Merge pull request #56290 from xiangpengzhao/refactor-ValidateUsages

Automatic merge from submit-queue (batch tested with PRs 56290, 57984). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>. Refactoring ValidateUsages for bootstrap tokens. **What this PR does / why we need it**: Refactoring and cleanup. **Which issue(s) this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close the issue(s) when PR gets merged)*: Fixes # **Special notes for your reviewer**: /cc @luxas @jbeda **Release note**: ```release-note NONE ```
2025-07-24 12:15:52 +00:00 · 2018-01-09 10:52:31 -08:00 · 2018-01-09 10:52:31 -08:00 · d12de5cd32
commit d12de5cd32
parent ea2fbd4de4 1cb195759f
5 changed files with 14 additions and 5 deletions
--- a/cmd/kubeadm/app/constants/BUILD
+++ b/cmd/kubeadm/app/constants/BUILD
@ -11,6 +11,7 @@ go_library(
    srcs = ["constants.go"],
    importpath = "k8s.io/kubernetes/cmd/kubeadm/app/constants",
    deps = [
+        "//pkg/bootstrap/api:go_default_library",
        "//pkg/registry/core/service/ipallocator:go_default_library",
        "//pkg/util/version:go_default_library",
        "//vendor/k8s.io/api/core/v1:go_default_library",
--- a/cmd/kubeadm/app/constants/constants.go
+++ b/cmd/kubeadm/app/constants/constants.go
@ -25,6 +25,7 @@ import (
 	"time"

 	"k8s.io/api/core/v1"
+	bootstrapapi "k8s.io/kubernetes/pkg/bootstrap/api"
 	"k8s.io/kubernetes/pkg/registry/core/service/ipallocator"
 	"k8s.io/kubernetes/pkg/util/version"
 )
@ -220,7 +221,7 @@ var (
 	AuthorizationWebhookConfigPath = filepath.Join(KubernetesDir, "webhook_authz.conf")

 	// DefaultTokenUsages specifies the default functions a token will get
-	DefaultTokenUsages = []string{"signing", "authentication"}
+	DefaultTokenUsages = bootstrapapi.KnownTokenUsages

 	// MasterComponents defines the master component names
 	MasterComponents = []string{KubeAPIServer, KubeControllerManager, KubeScheduler}
--- a/pkg/bootstrap/api/OWNERS
+++ b/pkg/bootstrap/api/OWNERS
@ -0,0 +1,5 @@
+approvers:
+- jbeda
+- luxas
+reviewers:
+- mattmoyer
--- a/pkg/bootstrap/api/helpers.go
+++ b/pkg/bootstrap/api/helpers.go
@ -37,16 +37,15 @@ func ValidateBootstrapGroupName(name string) error {

 // ValidateUsages validates that the passed in string are valid usage strings for bootstrap tokens.
 func ValidateUsages(usages []string) error {
-	usageAuthentication := strings.TrimPrefix(BootstrapTokenUsageAuthentication, BootstrapTokenUsagePrefix)
-	usageSigning := strings.TrimPrefix(BootstrapTokenUsageSigningKey, BootstrapTokenUsagePrefix)
+	validUsages := sets.NewString(KnownTokenUsages...)
 	invalidUsages := sets.NewString()
 	for _, usage := range usages {
-		if usage != usageAuthentication && usage != usageSigning {
+		if !validUsages.Has(usage) {
 			invalidUsages.Insert(usage)
 		}
 	}
 	if len(invalidUsages) > 0 {
-		return fmt.Errorf("invalide bootstrap token usage string: %s, valid usage option: %s, %s", strings.Join(invalidUsages.List(), ","), usageAuthentication, usageSigning)
+		return fmt.Errorf("invalide bootstrap token usage string: %s, valid usage options: %s", strings.Join(invalidUsages.List(), ","), strings.Join(KnownTokenUsages, ","))
 	}
 	return nil
 }
--- a/pkg/bootstrap/api/types.go
+++ b/pkg/bootstrap/api/types.go
@ -95,3 +95,6 @@ const (
 	// tokens (in addition to any groups from BootstrapTokenExtraGroupsKey).
 	BootstrapDefaultGroup = "system:bootstrappers"
 )
+
+// KnownTokenUsages specifies the known functions a token will get.
+var KnownTokenUsages = []string{"signing", "authentication"}