yliao
34a64db2c7
extended resource backed by DRA: implementation
2025-07-29 18:55:21 +00:00
Taahir Ahmed
4624cb9bb9
Pod Certificates: Basic implementation
...
* Define feature gate
* Define and serve PodCertificateRequest
* Implement Kubelet projected volume source
* kube-controller-manager GCs PodCertificateRequests
* Add agnhost subcommand that implements a toy signer for testing
Change-Id: Id7ed030d449806410a4fa28aab0f2ce4e01d3b10
2025-07-21 21:49:57 +00:00
Antoni Zawodny
2156efa7b3
Make Node authorizer's index authoritative for unauthorized calls
2024-09-06 09:26:19 +02:00
Antoni Zawodny
cf93a5bfa8
Clean up Node authorizer's non-thread-safe method names
2024-09-03 21:27:24 +02:00
Sergey Kanzhelev
39e49a91d7
remove DynamicKubeletConfig feature gate from the code
2022-09-23 23:14:19 +00:00
Jordan Liggitt
fd78947489
Indicate node authorizer does not support rule resolution
2020-05-12 20:34:13 -04:00
Jordan Liggitt
3e0c0792d7
Switch node authorizer index to refcounts
2020-02-10 13:24:13 -05:00
Jordan Liggitt
6d335372b2
Add configmap->node destination edges to the node authorizer index
2020-02-10 13:23:50 -05:00
Jordan Liggitt
d8c00b7f52
Fix node authorizer index recomputation
2020-01-30 13:29:57 -05:00
Jordan Liggitt
ad7d5505b9
clean up vertex/edge deletion
2018-05-02 15:39:50 -04:00
Jordan Liggitt
7f5def4361
fix graph test sorting
2018-04-06 20:46:25 -04:00
Michael Taufen
ab8dc12333
node authorizer sets up access rules for dynamic config
...
This PR makes the node authorizer automatically set up access rules for
dynamic Kubelet config.
I also added some validation to the node strategy, which I discovered we
were missing while writing this.
2018-03-27 08:49:45 -07:00
