From 4beba154b4b9e1b2915996fdc3f540f7767fe647 Mon Sep 17 00:00:00 2001 From: "Dr. Stefan Schimanski" Date: Thu, 19 Jan 2017 13:04:08 +0100 Subject: [PATCH] genericapiserver: move authz webhook plugins into k8s.io/apiserver --- pkg/genericapiserver/authorizer/delegating.go | 4 ++-- pkg/kubeapiserver/authorizer/config.go | 2 +- .../src/k8s.io/apiserver/plugin/pkg}/authorizer/webhook/BUILD | 0 .../apiserver/plugin/pkg}/authorizer/webhook/certs_test.go | 0 .../apiserver/plugin/pkg}/authorizer/webhook/gencerts.sh | 0 .../apiserver/plugin/pkg}/authorizer/webhook/webhook.go | 1 - .../apiserver/plugin/pkg}/authorizer/webhook/webhook_test.go | 2 +- test/test_owners.csv | 2 +- 8 files changed, 5 insertions(+), 6 deletions(-) rename {plugin/pkg/auth => staging/src/k8s.io/apiserver/plugin/pkg}/authorizer/webhook/BUILD (100%) rename {plugin/pkg/auth => staging/src/k8s.io/apiserver/plugin/pkg}/authorizer/webhook/certs_test.go (100%) rename {plugin/pkg/auth => staging/src/k8s.io/apiserver/plugin/pkg}/authorizer/webhook/gencerts.sh (100%) rename {plugin/pkg/auth => staging/src/k8s.io/apiserver/plugin/pkg}/authorizer/webhook/webhook.go (99%) rename {plugin/pkg/auth => staging/src/k8s.io/apiserver/plugin/pkg}/authorizer/webhook/webhook_test.go (99%) diff --git a/pkg/genericapiserver/authorizer/delegating.go b/pkg/genericapiserver/authorizer/delegating.go index 07bf2b29943..56be85a242d 100644 --- a/pkg/genericapiserver/authorizer/delegating.go +++ b/pkg/genericapiserver/authorizer/delegating.go @@ -22,7 +22,7 @@ import ( "k8s.io/apiserver/pkg/authorization/authorizer" authorizationclient "k8s.io/client-go/kubernetes/typed/authorization/v1beta1" - webhooksar "k8s.io/kubernetes/plugin/pkg/auth/authorizer/webhook" + "k8s.io/apiserver/plugin/pkg/authorizer/webhook" ) // DelegatingAuthorizerConfig is the minimal configuration needed to create an authenticator @@ -39,7 +39,7 @@ type DelegatingAuthorizerConfig struct { } func (c DelegatingAuthorizerConfig) New() (authorizer.Authorizer, error) { - return webhooksar.NewFromInterface( + return webhook.NewFromInterface( c.SubjectAccessReviewClient, c.AllowCacheTTL, c.DenyCacheTTL, diff --git a/pkg/kubeapiserver/authorizer/config.go b/pkg/kubeapiserver/authorizer/config.go index 10d98f10961..45c9fc44568 100644 --- a/pkg/kubeapiserver/authorizer/config.go +++ b/pkg/kubeapiserver/authorizer/config.go @@ -23,11 +23,11 @@ import ( "k8s.io/apiserver/pkg/authorization/authorizer" "k8s.io/apiserver/pkg/authorization/union" + "k8s.io/apiserver/plugin/pkg/authorizer/webhook" "k8s.io/kubernetes/pkg/auth/authorizer/abac" "k8s.io/kubernetes/pkg/controller/informers" genericauthorizer "k8s.io/kubernetes/pkg/genericapiserver/authorizer" "k8s.io/kubernetes/plugin/pkg/auth/authorizer/rbac" - "k8s.io/kubernetes/plugin/pkg/auth/authorizer/webhook" ) const ( diff --git a/plugin/pkg/auth/authorizer/webhook/BUILD b/staging/src/k8s.io/apiserver/plugin/pkg/authorizer/webhook/BUILD similarity index 100% rename from plugin/pkg/auth/authorizer/webhook/BUILD rename to staging/src/k8s.io/apiserver/plugin/pkg/authorizer/webhook/BUILD diff --git a/plugin/pkg/auth/authorizer/webhook/certs_test.go b/staging/src/k8s.io/apiserver/plugin/pkg/authorizer/webhook/certs_test.go similarity index 100% rename from plugin/pkg/auth/authorizer/webhook/certs_test.go rename to staging/src/k8s.io/apiserver/plugin/pkg/authorizer/webhook/certs_test.go diff --git a/plugin/pkg/auth/authorizer/webhook/gencerts.sh b/staging/src/k8s.io/apiserver/plugin/pkg/authorizer/webhook/gencerts.sh similarity index 100% rename from plugin/pkg/auth/authorizer/webhook/gencerts.sh rename to staging/src/k8s.io/apiserver/plugin/pkg/authorizer/webhook/gencerts.sh diff --git a/plugin/pkg/auth/authorizer/webhook/webhook.go b/staging/src/k8s.io/apiserver/plugin/pkg/authorizer/webhook/webhook.go similarity index 99% rename from plugin/pkg/auth/authorizer/webhook/webhook.go rename to staging/src/k8s.io/apiserver/plugin/pkg/authorizer/webhook/webhook.go index abcc3340ae2..ff591ffc480 100644 --- a/plugin/pkg/auth/authorizer/webhook/webhook.go +++ b/staging/src/k8s.io/apiserver/plugin/pkg/authorizer/webhook/webhook.go @@ -32,7 +32,6 @@ import ( "k8s.io/apiserver/pkg/util/webhook" _ "k8s.io/client-go/pkg/apis/authorization/install" - _ "k8s.io/kubernetes/pkg/apis/authorization/install" ) var ( diff --git a/plugin/pkg/auth/authorizer/webhook/webhook_test.go b/staging/src/k8s.io/apiserver/plugin/pkg/authorizer/webhook/webhook_test.go similarity index 99% rename from plugin/pkg/auth/authorizer/webhook/webhook_test.go rename to staging/src/k8s.io/apiserver/plugin/pkg/authorizer/webhook/webhook_test.go index f434cf5e9a9..85bca35cec9 100644 --- a/plugin/pkg/auth/authorizer/webhook/webhook_test.go +++ b/staging/src/k8s.io/apiserver/plugin/pkg/authorizer/webhook/webhook_test.go @@ -36,8 +36,8 @@ import ( "k8s.io/apimachinery/pkg/util/diff" "k8s.io/apiserver/pkg/authentication/user" "k8s.io/apiserver/pkg/authorization/authorizer" + "k8s.io/client-go/pkg/apis/authorization/v1beta1" "k8s.io/client-go/tools/clientcmd/api/v1" - "k8s.io/kubernetes/pkg/apis/authorization/v1beta1" ) func TestNewFromConfig(t *testing.T) { diff --git a/test/test_owners.csv b/test/test_owners.csv index 0fd7cde6dc0..a0afe7c51fe 100644 --- a/test/test_owners.csv +++ b/test/test_owners.csv @@ -956,7 +956,7 @@ k8s.io/kubernetes/plugin/pkg/admission/serviceaccount,liggitt,0 k8s.io/kubernetes/plugin/pkg/admission/storageclass/default,pmorie,1 k8s.io/kubernetes/plugin/pkg/auth/authorizer/rbac,rrati,0 k8s.io/kubernetes/plugin/pkg/auth/authorizer/rbac/bootstrappolicy,mml,1 -k8s.io/kubernetes/plugin/pkg/auth/authorizer/webhook,rrati,0 +k8s.io/apiserver/plugin/pkg/authorizer/webhook,rrati,0 k8s.io/kubernetes/plugin/pkg/client/auth/gcp,jlowdermilk,0 k8s.io/kubernetes/plugin/pkg/client/auth/oidc,cjcullen,1 k8s.io/kubernetes/plugin/pkg/scheduler,fgrzadkowski,0