website

Commit Graph

Author	SHA1	Message	Date
Anish Ramasekar	5de3ddd2b3	fix example userinfo object in authn docs Signed-off-by: Anish Ramasekar <anish.ramasekar@gmail.com>	2025-06-17 17:47:54 -07:00
Kai Naschinski	1eb1607153	Fix PodTopologyLabels note not rendering The additional whitespace caused the site to not render the note, displaying the literal "{{ }}" instead.	2025-06-16 13:59:40 +02:00
Jayesh Mahajan	929a877bc4	update openid oidc-signing-algs allowed values in authentication.md Openid oidc-signing-algs available values are limited to a certain set, according to the source code available here: `9d62330bfa/staging/src/k8s.io/apiserver/plugin/pkg/authenticator/token/oidc/oidc.go (L230)` This documents all the available signing algorithms.	2025-05-23 13:25:16 -04:00
Stanislav Láznička	190b3ab758	cluster trust bundles: use correct version/feature maturity stage	2025-05-07 16:30:39 +02:00
Kubernetes Prow Robot	c0ae18dc43	Merge pull request #48734 from Lahoussine-Bouhmou/patch-1 Include parameterNotFoundAction in Validating Admission Policy documentation	2025-05-02 23:33:55 -07:00
Dan Winship	649bda2cbd	Update docs for deprecation of Endpoints API (#49831 ) * KEP-4974: Update documentation for Endpoints deprecation * Bring EndpointSlice docs up to date - FQDN is not a supported AddressType - Update documentation around `serving` vs `ready` to just explain how it works now, without the historical context. (In particular, describe `serving` first, and then explain `ready` as being almost the same thing as `serving` rather than vice versa). - Fix feature-state version macro for `terminating` - Remove a note about some deprecated v1beta1 EndpointSlice fields that is just confusing if you didn't know that v1beta1 had a different topology API. - Remove the "Comparison with Endpoints"/"Motivation" section. * Fix up examples that still used `kubectl get endpoints` * Replace various passing references to Endpoints with EndpointSlices * Update main headings for Endpoints and Endpoint Slice Mirroring * Update glossary for Endpoints deprecation	2025-04-09 02:08:41 -07:00
Kubernetes Prow Robot	ccd2edde3d	Merge pull request #49928 from dshebib/4742-node-labels-downward-api 4742 Expose Node Labels in Downward API Docs	2025-04-08 00:50:39 -07:00
Rey Lejano	930294a0f4	Merge pull request #50366 from hacktivist123/merged-main-dev-1.33 Merged main branch into dev-1.33	2025-04-07 11:26:00 -07:00
Daniel Shebib	207c91401d	add documentation for KEP 4742	2025-04-06 16:41:06 -05:00
Kubernetes Prow Robot	67503b6fa2	Merge pull request #49413 from liggitt/4193-ga KEP-4193: 1.33 updates for ServiceAccountTokenNodeBinding GA	2025-04-05 03:00:46 -07:00
Kubernetes Prow Robot	f9be9a248c	Merge pull request #50145 from tengqm/kubelet-authz Mention the builtin clusterrole in kubelet authorization	2025-03-30 10:24:35 -07:00
Kubernetes Prow Robot	8558bc3561	Merge pull request #49626 from shannonxtreme/mutating-webhook-good-practices Add a good practices page for mutating webhook design	2025-03-22 07:06:31 -07:00
Shannon Kularathna	14220821d1	Move best practices from dynamic admission control page to best practices page Moved content as-is (no text changes) for a more readable diff between commits. The following sections werent moved: * Idempotence main section (better content in new page) * Intercepting all versions of an object (better content in new page) * Guaranteeing the final state of an object is seen * Avoiding operating in the kube-system namespace	2025-03-21 20:04:03 +00:00
Shannon Kularathna	bf971d28d3	Add a new page for mutating webhook good practices. - Link to new page from dynamic admission control page - Retain TODOs for info that'll be migration from existing page	2025-03-21 20:00:38 +00:00
Jordan Liggitt	1eae76928b	KEP-4193: 1.33 updates for ServiceAccountTokenNodeBinding GA	2025-03-20 16:06:46 -04:00
Qiming Teng	5bfcf81227	Mention the builtin clusterrole in kubelet authorization This PR updates the description about the kubelet fine-grained API authorization.	2025-03-20 08:15:34 +08:00
Anish Ramasekar	4888dbe086	fix doc for email_verified requirement when username contains claims.email Signed-off-by: Anish Ramasekar <anish.ramasekar@gmail.com>	2025-03-17 17:08:26 -07:00
Tim Bannister	2a3a72e16c	Move CSR for client certificate to tasks section The moved documentation describes a task, so move it to the documentation section that describes tasks.	2025-03-04 20:22:32 +00:00
Richard Tweed	1c250e49bf	Add diagram for admission control phases which shows the new validatingadmissionpolicies (#43836 ) * Add diagram for admission control phases which shows the new validatingadmissionpolicies * Change to a mermaid diagram * Add accessibility description * Fix font size issue * Correct blue colour * Move diagram type to top to see if it builds correctly * Convert to exported svg and mermaid-live link * correct image path * Update filepath * Update link to mermaid doc With the annotation changes * Delete content/en/docs/images/admission-control-phases.svg * correct image path * Correct parallelism of stages and state parallel stage explicitly * Undo autolint * Undo further autolint * Remove bad merge * Revert yet more IDE autoformatting * Revert more IDE nonsense * Remove yet more ide nonsense * Remove the last of the IDE autoformatting * Fix last piece of the bad merge	2025-02-23 13:26:27 -08:00
Kubernetes Prow Robot	91919bdba5	Merge pull request #46798 from fasaxc/patch-1 Add more suggestions for avoiding deadlocks to webhook docs	2025-02-20 14:08:27 -08:00
Shaun Crampton	0c40eced7e	Add more suggestions for avoiding deadlocks Webhooks can cause deadlocks in several ways, expand the list to cover more subtle cases. Co-authored-by: Kat Cosgrove <kat.cosgrove@gmail.com> Co-authored-by: Tim Bannister <tim@scalefactory.com>	2025-02-17 13:21:59 +00:00
Kubernetes Prow Robot	97cbae19d2	Merge pull request #48920 from AmarNathChary/updated_yaml_to_json Switch extensible admission payload example from YAML to JSON	2025-02-12 23:56:23 -08:00
Naresh Koduru	8b78fb8239	enable copying rolebinding examples directly	2025-02-12 13:36:26 +05:30
Kubernetes Prow Robot	74ffdcecda	Merge pull request #48200 from iheartNathan/42288-Inconsistent-documentation-of-default-StorageClass fix inconsistency in documentation of default storageclass	2025-02-11 05:37:58 -08:00
Kubernetes Prow Robot	2e15797126	Merge pull request #49589 from NareshKoduru/role_copy Enable copying role and clusterRole snippets	2025-01-29 16:19:22 -08:00
Naresh Koduru	6c6165d5e2	Enable copying role and clusterRole snippets	2025-01-29 10:15:16 +05:30
Thomas Gosteli	0338db1b94	add exempt api kinds in mutating admission policies doc	2025-01-22 18:31:51 +01:00
Thomas Gosteli	37017f4c04	fix: api kinds in upper camel case	2025-01-22 18:19:26 +01:00
iheartNathan	4e3523c0a0	fix inconsistency in documentation of default storageclass	2025-01-22 15:22:35 +00:00
Thomas Gosteli	a1688890f0	Update content/en/docs/reference/access-authn-authz/validating-admission-policy.md Co-authored-by: Tim Bannister <tim@scalefactory.com>	2025-01-22 08:11:00 +01:00
Thomas Gosteli	ede1a137fc	Update content/en/docs/reference/access-authn-authz/validating-admission-policy.md Co-authored-by: Tim Bannister <tim@scalefactory.com>	2025-01-22 08:10:46 +01:00
Thomas Gosteli	baaf68c601	Update content/en/docs/reference/access-authn-authz/validating-admission-policy.md Co-authored-by: Tim Bannister <tim@scalefactory.com>	2025-01-22 08:10:27 +01:00
Thomas Gosteli	eb357e28f7	docs: extend VAP docs with exempt resources Signed-off-by: Thomas Gosteli <thomas.gosteli@protonmail.ch>	2025-01-21 17:04:00 +01:00
windsonsea	a214e105a2	Clean up service-accounts-admin.md	2025-01-21 09:08:14 +08:00
Mohammad Alavi	45182c8c24	change ValidatingAdmissionWebhook to ValidatingAdmissionPolicy	2025-01-14 21:22:05 +07:00
谭成	212637cfb7	Reorder ValidatingAdmissionPolicy components for logical flow	2024-12-20 09:34:38 +08:00
michellengnx	baba5e4c35	Merge main into dev-1.32 to keep in sync	2024-12-09 23:11:06 -05:00
AmarNathChary	370c47dacc	changed comments	2024-12-05 12:03:27 +05:30
AmarNathChary	8104af95c1	changed back to yaml	2024-12-03 14:55:12 +05:30
AmarNathChary	1e5175b94d	Updated extensible admission controller yaml file to json	2024-12-02 14:20:12 +05:30
Kubernetes Prow Robot	ee231f71d7	Merge pull request #48495 from munnerz/kep-4193-132-ga KEP-4193: Update ServiceAccount admin docs with additional info on bound tokens	2024-11-26 19:22:56 +00:00
Jeffrey Ying	cb8e5a7ce5	KEP-3962: Mutating admission policy documentation (#48646 ) * Introduce concept page for mutating admission policy * add example and documentation for MAP * fix MAP feature gate documentation * address comments * Apply suggestions from code review Co-authored-by: Tim Bannister <tim@scalefactory.com> --------- Co-authored-by: Joe Betz <jpbetz@google.com> Co-authored-by: Tim Bannister <tim@scalefactory.com>	2024-11-26 18:20:56 +00:00
James Munnelly	4ef866967e	Apply suggestions from code review Co-authored-by: Jordan Liggitt <jordan@liggitt.net>	2024-11-26 18:09:26 +00:00
James Munnelly	a3c89ce64a	Update content/en/docs/reference/access-authn-authz/service-accounts-admin.md Co-authored-by: Jordan Liggitt <jordan@liggitt.net>	2024-11-26 18:08:56 +00:00
Kubernetes Prow Robot	01eccc6441	Merge pull request #48771 from ritazh/deprecate-EnforceMountableSecretsAnnotation Add deprecation warnings for enforce-mountable-secrets annotation	2024-11-26 17:12:56 +00:00
James Munnelly	0c28e697d4	address review comments	2024-11-26 11:25:39 +00:00
Rita Zhang	3b8c927a3b	Address comments Signed-off-by: Rita Zhang <rita.z.zhang@gmail.com>	2024-11-20 19:00:50 -08:00
Rita Zhang	926db124d0	Add deprecation warnings for enforce-mountable-secrets annotation	2024-11-19 07:59:43 -08:00
Kubernetes Prow Robot	d8dbc916c4	Merge pull request #48487 from ritazh/kep_3221_ga KEP-3221: remove mentions of beta and featuregate, and change order of cmd line	2024-11-19 13:30:53 +00:00
Lahoussine Bouhmou	5a06306c3a	Apply feedback: use note shortcode Replaced manual note with note shortcode for the parameterNotFoundAction section as per style guide.	2024-11-19 10:03:56 +01:00

1 2 3 4 5 ...

682 Commits (issues-48002)