation error message more useful 2018-07-06 11:49:08 -04:00
jennybuckley d10e08fc89 Allow override AllowCreateOnUpdate with new argument to Update 2018-06-28 14:24:51 -07:00
Jeff Grafton 23ceebac22 Run hack/update-bazel.sh 2018-06-22 16:22:57 -07:00
Kubernetes Submit Queue d1f5cb2348
Merge pull request #65050 from sttts/sttts-deepcopy-update 
Automatic merge from submit-queue (batch tested with PRs 64895, 64938, 63700, 65050, 64957). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.

Bump gengo to include uniform pointer deepcopy

This bumps k8s.io/gengo with uniform pointer support in deepcopy-gen.

Fixes https://github.com/kubernetes/code-generator/issues/45.
 2018-06-21 04:15:16 -07:00
Dr. Stefan Schimanski 1208437f84 Update generated files 2018-06-13 12:35:13 +02:00
Jordan Liggitt 1034efd439
Allow non-RBAC authorizers to participate in role/clusterrole escalation checks 2018-06-06 15:31:05 -04:00
David Eads 092714ea0f switch rbac to external 2018-05-22 08:17:05 -04:00
Jordan Liggitt a674335ccc
Avoid copying aggregated admin/edit/view roles during bootstrap 2018-05-13 15:21:05 -04:00
David Eads c5445d3c56 simplify api registration 2018-05-08 18:33:50 -04:00
David Eads 8ae62517da remove rootscopedkinds from groupmeta 2018-05-01 13:08:23 -04:00
David Eads a89291a5de stop duplicating preferred version order 2018-04-26 10:03:36 -04:00
Mike Danese 54fd2aaefd replace request.Context with context.Context 2018-04-24 08:59:00 -07:00
Kubernetes Submit Queue ccc1fc4197
Merge pull request #61461 from WanLinghao/cluster_role_error_fix 
Automatic merge from submit-queue (batch tested with PRs 61396, 61321, 61443, 60911, 61461). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.

	fix a error in return value

**What this PR does / why we need it**:
This patch fix a small bug in function GetClusterRole() which returns with wrong error info.
**Which issue(s) this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close the issue(s) when PR gets merged)*:
Fixes #

**Special notes for your reviewer**:

**Release note**:

```release-note
NONE
```
 2018-03-22 03:37:22 -07:00
WanLinghao f35402e515 fix a error in return value 
modified:   pkg/registry/rbac/validation/rule.go
 2018-03-21 14:52:52 +08:00
fisherxu b49ef6531c regenerated all files and remove all YEAR fields 2018-03-08 17:52:48 +08:00
Maciej Szulik 5630d29552
Add missing table converters for server side printing 2018-02-28 17:27:45 +01:00
jennybuckley c8dacd8e63 Run hack/update-all.sh 2018-02-26 17:16:14 -08:00
Jeff Grafton ef56a8d6bb Autogenerated: hack/update-bazel.sh 2018-02-16 13:43:01 -08:00
Di Xu 48388fec7e fix all the typos across the project 2018-02-11 11:04:14 +08:00
hzxuzhonghu d0d1e1dcc4 refactor resource_config.go thoroughly and remove useless code in registry 2018-01-27 16:10:58 +08:00
Jordan Liggitt b4fb25261e
return reason for allowed rbac authorizations 
includes the binding, role, and subject that allowed a request so audit can make use of it
 2018-01-19 14:32:39 -05:00
Christoph Blecker 80e344644e
Regenerate all generated code 2018-01-02 00:21:07 -08:00
Jeff Grafton efee0704c6 Autogenerate BUILD files 2017-12-23 13:12:11 -08:00
Marcin Owsiany f9ff53d06e Do not log trailing whitespace. 2017-11-27 14:49:17 +01:00
David Eads c22fbadc0f clear resourceversion for migrated cluster roles 2017-11-22 16:16:01 -05:00
David Eads f34fb9b0ab handle clusterrole migration 2017-11-13 08:18:00 -05:00
David Eads a53e5de3db generated 2017-11-13 08:18:00 -05:00
David Eads 0f0a5223df rbac api changes for aggregation 2017-11-13 08:14:37 -05:00
Dr. Stefan Schimanski 1e79dfb959 Update generated code 2017-11-10 18:26:46 +01:00
Dr. Stefan Schimanski bec617f3cc Update generated files 2017-11-09 12:14:08 +01:00
Dr. Stefan Schimanski 012b085ac8 pkg/apis/core: mechanical import fixes in dependencies 2017-11-09 12:14:08 +01:00
Mike Danese 12125455d8 move authorizers over to new interface 2017-11-03 13:46:28 -07:00
Dr. Stefan Schimanski 2452afffe0 admission: wire create+update validation func into kube registries 2017-11-02 09:29:16 +01:00
Kubernetes Submit Queue 900c0761e3 Merge pull request #53722 from deads2k/rbac-01-allow-star 
Automatic merge from submit-queue. If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.

allow */subresource in rbac policy rules

xref #29698
xref #38756
xref #49504
xref #38810

Allow `*/subresource` format in RBAC policy rules to support polymorphic subresources like `*/scale` for HPA.

@DirectXMan12 fyi

```release-note
RBAC PolicyRules now allow resource=`*/<subresource>` to cover `any-resource/<subresource>`.   For example, `*/scale` covers `replicationcontroller/scale`.
```
 2017-10-18 14:02:05 -07:00
Dr. Stefan Schimanski cad0364e73 Update bazel 2017-10-18 17:24:04 +02:00
Dr. Stefan Schimanski 7773a30f67 pkg/api/legacyscheme: fixup imports 2017-10-18 17:23:55 +02:00
David Eads e8a703b651 allow */subresource in rbac policy rules 2017-10-16 16:17:51 -04:00
Jordan Liggitt 34ed25cf52
GC: Add check for nil interface 2017-10-16 02:21:11 -04:00
Jeff Grafton aee5f457db update BUILD files 2017-10-15 18:18:13 -07:00
Dr. Stefan Schimanski ecb65a6a71 Update generated files 2017-10-07 11:28:47 +02:00
Dr. Stefan Schimanski 509df603b1 apimachinery: mechanical removal of ObjectCopier plumbing 2017-10-06 19:21:03 +02:00
Dr. Stefan Schimanski 19285b7357 apimachinery: remove Scheme.Copy 2017-10-06 14:24:05 +02:00
Jordan Liggitt 232db3b888
Change RBAC storage version to v1 for 1.9 2017-09-25 10:02:21 -04:00
Clayton Coleman fc2d201e15
Allow watch cache to be disabled per type 
Currently setting watch cache size for a given resource does not disable
the watch cache. This commit adds a new `default-watch-cache-size` flag
to map to the existing field, and refactors how watch cache sizes are
calculated to bring all of the code into one place. It also adds debug
logging to startup to allow us to verify watch cache enablement in
production.
 2017-09-08 13:42:28 -04:00
David Eads aa637502e0 add reconcile command to kubectl auth 2017-08-30 16:04:00 -04:00
Monis Khan dd06794bc2
Add enj as reviewer to OWNERS 
Adding myself as a reviewer for the following areas:

- API
- auth
- registry
- storage (etcd)

Signed-off-by: Monis Khan <mkhan@redhat.com>
 2017-08-17 20:42:46 -04:00