github/kubernetes
1
0
Fork 0
mirror of https://github.com/k3s-io/kubernetes.git synced 2025-07-23 03:41:45 +00:00
Code Issues Projects Releases Wiki Activity

add context to serviceaccount authenticator metrics

Browse Source
This commit is contained in:
yoyinzyc 2021-01-13 13:22:21 -08:00
parent 7c702138f9
commit 587cadf726
2 changed files with 3 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
pkg/serviceaccount/claims.go
View File

@ -192,9 +192,9 @@ func (v *validator) Validate(ctx context.Context, _ string, public *jwt.Claims,
secondsAfterWarn := nowTime.Unix() - warnafter.Time().Unix() secondsAfterWarn := nowTime.Unix() - warnafter.Time().Unix()
auditInfo := fmt.Sprintf("subject: %s, seconds after warning threshold: %d", public.Subject, secondsAfterWarn) auditInfo := fmt.Sprintf("subject: %s, seconds after warning threshold: %d", public.Subject, secondsAfterWarn)
audit.AddAuditAnnotation(ctx, "authentication.k8s.io/stale-token", auditInfo) audit.AddAuditAnnotation(ctx, "authentication.k8s.io/stale-token", auditInfo)
staleTokensTotal.Inc() staleTokensTotal.WithContext(ctx).Inc()
} else { } else {
validTokensTotal.Inc() validTokensTotal.WithContext(ctx).Inc()
} }
} }

2
pkg/serviceaccount/jwt.go
View File

@ -290,7 +290,7 @@ func (j *jwtTokenAuthenticator) AuthenticateToken(ctx context.Context, tokenData
if len(tokenAudiences) == 0 { if len(tokenAudiences) == 0 {
// only apiserver audiences are allowed for legacy tokens // only apiserver audiences are allowed for legacy tokens
audit.AddAuditAnnotation(ctx, "authentication.k8s.io/legacy-token", public.Subject) audit.AddAuditAnnotation(ctx, "authentication.k8s.io/legacy-token", public.Subject)
legacyTokensTotal.Inc() legacyTokensTotal.WithContext(ctx).Inc()
tokenAudiences = j.implicitAuds tokenAudiences = j.implicitAuds
} }