github/kubernetes
1
0
Fork 0
mirror of https://github.com/k3s-io/kubernetes.git synced 2025-11-04 07:49:35 +00:00
Code Issues Projects Releases Wiki Activity

When changing basic auth creds, just delete the whole file, in order to be able to rotate username in addition to password

Browse Source
This commit is contained in:
Isaac Hollander McCreery
2017-04-17 17:05:33 -07:00
parent 74d0258818
commit 2acf60e44d
1 changed files with 1 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
cluster/gce/gci/configure-helper.sh
View File

@@ -287,9 +287,7 @@ function create-master-auth {
local -r basic_auth_csv="${auth_dir}/basic_auth.csv" local -r basic_auth_csv="${auth_dir}/basic_auth.csv"
if [[ -n "${KUBE_PASSWORD:-}" && -n "${KUBE_USER:-}" ]]; then if [[ -n "${KUBE_PASSWORD:-}" && -n "${KUBE_USER:-}" ]]; then
if [[ -e "${basic_auth_csv}" && "${METADATA_CLOBBERS_CONFIG:-false}" == "true" ]]; then if [[ -e "${basic_auth_csv}" && "${METADATA_CLOBBERS_CONFIG:-false}" == "true" ]]; then
sed -i "/,${KUBE_USER},admin,system:masters$/d" "${basic_auth_csv}" rm "${basic_auth_csv}"
# The following is for the legacy form of the password line.
sed -i "/,${KUBE_USER},admin$/d" "${basic_auth_csv}"
fi fi
replace_prefixed_line "${basic_auth_csv}" "${KUBE_PASSWORD},${KUBE_USER}," "admin,system:masters" replace_prefixed_line "${basic_auth_csv}" "${KUBE_PASSWORD},${KUBE_USER}," "admin,system:masters"
fi fi