github
/
k3s
mirror of https://github.com/k3s-io/k3s
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
49,687 Commits
32 Branches
881 Tags
633 MiB
Commit Graph

82 Commits (574a6cab2ceadabadac7fbf256a556c01d4c7cc5)

Author SHA1 Message Date
Clayton Coleman 2568a92119
Grow signature for predicate attributes to include init status 2017-06-02 22:09:04 -04:00
Clayton Coleman 331eea67d8
Allow initialization of resources 
Add support for creating resources that are not immediately visible to
naive clients, but must first be initialized by one or more privileged
cluster agents. These controllers can mark the object as initialized,
allowing others to see them.

Permission to override initialization defaults or modify an initializing
object is limited per resource to a virtual subresource "RESOURCE/initialize"
via RBAC.

Initialization is currently alpha.
 2017-06-02 22:09:03 -04:00
xilabao 9fe2ef54ba add policy_compact to rbac validation 2017-05-26 13:22:38 +08:00
Monis Khan ed35deb69d
Default ObjectNameFunc for all REST Stores 
All Stores in Kubernetes follow the same logic for determining the name
of an object.  This change makes it so that CompleteWithOptions defaults
the ObjectNameFunc if it is not specified.  Thus a user does not need to
remember to use ObjectMeta.Name.  Using the wrong field as the name can
lead to an object which has a name that bypasses normal object name
validation.

Signed-off-by: Monis Khan <mkhan@redhat.com>
 2017-04-21 15:47:25 -04:00
Kubernetes Submit Queue 910c9d1ec7 Merge pull request #44729 from liggitt/non-resource-url-test 
Automatic merge from submit-queue

Add nonResourceURL wildcard coverage tests

Ensure `*` covering all paths is tested
 2017-04-21 06:10:26 -07:00
Jordan Liggitt b2994a297d
Add nonResourceURL wildcard coverage tests 2017-04-20 11:43:46 -04:00
Jordan Liggitt 67360883bc
Switch to pointer to policy rule, visit and short circuit during authorization 2017-04-20 10:52:53 -04:00
Mike Danese a05c3c0efd autogenerated 2017-04-14 10:40:57 -07:00
Chao Xu 08aa712a6c move helpers.go to helper 2017-04-11 15:49:11 -07:00
Jordan Liggitt 5d839d0d0b
Avoid nil user special-casing in unsecured endpoint 2017-03-31 13:28:59 -04:00
Jordan Liggitt 890894ac4f
Disable RBAC post-start hook if not using the RBAC authorizer 2017-03-30 23:30:04 -04:00
Kubernetes Submit Queue 599929657f Merge pull request #42482 from CaoShuFeng/trvial_fix 
Automatic merge from submit-queue

remove extra function call

We have read user info from context in previous line. No need to call
this function again.

**Special notes for your reviewer**:

**Release note**:

```NONE
```
 2017-03-27 07:06:23 -07:00
Jordan Liggitt 7f4e5c5676
Use namespace from context 2017-03-07 14:02:13 -05:00
Cao Shufeng 63346d979c remove extra function call 
We have read user info from context in previous line. No need to call
this function again.
 2017-03-03 08:41:03 -05:00
deads2k e24b1c0c25 add namespaced role bindings 2017-02-28 13:04:23 -05:00
deads2k a849df9dff allow reconcilation of namespaced rolebindings 2017-02-28 12:58:29 -05:00
Jordan Liggitt 4127322f23
Restore wait for etcd in rbac initialization 2017-02-27 15:09:47 -05:00
Kubernetes Submit Queue 945b041fab Merge pull request #41165 from nikhiljindal/del202 
Automatic merge from submit-queue (batch tested with PRs 41954, 40528, 41875, 41165, 41877)

Updating apiserver to return 202 when resource is being deleted asynchronously via cascading deletion

As per https://github.com/kubernetes/kubernetes/issues/33196#issuecomment-278440622.

cc @kubernetes/sig-api-machinery-pr-reviews @smarterclayton @caesarxuchao @bgrant0607 @kubernetes/api-reviewers 

```release-note
Updating apiserver to return http status code 202 for a delete request when the resource is not immediately deleted because of user requesting cascading deletion using DeleteOptions.OrphanDependents=false.
```
 2017-02-26 14:54:54 -08:00
deads2k d5cd40a585 reconcile namespace roles during startup 2017-02-23 11:45:49 -05:00
deads2k 06f5de9d84 make reconcilation generic to handle roles and clusterroles 2017-02-23 08:24:59 -05:00
nikhiljindal 1d32897eed Updating the registry to return whether the resource was immediately deleted 2017-02-21 11:00:35 -08:00
Dr. Stefan Schimanski 0e9c1f75bf Update bazel 2017-02-15 10:25:15 +01:00
Dr. Stefan Schimanski 27e01b5c46 k8s.io/apiserver: fixup imports and renamed packages 2017-02-15 10:24:58 +01:00
Jordan Liggitt 26b42d350d
Reconcile bootstrap clusterroles on server start 2017-02-14 12:33:05 -05:00
Dr. Stefan Schimanski 6af3210d6f Update generated files 2017-02-03 08:15:46 +01:00
Dr. Stefan Schimanski 536460e1d9 Mechanical fixup imports: pkg/genericapiserver 2017-02-03 08:15:45 +01:00
Dr. Stefan Schimanski de2eee391a Update bazel 2017-02-02 15:19:04 +01:00
Dr. Stefan Schimanski b8142896a7 pkg/genericapiserver: cut off pkg/registry/cachesize dependency 2017-02-02 15:19:03 +01:00
Dr. Stefan Schimanski bfe0d50ce8 pkg/genericapiserver/server: cut off from pkg/api 2017-02-02 15:19:01 +01:00
deads2k 1ef5d26079 move pkg/storage to apiserver 2017-01-31 19:07:33 -05:00
Kubernetes Submit Queue f1cd8508e5 Merge pull request #40596 from liggitt/auth-owners 
Automatic merge from submit-queue

Update authn/authz owners and reviewers

Add myself as potential reviewer to several authn/authz-related packages.

Add @deads2k as approver to several packages he wrote.
 2017-01-29 20:57:05 -08:00
deads2k 9fb37f3bba remove storage dependency on api 2017-01-27 14:02:28 -05:00
Jordan Liggitt 07f14ebc6f
Update authn/authz owners and reviewers 2017-01-27 08:55:44 -05:00
Clayton Coleman 469df12038
refactor: move ListOptions references to metav1 2017-01-23 17:52:46 -05:00
Clayton Coleman 245b592fac
Convert core code to metav1.ListOptions 2017-01-23 17:52:45 -05:00
Clayton Coleman a35be4e02e
Update registries to use metainternalversion list options 2017-01-23 17:52:45 -05:00
deads2k 11e8068d3f move pkg/fields to apimachinery 2017-01-19 09:50:16 -05:00
Dr. Stefan Schimanski 3d9449a353 genericapiserver: fix imports 2017-01-19 13:06:47 +01:00
deads2k d1fec7068f generated 2017-01-18 10:35:46 -05:00
deads2k e74efe41a0 add rbac v1beta1 2017-01-18 09:49:33 -05:00
Clayton Coleman 9a2a50cda7
refactor: use metav1.ObjectMeta in other types 2017-01-17 16:17:19 -05:00
Clayton Coleman 36acd90aba
Move APIs and core code to use metav1.ObjectMeta 2017-01-17 16:17:18 -05:00
Kubernetes Submit Queue f0b0cd0399 Merge pull request #39945 from sttts/sttts-cutoff-pkg-serviceaccount-dep 
Automatic merge from submit-queue

genericapiserver: cut off pkg/serviceaccount dependency

**Blocked** by pkg/api/validation/genericvalidation to be split up and moved into apimachinery.
 2017-01-17 03:09:21 -08:00
Dr. Stefan Schimanski bf307d9948 genericapiserver: cut off pkg/serviceaccount dependency 2017-01-17 09:36:10 +01:00
Dr. Stefan Schimanski 8fe0958ba0 Update bazel 2017-01-17 09:30:48 +01:00
Dr. Stefan Schimanski 5c88b7d05a Fix imports 2017-01-17 09:30:30 +01:00
deads2k a3e71b2cef move name generation to generic api server storage helpers 2017-01-16 16:04:04 -05:00
deads2k 77b4d55982 mechanical 2017-01-16 09:35:12 -05:00
deads2k 31b6ba4e94 mechanicals 2017-01-13 16:33:09 -05:00
Timothy St. Clair fbc5323dad Refactor registry to use store vs. etcd 2017-01-12 09:23:38 -06:00