mirror of
https://github.com/k3s-io/kubernetes.git
synced 2025-07-26 13:07:07 +00:00
Add generic Bootstrap Token constants and helpers to client-go
This commit is contained in:
Gavin
parent
58547ebd72
commit
bb5e156aba
@ -26,6 +26,8 @@ import (
|
|||||||
metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
|
metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
|
||||||
"k8s.io/apimachinery/pkg/util/sets"
|
"k8s.io/apimachinery/pkg/util/sets"
|
||||||
clientset "k8s.io/client-go/kubernetes"
|
clientset "k8s.io/client-go/kubernetes"
|
||||||
|
bootstrapapi "k8s.io/client-go/tools/bootstrap/token/api"
|
||||||
|
bootstraputil "k8s.io/client-go/tools/bootstrap/token/util"
|
||||||
kubeadmapiext "k8s.io/kubernetes/cmd/kubeadm/app/apis/kubeadm/v1alpha1"
|
kubeadmapiext "k8s.io/kubernetes/cmd/kubeadm/app/apis/kubeadm/v1alpha1"
|
||||||
"k8s.io/kubernetes/cmd/kubeadm/app/apis/kubeadm/validation"
|
"k8s.io/kubernetes/cmd/kubeadm/app/apis/kubeadm/validation"
|
||||||
cmdutil "k8s.io/kubernetes/cmd/kubeadm/app/cmd/util"
|
cmdutil "k8s.io/kubernetes/cmd/kubeadm/app/cmd/util"
|
||||||
@ -38,7 +40,6 @@ import (
|
|||||||
kubeconfigutil "k8s.io/kubernetes/cmd/kubeadm/app/util/kubeconfig"
|
kubeconfigutil "k8s.io/kubernetes/cmd/kubeadm/app/util/kubeconfig"
|
||||||
"k8s.io/kubernetes/cmd/kubeadm/app/util/pubkeypin"
|
"k8s.io/kubernetes/cmd/kubeadm/app/util/pubkeypin"
|
||||||
"k8s.io/kubernetes/pkg/api/legacyscheme"
|
"k8s.io/kubernetes/pkg/api/legacyscheme"
|
||||||
bootstrapapi "k8s.io/kubernetes/pkg/bootstrap/api"
|
|
||||||
"k8s.io/kubernetes/pkg/util/normalizer"
|
"k8s.io/kubernetes/pkg/util/normalizer"
|
||||||
)
|
)
|
||||||
|
|
||||||
@ -327,7 +328,7 @@ func createBootstrapToken(client clientset.Interface, cfgPath string, cfg *kubea
|
|||||||
|
|
||||||
// validate any extra group names
|
// validate any extra group names
|
||||||
for _, group := range extraGroups {
|
for _, group := range extraGroups {
|
||||||
if err := bootstrapapi.ValidateBootstrapGroupName(group); err != nil {
|
if err := bootstraputil.ValidateBootstrapGroupName(group); err != nil {
|
||||||
return err
|
return err
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|||||||
@ -36,6 +36,8 @@ import (
|
|||||||
"k8s.io/apimachinery/pkg/fields"
|
"k8s.io/apimachinery/pkg/fields"
|
||||||
"k8s.io/apimachinery/pkg/util/sets"
|
"k8s.io/apimachinery/pkg/util/sets"
|
||||||
clientset "k8s.io/client-go/kubernetes"
|
clientset "k8s.io/client-go/kubernetes"
|
||||||
|
bootstrapapi "k8s.io/client-go/tools/bootstrap/token/api"
|
||||||
|
bootstraputil "k8s.io/client-go/tools/bootstrap/token/util"
|
||||||
"k8s.io/client-go/tools/clientcmd"
|
"k8s.io/client-go/tools/clientcmd"
|
||||||
clientcertutil "k8s.io/client-go/util/cert"
|
clientcertutil "k8s.io/client-go/util/cert"
|
||||||
kubeadmapi "k8s.io/kubernetes/cmd/kubeadm/app/apis/kubeadm"
|
kubeadmapi "k8s.io/kubernetes/cmd/kubeadm/app/apis/kubeadm"
|
||||||
@ -48,7 +50,6 @@ import (
|
|||||||
"k8s.io/kubernetes/cmd/kubeadm/app/util/pubkeypin"
|
"k8s.io/kubernetes/cmd/kubeadm/app/util/pubkeypin"
|
||||||
tokenutil "k8s.io/kubernetes/cmd/kubeadm/app/util/token"
|
tokenutil "k8s.io/kubernetes/cmd/kubeadm/app/util/token"
|
||||||
api "k8s.io/kubernetes/pkg/apis/core"
|
api "k8s.io/kubernetes/pkg/apis/core"
|
||||||
bootstrapapi "k8s.io/kubernetes/pkg/bootstrap/api"
|
|
||||||
"k8s.io/kubernetes/pkg/printers"
|
"k8s.io/kubernetes/pkg/printers"
|
||||||
)
|
)
|
||||||
|
|
||||||
@ -226,13 +227,13 @@ func RunCreateToken(out io.Writer, client clientset.Interface, token string, tok
|
|||||||
|
|
||||||
// validate any extra group names
|
// validate any extra group names
|
||||||
for _, group := range extraGroups {
|
for _, group := range extraGroups {
|
||||||
if err := bootstrapapi.ValidateBootstrapGroupName(group); err != nil {
|
if err := bootstraputil.ValidateBootstrapGroupName(group); err != nil {
|
||||||
return err
|
return err
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
// validate usages
|
// validate usages
|
||||||
if err := bootstrapapi.ValidateUsages(usages); err != nil {
|
if err := bootstraputil.ValidateUsages(usages); err != nil {
|
||||||
return err
|
return err
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|||||||
@ -25,7 +25,7 @@ import (
|
|||||||
"time"
|
"time"
|
||||||
|
|
||||||
"k8s.io/api/core/v1"
|
"k8s.io/api/core/v1"
|
||||||
bootstrapapi "k8s.io/kubernetes/pkg/bootstrap/api"
|
bootstrapapi "k8s.io/client-go/tools/bootstrap/token/api"
|
||||||
"k8s.io/kubernetes/pkg/registry/core/service/ipallocator"
|
"k8s.io/kubernetes/pkg/registry/core/service/ipallocator"
|
||||||
"k8s.io/kubernetes/pkg/util/version"
|
"k8s.io/kubernetes/pkg/util/version"
|
||||||
)
|
)
|
||||||
|
|||||||
@ -23,11 +23,11 @@ import (
|
|||||||
apierrors "k8s.io/apimachinery/pkg/api/errors"
|
apierrors "k8s.io/apimachinery/pkg/api/errors"
|
||||||
metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
|
metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
|
||||||
"k8s.io/apimachinery/pkg/util/wait"
|
"k8s.io/apimachinery/pkg/util/wait"
|
||||||
|
bootstrapapi "k8s.io/client-go/tools/bootstrap/token/api"
|
||||||
"k8s.io/client-go/tools/clientcmd"
|
"k8s.io/client-go/tools/clientcmd"
|
||||||
clientcmdapi "k8s.io/client-go/tools/clientcmd/api"
|
clientcmdapi "k8s.io/client-go/tools/clientcmd/api"
|
||||||
"k8s.io/kubernetes/cmd/kubeadm/app/constants"
|
"k8s.io/kubernetes/cmd/kubeadm/app/constants"
|
||||||
kubeconfigutil "k8s.io/kubernetes/cmd/kubeadm/app/util/kubeconfig"
|
kubeconfigutil "k8s.io/kubernetes/cmd/kubeadm/app/util/kubeconfig"
|
||||||
bootstrapapi "k8s.io/kubernetes/pkg/bootstrap/api"
|
|
||||||
)
|
)
|
||||||
|
|
||||||
// RetrieveValidatedClusterInfo connects to the API Server and makes sure it can talk
|
// RetrieveValidatedClusterInfo connects to the API Server and makes sure it can talk
|
||||||
|
|||||||
@ -26,13 +26,13 @@ import (
|
|||||||
"k8s.io/api/core/v1"
|
"k8s.io/api/core/v1"
|
||||||
metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
|
metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
|
||||||
"k8s.io/apimachinery/pkg/util/wait"
|
"k8s.io/apimachinery/pkg/util/wait"
|
||||||
|
bootstrapapi "k8s.io/client-go/tools/bootstrap/token/api"
|
||||||
"k8s.io/client-go/tools/clientcmd"
|
"k8s.io/client-go/tools/clientcmd"
|
||||||
clientcmdapi "k8s.io/client-go/tools/clientcmd/api"
|
clientcmdapi "k8s.io/client-go/tools/clientcmd/api"
|
||||||
"k8s.io/kubernetes/cmd/kubeadm/app/constants"
|
"k8s.io/kubernetes/cmd/kubeadm/app/constants"
|
||||||
kubeconfigutil "k8s.io/kubernetes/cmd/kubeadm/app/util/kubeconfig"
|
kubeconfigutil "k8s.io/kubernetes/cmd/kubeadm/app/util/kubeconfig"
|
||||||
"k8s.io/kubernetes/cmd/kubeadm/app/util/pubkeypin"
|
"k8s.io/kubernetes/cmd/kubeadm/app/util/pubkeypin"
|
||||||
tokenutil "k8s.io/kubernetes/cmd/kubeadm/app/util/token"
|
tokenutil "k8s.io/kubernetes/cmd/kubeadm/app/util/token"
|
||||||
bootstrapapi "k8s.io/kubernetes/pkg/bootstrap/api"
|
|
||||||
"k8s.io/kubernetes/pkg/controller/bootstrap"
|
"k8s.io/kubernetes/pkg/controller/bootstrap"
|
||||||
)
|
)
|
||||||
|
|
||||||
|
|||||||
@ -24,11 +24,11 @@ import (
|
|||||||
metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
|
metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
|
||||||
"k8s.io/apiserver/pkg/authentication/user"
|
"k8s.io/apiserver/pkg/authentication/user"
|
||||||
clientset "k8s.io/client-go/kubernetes"
|
clientset "k8s.io/client-go/kubernetes"
|
||||||
|
bootstrapapi "k8s.io/client-go/tools/bootstrap/token/api"
|
||||||
"k8s.io/client-go/tools/clientcmd"
|
"k8s.io/client-go/tools/clientcmd"
|
||||||
clientcmdapi "k8s.io/client-go/tools/clientcmd/api"
|
clientcmdapi "k8s.io/client-go/tools/clientcmd/api"
|
||||||
"k8s.io/kubernetes/cmd/kubeadm/app/util/apiclient"
|
"k8s.io/kubernetes/cmd/kubeadm/app/util/apiclient"
|
||||||
rbachelper "k8s.io/kubernetes/pkg/apis/rbac/v1"
|
rbachelper "k8s.io/kubernetes/pkg/apis/rbac/v1"
|
||||||
bootstrapapi "k8s.io/kubernetes/pkg/bootstrap/api"
|
|
||||||
)
|
)
|
||||||
|
|
||||||
const (
|
const (
|
||||||
|
|||||||
@ -25,8 +25,9 @@ import (
|
|||||||
apierrors "k8s.io/apimachinery/pkg/api/errors"
|
apierrors "k8s.io/apimachinery/pkg/api/errors"
|
||||||
metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
|
metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
|
||||||
clientset "k8s.io/client-go/kubernetes"
|
clientset "k8s.io/client-go/kubernetes"
|
||||||
|
bootstrapapi "k8s.io/client-go/tools/bootstrap/token/api"
|
||||||
|
bootstraputil "k8s.io/client-go/tools/bootstrap/token/util"
|
||||||
tokenutil "k8s.io/kubernetes/cmd/kubeadm/app/util/token"
|
tokenutil "k8s.io/kubernetes/cmd/kubeadm/app/util/token"
|
||||||
bootstrapapi "k8s.io/kubernetes/pkg/bootstrap/api"
|
|
||||||
)
|
)
|
||||||
|
|
||||||
const tokenCreateRetries = 5
|
const tokenCreateRetries = 5
|
||||||
@ -115,7 +116,7 @@ func encodeTokenSecretData(tokenID, tokenSecret string, duration time.Duration,
|
|||||||
}
|
}
|
||||||
|
|
||||||
// validate usages
|
// validate usages
|
||||||
if err := bootstrapapi.ValidateUsages(usages); err != nil {
|
if err := bootstraputil.ValidateUsages(usages); err != nil {
|
||||||
return nil, err
|
return nil, err
|
||||||
}
|
}
|
||||||
for _, usage := range usages {
|
for _, usage := range usages {
|
||||||
|
|||||||
@ -1,41 +0,0 @@
|
|||||||
package(default_visibility = ["//visibility:public"])
|
|
||||||
|
|
||||||
load(
|
|
||||||
"@io_bazel_rules_go//go:def.bzl",
|
|
||||||
"go_library",
|
|
||||||
"go_test",
|
|
||||||
)
|
|
||||||
|
|
||||||
go_library(
|
|
||||||
name = "go_default_library",
|
|
||||||
srcs = [
|
|
||||||
"doc.go",
|
|
||||||
"helpers.go",
|
|
||||||
"types.go",
|
|
||||||
],
|
|
||||||
importpath = "k8s.io/kubernetes/pkg/bootstrap/api",
|
|
||||||
deps = [
|
|
||||||
"//vendor/k8s.io/api/core/v1:go_default_library",
|
|
||||||
"//vendor/k8s.io/apimachinery/pkg/util/sets:go_default_library",
|
|
||||||
],
|
|
||||||
)
|
|
||||||
|
|
||||||
filegroup(
|
|
||||||
name = "package-srcs",
|
|
||||||
srcs = glob(["**"]),
|
|
||||||
tags = ["automanaged"],
|
|
||||||
visibility = ["//visibility:private"],
|
|
||||||
)
|
|
||||||
|
|
||||||
filegroup(
|
|
||||||
name = "all-srcs",
|
|
||||||
srcs = [":package-srcs"],
|
|
||||||
tags = ["automanaged"],
|
|
||||||
)
|
|
||||||
|
|
||||||
go_test(
|
|
||||||
name = "go_default_test",
|
|
||||||
srcs = ["helpers_test.go"],
|
|
||||||
embed = [":go_default_library"],
|
|
||||||
importpath = "k8s.io/kubernetes/pkg/bootstrap/api",
|
|
||||||
)
|
|
||||||
@ -1,5 +0,0 @@
|
|||||||
approvers:
|
|
||||||
- jbeda
|
|
||||||
- luxas
|
|
||||||
reviewers:
|
|
||||||
- mattmoyer
|
|
||||||
@ -31,10 +31,10 @@ import (
|
|||||||
informers "k8s.io/client-go/informers/core/v1"
|
informers "k8s.io/client-go/informers/core/v1"
|
||||||
clientset "k8s.io/client-go/kubernetes"
|
clientset "k8s.io/client-go/kubernetes"
|
||||||
corelisters "k8s.io/client-go/listers/core/v1"
|
corelisters "k8s.io/client-go/listers/core/v1"
|
||||||
|
bootstrapapi "k8s.io/client-go/tools/bootstrap/token/api"
|
||||||
"k8s.io/client-go/tools/cache"
|
"k8s.io/client-go/tools/cache"
|
||||||
"k8s.io/client-go/util/workqueue"
|
"k8s.io/client-go/util/workqueue"
|
||||||
api "k8s.io/kubernetes/pkg/apis/core"
|
api "k8s.io/kubernetes/pkg/apis/core"
|
||||||
bootstrapapi "k8s.io/kubernetes/pkg/bootstrap/api"
|
|
||||||
"k8s.io/kubernetes/pkg/controller"
|
"k8s.io/kubernetes/pkg/controller"
|
||||||
"k8s.io/kubernetes/pkg/util/metrics"
|
"k8s.io/kubernetes/pkg/util/metrics"
|
||||||
)
|
)
|
||||||
|
|||||||
@ -28,8 +28,8 @@ import (
|
|||||||
coreinformers "k8s.io/client-go/informers/core/v1"
|
coreinformers "k8s.io/client-go/informers/core/v1"
|
||||||
"k8s.io/client-go/kubernetes/fake"
|
"k8s.io/client-go/kubernetes/fake"
|
||||||
core "k8s.io/client-go/testing"
|
core "k8s.io/client-go/testing"
|
||||||
|
bootstrapapi "k8s.io/client-go/tools/bootstrap/token/api"
|
||||||
api "k8s.io/kubernetes/pkg/apis/core"
|
api "k8s.io/kubernetes/pkg/apis/core"
|
||||||
bootstrapapi "k8s.io/kubernetes/pkg/bootstrap/api"
|
|
||||||
"k8s.io/kubernetes/pkg/controller"
|
"k8s.io/kubernetes/pkg/controller"
|
||||||
)
|
)
|
||||||
|
|
||||||
|
|||||||
@ -24,8 +24,8 @@ import (
|
|||||||
"k8s.io/api/core/v1"
|
"k8s.io/api/core/v1"
|
||||||
metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
|
metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
|
||||||
core "k8s.io/client-go/testing"
|
core "k8s.io/client-go/testing"
|
||||||
|
bootstrapapi "k8s.io/client-go/tools/bootstrap/token/api"
|
||||||
"k8s.io/kubernetes/pkg/apis/core/helper"
|
"k8s.io/kubernetes/pkg/apis/core/helper"
|
||||||
bootstrapapi "k8s.io/kubernetes/pkg/bootstrap/api"
|
|
||||||
)
|
)
|
||||||
|
|
||||||
func newTokenSecret(tokenID, tokenSecret string) *v1.Secret {
|
func newTokenSecret(tokenID, tokenSecret string) *v1.Secret {
|
||||||
|
|||||||
@ -29,10 +29,10 @@ import (
|
|||||||
coreinformers "k8s.io/client-go/informers/core/v1"
|
coreinformers "k8s.io/client-go/informers/core/v1"
|
||||||
clientset "k8s.io/client-go/kubernetes"
|
clientset "k8s.io/client-go/kubernetes"
|
||||||
corelisters "k8s.io/client-go/listers/core/v1"
|
corelisters "k8s.io/client-go/listers/core/v1"
|
||||||
|
bootstrapapi "k8s.io/client-go/tools/bootstrap/token/api"
|
||||||
"k8s.io/client-go/tools/cache"
|
"k8s.io/client-go/tools/cache"
|
||||||
"k8s.io/client-go/util/workqueue"
|
"k8s.io/client-go/util/workqueue"
|
||||||
api "k8s.io/kubernetes/pkg/apis/core"
|
api "k8s.io/kubernetes/pkg/apis/core"
|
||||||
bootstrapapi "k8s.io/kubernetes/pkg/bootstrap/api"
|
|
||||||
"k8s.io/kubernetes/pkg/controller"
|
"k8s.io/kubernetes/pkg/controller"
|
||||||
"k8s.io/kubernetes/pkg/util/metrics"
|
"k8s.io/kubernetes/pkg/util/metrics"
|
||||||
)
|
)
|
||||||
|
|||||||
@ -23,7 +23,7 @@ import (
|
|||||||
"github.com/golang/glog"
|
"github.com/golang/glog"
|
||||||
|
|
||||||
"k8s.io/api/core/v1"
|
"k8s.io/api/core/v1"
|
||||||
bootstrapapi "k8s.io/kubernetes/pkg/bootstrap/api"
|
bootstrapapi "k8s.io/client-go/tools/bootstrap/token/api"
|
||||||
)
|
)
|
||||||
|
|
||||||
var namePattern = `^` + regexp.QuoteMeta(bootstrapapi.BootstrapTokenSecretPrefix) + `([a-z0-9]{6})$`
|
var namePattern = `^` + regexp.QuoteMeta(bootstrapapi.BootstrapTokenSecretPrefix) + `([a-z0-9]{6})$`
|
||||||
|
|||||||
@ -24,7 +24,7 @@ import (
|
|||||||
|
|
||||||
"k8s.io/api/core/v1"
|
"k8s.io/api/core/v1"
|
||||||
metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
|
metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
|
||||||
bootstrapapi "k8s.io/kubernetes/pkg/bootstrap/api"
|
bootstrapapi "k8s.io/client-go/tools/bootstrap/token/api"
|
||||||
)
|
)
|
||||||
|
|
||||||
const (
|
const (
|
||||||
|
|||||||
@ -31,8 +31,9 @@ import (
|
|||||||
"k8s.io/apimachinery/pkg/api/errors"
|
"k8s.io/apimachinery/pkg/api/errors"
|
||||||
"k8s.io/apimachinery/pkg/util/sets"
|
"k8s.io/apimachinery/pkg/util/sets"
|
||||||
"k8s.io/apiserver/pkg/authentication/user"
|
"k8s.io/apiserver/pkg/authentication/user"
|
||||||
|
bootstrapapi "k8s.io/client-go/tools/bootstrap/token/api"
|
||||||
|
bootstraputil "k8s.io/client-go/tools/bootstrap/token/util"
|
||||||
api "k8s.io/kubernetes/pkg/apis/core"
|
api "k8s.io/kubernetes/pkg/apis/core"
|
||||||
bootstrapapi "k8s.io/kubernetes/pkg/bootstrap/api"
|
|
||||||
"k8s.io/kubernetes/pkg/client/listers/core/internalversion"
|
"k8s.io/kubernetes/pkg/client/listers/core/internalversion"
|
||||||
)
|
)
|
||||||
|
|
||||||
@ -149,7 +150,7 @@ func (t *TokenAuthenticator) AuthenticateToken(token string) (user.Info, bool, e
|
|||||||
}, true, nil
|
}, true, nil
|
||||||
}
|
}
|
||||||
|
|
||||||
// Copied from k8s.io/kubernetes/pkg/bootstrap/api
|
// Copied from k8s.io/client-go/tools/bootstrap/token/api
|
||||||
func getSecretString(secret *api.Secret, key string) string {
|
func getSecretString(secret *api.Secret, key string) string {
|
||||||
if secret.Data == nil {
|
if secret.Data == nil {
|
||||||
return ""
|
return ""
|
||||||
@ -160,7 +161,7 @@ func getSecretString(secret *api.Secret, key string) string {
|
|||||||
return ""
|
return ""
|
||||||
}
|
}
|
||||||
|
|
||||||
// Copied from k8s.io/kubernetes/pkg/bootstrap/api
|
// Copied from k8s.io/client-go/tools/bootstrap/token/api
|
||||||
func isSecretExpired(secret *api.Secret) bool {
|
func isSecretExpired(secret *api.Secret) bool {
|
||||||
expiration := getSecretString(secret, bootstrapapi.BootstrapTokenExpirationKey)
|
expiration := getSecretString(secret, bootstrapapi.BootstrapTokenExpirationKey)
|
||||||
if len(expiration) > 0 {
|
if len(expiration) > 0 {
|
||||||
@ -209,7 +210,7 @@ func getGroups(secret *api.Secret) ([]string, error) {
|
|||||||
|
|
||||||
// validate the names of the extra groups
|
// validate the names of the extra groups
|
||||||
for _, group := range strings.Split(extraGroupsString, ",") {
|
for _, group := range strings.Split(extraGroupsString, ",") {
|
||||||
if err := bootstrapapi.ValidateBootstrapGroupName(group); err != nil {
|
if err := bootstraputil.ValidateBootstrapGroupName(group); err != nil {
|
||||||
return nil, err
|
return nil, err
|
||||||
}
|
}
|
||||||
groups.Insert(group)
|
groups.Insert(group)
|
||||||
|
|||||||
@ -25,8 +25,8 @@ import (
|
|||||||
"k8s.io/apimachinery/pkg/labels"
|
"k8s.io/apimachinery/pkg/labels"
|
||||||
"k8s.io/apimachinery/pkg/runtime/schema"
|
"k8s.io/apimachinery/pkg/runtime/schema"
|
||||||
"k8s.io/apiserver/pkg/authentication/user"
|
"k8s.io/apiserver/pkg/authentication/user"
|
||||||
|
bootstrapapi "k8s.io/client-go/tools/bootstrap/token/api"
|
||||||
api "k8s.io/kubernetes/pkg/apis/core"
|
api "k8s.io/kubernetes/pkg/apis/core"
|
||||||
bootstrapapi "k8s.io/kubernetes/pkg/bootstrap/api"
|
|
||||||
)
|
)
|
||||||
|
|
||||||
type lister struct {
|
type lister struct {
|
||||||
|
|||||||
@ -17,4 +17,4 @@ limitations under the License.
|
|||||||
// Package api (pkg/bootstrap/api) contains constants and types needed for
|
// Package api (pkg/bootstrap/api) contains constants and types needed for
|
||||||
// bootstrap tokens as maintained by the BootstrapSigner and TokenCleaner
|
// bootstrap tokens as maintained by the BootstrapSigner and TokenCleaner
|
||||||
// controllers (in pkg/controller/bootstrap)
|
// controllers (in pkg/controller/bootstrap)
|
||||||
package api // import "k8s.io/kubernetes/pkg/bootstrap/api"
|
package api // import "k8s.io/client-go/tools/bootstrap/api"
|
||||||
@ -14,16 +14,17 @@ See the License for the specific language governing permissions and
|
|||||||
limitations under the License.
|
limitations under the License.
|
||||||
*/
|
*/
|
||||||
|
|
||||||
package api
|
package util
|
||||||
|
|
||||||
import (
|
import (
|
||||||
"fmt"
|
"fmt"
|
||||||
"k8s.io/apimachinery/pkg/util/sets"
|
"k8s.io/apimachinery/pkg/util/sets"
|
||||||
|
"k8s.io/client-go/tools/bootstrap/token/api"
|
||||||
"regexp"
|
"regexp"
|
||||||
"strings"
|
"strings"
|
||||||
)
|
)
|
||||||
|
|
||||||
var bootstrapGroupRegexp = regexp.MustCompile(`\A` + BootstrapGroupPattern + `\z`)
|
var bootstrapGroupRegexp = regexp.MustCompile(`\A` + api.BootstrapGroupPattern + `\z`)
|
||||||
|
|
||||||
// ValidateBootstrapGroupName checks if the provided group name is a valid
|
// ValidateBootstrapGroupName checks if the provided group name is a valid
|
||||||
// bootstrap group name. Returns nil if valid or a validation error if invalid.
|
// bootstrap group name. Returns nil if valid or a validation error if invalid.
|
||||||
@ -32,12 +33,12 @@ func ValidateBootstrapGroupName(name string) error {
|
|||||||
if bootstrapGroupRegexp.Match([]byte(name)) {
|
if bootstrapGroupRegexp.Match([]byte(name)) {
|
||||||
return nil
|
return nil
|
||||||
}
|
}
|
||||||
return fmt.Errorf("bootstrap group %q is invalid (must match %s)", name, BootstrapGroupPattern)
|
return fmt.Errorf("bootstrap group %q is invalid (must match %s)", name, api.BootstrapGroupPattern)
|
||||||
}
|
}
|
||||||
|
|
||||||
// ValidateUsages validates that the passed in string are valid usage strings for bootstrap tokens.
|
// ValidateUsages validates that the passed in string are valid usage strings for bootstrap tokens.
|
||||||
func ValidateUsages(usages []string) error {
|
func ValidateUsages(usages []string) error {
|
||||||
validUsages := sets.NewString(KnownTokenUsages...)
|
validUsages := sets.NewString(api.KnownTokenUsages...)
|
||||||
invalidUsages := sets.NewString()
|
invalidUsages := sets.NewString()
|
||||||
for _, usage := range usages {
|
for _, usage := range usages {
|
||||||
if !validUsages.Has(usage) {
|
if !validUsages.Has(usage) {
|
||||||
@ -45,7 +46,7 @@ func ValidateUsages(usages []string) error {
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
if len(invalidUsages) > 0 {
|
if len(invalidUsages) > 0 {
|
||||||
return fmt.Errorf("invalide bootstrap token usage string: %s, valid usage options: %s", strings.Join(invalidUsages.List(), ","), strings.Join(KnownTokenUsages, ","))
|
return fmt.Errorf("invalide bootstrap token usage string: %s, valid usage options: %s", strings.Join(invalidUsages.List(), ","), strings.Join(api.KnownTokenUsages, ","))
|
||||||
}
|
}
|
||||||
return nil
|
return nil
|
||||||
}
|
}
|
||||||
@ -14,7 +14,7 @@ See the License for the specific language governing permissions and
|
|||||||
limitations under the License.
|
limitations under the License.
|
||||||
*/
|
*/
|
||||||
|
|
||||||
package api
|
package util
|
||||||
|
|
||||||
import (
|
import (
|
||||||
"strings"
|
"strings"
|
||||||
@ -22,7 +22,7 @@ import (
|
|||||||
|
|
||||||
metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
|
metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
|
||||||
clientset "k8s.io/client-go/kubernetes"
|
clientset "k8s.io/client-go/kubernetes"
|
||||||
bootstrapapi "k8s.io/kubernetes/pkg/bootstrap/api"
|
bootstrapapi "k8s.io/client-go/tools/bootstrap/token/api"
|
||||||
"k8s.io/kubernetes/test/e2e/framework"
|
"k8s.io/kubernetes/test/e2e/framework"
|
||||||
"k8s.io/kubernetes/test/e2e/lifecycle"
|
"k8s.io/kubernetes/test/e2e/lifecycle"
|
||||||
)
|
)
|
||||||
|
|||||||
@ -24,7 +24,7 @@ import (
|
|||||||
|
|
||||||
metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
|
metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
|
||||||
clientset "k8s.io/client-go/kubernetes"
|
clientset "k8s.io/client-go/kubernetes"
|
||||||
bootstrapapi "k8s.io/kubernetes/pkg/bootstrap/api"
|
bootstrapapi "k8s.io/client-go/tools/bootstrap/token/api"
|
||||||
"k8s.io/kubernetes/test/e2e/framework"
|
"k8s.io/kubernetes/test/e2e/framework"
|
||||||
"k8s.io/kubernetes/test/e2e/lifecycle"
|
"k8s.io/kubernetes/test/e2e/lifecycle"
|
||||||
)
|
)
|
||||||
|
|||||||
@ -27,7 +27,7 @@ import (
|
|||||||
metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
|
metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
|
||||||
"k8s.io/apimachinery/pkg/util/wait"
|
"k8s.io/apimachinery/pkg/util/wait"
|
||||||
clientset "k8s.io/client-go/kubernetes"
|
clientset "k8s.io/client-go/kubernetes"
|
||||||
bootstrapapi "k8s.io/kubernetes/pkg/bootstrap/api"
|
bootstrapapi "k8s.io/client-go/tools/bootstrap/token/api"
|
||||||
"k8s.io/kubernetes/test/e2e/framework"
|
"k8s.io/kubernetes/test/e2e/framework"
|
||||||
)
|
)
|
||||||
|
|
||||||
|
|||||||
@ -27,8 +27,8 @@ import (
|
|||||||
metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
|
metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
|
||||||
"k8s.io/apimachinery/pkg/labels"
|
"k8s.io/apimachinery/pkg/labels"
|
||||||
"k8s.io/apiserver/pkg/authentication/request/bearertoken"
|
"k8s.io/apiserver/pkg/authentication/request/bearertoken"
|
||||||
|
bootstrapapi "k8s.io/client-go/tools/bootstrap/token/api"
|
||||||
api "k8s.io/kubernetes/pkg/apis/core"
|
api "k8s.io/kubernetes/pkg/apis/core"
|
||||||
bootstrapapi "k8s.io/kubernetes/pkg/bootstrap/api"
|
|
||||||
"k8s.io/kubernetes/plugin/pkg/admission/admit"
|
"k8s.io/kubernetes/plugin/pkg/admission/admit"
|
||||||
"k8s.io/kubernetes/plugin/pkg/auth/authenticator/token/bootstrap"
|
"k8s.io/kubernetes/plugin/pkg/auth/authenticator/token/bootstrap"
|
||||||
bootstraputil "k8s.io/kubernetes/test/e2e/lifecycle/bootstrap"
|
bootstraputil "k8s.io/kubernetes/test/e2e/lifecycle/bootstrap"
|
||||||
|
|||||||
Loading…
Reference in New Issue
Block a user