github/kubernetes
1
0
Fork 0
mirror of https://github.com/k3s-io/kubernetes.git synced 2025-07-25 04:33:26 +00:00
Code Issues Projects Releases Wiki Activity

stop using AlwaysAdmit admission

Browse Source
This commit is contained in:
xuzhonghu 2018-03-13 20:02:56 +08:00
parent a7d6340ad2
commit 70d5af6e7b
6 changed files with 0 additions and 12 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
test/integration/auth/BUILD
View File

@ -44,7 +44,6 @@ go_test(
"//pkg/registry/rbac/rolebinding:go_default_library", "//pkg/registry/rbac/rolebinding:go_default_library",
"//pkg/registry/rbac/rolebinding/storage:go_default_library", "//pkg/registry/rbac/rolebinding/storage:go_default_library",
"//pkg/serviceaccount:go_default_library", "//pkg/serviceaccount:go_default_library",
"//plugin/pkg/admission/admit:go_default_library",
"//plugin/pkg/admission/noderestriction:go_default_library", "//plugin/pkg/admission/noderestriction:go_default_library",
"//plugin/pkg/auth/authenticator/token/bootstrap:go_default_library", "//plugin/pkg/auth/authenticator/token/bootstrap:go_default_library",
"//plugin/pkg/auth/authorizer/rbac:go_default_library", "//plugin/pkg/auth/authorizer/rbac:go_default_library",

4
test/integration/auth/accessreview_test.go
View File

@ -31,7 +31,6 @@ import (
authorizationapi "k8s.io/kubernetes/pkg/apis/authorization" authorizationapi "k8s.io/kubernetes/pkg/apis/authorization"
api "k8s.io/kubernetes/pkg/apis/core" api "k8s.io/kubernetes/pkg/apis/core"
clientset "k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset" clientset "k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset"
"k8s.io/kubernetes/plugin/pkg/admission/admit"
"k8s.io/kubernetes/test/integration/framework" "k8s.io/kubernetes/test/integration/framework"
) )
@ -57,7 +56,6 @@ func TestSubjectAccessReview(t *testing.T) {
masterConfig := framework.NewIntegrationTestMasterConfig() masterConfig := framework.NewIntegrationTestMasterConfig()
masterConfig.GenericConfig.Authentication.Authenticator = authenticator.RequestFunc(alwaysAlice) masterConfig.GenericConfig.Authentication.Authenticator = authenticator.RequestFunc(alwaysAlice)
masterConfig.GenericConfig.Authorization.Authorizer = sarAuthorizer{} masterConfig.GenericConfig.Authorization.Authorizer = sarAuthorizer{}
masterConfig.GenericConfig.AdmissionControl = admit.NewAlwaysAdmit()
_, s, closeFn := framework.RunAMaster(masterConfig) _, s, closeFn := framework.RunAMaster(masterConfig)
defer closeFn() defer closeFn()
@ -151,7 +149,6 @@ func TestSelfSubjectAccessReview(t *testing.T) {
return &user.DefaultInfo{Name: username}, true, nil return &user.DefaultInfo{Name: username}, true, nil
}) })
masterConfig.GenericConfig.Authorization.Authorizer = sarAuthorizer{} masterConfig.GenericConfig.Authorization.Authorizer = sarAuthorizer{}
masterConfig.GenericConfig.AdmissionControl = admit.NewAlwaysAdmit()
_, s, closeFn := framework.RunAMaster(masterConfig) _, s, closeFn := framework.RunAMaster(masterConfig)
defer closeFn() defer closeFn()
@ -231,7 +228,6 @@ func TestLocalSubjectAccessReview(t *testing.T) {
masterConfig := framework.NewIntegrationTestMasterConfig() masterConfig := framework.NewIntegrationTestMasterConfig()
masterConfig.GenericConfig.Authentication.Authenticator = authenticator.RequestFunc(alwaysAlice) masterConfig.GenericConfig.Authentication.Authenticator = authenticator.RequestFunc(alwaysAlice)
masterConfig.GenericConfig.Authorization.Authorizer = sarAuthorizer{} masterConfig.GenericConfig.Authorization.Authorizer = sarAuthorizer{}
masterConfig.GenericConfig.AdmissionControl = admit.NewAlwaysAdmit()
_, s, closeFn := framework.RunAMaster(masterConfig) _, s, closeFn := framework.RunAMaster(masterConfig)
defer closeFn() defer closeFn()

2
test/integration/auth/auth_test.go
View File

@ -51,7 +51,6 @@ import (
api "k8s.io/kubernetes/pkg/apis/core" api "k8s.io/kubernetes/pkg/apis/core"
"k8s.io/kubernetes/pkg/apis/extensions" "k8s.io/kubernetes/pkg/apis/extensions"
"k8s.io/kubernetes/pkg/auth/authorizer/abac" "k8s.io/kubernetes/pkg/auth/authorizer/abac"
"k8s.io/kubernetes/plugin/pkg/admission/admit"
"k8s.io/kubernetes/test/integration" "k8s.io/kubernetes/test/integration"
"k8s.io/kubernetes/test/integration/framework" "k8s.io/kubernetes/test/integration/framework"
) )
@ -555,7 +554,6 @@ func TestAliceNotForbiddenOrUnauthorized(t *testing.T) {
masterConfig := framework.NewIntegrationTestMasterConfig() masterConfig := framework.NewIntegrationTestMasterConfig()
masterConfig.GenericConfig.Authentication.Authenticator = getTestTokenAuth() masterConfig.GenericConfig.Authentication.Authenticator = getTestTokenAuth()
masterConfig.GenericConfig.Authorization.Authorizer = allowAliceAuthorizer{} masterConfig.GenericConfig.Authorization.Authorizer = allowAliceAuthorizer{}
masterConfig.GenericConfig.AdmissionControl = admit.NewAlwaysAdmit()
_, s, closeFn := framework.RunAMaster(masterConfig) _, s, closeFn := framework.RunAMaster(masterConfig)
defer closeFn() defer closeFn()

2
test/integration/auth/bootstraptoken_test.go
View File

@ -29,7 +29,6 @@ import (
"k8s.io/apiserver/pkg/authentication/request/bearertoken" "k8s.io/apiserver/pkg/authentication/request/bearertoken"
bootstrapapi "k8s.io/client-go/tools/bootstrap/token/api" bootstrapapi "k8s.io/client-go/tools/bootstrap/token/api"
api "k8s.io/kubernetes/pkg/apis/core" api "k8s.io/kubernetes/pkg/apis/core"
"k8s.io/kubernetes/plugin/pkg/admission/admit"
"k8s.io/kubernetes/plugin/pkg/auth/authenticator/token/bootstrap" "k8s.io/kubernetes/plugin/pkg/auth/authenticator/token/bootstrap"
bootstraputil "k8s.io/kubernetes/test/e2e/lifecycle/bootstrap" bootstraputil "k8s.io/kubernetes/test/e2e/lifecycle/bootstrap"
"k8s.io/kubernetes/test/integration" "k8s.io/kubernetes/test/integration"
@ -126,7 +125,6 @@ func TestBootstrapTokenAuth(t *testing.T) {
// Set up a master // Set up a master
masterConfig := framework.NewIntegrationTestMasterConfig() masterConfig := framework.NewIntegrationTestMasterConfig()
masterConfig.GenericConfig.Authentication.Authenticator = authenticator masterConfig.GenericConfig.Authentication.Authenticator = authenticator
masterConfig.GenericConfig.AdmissionControl = admit.NewAlwaysAdmit()
_, s, closeFn := framework.RunAMaster(masterConfig) _, s, closeFn := framework.RunAMaster(masterConfig)
defer closeFn() defer closeFn()

1
test/integration/framework/BUILD
View File

@ -28,7 +28,6 @@ go_library(
"//pkg/master:go_default_library", "//pkg/master:go_default_library",
"//pkg/util/env:go_default_library", "//pkg/util/env:go_default_library",
"//pkg/version:go_default_library", "//pkg/version:go_default_library",
"//plugin/pkg/admission/admit:go_default_library",
"//test/e2e/framework:go_default_library", "//test/e2e/framework:go_default_library",
"//test/utils:go_default_library", "//test/utils:go_default_library",
"//vendor/github.com/go-openapi/spec:go_default_library", "//vendor/github.com/go-openapi/spec:go_default_library",

2
test/integration/framework/master_utils.go
View File

@ -59,7 +59,6 @@ import (
kubeletclient "k8s.io/kubernetes/pkg/kubelet/client" kubeletclient "k8s.io/kubernetes/pkg/kubelet/client"
"k8s.io/kubernetes/pkg/master" "k8s.io/kubernetes/pkg/master"
"k8s.io/kubernetes/pkg/version" "k8s.io/kubernetes/pkg/version"
"k8s.io/kubernetes/plugin/pkg/admission/admit"
) )
// Config is a struct of configuration directives for NewMasterComponents. // Config is a struct of configuration directives for NewMasterComponents.
@ -281,7 +280,6 @@ func NewMasterConfig() *master.Config {
kubeVersion := version.Get() kubeVersion := version.Get()
genericConfig.Version = &kubeVersion genericConfig.Version = &kubeVersion
genericConfig.Authorization.Authorizer = authorizerfactory.NewAlwaysAllowAuthorizer() genericConfig.Authorization.Authorizer = authorizerfactory.NewAlwaysAllowAuthorizer()
genericConfig.AdmissionControl = admit.NewAlwaysAdmit()
genericConfig.EnableMetrics = true genericConfig.EnableMetrics = true
err := etcdOptions.ApplyWithStorageFactoryTo(storageFactory, genericConfig) err := etcdOptions.ApplyWithStorageFactoryTo(storageFactory, genericConfig)