scottk/kubernetes
1
0
Fork 0
mirror of https://github.com/optim-enterprises-bv/kubernetes.git synced 2025-11-02 19:28:16 +00:00
Code Issues Packages Projects Releases Wiki Activity

Add flatz to kubelet auth.

Browse Source 
Fix: Move flagz to InstallDebuggingHandlers.

Move flagz  to the lower switch statemen

Fix linter

Drop the function parameter for the read-only server.
This commit is contained in:
zhangzhifei16
2024-12-23 11:05:14 +08:00
committed by zhifei92
parent 7b6c56e5fb
commit 2db729cfa4
8 changed files with 48 additions and 8 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
pkg/kubelet/server/auth.go
View File

@@ -27,6 +27,7 @@ import (
"k8s.io/apiserver/pkg/server/healthz"
utilfeature "k8s.io/apiserver/pkg/util/feature"
"k8s.io/component-base/configz"
"k8s.io/component-base/zpages/flagz"
"k8s.io/component-base/zpages/statusz"
"k8s.io/klog/v2"
"k8s.io/kubernetes/pkg/features"
@@ -74,6 +75,7 @@ func isSubpath(subpath, path string) bool {
// /runningPods/* => verb=<api verb from request>, resource=nodes, name=<node name>, subresource(s)=pods,proxy
// /healthz/* => verb=<api verb from request>, resource=nodes, name=<node name>, subresource(s)=healthz,proxy
// /configz => verb=<api verb from request>, resource=nodes, name=<node name>, subresource(s)=configz,proxy
// /flagz => verb=<api verb from request>, resource=nodes, name=<node name>, subresource(s)=configz,proxy
func (n nodeAuthorizerAttributesGetter) GetRequestAttributes(u user.Info, r *http.Request) []authorizer.Attributes {
apiVerb := ""
@@ -120,6 +122,8 @@ func (n nodeAuthorizerAttributesGetter) GetRequestAttributes(u user.Info, r *htt
subresources = append(subresources, "checkpoint")
case isSubpath(requestPath, statusz.DefaultStatuszPath):
subresources = append(subresources, "statusz")
case isSubpath(requestPath, flagz.DefaultFlagzPath):
subresources = append(subresources, "configz")
default:
subresources = append(subresources, "proxy")
}