github/kubernetes
1
0
Fork 0
mirror of https://github.com/k3s-io/kubernetes.git synced 2025-09-17 07:03:31 +00:00
Code Issues Projects Releases Wiki Activity

Switch kubelet/aggregated API servers to use v1 subjectaccessreviews

Browse Source
This commit is contained in:
Jordan Liggitt
2019-11-04 23:29:56 -05:00
parent 5ef4fe959a
commit d54a70db5c
10 changed files with 948 additions and 90 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
cmd/kubelet/app/auth.go
View File

@@ -29,7 +29,7 @@ import (
"k8s.io/apiserver/pkg/server/dynamiccertificates"
clientset "k8s.io/client-go/kubernetes"
authenticationclient "k8s.io/client-go/kubernetes/typed/authentication/v1"
authorizationclient "k8s.io/client-go/kubernetes/typed/authorization/v1beta1"
authorizationclient "k8s.io/client-go/kubernetes/typed/authorization/v1"
kubeletconfig "k8s.io/kubernetes/pkg/kubelet/apis/config"
"k8s.io/kubernetes/pkg/kubelet/server"
@@ -44,7 +44,7 @@ func BuildAuth(nodeName types.NodeName, client clientset.Interface, config kubel
)
if client != nil && !reflect.ValueOf(client).IsNil() {
tokenClient = client.AuthenticationV1().TokenReviews()
sarClient = client.AuthorizationV1beta1().SubjectAccessReviews()
sarClient = client.AuthorizationV1().SubjectAccessReviews()
}
authenticator, err := BuildAuthn(tokenClient, config.Authentication)