github/kubernetes
1
0
Fork 0
mirror of https://github.com/k3s-io/kubernetes.git synced 2025-08-01 07:47:56 +00:00
Code Issues Projects Releases Wiki Activity

Add abac_authorization_file local var to allow ABAC_AUTHZ_FILE to be set outside the script.

Browse Source
This commit is contained in:
CJ Cullen 2017-03-15 13:28:18 -07:00
parent 355f576c0b
commit 1534cbf1fa
1 changed files with 3 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
cluster/gce/gci/configure-helper.sh
View File

@ -1108,9 +1108,9 @@ function start-kube-apiserver {
# Load existing ABAC policy files written by versions < 1.6 of this script
# TODO: only default to this legacy path when in upgrade mode
ABAC_AUTHZ_FILE="${ABAC_AUTHZ_FILE:-/etc/srv/kubernetes/abac-authz-policy.jsonl}"
if [[ -n "${ABAC_AUTHZ_FILE:-}" && -e "${ABAC_AUTHZ_FILE}" ]]; then
params+=" --authorization-policy-file=${ABAC_AUTHZ_FILE}"
local abac_authorization_file="${ABAC_AUTHZ_FILE:-/etc/srv/kubernetes/abac-authz-policy.jsonl}"
if [[ -n "${abac_authorization_file:-}" && -e "${abac_authorization_file}" ]]; then
params+=" --authorization-policy-file=${abac_authorization_file}"
authorization_mode+=",ABAC"
fi
local webhook_config_mount=""