Export UserInfo conversion, use authnv1.UserInfo in audit

2025-07-30 06:54:01 +00:00 · 2019-09-09 08:54:54 -04:00 · 2019-09-09 08:54:54 -04:00 · 0e787a4b78
commit 0e787a4b78
parent 38752f7f99
6 changed files with 29 additions and 29 deletions
--- a/pkg/apis/authentication/v1/conversion.go
+++ b/pkg/apis/authentication/v1/conversion.go
@ -17,10 +17,23 @@ limitations under the License.
 package v1

 import (
+	v1 "k8s.io/api/authentication/v1"
+	conversion "k8s.io/apimachinery/pkg/conversion"
 	"k8s.io/apimachinery/pkg/runtime"
+	authentication "k8s.io/kubernetes/pkg/apis/authentication"
 )

 func addConversionFuncs(scheme *runtime.Scheme) error {
 	// Add non-generated conversion functions
 	return scheme.AddConversionFuncs()
 }
+
+// Convert_v1_UserInfo_To_authentication_UserInfo is an autogenerated conversion function.
+func Convert_v1_UserInfo_To_authentication_UserInfo(in *v1.UserInfo, out *authentication.UserInfo, s conversion.Scope) error {
+	return autoConvert_v1_UserInfo_To_authentication_UserInfo(in, out, s)
+}
+
+// Convert_authentication_UserInfo_To_v1_UserInfo is an autogenerated conversion function.
+func Convert_authentication_UserInfo_To_v1_UserInfo(in *authentication.UserInfo, out *v1.UserInfo, s conversion.Scope) error {
+	return autoConvert_authentication_UserInfo_To_v1_UserInfo(in, out, s)
+}
--- a/staging/src/k8s.io/apiserver/pkg/apis/audit/types.go
+++ b/staging/src/k8s.io/apiserver/pkg/apis/audit/types.go
@ -17,6 +17,7 @@ limitations under the License.
 package audit

 import (
+	authnv1 "k8s.io/api/authentication/v1"
 	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 	"k8s.io/apimachinery/pkg/runtime"
 	"k8s.io/apimachinery/pkg/types"
@ -92,10 +93,10 @@ type Event struct {
 	// For non-resource requests, this is the lower-cased HTTP method.
 	Verb string
 	// Authenticated user information.
-	User UserInfo
+	User authnv1.UserInfo
 	// Impersonated user information.
 	// +optional
-	ImpersonatedUser *UserInfo
+	ImpersonatedUser *authnv1.UserInfo
 	// Source IPs, from where the request originated and intermediate proxies.
 	// +optional
 	SourceIPs []string
@ -283,21 +284,3 @@ type ObjectReference struct {
 	// +optional
 	Subresource string
 }
-
-// UserInfo holds the information about the user needed to implement the
-// user.Info interface.
-type UserInfo struct {
-	// The name that uniquely identifies this user among all active users.
-	Username string
-	// A unique value that identifies this user across time. If this user is
-	// deleted and another user by the same name is added, they will have
-	// different UIDs.
-	UID string
-	// The names of groups this user is a part of.
-	Groups []string
-	// Any additional information provided by the authenticator.
-	Extra map[string]ExtraValue
-}
-
-// ExtraValue masks the value so protobuf can generate
-type ExtraValue []string
--- a/staging/src/k8s.io/apiserver/pkg/audit/event/attributes.go
+++ b/staging/src/k8s.io/apiserver/pkg/audit/event/attributes.go
@ -20,6 +20,7 @@ import (
 	"fmt"
 	"net/url"

+	authnv1 "k8s.io/api/authentication/v1"
 	"k8s.io/apiserver/pkg/apis/audit"
 	authuser "k8s.io/apiserver/pkg/authentication/user"
 	"k8s.io/apiserver/pkg/authorization/authorizer"
@ -126,7 +127,7 @@ func (a *attributes) GetPath() string {
 }

 // user represents the event user
-type user audit.UserInfo
+type user authnv1.UserInfo

 // GetName returns the user name
 func (u user) GetName() string { return u.Username }
--- a/staging/src/k8s.io/apiserver/pkg/audit/request.go
+++ b/staging/src/k8s.io/apiserver/pkg/audit/request.go
@ -26,6 +26,7 @@ import (
 	"github.com/pborman/uuid"
 	"k8s.io/klog"

+	authnv1 "k8s.io/api/authentication/v1"
 	"k8s.io/apimachinery/pkg/api/meta"
 	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 	"k8s.io/apimachinery/pkg/runtime"
@ -68,9 +69,9 @@ func NewEventFromRequest(req *http.Request, level auditinternal.Level, attribs a

 	if user := attribs.GetUser(); user != nil {
 		ev.User.Username = user.GetName()
-		ev.User.Extra = map[string]auditinternal.ExtraValue{}
+		ev.User.Extra = map[string]authnv1.ExtraValue{}
 		for k, v := range user.GetExtra() {
-			ev.User.Extra[k] = auditinternal.ExtraValue(v)
+			ev.User.Extra[k] = authnv1.ExtraValue(v)
 		}
 		ev.User.Groups = user.GetGroups()
 		ev.User.UID = user.GetUID()
@ -95,14 +96,14 @@ func LogImpersonatedUser(ae *auditinternal.Event, user user.Info) {
 	if ae == nil || ae.Level.Less(auditinternal.LevelMetadata) {
 		return
 	}
-	ae.ImpersonatedUser = &auditinternal.UserInfo{
+	ae.ImpersonatedUser = &authnv1.UserInfo{
 		Username: user.GetName(),
 	}
 	ae.ImpersonatedUser.Groups = user.GetGroups()
 	ae.ImpersonatedUser.UID = user.GetUID()
-	ae.ImpersonatedUser.Extra = map[string]auditinternal.ExtraValue{}
+	ae.ImpersonatedUser.Extra = map[string]authnv1.ExtraValue{}
 	for k, v := range user.GetExtra() {
-		ae.ImpersonatedUser.Extra[k] = auditinternal.ExtraValue(v)
+		ae.ImpersonatedUser.Extra[k] = authnv1.ExtraValue(v)
 	}
 }

--- a/staging/src/k8s.io/apiserver/plugin/pkg/audit/dynamic/enforced/enforced_test.go
+++ b/staging/src/k8s.io/apiserver/plugin/pkg/audit/dynamic/enforced/enforced_test.go
@ -21,6 +21,7 @@ import (

 	"github.com/stretchr/testify/require"

+	authnv1 "k8s.io/api/authentication/v1"
 	"k8s.io/apimachinery/pkg/runtime"
 	auditinternal "k8s.io/apiserver/pkg/apis/audit"
 	"k8s.io/apiserver/pkg/audit/policy"
@ -67,7 +68,7 @@ func TestEnforced(t *testing.T) {
 				Level:      auditinternal.LevelRequestResponse,
 				Stage:      auditinternal.StageResponseComplete,
 				RequestURI: "/apis/extensions/v1beta1",
-				User: auditinternal.UserInfo{
+				User: authnv1.UserInfo{
 					Username: user.Anonymous,
 				},
 				RequestObject:  &runtime.Unknown{Raw: []byte(`test`)},
--- a/staging/src/k8s.io/apiserver/plugin/pkg/audit/log/backend_test.go
+++ b/staging/src/k8s.io/apiserver/plugin/pkg/audit/log/backend_test.go
@ -25,6 +25,7 @@ import (

 	"github.com/pborman/uuid"

+	authnv1 "k8s.io/api/authentication/v1"
 	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 	"k8s.io/apimachinery/pkg/runtime"
 	"k8s.io/apimachinery/pkg/runtime/schema"
@ -64,7 +65,7 @@ func TestLogEventsLegacy(t *testing.T) {
 				AuditID:                  types.UID(uuid.NewRandom().String()),
 				Stage:                    auditinternal.StageRequestReceived,
 				Verb:                     "get",
-				User: auditinternal.UserInfo{
+				User: authnv1.UserInfo{
 					Username: "admin",
 					Groups: []string{
 						"system:masters",
@ -122,7 +123,7 @@ func TestLogEventsJson(t *testing.T) {
 			AuditID:                  types.UID(uuid.NewRandom().String()),
 			Stage:                    auditinternal.StageRequestReceived,
 			Verb:                     "get",
-			User: auditinternal.UserInfo{
+			User: authnv1.UserInfo{
 				Username: "admin",
 				Groups: []string{
 					"system:masters",