github
/
k3s
mirror of https://github.com/k3s-io/k3s
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
76,414 Commits
32 Branches
881 Tags
633 MiB
Commit Graph

336 Commits (9c7db008923b24657b62f2d37c03ec6a7d9e94d2)

Author SHA1 Message Date
Kubernetes Prow Robot dccb8ab5b0
Merge pull request #74615 from andrewsykim/delete-pvl-controller 
Delete the out-of-tree PV labeler controller
 2019-03-05 08:16:03 -08:00
Xing Yang bb45b8ee34 Make CSINodeInfo and CSIDriver Core APIs 
This PR is the first step to transition CSINodeInfo and CSIDriver
CRD's to in-tree APIs. It adds them to the existing API group
“storage.k8s.io” as core storage APIs.
 2019-03-02 12:31:05 -08:00
Andrew Kim 01933b02a3 replace usage of v1beta1 VolumeAttachments with v1 2019-02-27 15:42:12 -05:00
Andrew Kim 2901def8c3 delete the persistentvolume labeler controller 2019-02-26 14:23:20 -05:00
Kubernetes Prow Robot b5566c7818
Merge pull request #71896 from awly/client-go-keyutil 
client-go: extract new keyutil package from util/cert
 2019-02-23 01:43:16 -08:00
Mike Danese 47043bcac1 enforce that cloud providers are only linked in main or app packages 2019-02-22 11:56:39 -08:00
Jordan Liggitt 8c28d3f63c Add networking.k8s.io/v1beta1 Ingress 2019-02-20 16:41:14 -05:00
Andrew Lytvynov 18458392ca Extract new keyutil package from client-go/util/cert 
This package contains public/private key utilities copied directly from
client-go/util/cert. All imports were updated.

Future PRs will actually refactor the libraries.

Updates #71004
 2019-02-19 09:48:59 -08:00
Kubernetes Prow Robot 0ffd59e403
Merge pull request #74154 from mbohlool/gimli 
Use Request Object interfaces instead of static scheme that is more appropriate for CRDs
 2019-02-19 07:21:53 -08:00
Mehdy Bohlool 0f186323bc Update generated files 2019-02-16 13:28:48 -08:00
Mehdy Bohlool cebb4ee2ac Remove the propagated scheme from the Admission chain 2019-02-16 13:28:47 -08:00
Mehdy Bohlool 513a87c7b2 Add ObjectInterfaces to Admission and Validation 2019-02-16 13:28:47 -08:00
Marek Counts 160ed26c20 autogen files to support new project structure. 2019-02-15 10:29:31 -05:00
Marek Counts 7744f90830 Moved flag and globalflag 
Moved all flag code from `staging/src/k8s.io/apiserver/pkg/util/[flag|globalflag]` to `component-base/cli/[flag|globalflag]` except for the term function because of unwanted dependencies.
 2019-02-15 10:28:13 -05:00
Chao Xu 1f2e2e61cf generated 2019-02-12 15:04:57 -08:00
Chao Xu 3f21ca029a changing imports 2019-02-12 10:06:04 -08:00
Kubernetes Prow Robot 0ae81c986a
Merge pull request #67678 from caesarxuchao/remove-storage-versions-flag 
Remove storage versions flag
 2019-02-11 17:40:27 -08:00
Roy Lenferink b43c04452f Updated OWNERS files to include link to docs 2019-02-04 22:33:12 +01:00
Chao Xu bed7696876 generated BUILD files 2019-01-30 13:28:48 -08:00
Chao Xu 1281243860 Remove the --storage-versions flag from kube-apiserver. 
The storage version now is solely decided by the
scheme.PrioritizedVersionsForGroup(). For cohabitating resources, the storage
version will be that of the overriding group as returned by
storageFactory.getStorageGroupResource().
 2019-01-30 13:28:48 -08:00
Jordan Liggitt 89b0b0b84b Clean up initializer-related comments, test data 2019-01-25 12:37:45 -05:00
Kubernetes Prow Robot d654b49c0e
Merge pull request #73097 from bsalamat/fix_taint_nodes 
Add NotReady taint to new nodes during admission
 2019-01-24 23:46:23 -08:00
Bobby (Babak) Salamat 763cb708d1 Autogenerated files 2019-01-24 10:31:23 -08:00
Bobby (Babak) Salamat c2a4d2cbdf Add a default admission controller to taint new nodes on creation. 2019-01-24 10:31:23 -08:00
Jordan Liggitt 1a15d80967 generated 2019-01-23 16:34:44 -05:00
Jordan Liggitt 17aa60686e Deprecate and remove use of alpha metadata.initializers field, remove IncludeUninitialized options 2019-01-23 16:34:43 -05:00
Jordan Liggitt dc1fa870bf Remove alpha InitializerConfiguration types, Initializers admission plugin 2019-01-23 11:37:39 -05:00
Walter Fender 97426ce7a5 Adding cheftako to reviewers 
Also adding as an owners to pkg/cloudprovider.
 2018-12-27 15:25:20 -08:00
lovejoy d437305cbf
Fix the authorization-policy-file description 
Actually this is in a format like below not a csv format
```json
{"apiVersion": "abac.authorization.kubernetes.io/v1beta1", "kind": "Policy", "spec": {"group":"system:authenticated",  "namespace": "*", "resource": "*","apiGroup": "*"}}
{"apiVersion": "abac.authorization.kubernetes.io/v1beta1", "kind": "Policy", "spec": {"group":"system:authenticated",  "namespace": "*", "resource": "ingresses","apiGroup": "extensions"}}
{"apiVersion": "abac.authorization.kubernetes.io/v1beta1", "kind": "Policy", "spec": {"group":"system:authenticated",  "namespace": "*", "resource": "*","apiGroup": "apiextensions.k8s.io"}}
```
 2018-12-24 14:54:34 +08:00
k8s-ci-robot e5326f22ea
Merge pull request #70471 from xichengliudui/fix181031 
Fix some typos
 2018-11-29 00:48:16 -08:00
Mike Danese effad15ecc patch webhook authenticator to support token review with arbitrary audiences 2018-11-16 19:30:42 -05:00
k8s-ci-robot b1a52a38e9
Merge pull request #67257 from pbarker/audit 
dynamic audit configuration
 2018-11-15 02:42:59 -08:00
Patrick Barker 5cb70e369f adds dynamic audit configuration generated 2018-11-15 01:03:45 +00:00
Patrick Barker eb89d3dddd adds dynamic audit configuration 2018-11-14 17:54:06 -07:00
Mike Danese 67bbf753cb retrofit svcacct token authenticator to support audience validation 2018-11-13 20:38:41 -08:00
k8s-ci-robot bd2cb5a72d
Merge pull request #70831 from mikedanese/securesvcacct 
add BoundServiceAccountTokenVolume feature
 2018-11-13 08:54:25 -08:00
k8s-ci-robot 27cf50d85e
Merge pull request #70322 from mikedanese/audoidc 
make oidc authenticator (more?) audience aware
 2018-11-12 17:03:29 -08:00
Mike Danese f4ff26679f add BoundServiceAccountTokenVolume feature 
* require TokenRequest to be enabled and configured
* bind ca.crt publisher to this feature rather than to TokenRequest
 2018-11-12 13:11:47 -08:00
Mike Danese a714d9cd04 make oidc authenticator (more?) audience aware 
Part of https://github.com/kubernetes/kubernetes/issues/69893
 2018-11-12 12:43:21 -08:00
Davanum Srinivas 954996e231
Move from glog to klog 
- Move from the old github.com/golang/glog to k8s.io/klog
- klog as explicit InitFlags() so we add them as necessary
- we update the other repositories that we vendor that made a similar
change from glog to klog
  * github.com/kubernetes/repo-infra
  * k8s.io/gengo/
  * k8s.io/kube-openapi/
  * github.com/google/cadvisor
- Entirely remove all references to glog
- Fix some tests by explicit InitFlags in their init() methods

Change-Id: I92db545ff36fcec83afe98f550c9e630098b3135
 2018-11-10 07:50:31 -05:00
k8s-ci-robot 0aba557741
Merge pull request #70600 from liggitt/sig-auth-subprojects 
Add owners/approvers aliases for sig-auth subprojects
 2018-11-06 17:55:07 -08:00
k8s-ci-robot 50de3a0d79
Merge pull request #69659 from cheftako/lintClean3 
Fixes lint errors in kubeapiserver packages
 2018-11-06 14:02:05 -08:00
Jordan Liggitt 9ae79f9653 authorizers subproject approvers/reviewers 2018-11-06 00:57:38 -05:00
Jordan Liggitt 4fa2a0cc8a authenticators subproject approvers/reviewers 2018-11-06 00:57:38 -05:00
k8s-ci-robot c8604653f0
Merge pull request #70449 from mikedanese/simplcache 
remove webhook cache implementation and replace with token cache
 2018-11-05 16:32:34 -08:00
Mike Danese 0ec4d6d396 remove webhook cache implementation and replace with the token cache 
The striped cache used by the token cache is slightly more sophisticated
however the simple cache provides about the same exact behavior. I used
the striped cache rather than the simple cache because:

* It has been used without issue as the primary token cache.
* It preforms better under load.
* It is already exposed in the public API of the token cache package.
 2018-11-05 13:08:45 -08:00
walter 2af982abb9 Fixes lint errors in kubeapiserver packages 
Fixes lint errors in kubeapiserver/admission, kubeapiserver/authorizer,
kubeapiserver/authenticator. Also enables lint testing of these
directories.
Fixed go format.
Fixed changes from config.
 2018-11-04 17:22:41 -08:00
Patrick Barker d33f347ba8 refactors kubeapiserver webhook utility to be generic generated 2018-11-02 11:42:04 -06:00
Patrick Barker 1081fffdd5 refactors kubeapiserver webhook utility to be generic 2018-11-02 11:41:58 -06:00
Mike Danese 34cc8eeac7 wrap all audience unaware authenticators in kube-apiserver 2018-10-31 15:31:49 -07:00