k8s-ci-robot
46ebebcc4f
Merge pull request #65763 from x13n/audit-logging
...
Add option to k8s apiserver to reject incoming requests upon audit failure
2018-11-17 04:39:56 -08:00
k8s-ci-robot
f38cc95505
Merge pull request #62692 from mikedanese/trev2
...
authn: extend authenticator.Token to support audience validation
2018-11-16 20:27:25 -08:00
k8s-ci-robot
39c8219999
Merge pull request #71158 from liggitt/revert-openapi-publish
...
Revert openapi publish
2018-11-16 18:22:43 -08:00
k8s-ci-robot
1e22f080ec
Merge pull request #67383 from stlaz/enc_config_promotion
...
Introduce apiserver.config.k8s.io/v1 and use standard method for parsing encryption config file
2018-11-16 16:31:30 -08:00
Mike Danese
effad15ecc
patch webhook authenticator to support token review with arbitrary audiences
2018-11-16 19:30:42 -05:00
Jordan Liggitt
8799eb4e2e
Revert "Merge pull request #67205 from roycaihw/crd-openapi-spec"
...
This reverts commit 54ee58b2d69e2820e4c9
2018-11-16 16:36:24 -05:00
David Eads
9b31985b08
fix client-side specification of timeout now that it is honored
2018-11-16 11:43:37 -05:00
k8s-ci-robot
54ee58b2d6
Merge pull request #67205 from roycaihw/crd-openapi-spec
...
Serve OpenAPI spec for registered CRDs
2018-11-16 05:12:41 -08:00
k8s-ci-robot
1a54fd4319
Merge pull request #71021 from liggitt/node-self-deletion
...
Remove self-deletion permissions from kubelets
2018-11-16 01:53:31 -08:00
Daniel Kłobuszewski
7a10f4eda7
Add option to k8s apiserver to reject incoming requests upon audit failure
2018-11-16 10:32:49 +01:00
Haowei Cai
4625bf7dad
add basic e2e test and integration for CRD openapi
2018-11-15 16:39:49 -08:00
saad-ali
9d4810f25a
Bump grpc from 1.7.5 to 1.13.0
2018-11-15 16:39:42 -08:00
k8s-ci-robot
b1a52a38e9
Merge pull request #67257 from pbarker/audit
...
dynamic audit configuration
2018-11-15 02:42:59 -08:00
k8s-ci-robot
726c07eb26
Merge pull request #69929 from jsafrane/csi-ga
...
Promote CSIPersistentVolume feature to GA
2018-11-14 20:34:58 -08:00
Patrick Barker
eb89d3dddd
adds dynamic audit configuration
2018-11-14 17:54:06 -07:00
k8s-ci-robot
9c304cf0cb
Merge pull request #70157 from mikedanese/trev1
...
retrofit svcacct token authenticator to support audience validation
2018-11-14 13:16:44 -08:00
Jan Safranek
e95b188656
Generated files
2018-11-14 14:01:16 +01:00
k8s-ci-robot
3e6d414b55
Merge pull request #70967 from mikedanese/fixtropts
...
Fix broken defaulting and validation in TokenRequest enablement
2018-11-13 22:03:42 -08:00
Jordan Liggitt
8d7cc39031
Remove self-deletion permissions from kubelets
2018-11-14 00:42:06 -05:00
Mike Danese
67bbf753cb
retrofit svcacct token authenticator to support audience validation
2018-11-13 20:38:41 -08:00
Mike Danese
06935e1c90
split TokenRequest initialization out of run and into complete and validate
2018-11-13 17:27:13 -08:00
Bobby (Babak) Salamat
1b8e1d9ed8
Disable equivalence cache by default in the scheduler integration tests
2018-11-13 11:23:19 -08:00
Stanislav Laznicka
628d1fef37
autogen files
2018-11-13 18:06:12 +01:00
Slava Semushin
c21cb548e6
Introduce kubeapiserver.config.k8s.io/v1 with EncryptionConfiguration and use a standard method for parsing config file.
...
Co-authored-by: Stanislav Laznicka <slaznick@redhat.com >
2018-11-13 14:05:21 +01:00
Davanum Srinivas
954996e231
Move from glog to klog
...
- Move from the old github.com/golang/glog to k8s.io/klog
- klog as explicit InitFlags() so we add them as necessary
- we update the other repositories that we vendor that made a similar
change from glog to klog
* github.com/kubernetes/repo-infra
* k8s.io/gengo/
* k8s.io/kube-openapi/
* github.com/google/cadvisor
- Entirely remove all references to glog
- Fix some tests by explicit InitFlags in their init() methods
Change-Id: I92db545ff36fcec83afe98f550c9e630098b3135
2018-11-10 07:50:31 -05:00
k8s-ci-robot
e133ab274d
Merge pull request #70515 from davidz627/feature/csiNodeInfo
...
Add explicit "Installed" field to CSINodeInfo and change update semantics
2018-11-09 06:42:09 -08:00
David Zhu
4621887037
Updated test files with new fields
2018-11-08 19:45:01 -08:00
k8s-ci-robot
be800e623a
Merge pull request #69663 from sttts/sttts-scheduler-secure-serving
...
scheduler: enable secure port and authn/z
2018-11-08 17:36:14 -08:00
Dr. Stefan Schimanski
1588af4031
kube-scheduler: add secure serving and authn/z integration tests
2018-11-08 16:43:59 +01:00
Dr. Stefan Schimanski
98d8e87120
integration: rename test/integration/{controllermanager -> serving}
2018-11-08 16:43:59 +01:00
Dr. Stefan Schimanski
d91feb6d18
kube-scheduler: move stopCh creation out of scheduler factory code
...
Enforces clean ownership of the channel.
2018-11-08 16:43:59 +01:00
Davanum Srinivas
43f523d405
Switch to sigs.k8s.io/yaml from ghodss/yaml
...
Change-Id: Ic72b5131bf441d159012d67a6a3d87088d0e6d31
2018-11-07 13:17:32 -05:00
k8s-ci-robot
7fe59165b6
Merge pull request #70193 from saad-ali/csiCRDAddon
...
Register CSI CRDs as addon
2018-11-06 23:55:56 -08:00
saad-ali
a679486a5e
Register CSI CRDs as addon
2018-11-06 10:58:09 -08:00
k8s-ci-robot
c8604653f0
Merge pull request #70449 from mikedanese/simplcache
...
remove webhook cache implementation and replace with token cache
2018-11-05 16:32:34 -08:00
Mike Danese
0ec4d6d396
remove webhook cache implementation and replace with the token cache
...
The striped cache used by the token cache is slightly more sophisticated
however the simple cache provides about the same exact behavior. I used
the striped cache rather than the simple cache because:
* It has been used without issue as the primary token cache.
* It preforms better under load.
* It is already exposed in the public API of the token cache package.
2018-11-05 13:08:45 -08:00
Monis Khan
f39158a310
Add CRDs to etcd storage path test
...
This change updates the etcd storage path test to exercise custom
resource storage by creating custom resource definitions before
running the test.
Duplicated custom resource definition test logic was consolidated.
Signed-off-by: Monis Khan <mkhan@redhat.com >
2018-11-04 16:54:35 -05:00
k8s-ci-robot
03cbb2c321
Merge pull request #70571 from lichuqiang/provision-test-fix
...
remove meaningless case in volume binding test
2018-11-02 18:01:48 -07:00
k8s-ci-robot
9fb1153bd8
Merge pull request #70550 from liggitt/cleanup-scale-clients
...
Drop generated clients for Scale types
2018-11-02 05:29:15 -07:00
lichuqiang
f7dbcce272
remove meaningless case
2018-11-02 15:17:20 +08:00
k8s-ci-robot
4351cea80c
Merge pull request #70046 from cheftako/lintCleanGce
...
Fixed lint errors for pkg/cloudprovider/providers/gce.
2018-11-01 13:44:06 -07:00
Jordan Liggitt
ff9dc86b3c
Drop generated clients for Scale types
2018-11-01 14:49:51 -04:00
zqm19941101
05013135b4
fix typo
2018-10-30 19:27:36 +08:00
walter
735ad9ed63
Fixed lint errors for pkg/cloudprovider/providers/gce.
...
Fixed minor issues.
Cleaned up from merge errors.
2018-10-29 11:52:24 -07:00
Samuel Davidson
294e02ed4b
Revert "limit forbidden error to details of what was forbidden"
...
This reverts commit ecbd013795
2018-10-26 15:58:09 -07:00
Kim Min
79599ac419
Prune internal clientset/informer from kubeapiserver admission initializer ( #70167 )
...
* externalize pv resize admission controller
* externalize podtolerationrestriction admission controller
* externalize podnodeselector admission controller
* remove internal clientset/informer from kubeapiserver admission initializer
* minor change: fixes scheduler integration test compiliation
2018-10-24 14:47:16 -07:00
k8s-ci-robot
10121e6448
Merge pull request #69898 from Huang-Wei/scheudler-perf-more-cases
...
add more scheduler benchmark testcases
2018-10-24 14:47:06 -07:00
Wei Huang
5259d09c38
add more scheduler benchmark testcases
...
- add benchmark test for PodAffinity
- add benchmark test for NodeAffinity
- add 1000-nodes test for PodAntiAffinity/PodAffinity/NodeAffinity
2018-10-24 11:06:32 -07:00
zuoxiu.jm
38ddb4413a
update token authn constructor
2018-10-24 16:56:38 +08:00
k8s-ci-robot
4d182cec03
Merge pull request #70105 from mikedanese/trev1
...
promote --service-account-api-audiences to top level kube-apiserver config
2018-10-22 23:59:34 -07:00
