svcacct: default expiration of TokenRequest

* default expiration seconds to 1 hour
2025-07-24 12:15:52 +00:00 · 2018-02-06 09:29:13 -08:00 · 2018-02-06 09:29:13 -08:00 · e1586eaca0
commit e1586eaca0
parent d594a13d69
3 changed files with 15 additions and 0 deletions
--- a/pkg/api/testing/defaulting_test.go
+++ b/pkg/api/testing/defaulting_test.go
@ -143,6 +143,7 @@ func TestDefaulting(t *testing.T) {
 		{Group: "storage.k8s.io", Version: "v1beta1", Kind: "StorageClassList"}:                                 {},
 		{Group: "storage.k8s.io", Version: "v1", Kind: "StorageClass"}:                                          {},
 		{Group: "storage.k8s.io", Version: "v1", Kind: "StorageClassList"}:                                      {},
+		{Group: "authentication.k8s.io", Version: "v1", Kind: "TokenRequest"}:                                   {},
 	}

 	f := fuzz.New().NilChance(.5).NumElements(1, 1).RandSource(rand.NewSource(1))
--- a/pkg/apis/authentication/v1/defaults.go
+++ b/pkg/apis/authentication/v1/defaults.go
@ -17,9 +17,17 @@ limitations under the License.
 package v1

 import (
+	authenticationv1 "k8s.io/api/authentication/v1"
 	"k8s.io/apimachinery/pkg/runtime"
 )

 func addDefaultingFuncs(scheme *runtime.Scheme) error {
 	return RegisterDefaults(scheme)
 }
+
+func SetDefaults_TokenRequestSpec(obj *authenticationv1.TokenRequestSpec) {
+	if obj.ExpirationSeconds == nil {
+		hour := int64(60 * 60)
+		obj.ExpirationSeconds = &hour
+	}
+}
--- a/pkg/apis/authentication/v1/zz_generated.defaults.go
+++ b/pkg/apis/authentication/v1/zz_generated.defaults.go
@ -21,6 +21,7 @@ limitations under the License.
 package v1

 import (
+	v1 "k8s.io/api/authentication/v1"
 	runtime "k8s.io/apimachinery/pkg/runtime"
 )

@ -28,5 +29,10 @@ import (
 // Public to allow building arbitrary schemes.
 // All generated defaulters are covering - they call all nested defaulters.
 func RegisterDefaults(scheme *runtime.Scheme) error {
+	scheme.AddTypeDefaultingFunc(&v1.TokenRequest{}, func(obj interface{}) { SetObjectDefaults_TokenRequest(obj.(*v1.TokenRequest)) })
 	return nil
 }
+
+func SetObjectDefaults_TokenRequest(in *v1.TokenRequest) {
+	SetDefaults_TokenRequestSpec(&in.Spec)
+}