scottk/kubernetes
1
0
Fork 0
mirror of https://github.com/optim-enterprises-bv/kubernetes.git synced 2025-11-02 03:08:15 +00:00
Code Issues Packages Projects Releases Wiki Activity
41,706 Commits 1 Branch 0 Tags
6a4d5cd7cc58e28c20ca133dab7b0e9e56192fe3
Commit Graph

74 Commits

Author SHA1 Message Date
deads2k
6a4d5cd7cc start the apimachinery repo 2017-01-11 09:09:48 -05:00
Jeff Grafton
20d221f75c Enable auto-generating sources rules 2017-01-05 14:14:13 -08:00
deads2k
4d7fcae85a mechanicals 2017-01-05 11:14:27 -05:00
deads2k
b813e98a26 move no k8s.io/kubernetes dependencies round one 2017-01-05 11:09:42 -05:00
Kubernetes Submit Queue
e18f54f9d2 Merge pull request #39444 from deads2k/generic-11-selectively 
Automatic merge from submit-queue

selectively move to client-go packages

selectively update some low hanging fruit to use client-go.

@sttts
 2017-01-05 07:51:11 -08:00
Kubernetes Submit Queue
06de081d96 Merge pull request #39408 from liggitt/invalid-token-401 
Automatic merge from submit-queue

Ensure invalid token returns 401 error, not 403

fixes #39267

If a user attempts to use a bearer token, and the token is rejected, the authenticator should return an error. This distinguishes requests that did not provide a bearer token (and are unauthenticated without error) from ones that attempted to, and failed.
 2017-01-04 15:18:18 -08:00
deads2k
1ebe759743 selectively move to client-go packages 2017-01-04 17:49:24 -05:00
Jordan Liggitt
0902c55c8b Ensure invalid token returns 401 error 2017-01-04 11:37:05 -05:00
deads2k
ca58ec0237 mechanical changes for move 2017-01-04 10:27:05 -05:00
deads2k
442d2c1404 move pkg/auth/user to staging 2017-01-04 10:27:04 -05:00
Dr. Stefan Schimanski
87dd990bb7 Move pkg/api.{Context,RequestContextMapper} into pkg/genericapiserver/api/request 2017-01-03 14:57:33 +01:00
Mike Danese
161c391f44 autogenerated 2016-12-29 13:04:10 -08:00
Jordan Liggitt
742ef34484 Convert user/group * to match authenticated users only in ABAC 2016-12-19 13:41:35 -05:00
deads2k
6ab6975983 update for controller RBAC roles 2016-12-15 09:18:48 -05:00
Mike Danese
c87de85347 autoupdate BUILD files 2016-12-12 13:30:07 -08:00
Dr. Stefan Schimanski
0301487de0 Add verbs to APIResource for discovery 2016-12-05 12:36:04 +01:00
deads2k
df2492f714 add nodes role to RBAC bootstrap policy 2016-11-03 08:30:50 -04:00
Mike Danese
df713b478c fix tests by declaring testdata 2016-10-21 17:32:32 -07:00
Mike Danese
3b6a067afc autogenerated 2016-10-21 17:32:32 -07:00
mbohlool
7e80ab2401 Remove unnecessary authorization headers after authorization is successful 2016-10-06 12:38:00 -07:00
deads2k
8c20af79a4 fix loopback authorizer 2016-10-03 12:46:39 -04:00
deads2k
57039cfdfa make well-known users and groups into constants 2016-09-30 10:34:33 -04:00
Jordan Liggitt
0f3baaad50 Create GroupAdder authenticator wrapper 2016-09-26 17:18:05 -04:00
Dr. Stefan Schimanski
87356c0623 Cleanup handler chain 2016-09-23 12:03:58 +02:00
Kubernetes Submit Queue
2db76ad133 Merge pull request #30369 from lixiaobing10051267/masterQuote 
Automatic merge from submit-queue

check using single quote in cmd/pkg/plugin
 2016-08-23 00:19:25 -07:00
deads2k
432e6ecdae allow impersonating user.Info.Extra 2016-08-22 07:43:52 -04:00
Clayton Coleman
5f8366aac3 Convert() should accept the new conversion Context value 
Allows Convert() to reuse the same conversions as ConvertToVersion
without being overly coupled to the version.
 2016-08-18 14:45:20 -04:00
lixiaobing10051267
6cb66b6695 check using single quote in cmd/pkg/plugin 2016-08-10 23:32:09 +08:00
k8s-merge-robot
8d46d9b0c7 Merge pull request #28281 from nhlfr/authorize-return-bool 
Automatic merge from submit-queue

Return (bool, error) in Authorizer.Authorize()

Before this change, Authorize() method was just returning an error, regardless of whether the user is unauthorized or whether there is some other unrelated error. Returning boolean with information about user authorization and error (which should be unrelated to the authorization) separately will make it easier to debug.

Fixes #27974
 2016-07-18 21:40:26 -07:00
k8s-merge-robot
fa174bcdaf Merge pull request #29042 from dims/fixup-imports 
Automatic merge from submit-queue

Use Go canonical import paths

Add canonical imports only in existing doc.go files.
https://golang.org/doc/go1.4#canonicalimports

Fixes #29014
 2016-07-18 07:23:38 -07:00
Michal Rostecki
fa0dd46ab7 Return (bool, error) in Authorizer.Authorize() 
Before this change, Authorize() method was just returning an error,
regardless of whether the user is unauthorized or whether there
is some other unrelated error. Returning boolean with information
about user authorization and error (which should be unrelated to
the authorization) separately will make it easier to debug.

Fixes #27974
 2016-07-18 12:06:54 +02:00
Davanum Srinivas
2b0ed014b7 Use Go canonical import paths 
Add canonical imports only in existing doc.go files.
https://golang.org/doc/go1.4#canonicalimports

Fixes #29014
 2016-07-16 13:48:21 -04:00
deads2k
f6f1ab34aa authorize based on user.Info 2016-07-14 07:48:42 -04:00
David McMahon
ef0c9f0c5b Remove "All rights reserved" from all the headers. 2016-06-29 17:47:36 -07:00
CJ Cullen
0124e23450 Add an 'authenticated user' metric to the RequestAuthenticator. 2016-05-19 16:04:11 -07:00
deads2k
b4ebfd47c5 add user.Info.GetExtra 2016-04-26 15:08:34 -04:00
deads2k
02578a7ea7 add missing attributes to authorization interface 2016-03-29 08:46:21 -04:00
Eric Paris
5e5a823294 Move blunderbuss assignees into tree 2016-03-02 20:46:32 -05:00
Clayton Coleman
4386e8cc38 Change legacy ABAC decode to use new Decoder 
The new Decode() method is able to deserialize an unknown type when an
explicit Into is provided.
 2016-01-22 01:10:23 -05:00
Clayton Coleman
c1d932e44a Switch API objects to not register per version codecs 
Remove Codec from versionInterfaces in meta (RESTMapper is now agnostic
to codec and serialization). Register api/latest.Codecs as the codec
factory and use latest.Codecs.LegacyCodec(version) as an equvialent to
the previous codec.
 2016-01-22 01:10:21 -05:00
liggitt
23dc96f08e Fix example ABAC policy file 2016-01-12 14:22:20 -05:00
deads2k
f764e0099c Update ObjectTyper to GroupVersion 2015-12-07 08:35:05 -05:00
Jordan Liggitt
2321651518 Add non-resource and API group support to ABAC authorizer, version ABAC policy rules 2015-12-03 12:31:13 -05:00
eulerzgy
f8f9afb874 alias local packagename for pkg/util/errors 2015-10-18 09:37:46 +08:00
Jordan Liggitt
9d6b52881d Add authentication/authorization interfaces to kubelet, always include /metrics with /stats 2015-10-09 03:10:00 -04:00
Jordan Liggitt
e024e55e8e Add verb to authorizer attributes 2015-10-01 23:54:02 -04:00
deads2k
8db054651c plumb APIGroup to authorization attributes and test 2015-09-30 09:45:10 -04:00
Wojciech Tyczynski
53ae56f205 Replace "minion" with "node" in bunch of places. 2015-09-14 11:07:11 +02:00
Ruddarraju, Uday Kumar Raju
f8d6f13f7c Union of authorizers 2015-09-04 11:04:50 -07:00
Jordan Liggitt
848ec0491e fix ABAC tests 2015-08-10 16:07:08 -04:00