Merge pull request #49677 from dims/send-missing-uid-field-during-webhook-authorize

Automatic merge from submit-queue (batch tested with PRs 50103, 49677, 49449, 43586, 48969) Add missing UID in SubjectAccessReviewSpec **What this PR does / why we need it**: WebhookAuthorizer's Authorize should send *all* the information present in the user.Info data structure. We are not sending the UID currently. **Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes # **Special notes for your reviewer**: **Release note**: ```release-note The SubjectAccessReview API in the authorization.k8s.io API group now allows providing the user uid. ```
2026-01-04 23:17:50 +00:00 · 2017-08-03 16:43:34 -07:00
parent a1aeea8e2e 9a761b16c1
commit 40d66b8e05
22 changed files with 460 additions and 210 deletions
--- a/api/openapi-spec/swagger.json
+++ b/api/openapi-spec/swagger.json
@@ -52583,6 +52583,10 @@
      "description": "ResourceAuthorizationAttributes describes information for a resource access request",
      "$ref": "#/definitions/io.k8s.api.authorization.v1.ResourceAttributes"
     },
+     "uid": {
+      "description": "UID information about the requesting user.",
+      "type": "string"
+     },
     "user": {
      "description": "User is the user you're testing for. If you specify \"User\" but not \"Groups\", then is it interpreted as \"What if User were not a member of any groups",
      "type": "string"
@@ -52798,6 +52802,10 @@
      "description": "ResourceAuthorizationAttributes describes information for a resource access request",
      "$ref": "#/definitions/io.k8s.api.authorization.v1beta1.ResourceAttributes"
     },
+     "uid": {
+      "description": "UID information about the requesting user.",
+      "type": "string"
+     },
     "user": {
      "description": "User is the user you're testing for. If you specify \"User\" but not \"Group\", then is it interpreted as \"What if User were not a member of any groups",
      "type": "string"
--- a/api/swagger-spec/authorization.k8s.io_v1.json
+++ b/api/swagger-spec/authorization.k8s.io_v1.json
@@ -482,6 +482,10 @@
     "extra": {
      "type": "object",
      "description": "Extra corresponds to the user.Info.GetExtra() method from the authenticator.  Since that is input to the authorizer it needs a reflection here."
+     },
+     "uid": {
+      "type": "string",
+      "description": "UID information about the requesting user."
     }
    }
   },
--- a/api/swagger-spec/authorization.k8s.io_v1beta1.json
+++ b/api/swagger-spec/authorization.k8s.io_v1beta1.json
@@ -482,6 +482,10 @@
     "extra": {
      "type": "object",
      "description": "Extra corresponds to the user.Info.GetExtra() method from the authenticator.  Since that is input to the authorizer it needs a reflection here."
+     },
+     "uid": {
+      "type": "string",
+      "description": "UID information about the requesting user."
     }
    }
   },