github
/
k3s
mirror of https://github.com/k3s-io/k3s
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
41,702 Commits
32 Branches
881 Tags
633 MiB
Commit Graph

90 Commits (ba611194f7eda2257e32399cb98603c6a45998a4)

Author SHA1 Message Date
Kubernetes Submit Queue 49a0cf7f68 Merge pull request #39641 from liggitt/node-controller-status 
Automatic merge from submit-queue (batch tested with PRs 38212, 38792, 39641, 36390, 39005)

Allow node-controller to update node status

ref: #39639 

* adds required permissions to node-controller
 * fixes typo in role name for pod-garbage-collector role
* adds event watching permissions to persistent volume controller
* adds event permissions to node proxier
 2017-01-10 19:48:12 -08:00
Kubernetes Submit Queue 609e3e3890 Merge pull request #39619 from deads2k/fed-20-rename 
Automatic merge from submit-queue (batch tested with PRs 34488, 39511, 39619, 38342, 39491)

rename kubernetes-discovery to kube-aggregator

Rename `kubernetes-discovery` to `kube-aggregator`.  Move and bulk rename.

@kubernetes/sig-api-machinery-misc
 2017-01-10 16:07:14 -08:00
deads2k 453651cbfc rename kubernetes-discovery to kube-aggregator 2017-01-10 12:27:42 -05:00
Jordan Liggitt c6550af702
Allow proxier to write events 2017-01-09 23:36:09 -05:00
Jordan Liggitt 6d3b06125e
Allow the persistent volume binder to watch events 2017-01-09 23:36:09 -05:00
Jordan Liggitt c59c11eb0d
fix role for pod-garbage-collector 2017-01-09 23:36:09 -05:00
Jordan Liggitt bda95a59ad
Allow node-controller to update node status 2017-01-09 23:36:09 -05:00
deads2k 1df5b658f2 switch webhook to clientgo 2017-01-09 16:53:24 -05:00
Anirudh a8a65022b4 Update fixtures 2017-01-06 13:36:34 -08:00
Anirudh 2146f2f221 Allow disruption controller to read statefulsets 2017-01-06 13:03:44 -08:00
Jeff Grafton 20d221f75c Enable auto-generating sources rules 2017-01-05 14:14:13 -08:00
deads2k 4d7fcae85a mechanicals 2017-01-05 11:14:27 -05:00
deads2k ca58ec0237 mechanical changes for move 2017-01-04 10:27:05 -05:00
Kubernetes Submit Queue 38d57e5a71 Merge pull request #39355 from kargakis/update-rc-manager 
Automatic merge from submit-queue

Share rc cache from the rc manager

@kubernetes/sig-apps-misc @hodovska
 2017-01-04 05:18:29 -08:00
Kubernetes Submit Queue 2bad7e6be1 Merge pull request #39219 from liggitt/swagger-discovery 
Automatic merge from submit-queue

Include swaggerapi urls in system:discovery role

Used by client side API validation and for client schema generation
 2017-01-04 00:09:41 -08:00
xilabao 9b38eaf98e omit the reason if we don't have an error when using rbac 2017-01-04 11:41:43 +08:00
Michail Kargakis e5b586b5b0 Share rc cache from the rc manager 2017-01-03 16:59:09 +01:00
Mike Danese 161c391f44 autogenerated 2016-12-29 13:04:10 -08:00
Jordan Liggitt a209040ac8
Include swaggerapi urls in system:discovery role 2016-12-24 12:36:38 -05:00
xilabao 2a77353164 extend err info when authorize failed 2016-12-22 14:47:56 +08:00
deads2k 17f600d671 rbac deny output for e2e tests 2016-12-21 13:51:50 -05:00
deads2k 8f1677b7c8 add service status detection to kubernetes-discovery 2016-12-19 14:56:20 -05:00
Maciej Szulik 9f064c57ce Remove extensions/v1beta1 Job 2016-12-17 00:07:24 +01:00
Mike Danese 8fdec87d19 bazel: fix some unit tests 2016-12-15 18:36:22 -08:00
deads2k 6ab6975983 update for controller RBAC roles 2016-12-15 09:18:48 -05:00
Chao Xu 03d8820edc rename /release_1_5 to /clientset 2016-12-14 12:39:48 -08:00
Mike Danese c87de85347 autoupdate BUILD files 2016-12-12 13:30:07 -08:00
deads2k 4aeb3f3ffe update pod RBAC roles to work against head 2016-12-12 08:55:47 -05:00
xilabao 1d475edd1c add default label <kubernetes.io/bootstrapping=rbac-defaults> to rbac bootstrap policy 2016-12-07 09:08:34 +08:00
Kubernetes Submit Queue 2c61d2f80c Merge pull request #38121 from deads2k/auth-09-remove-rbac-super 
Automatic merge from submit-queue (batch tested with PRs 38111, 38121)

remove rbac super user

Cleaning up cruft and duplicated capabilities as we transition from RBAC alpha to beta.  In 1.5, we added a secured loopback connection based on the `system:masters` group name.  `system:masters` have full power in the API, so the RBAC super user is superfluous.

The flag will stay in place so that the process can still launch, but it will be disconnected.

@kubernetes/sig-auth
 2016-12-05 14:14:41 -08:00
deads2k 2923d09091 remove rbac super user 2016-12-05 13:49:54 -05:00
Jordan Liggitt 8553a8b867
Check in YAML versions of bootstrap roles/rolebindings 2016-12-05 12:03:55 -05:00
Clayton Coleman 3454a8d52c
refactor: update bazel, codec, and gofmt 2016-12-03 19:10:53 -05:00
Clayton Coleman 5df8cc39c9
refactor: generated 2016-12-03 19:10:46 -05:00
Kubernetes Submit Queue b1a3f3794a Merge pull request #35300 from deads2k/rbac-17-subjectlocator 
Automatic merge from submit-queue (batch tested with PRs 35300, 36709, 37643, 37813, 37697)

add rbac action to subjects type

This adds the ability to go from an authorization action to the list subjects who have the power to perform the action.  This will be used to either back an RBAC specific endpoint or generic authorization endpoint.  Because of the way authorization works today, the set of subjects returned will always be a subset of those with access since any authorizer can say yes.

@kubernetes/sig-auth
 2016-12-03 08:55:54 -08:00
Kubernetes Submit Queue f91966e634 Merge pull request #37391 from deads2k/controller-03-roles 
Automatic merge from submit-queue (batch tested with PRs 37945, 37498, 37391, 37209, 37169)

add controller roles

Upstream controller roles that have downstream.

@sttts this is a start at roles for controllers.  I've made names match for now, but they could use some love in both the controller manager and here.  I'd recommend using this as a starting point.
 2016-12-02 20:32:46 -08:00
Kubernetes Submit Queue 4c50486735 Merge pull request #37020 from deads2k/rbac-20-delegated-role 
Automatic merge from submit-queue

auth delegation role

Add a bootstrap role for authentication and authorization delegation.  Useful for extension API servers.

@kubernetes/sig-auth
 2016-12-01 06:31:31 -08:00
deads2k a786892d77 add controller roles 2016-11-28 08:38:24 -05:00
Clayton Coleman 35a6bfbcee
generated: refactor 2016-11-23 22:30:47 -06:00
Chao Xu bcc783c594 run hack/update-all.sh 2016-11-23 15:53:09 -08:00
Chao Xu b9e3ffb515 misc 2016-11-23 15:53:09 -08:00
deads2k 18a909edf8 auth delegation role 2016-11-17 14:42:21 -05:00
Kubernetes Submit Queue 6ea9ff68c8 Merge pull request #36155 from deads2k/rbac-20-node-role 
Automatic merge from submit-queue

add nodes role to RBAC bootstrap policy

Add a nodes role.  

@sttts @pweil-
 2016-11-09 14:10:20 -08:00
deads2k 252d8b7066 add rbac action to subjects type 2016-11-08 07:47:11 -05:00
Maciej Szulik 0b5ef16008 Support ScheduledJob name 2016-11-07 10:14:12 +01:00
Maciej Szulik 41d88d30dd Rename ScheduledJob to CronJob 2016-11-07 10:14:12 +01:00
deads2k df2492f714 add nodes role to RBAC bootstrap policy 2016-11-03 08:30:50 -04:00
Chao Xu 850729bfaf include multiple versions in clientset 
update client-gen to use the term "internalversion" rather than "unversioned";
leave internal one unqualified;
cleanup client-gen
 2016-10-29 13:30:47 -07:00
Janet Kuo 10aee82ae3 Rename PetSet API to StatefulSet 2016-10-27 17:25:10 -07:00
Mike Danese 3b6a067afc autogenerated 2016-10-21 17:32:32 -07:00