github/kubernetes
1
0
Fork 0
mirror of https://github.com/k3s-io/kubernetes.git synced 2025-07-31 15:25:57 +00:00
Code Issues Projects Releases Wiki Activity

not expose object detail when creating TokenRequest

Browse Source
This commit is contained in:
Cao Shufeng 2018-04-03 19:54:30 +08:00
parent 8f571a0e9d
commit 5eefd7d012
1 changed files with 2 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
pkg/registry/core/serviceaccount/storage/token.go
View File

@ -79,7 +79,7 @@ func (r *TokenREST) Create(ctx context.Context, name string, obj runtime.Object,
} }
pod = podObj.(*api.Pod) pod = podObj.(*api.Pod)
if name != pod.Spec.ServiceAccountName { if name != pod.Spec.ServiceAccountName {
return nil, errors.NewBadRequest(fmt.Sprintf("cannot bind token for serviceaccount %q to pod running with serviceaccount %q", name, pod.Spec.ServiceAccountName)) return nil, errors.NewBadRequest(fmt.Sprintf("cannot bind token for serviceaccount %q to pod running with different serviceaccount name.", name))
} }
uid = pod.UID uid = pod.UID
case gvk.Group == "" && gvk.Kind == "Secret": case gvk.Group == "" && gvk.Kind == "Secret":
@ -94,7 +94,7 @@ func (r *TokenREST) Create(ctx context.Context, name string, obj runtime.Object,
return nil, errors.NewBadRequest(fmt.Sprintf("cannot bind token to object of type %s", gvk.String())) return nil, errors.NewBadRequest(fmt.Sprintf("cannot bind token to object of type %s", gvk.String()))
} }
if ref.UID != "" && uid != ref.UID { if ref.UID != "" && uid != ref.UID {
return nil, errors.NewConflict(schema.GroupResource{Group: gvk.Group, Resource: gvk.Kind}, ref.Name, fmt.Errorf("the UID in the bound object reference (%s) does not match the UID in record (%s). The object might have been deleted and then recreated", ref.UID, uid)) return nil, errors.NewConflict(schema.GroupResource{Group: gvk.Group, Resource: gvk.Kind}, ref.Name, fmt.Errorf("the UID in the bound object reference (%s) does not match the UID in record. The object might have been deleted and then recreated", ref.UID))
} }
} }
if len(out.Spec.Audiences) == 0 { if len(out.Spec.Audiences) == 0 {