diff --git a/cmd/kubeadm/app/util/BUILD b/cmd/kubeadm/app/util/BUILD index a919803f21a..ff443e200da 100644 --- a/cmd/kubeadm/app/util/BUILD +++ b/cmd/kubeadm/app/util/BUILD @@ -78,7 +78,6 @@ filegroup( srcs = [ ":package-srcs", "//cmd/kubeadm/app/util/apiclient:all-srcs", - "//cmd/kubeadm/app/util/audit:all-srcs", "//cmd/kubeadm/app/util/certs:all-srcs", "//cmd/kubeadm/app/util/config:all-srcs", "//cmd/kubeadm/app/util/crypto:all-srcs", diff --git a/cmd/kubeadm/app/util/audit/BUILD b/cmd/kubeadm/app/util/audit/BUILD deleted file mode 100644 index 7fb4d41d5e3..00000000000 --- a/cmd/kubeadm/app/util/audit/BUILD +++ /dev/null @@ -1,43 +0,0 @@ -load("@io_bazel_rules_go//go:def.bzl", "go_library", "go_test") - -go_library( - name = "go_default_library", - srcs = ["utils.go"], - importpath = "k8s.io/kubernetes/cmd/kubeadm/app/util/audit", - visibility = ["//visibility:public"], - deps = [ - "//cmd/kubeadm/app/util:go_default_library", - "//staging/src/k8s.io/apimachinery/pkg/apis/meta/v1:go_default_library", - "//staging/src/k8s.io/apimachinery/pkg/runtime:go_default_library", - "//staging/src/k8s.io/apimachinery/pkg/runtime/serializer:go_default_library", - "//staging/src/k8s.io/apiserver/pkg/apis/audit/install:go_default_library", - "//staging/src/k8s.io/apiserver/pkg/apis/audit/v1:go_default_library", - "//vendor/github.com/pkg/errors:go_default_library", - ], -) - -go_test( - name = "go_default_test", - srcs = ["utils_test.go"], - embed = [":go_default_library"], - deps = [ - "//staging/src/k8s.io/apimachinery/pkg/runtime:go_default_library", - "//staging/src/k8s.io/apimachinery/pkg/runtime/serializer:go_default_library", - "//staging/src/k8s.io/apiserver/pkg/apis/audit/install:go_default_library", - "//staging/src/k8s.io/apiserver/pkg/apis/audit/v1:go_default_library", - ], -) - -filegroup( - name = "package-srcs", - srcs = glob(["**"]), - tags = ["automanaged"], - visibility = ["//visibility:private"], -) - -filegroup( - name = "all-srcs", - srcs = [":package-srcs"], - tags = ["automanaged"], - visibility = ["//visibility:public"], -) diff --git a/cmd/kubeadm/app/util/audit/utils.go b/cmd/kubeadm/app/util/audit/utils.go deleted file mode 100644 index 49f8bb6f0d6..00000000000 --- a/cmd/kubeadm/app/util/audit/utils.go +++ /dev/null @@ -1,74 +0,0 @@ -/* -Copyright 2018 The Kubernetes Authors. - -Licensed under the Apache License, Version 2.0 (the "License"); -you may not use this file except in compliance with the License. -You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. -*/ - -package audit - -import ( - "io/ioutil" - "os" - "path/filepath" - - "github.com/pkg/errors" - - metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" - "k8s.io/apimachinery/pkg/runtime" - "k8s.io/apimachinery/pkg/runtime/serializer" - "k8s.io/apiserver/pkg/apis/audit/install" - auditv1 "k8s.io/apiserver/pkg/apis/audit/v1" - kubeadmutil "k8s.io/kubernetes/cmd/kubeadm/app/util" -) - -// CreateDefaultAuditLogPolicy writes the default audit log policy to disk. -func CreateDefaultAuditLogPolicy(policyFile string) error { - policy := auditv1.Policy{ - TypeMeta: metav1.TypeMeta{ - APIVersion: auditv1.SchemeGroupVersion.String(), - Kind: "Policy", - }, - Rules: []auditv1.PolicyRule{ - { - Level: auditv1.LevelMetadata, - }, - }, - } - return writePolicyToDisk(policyFile, &policy) -} - -func writePolicyToDisk(policyFile string, policy *auditv1.Policy) error { - // creates target folder if not already exists - if err := os.MkdirAll(filepath.Dir(policyFile), 0700); err != nil { - return errors.Wrapf(err, "failed to create directory %q: ", filepath.Dir(policyFile)) - } - - scheme := runtime.NewScheme() - // Registers the API group with the scheme and adds types to a scheme - install.Install(scheme) - - codecs := serializer.NewCodecFactory(scheme) - - // writes the policy to disk - serialized, err := kubeadmutil.MarshalToYamlForCodecs(policy, auditv1.SchemeGroupVersion, codecs) - - if err != nil { - return errors.Wrap(err, "failed to marshal audit policy to YAML") - } - - if err := ioutil.WriteFile(policyFile, serialized, 0600); err != nil { - return errors.Wrapf(err, "failed to write audit policy to %v: ", policyFile) - } - - return nil -} diff --git a/cmd/kubeadm/app/util/audit/utils_test.go b/cmd/kubeadm/app/util/audit/utils_test.go deleted file mode 100644 index fb9b954321c..00000000000 --- a/cmd/kubeadm/app/util/audit/utils_test.go +++ /dev/null @@ -1,65 +0,0 @@ -/* -Copyright 2018 The Kubernetes Authors. - -Licensed under the Apache License, Version 2.0 (the "License"); -you may not use this file except in compliance with the License. -You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. -*/ - -package audit - -import ( - "io/ioutil" - "os" - "path/filepath" - "testing" - - "k8s.io/apimachinery/pkg/runtime" - "k8s.io/apimachinery/pkg/runtime/serializer" - "k8s.io/apiserver/pkg/apis/audit/install" - auditv1 "k8s.io/apiserver/pkg/apis/audit/v1" -) - -func cleanup(t *testing.T, path string) { - err := os.RemoveAll(path) - if err != nil { - t.Fatalf("Failed to clean up %v: %v", path, err) - } -} - -func TestCreateDefaultAuditLogPolicy(t *testing.T) { - // make a tempdir - tempDir, err := ioutil.TempDir("/tmp", "audit-test") - if err != nil { - t.Fatalf("could not create a tempdir: %v", err) - } - defer cleanup(t, tempDir) - auditPolicyFile := filepath.Join(tempDir, "test.yaml") - if err = CreateDefaultAuditLogPolicy(auditPolicyFile); err != nil { - t.Fatalf("failed to create audit log policy: %v", err) - } - // turn the audit log back into a policy - policyBytes, err := ioutil.ReadFile(auditPolicyFile) - if err != nil { - t.Fatalf("failed to read %v: %v", auditPolicyFile, err) - } - scheme := runtime.NewScheme() - install.Install(scheme) - codecs := serializer.NewCodecFactory(scheme) - policy := auditv1.Policy{} - err = runtime.DecodeInto(codecs.UniversalDecoder(), policyBytes, &policy) - if err != nil { - t.Fatalf("failed to decode written policy: %v", err) - } - if policy.Kind != "Policy" { - t.Fatalf("did not decode policy properly") - } -}