From 331d96539ad293d4f5d34478006e67241c1b48a5 Mon Sep 17 00:00:00 2001 From: "Dr. Stefan Schimanski" Date: Tue, 17 Jan 2017 11:10:01 +0100 Subject: [PATCH] genericapiserver: move pkg/auth/handlers into filters --- cmd/kube-aggregator/pkg/apiserver/BUILD | 49 +++++++++---------- .../pkg/apiserver/apiserver.go | 3 +- pkg/BUILD | 1 - pkg/auth/handlers/BUILD | 46 ----------------- pkg/genericapiserver/BUILD | 1 - pkg/genericapiserver/api/filters/BUILD | 47 ++++++++++-------- .../api/filters/authentication.go} | 2 +- .../api/filters/authentication_test.go} | 2 +- pkg/genericapiserver/config.go | 3 +- 9 files changed, 54 insertions(+), 100 deletions(-) delete mode 100644 pkg/auth/handlers/BUILD rename pkg/{auth/handlers/handlers.go => genericapiserver/api/filters/authentication.go} (99%) rename pkg/{auth/handlers/handlers_test.go => genericapiserver/api/filters/authentication_test.go} (99%) diff --git a/cmd/kube-aggregator/pkg/apiserver/BUILD b/cmd/kube-aggregator/pkg/apiserver/BUILD index f10dcc9d001..f5c36a1f5bb 100644 --- a/cmd/kube-aggregator/pkg/apiserver/BUILD +++ b/cmd/kube-aggregator/pkg/apiserver/BUILD @@ -8,6 +8,30 @@ load( "go_test", ) +go_test( + name = "go_default_test", + srcs = [ + "handler_apis_test.go", + "handler_proxy_test.go", + ], + library = ":go_default_library", + tags = ["automanaged"], + deps = [ + "//cmd/kube-aggregator/pkg/apis/apiregistration:go_default_library", + "//cmd/kube-aggregator/pkg/client/listers/apiregistration/internalversion:go_default_library", + "//pkg/api:go_default_library", + "//pkg/api/v1:go_default_library", + "//pkg/client/cache:go_default_library", + "//pkg/client/listers/core/v1:go_default_library", + "//vendor:k8s.io/apimachinery/pkg/apis/meta/v1", + "//vendor:k8s.io/apimachinery/pkg/runtime", + "//vendor:k8s.io/apimachinery/pkg/util/diff", + "//vendor:k8s.io/apimachinery/pkg/util/sets", + "//vendor:k8s.io/apiserver/pkg/authentication/user", + "//vendor:k8s.io/apiserver/pkg/request", + ], +) + go_library( name = "go_default_library", srcs = [ @@ -27,7 +51,6 @@ go_library( "//cmd/kube-aggregator/pkg/client/listers/apiregistration/internalversion:go_default_library", "//cmd/kube-aggregator/pkg/registry/apiservice/etcd:go_default_library", "//pkg/api:go_default_library", - "//pkg/auth/handlers:go_default_library", "//pkg/client/cache:go_default_library", "//pkg/client/clientset_generated/clientset:go_default_library", "//pkg/client/informers/informers_generated:go_default_library", @@ -56,30 +79,6 @@ go_library( ], ) -go_test( - name = "go_default_test", - srcs = [ - "handler_apis_test.go", - "handler_proxy_test.go", - ], - library = ":go_default_library", - tags = ["automanaged"], - deps = [ - "//cmd/kube-aggregator/pkg/apis/apiregistration:go_default_library", - "//cmd/kube-aggregator/pkg/client/listers/apiregistration/internalversion:go_default_library", - "//pkg/api:go_default_library", - "//pkg/api/v1:go_default_library", - "//pkg/client/cache:go_default_library", - "//pkg/client/listers/core/v1:go_default_library", - "//vendor:k8s.io/apimachinery/pkg/apis/meta/v1", - "//vendor:k8s.io/apimachinery/pkg/runtime", - "//vendor:k8s.io/apimachinery/pkg/util/diff", - "//vendor:k8s.io/apimachinery/pkg/util/sets", - "//vendor:k8s.io/apiserver/pkg/authentication/user", - "//vendor:k8s.io/apiserver/pkg/request", - ], -) - filegroup( name = "package-srcs", srcs = glob(["**"]), diff --git a/cmd/kube-aggregator/pkg/apiserver/apiserver.go b/cmd/kube-aggregator/pkg/apiserver/apiserver.go index 7ebc5c3dfba..4138508c992 100644 --- a/cmd/kube-aggregator/pkg/apiserver/apiserver.go +++ b/cmd/kube-aggregator/pkg/apiserver/apiserver.go @@ -23,7 +23,6 @@ import ( "k8s.io/apimachinery/pkg/util/wait" genericapirequest "k8s.io/apiserver/pkg/request" - authhandlers "k8s.io/kubernetes/pkg/auth/handlers" kubeclientset "k8s.io/kubernetes/pkg/client/clientset_generated/clientset" kubeinformers "k8s.io/kubernetes/pkg/client/informers/informers_generated" v1listers "k8s.io/kubernetes/pkg/client/listers/core/v1" @@ -191,7 +190,7 @@ func (h *handlerChainConfig) handlerChain(apiHandler http.Handler, c *genericapi handler = genericapifilters.WithImpersonation(handler, c.RequestContextMapper, c.Authorizer) // audit to stdout to help with debugging as we get this started handler = genericapifilters.WithAudit(handler, c.RequestContextMapper, os.Stdout) - handler = authhandlers.WithAuthentication(handler, c.RequestContextMapper, c.Authenticator, authhandlers.Unauthorized(c.SupportsBasicAuth)) + handler = genericapifilters.WithAuthentication(handler, c.RequestContextMapper, c.Authenticator, genericapifilters.Unauthorized(c.SupportsBasicAuth)) handler = genericfilters.WithCORS(handler, c.CorsAllowedOriginList, nil, nil, nil, "true") handler = genericfilters.WithPanicRecovery(handler, c.RequestContextMapper) diff --git a/pkg/BUILD b/pkg/BUILD index 863c97e873e..2aa393a3bae 100644 --- a/pkg/BUILD +++ b/pkg/BUILD @@ -31,7 +31,6 @@ filegroup( "//pkg/apis/rbac:all-srcs", "//pkg/apis/storage:all-srcs", "//pkg/auth/authorizer/abac:all-srcs", - "//pkg/auth/handlers:all-srcs", "//pkg/auth/user:all-srcs", "//pkg/capabilities:all-srcs", "//pkg/client/cache:all-srcs", diff --git a/pkg/auth/handlers/BUILD b/pkg/auth/handlers/BUILD deleted file mode 100644 index 02ff1019c22..00000000000 --- a/pkg/auth/handlers/BUILD +++ /dev/null @@ -1,46 +0,0 @@ -package(default_visibility = ["//visibility:public"]) - -licenses(["notice"]) - -load( - "@io_bazel_rules_go//go:def.bzl", - "go_library", - "go_test", -) - -go_library( - name = "go_default_library", - srcs = ["handlers.go"], - tags = ["automanaged"], - deps = [ - "//vendor:github.com/golang/glog", - "//vendor:github.com/prometheus/client_golang/prometheus", - "//vendor:k8s.io/apiserver/pkg/authentication/authenticator", - "//vendor:k8s.io/apiserver/pkg/request", - ], -) - -go_test( - name = "go_default_test", - srcs = ["handlers_test.go"], - library = ":go_default_library", - tags = ["automanaged"], - deps = [ - "//vendor:k8s.io/apiserver/pkg/authentication/authenticator", - "//vendor:k8s.io/apiserver/pkg/authentication/user", - "//vendor:k8s.io/apiserver/pkg/request", - ], -) - -filegroup( - name = "package-srcs", - srcs = glob(["**"]), - tags = ["automanaged"], - visibility = ["//visibility:private"], -) - -filegroup( - name = "all-srcs", - srcs = [":package-srcs"], - tags = ["automanaged"], -) diff --git a/pkg/genericapiserver/BUILD b/pkg/genericapiserver/BUILD index 92df56a7632..1a11e741660 100644 --- a/pkg/genericapiserver/BUILD +++ b/pkg/genericapiserver/BUILD @@ -68,7 +68,6 @@ go_library( deps = [ "//pkg/admission:go_default_library", "//pkg/api:go_default_library", - "//pkg/auth/handlers:go_default_library", "//pkg/client/restclient:go_default_library", "//pkg/genericapiserver/api:go_default_library", "//pkg/genericapiserver/api/filters:go_default_library", diff --git a/pkg/genericapiserver/api/filters/BUILD b/pkg/genericapiserver/api/filters/BUILD index 79a003eab6f..fb822b14add 100644 --- a/pkg/genericapiserver/api/filters/BUILD +++ b/pkg/genericapiserver/api/filters/BUILD @@ -8,10 +8,34 @@ load( "go_test", ) +go_test( + name = "go_default_test", + srcs = [ + "audit_test.go", + "authentication_test.go", + "authorization_test.go", + "impersonation_test.go", + "requestinfo_test.go", + ], + library = ":go_default_library", + tags = ["automanaged"], + deps = [ + "//pkg/apis/authentication:go_default_library", + "//pkg/apis/batch:go_default_library", + "//pkg/genericapiserver/api/handlers/responsewriters:go_default_library", + "//vendor:k8s.io/apimachinery/pkg/util/sets", + "//vendor:k8s.io/apiserver/pkg/authentication/authenticator", + "//vendor:k8s.io/apiserver/pkg/authentication/user", + "//vendor:k8s.io/apiserver/pkg/authorization/authorizer", + "//vendor:k8s.io/apiserver/pkg/request", + ], +) + go_library( name = "go_default_library", srcs = [ "audit.go", + "authentication.go", "authorization.go", "doc.go", "impersonation.go", @@ -24,7 +48,9 @@ go_library( "//pkg/genericapiserver/api/handlers/responsewriters:go_default_library", "//vendor:github.com/golang/glog", "//vendor:github.com/pborman/uuid", + "//vendor:github.com/prometheus/client_golang/prometheus", "//vendor:k8s.io/apimachinery/pkg/util/net", + "//vendor:k8s.io/apiserver/pkg/authentication/authenticator", "//vendor:k8s.io/apiserver/pkg/authentication/serviceaccount", "//vendor:k8s.io/apiserver/pkg/authentication/user", "//vendor:k8s.io/apiserver/pkg/authorization/authorizer", @@ -33,27 +59,6 @@ go_library( ], ) -go_test( - name = "go_default_test", - srcs = [ - "audit_test.go", - "authorization_test.go", - "impersonation_test.go", - "requestinfo_test.go", - ], - library = ":go_default_library", - tags = ["automanaged"], - deps = [ - "//pkg/apis/authentication:go_default_library", - "//pkg/apis/batch:go_default_library", - "//pkg/genericapiserver/api/handlers/responsewriters:go_default_library", - "//vendor:k8s.io/apimachinery/pkg/util/sets", - "//vendor:k8s.io/apiserver/pkg/authentication/user", - "//vendor:k8s.io/apiserver/pkg/authorization/authorizer", - "//vendor:k8s.io/apiserver/pkg/request", - ], -) - filegroup( name = "package-srcs", srcs = glob(["**"]), diff --git a/pkg/auth/handlers/handlers.go b/pkg/genericapiserver/api/filters/authentication.go similarity index 99% rename from pkg/auth/handlers/handlers.go rename to pkg/genericapiserver/api/filters/authentication.go index 74e3a65b239..c3027617b2f 100644 --- a/pkg/auth/handlers/handlers.go +++ b/pkg/genericapiserver/api/filters/authentication.go @@ -14,7 +14,7 @@ See the License for the specific language governing permissions and limitations under the License. */ -package handlers +package filters import ( "net/http" diff --git a/pkg/auth/handlers/handlers_test.go b/pkg/genericapiserver/api/filters/authentication_test.go similarity index 99% rename from pkg/auth/handlers/handlers_test.go rename to pkg/genericapiserver/api/filters/authentication_test.go index 40ff025903d..f12049d5321 100644 --- a/pkg/auth/handlers/handlers_test.go +++ b/pkg/genericapiserver/api/filters/authentication_test.go @@ -14,7 +14,7 @@ See the License for the specific language governing permissions and limitations under the License. */ -package handlers +package filters import ( "errors" diff --git a/pkg/genericapiserver/config.go b/pkg/genericapiserver/config.go index 91fd37eb6f4..f6ee11fce1a 100644 --- a/pkg/genericapiserver/config.go +++ b/pkg/genericapiserver/config.go @@ -50,7 +50,6 @@ import ( apirequest "k8s.io/apiserver/pkg/request" "k8s.io/kubernetes/pkg/admission" "k8s.io/kubernetes/pkg/api" - authhandlers "k8s.io/kubernetes/pkg/auth/handlers" "k8s.io/kubernetes/pkg/client/restclient" genericapifilters "k8s.io/kubernetes/pkg/genericapiserver/api/filters" apiopenapi "k8s.io/kubernetes/pkg/genericapiserver/api/openapi" @@ -573,7 +572,7 @@ func DefaultBuildHandlerChain(apiHandler http.Handler, c *Config) (secure, insec handler = genericapifilters.WithAuthorization(handler, c.RequestContextMapper, c.Authorizer) handler = genericapifilters.WithImpersonation(handler, c.RequestContextMapper, c.Authorizer) handler = audit(handler) // before impersonation to read original user - handler = authhandlers.WithAuthentication(handler, c.RequestContextMapper, c.Authenticator, authhandlers.Unauthorized(c.SupportsBasicAuth)) + handler = genericapifilters.WithAuthentication(handler, c.RequestContextMapper, c.Authenticator, genericapifilters.Unauthorized(c.SupportsBasicAuth)) return handler }