github-personal/kubernetes
1
0
Fork 0
mirror of https://github.com/outbackdingo/kubernetes.git synced 2026-02-25 12:20:29 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
510924b70acb16f1107de43cdc68e23c6ea3ea32
kubernetes/pkg
History
Kubernetes Submit Queue 510924b70a Merge pull request #27087 from soltysh/audit_log 
Automatic merge from submit-queue

Basic audit log

Fixes #2203 by introducing simple audit logging, including the information about impersonation. We currently have something identical in openshift, but I'm open to any suggestions. Sample logs look like that:

as `<self>`:
```
AUDIT: id="75114bb5-970a-47d5-a5f1-1e99cea0574c" ip="127.0.0.1" method="GET" user="test-admin" as="<self>" namespace="openshift" uri="/api/v1/namespaces/openshift/pods/python"
AUDIT: id="75114bb5-970a-47d5-a5f1-1e99cea0574c" response=200
```

as user:
```
AUDIT: id="b0a443ae-f7d8-408c-a355-eb9501fd5c59" ip="192.168.121.118" method="GET" user="system:admin" as="test-admin" namespace="openshift" uri="/api/v1/namespaces/openshift/pods/python"
AUDIT: id="b0a443ae-f7d8-408c-a355-eb9501fd5c59" response=200
```

```release-note
* Add basic audit logging
```

@ericchiang @smarterclayton @roberthbailey @erictune @ghodss 

[![Analytics](https://kubernetes-site.appspot.com/UA-36037335-10/GitHub/.github/PULL_REQUEST_TEMPLATE.md?pixel)]()

<!-- Reviewable:start -->
---
This change is [<img src="https://reviewable.kubernetes.io/review_button.svg" height="34" align="absmiddle" alt="Reviewable"/>](https://reviewable.kubernetes.io/reviews/kubernetes/kubernetes/27087)
<!-- Reviewable:end -->
2016-08-12 05:31:31 -07:00
..
admission
Fix usage of shared informer in namespace admission controllers
2016-08-01 13:40:34 -04:00
api
Merge pull request #30005 from dchen1107/api
2016-08-12 01:11:12 -07:00
apimachinery
Merge pull request #28431 from brendandburns/thirdparty2
2016-07-22 09:41:58 -07:00
apis
update generated files, including the client
2016-08-11 17:06:55 -07:00
apiserver
Basic audit log
2016-08-12 12:27:19 +02:00
auth
Merge pull request #28281 from nhlfr/authorize-return-bool
2016-07-18 21:40:26 -07:00
capabilities
Use Go canonical import paths
2016-07-16 13:48:21 -04:00
client
Merge pull request #30277 from wojtek-t/optimize_controllers
2016-08-12 03:20:58 -07:00
cloudprovider
Merge pull request #29230 from luxas/goimport
2016-08-05 16:22:01 -07:00
controller
Merge pull request #30277 from wojtek-t/optimize_controllers
2016-08-12 03:20:58 -07:00
conversion
Use Go canonical import paths
2016-07-16 13:48:21 -04:00
credentialprovider
Merge pull request #28539 from derekwaynecarr/credential_provider_timeout
2016-07-22 18:01:41 -07:00
dns
Merge pull request #29230 from luxas/goimport
2016-08-05 16:22:01 -07:00
fieldpath
Use Go canonical import paths
2016-07-16 13:48:21 -04:00
fields
Use Go canonical import paths
2016-07-16 13:48:21 -04:00
genericapiserver
Basic audit log
2016-08-12 12:27:19 +02:00
healthz
fixes the wrong doc in package healthz
2016-07-18 22:46:09 +08:00
httplog
Use Go canonical import paths
2016-07-16 13:48:21 -04:00
hyperkube
Use Go canonical import paths
2016-07-16 13:48:21 -04:00
kubectl
Merge pull request #30461 from caesarxuchao/kubectl-gc
2016-08-12 01:55:11 -07:00
kubelet
Merge pull request #30417 from yujuhong/source_ready
2016-08-11 18:28:44 -07:00
kubemark
Remove "All rights reserved" from all the headers.
2016-06-29 17:47:36 -07:00
labels
Print/log pointers of structs with %#v instead of %+v
2016-08-01 22:27:56 +02:00
master
move RangeRegistry to a separate package for generic usage
2016-08-09 13:10:48 +08:00
metrics
Remove "All rights reserved" from all the headers.
2016-06-29 17:47:36 -07:00
probe
Merge pull request #27562 from 7ing/ipt
2016-08-02 08:02:32 -07:00
proxy
kube-proxy: Propagate hostname to iptables proxier
2016-08-09 10:05:29 -07:00
quota
Quota admission errors if usage is negative
2016-08-11 11:26:59 -04:00
registry
Merge pull request #30227 from soltysh/remove_seconds
2016-08-10 03:50:30 -07:00
runtime
fix register.go files up + add test import
2016-08-11 17:06:54 -07:00
security
Merge pull request #29812 from timstclair/aa-validation
2016-08-11 15:49:55 -07:00
securitycontext
Remove pod mutation for PVs with supplemental GIDs
2016-07-22 17:41:44 -04:00
serviceaccount
Check for valid serviceaccount JWT token before inspecting claims
2016-07-06 14:25:15 -04:00
ssh
Revert "Add a customized ssh dialer that will timeout"
2016-07-14 08:48:24 +02:00
storage
Merge pull request #30368 from wojtek-t/log_terminating_all_watchers
2016-08-10 09:26:07 -07:00
types
Use Go canonical import paths
2016-07-16 13:48:21 -04:00
ui
Use Go canonical import paths
2016-07-16 13:48:21 -04:00
util
Merge pull request #30402 from dims/fix-issue-30377
2016-08-11 06:47:45 -07:00
version
Use Go canonical import paths
2016-07-16 13:48:21 -04:00
volume
Merge pull request #29619 from dims/fix-issue-23163
2016-08-06 01:44:15 -07:00
watch
Update generated files due to dependency shift.
2016-08-09 10:41:09 -05:00
OWNERS
Remove bgrant from pkg/OWNERS and pkg/kubectl/OWNERS since he has plenty to do.
2016-06-16 08:21:27 -07:00