github/client-go
1
0
Fork 0
mirror of https://github.com/kubernetes/client-go.git synced 2025-09-11 03:49:17 +00:00
Code Issues Projects Releases Wiki Activity

--as-uid flag in kubectl and kubeconfigs.

Browse Source 
This corresponds to previous work to allow impersonating UIDs:
* Introduce Impersonate-UID header: #99961
* Add UID to client-go impersonation config #104483

Signed-off-by: Margo Crawford <margaretc@vmware.com>

Kubernetes-commit: 7e079f5144474cae05802771f604df2b748d781f
This commit is contained in:
Margo Crawford
2021-10-19 16:12:31 -07:00
committed by Kubernetes Publisher
parent 9b0b23a8ad
commit 5fca705b7d
8 changed files with 135 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
tools/clientcmd/validation.go
View File

@@ -323,9 +323,9 @@ func validateAuthInfo(authInfoName string, authInfo clientcmdapi.AuthInfo) []err
validationErrors = append(validationErrors, fmt.Errorf("more than one authentication method found for %v; found %v, only one is allowed", authInfoName, methods))
}
// ImpersonateGroups or ImpersonateUserExtra should be requested with a user
if (len(authInfo.ImpersonateGroups) > 0 || len(authInfo.ImpersonateUserExtra) > 0) && (len(authInfo.Impersonate) == 0) {
validationErrors = append(validationErrors, fmt.Errorf("requesting groups or user-extra for %v without impersonating a user", authInfoName))
// ImpersonateUID, ImpersonateGroups or ImpersonateUserExtra should be requested with a user
if (len(authInfo.ImpersonateUID) > 0 || len(authInfo.ImpersonateGroups) > 0 || len(authInfo.ImpersonateUserExtra) > 0) && (len(authInfo.Impersonate) == 0) {
validationErrors = append(validationErrors, fmt.Errorf("requesting uid, groups or user-extra for %v without impersonating a user", authInfoName))
}
return validationErrors
}