mirror of
https://github.com/k3s-io/kubernetes.git
synced 2025-07-23 19:56:01 +00:00
kubeadm: replaced period as token separator in favor of colon.
This commit is contained in:
parent
c707cbf176
commit
394f93b921
@ -108,7 +108,7 @@ func NewCmdTokenGenerate(out io.Writer) *cobra.Command {
|
||||
the "init" and "join" commands.
|
||||
|
||||
You don't have to use this command in order to generate a token, you can do so
|
||||
yourself as long as it's in the format "<6 characters>.<16 characters>". This
|
||||
yourself as long as it's in the format "<6 characters>:<16 characters>". This
|
||||
command is provided for convenience to generate tokens in that format.
|
||||
|
||||
You can also use "kubeadm init" without specifying a token, and it will
|
||||
|
@ -23,7 +23,7 @@ import (
|
||||
)
|
||||
|
||||
const (
|
||||
TokenExpectedRegex = "^\\S{6}\\.\\S{16}\n$"
|
||||
TokenExpectedRegex = "^\\S{6}\\:\\S{16}\n$"
|
||||
)
|
||||
|
||||
func TestRunGenerateToken(t *testing.T) {
|
||||
|
@ -36,13 +36,13 @@ import (
|
||||
|
||||
const (
|
||||
TokenIDBytes = 3
|
||||
TokenBytes = 8
|
||||
TokenSecretBytes = 8
|
||||
BootstrapTokenSecretPrefix = "bootstrap-token-"
|
||||
DefaultTokenDuration = time.Duration(8) * time.Hour
|
||||
tokenCreateRetries = 5
|
||||
)
|
||||
|
||||
func RandBytes(length int) (string, error) {
|
||||
func randBytes(length int) (string, error) {
|
||||
b := make([]byte, length)
|
||||
_, err := rand.Read(b)
|
||||
if err != nil {
|
||||
@ -52,12 +52,12 @@ func RandBytes(length int) (string, error) {
|
||||
}
|
||||
|
||||
func GenerateToken(d *kubeadmapi.TokenDiscovery) error {
|
||||
tokenID, err := RandBytes(TokenIDBytes)
|
||||
tokenID, err := randBytes(TokenIDBytes)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
|
||||
token, err := RandBytes(TokenBytes)
|
||||
token, err := randBytes(TokenSecretBytes)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
@ -68,7 +68,7 @@ func GenerateToken(d *kubeadmapi.TokenDiscovery) error {
|
||||
}
|
||||
|
||||
var (
|
||||
tokenRegexpString = "^([a-zA-Z0-9]{6})\\.([a-zA-Z0-9]{16})$"
|
||||
tokenRegexpString = "^([a-zA-Z0-9]{6})\\:([a-zA-Z0-9]{16})$"
|
||||
tokenRegexp = regexp.MustCompile(tokenRegexpString)
|
||||
)
|
||||
|
||||
@ -96,15 +96,16 @@ func ParseToken(s string) (string, string, error) {
|
||||
|
||||
}
|
||||
|
||||
// BearerToken returns a string representation of the passed token.
|
||||
func BearerToken(d *kubeadmapi.TokenDiscovery) string {
|
||||
return fmt.Sprintf("%s.%s", d.ID, d.Secret)
|
||||
return fmt.Sprintf("%s:%s", d.ID, d.Secret)
|
||||
}
|
||||
|
||||
func IsTokenValid(d *kubeadmapi.TokenDiscovery) (bool, error) {
|
||||
if len(d.ID)+len(d.Secret) == 0 {
|
||||
return false, nil
|
||||
}
|
||||
if _, _, err := ParseToken(d.ID + "." + d.Secret); err != nil {
|
||||
if _, _, err := ParseToken(d.ID + ":" + d.Secret); err != nil {
|
||||
return false, err
|
||||
}
|
||||
return true, nil
|
||||
|
@ -22,17 +22,20 @@ import (
|
||||
kubeadmapi "k8s.io/kubernetes/cmd/kubeadm/app/apis/kubeadm"
|
||||
)
|
||||
|
||||
func TestTokenParseErrors(t *testing.T) {
|
||||
func TestTokenParse(t *testing.T) {
|
||||
invalidTokens := []string{
|
||||
// invalid parcel size
|
||||
"1234567890123456789012",
|
||||
"12345.1234567890123456",
|
||||
"12345:1234567890123456",
|
||||
".1234567890123456",
|
||||
"123456.1234567890.123456",
|
||||
// invalid separation
|
||||
"123456:1234567890.123456",
|
||||
"abcdef.1234567890123456",
|
||||
}
|
||||
|
||||
for _, token := range invalidTokens {
|
||||
if _, _, err := ParseToken(token); err == nil {
|
||||
t.Errorf("generateTokenIfNeeded did not return an error for this invalid token: [%s]", token)
|
||||
t.Errorf("ParseToken did not return an error for this invalid token: [%s]", token)
|
||||
}
|
||||
}
|
||||
}
|
||||
@ -59,12 +62,12 @@ func TestRandBytes(t *testing.T) {
|
||||
}
|
||||
|
||||
for _, rt := range randTest {
|
||||
actual, err := RandBytes(rt)
|
||||
actual, err := randBytes(rt)
|
||||
if err != nil {
|
||||
t.Errorf("failed RandBytes: %v", err)
|
||||
t.Errorf("failed randBytes: %v", err)
|
||||
}
|
||||
if len(actual) != rt*2 {
|
||||
t.Errorf("failed RandBytes:\n\texpected: %d\n\t actual: %d\n", rt*2, len(actual))
|
||||
t.Errorf("failed randBytes:\n\texpected: %d\n\t actual: %d\n", rt*2, len(actual))
|
||||
}
|
||||
}
|
||||
}
|
||||
|
@ -25,7 +25,7 @@ import (
|
||||
)
|
||||
|
||||
const (
|
||||
TokenExpectedRegex = "^\\S{6}\\.\\S{16}\n$"
|
||||
TokenExpectedRegex = "^\\S{6}\\:\\S{16}\n$"
|
||||
)
|
||||
|
||||
var kubeadmPath string
|
||||
|
Loading…
Reference in New Issue
Block a user