github/kubevela
1
0
Fork 0
mirror of https://github.com/kubevela/kubevela.git synced 2026-05-06 01:17:09 +00:00
Code Issues Packages Projects Releases Wiki Activity
3,812 Commits 48 Branches 208 Tags
18fb098fce2abe03bcbb656f0a47ab22ace7b52b
Commit Graph

21 Commits

Author SHA1 Message Date
Somefive
f1bae16723 Chore: remove schematic kube and helm (#6099) 
* Chore: remove unused code

Signed-off-by: Somefive <yd219913@alibaba-inc.com>

* Chore: remove schematic Kube & Helm

Signed-off-by: Somefive <yd219913@alibaba-inc.com>

---------

Signed-off-by: Somefive <yd219913@alibaba-inc.com>
 2023-06-12 10:41:02 +08:00
Somefive
04cd510ddc Chore: use package function to replace parallel function (#6052) 2023-05-31 14:01:30 +08:00
barnettZQG
f7d34cbe8a Feat: enhance the application synchronizer (#5299) 
* Feat: enhance the application synchronizer

Signed-off-by: barnettZQG <barnett.zqg@gmail.com>

* Fix: e2e test case

Signed-off-by: barnettZQG <barnett.zqg@gmail.com>

* Fix: the unit test case

Signed-off-by: barnettZQG <barnett.zqg@gmail.com>

Signed-off-by: barnettZQG <barnett.zqg@gmail.com>
 2023-01-11 14:20:47 +08:00
barnettZQG
97ce8ba500 Feat: add the API that rollbacks the application (#5273) 
* Feat: add the API that rollbacks the application

Signed-off-by: barnettZQG <barnett.zqg@gmail.com>

* Fix: enhance the test cases

Signed-off-by: barnettZQG <barnett.zqg@gmail.com>

* Fix: use the klog/v2 package

Signed-off-by: barnettZQG <barnett.zqg@gmail.com>

Signed-off-by: barnettZQG <barnett.zqg@gmail.com>
 2023-01-05 17:45:42 +08:00
barnettZQG
fa44776702 Fix: grant the permission to read the ConfigMap in the vela-system namesapce (#4961) 
* Fix: grant the permission to read the ConfigMap in the vela-system namespace

Signed-off-by: barnettZQG <barnett.zqg@gmail.com>

* Fix: change the test

Signed-off-by: barnettZQG <barnett.zqg@gmail.com>

Signed-off-by: barnettZQG <barnett.zqg@gmail.com>
 2022-11-01 09:58:18 +08:00
Somefive
668a637f86 Feat: upgrade go1.19 (#4790) 2022-09-28 10:19:28 +08:00
Tianxin Dong
01bf4c5ac4 Feat: add failed state in workflow (#4695) 
Signed-off-by: FogDong <dongtianxin.tx@alibaba-inc.com>

Signed-off-by: FogDong <dongtianxin.tx@alibaba-inc.com>
 2022-09-07 16:23:51 +08:00
qiaozp
d7f57ed122 Feat: request token when vela auth gen-kubeconfig (#4687) 
* Feat: request token when vela auth gen-kubeconfig

Signed-off-by: Qiaozp <qiaozhongpei.qzp@alibaba-inc.com>

* 1.24 test

Signed-off-by: Qiaozp <qiaozhongpei.qzp@alibaba-inc.com>

* fix test

Signed-off-by: qiaozp <qiaozhongpei.qzp@alibaba-inc.com>

* fix test

Signed-off-by: qiaozp <qiaozhongpei.qzp@alibaba-inc.com>

* format

Signed-off-by: qiaozp <qiaozhongpei.qzp@alibaba-inc.com>

* more test on 1.24

Signed-off-by: Qiaozp <qiaozhongpei.qzp@alibaba-inc.com>

* rollback some logic and fix test

Signed-off-by: Qiaozp <qiaozhongpei.qzp@alibaba-inc.com>

* fix

Signed-off-by: Qiaozp <qiaozhongpei.qzp@alibaba-inc.com>

Signed-off-by: Qiaozp <qiaozhongpei.qzp@alibaba-inc.com>
Signed-off-by: qiaozp <qiaozhongpei.qzp@alibaba-inc.com>
 2022-09-05 17:34:51 +08:00
Tianxin Dong
239c5474dd Chore: refactor workflow from workflow engine (#4631) 
Signed-off-by: FogDong <dongtianxin.tx@alibaba-inc.com>

Signed-off-by: FogDong <dongtianxin.tx@alibaba-inc.com>
 2022-09-02 12:55:03 +08:00
barnettZQG
c6ae772cc1 Fix: CloudShell read-only authorization is not automatically revoked (#4495) 
* Fix: CloudShell read-only authorization is not automatically revoked

Signed-off-by: barnettZQG <barnett.zqg@gmail.com>

* Fix: code style

Signed-off-by: barnettZQG <barnett.zqg@gmail.com>

* Fix: rename the prefix

Signed-off-by: barnettZQG <barnett.zqg@gmail.com>
 2022-07-29 16:42:24 +08:00
Jianbo Sun
eea8570e10 Feat: add the CloudShell feature (#4280) 
* Feat: add the CloudShell feature

Signed-off-by: barnettZQG <barnett.zqg@gmail.com>

* Fix: unit test bug

Signed-off-by: barnettZQG <barnett.zqg@gmail.com>

* Feat: handle the error

Signed-off-by: barnettZQG <barnett.zqg@gmail.com>

* Feat: change the auth package

Signed-off-by: barnettZQG <barnett.zqg@gmail.com>

* Fix: change the CSR name

Signed-off-by: barnettZQG <barnett.zqg@gmail.com>

* Fix: change the generate function

Signed-off-by: barnettZQG <barnett.zqg@gmail.com>

* Fix: unit test

Signed-off-by: barnettZQG <barnett.zqg@gmail.com>

* Fix: e2e test

Signed-off-by: barnettZQG <barnett.zqg@gmail.com>
 2022-07-01 23:31:15 +08:00
Somefive
8f11b5b1a4 Fix: kube apply ignore userinfo for rt (#4297) 
Signed-off-by: Somefive <yd219913@alibaba-inc.com>
 2022-07-01 17:30:55 +08:00
Somefive
57309884fc Feat: enhance controller auth by removing useless features & add authentication for componentrevision+healthcheck (#3992) 
* Feat: use application identity in gc & componentrevision & collectHealthStatus

Signed-off-by: Somefive <yd219913@alibaba-inc.com>

* Chore: remove useless features and roles

Signed-off-by: Somefive <yd219913@alibaba-inc.com>

* Fix: remove DELETE from mutating webhook

Signed-off-by: Somefive <yd219913@alibaba-inc.com>

* Chore: enhance deploy error display

Signed-off-by: Somefive <yd219913@alibaba-inc.com>

* Fix: e2e test vela cli output match & controllerrevision recycle for serviceaccount impersonation

Signed-off-by: Somefive <yd219913@alibaba-inc.com>
 2022-05-27 15:50:21 +08:00
Somefive
5cfc2878b7 Feat: support impersonation for application in apiserver (#3985) 
Signed-off-by: Somefive <yd219913@alibaba-inc.com>
 2022-05-26 16:42:30 +08:00
Somefive
cb5630af48 Fix: enhance grant privileges output (#3962) 
Signed-off-by: Somefive <yd219913@alibaba-inc.com>
 2022-05-24 14:31:32 +08:00
Somefive
7976b32ba4 Fix: grant privilege readonly incorrect binding (#3953) 
Signed-off-by: Somefive <yd219913@alibaba-inc.com>
 2022-05-23 17:23:08 +08:00
Somefive
c5b28cb4b3 Feat: vela auth grant-privileges (#3943) 
Signed-off-by: Somefive <yd219913@alibaba-inc.com>
 2022-05-23 10:47:13 +08:00
Somefive
12ec62dd65 Feat: vela auth list-privileges (#3923) 
Signed-off-by: Somefive <yd219913@alibaba-inc.com>
 2022-05-18 20:57:39 +08:00
Somefive
9d6706d48e Feat: vela auth gen-kubeconfig (#3911) 
* Feat: vela create kubeconfig

Signed-off-by: Somefive <yd219913@alibaba-inc.com>

* Chore: refactor

Signed-off-by: Somefive <yd219913@alibaba-inc.com>
 2022-05-18 16:14:00 +08:00
Somefive
2d28fb35eb Feat: multi-cluster authentication (#3713) 
Signed-off-by: Somefive <yd219913@alibaba-inc.com>
 2022-04-24 14:48:26 +08:00
Sunghoon Kang
1300a980f0 Feat: reconcile app with scoped permissions (#3434) 
* Refactor: refactor multi cluster round trippers

Before adding more RoundTrippers, it would be better to expose common
logic in the utility package.

This commit exports `tryCancelRequest` at `utils` package, and make
`secretMultiClusterRoundTripper` implement `RoundTripperWrapper`
interface to allow chaining multiple round trippers.

Refs #3432

Signed-off-by: Sunghoon Kang <hoon@linecorp.com>

* Feat: reconcile app with scoped permissions

Currently, all Application resources are reconciled by the Roles bound
to the controller service account. This behavior gives us the power to
manage resources across multiple namespaces. However, this behavior can
be problematic in the soft-multitenancy environment.

This commit adds `serviceAccountName` to ApplicationSepc to reconcile
Application with the given service account for reconciling Application
with scoped permissions.

Refs #3432

Signed-off-by: Sunghoon Kang <hoon@linecorp.com>

* Refactor: extract context setter as method

https://github.com/oam-dev/kubevela/pull/3434#discussion_r825561603

Signed-off-by: Sunghoon Kang <hoon@linecorp.com>

* Feat: use annotation instead of spec

https://github.com/oam-dev/kubevela/issues/3432#issuecomment-1066460269

Signed-off-by: Sunghoon Kang <hoon@linecorp.com>

* Refactor: unify service account setter caller

https://github.com/oam-dev/kubevela/pull/3434#discussion_r825853612

Signed-off-by: Sunghoon Kang <hoon@linecorp.com>

* Refactor: rename GetServiceAccountName

https://github.com/oam-dev/kubevela/pull/3434#discussion_r826514565

Signed-off-by: Sunghoon Kang <hoon@linecorp.com>
 2022-03-15 11:55:50 +08:00