github/kubernetes
1
0
Fork 0
mirror of https://github.com/k3s-io/kubernetes.git synced 2025-10-08 14:29:45 +00:00
Code Issues Projects Releases Wiki Activity

jwt: support opaque signer and push errors to token generator creation

Browse Source
This commit is contained in:
Mike Danese
2018-04-11 11:24:06 -07:00
parent 9ea39419eb
commit e68f14a249
6 changed files with 53 additions and 27 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
cmd/kube-controller-manager/app/controllermanager.go
View File

@@ -516,12 +516,16 @@ func (c serviceAccountTokenControllerStarter) startServiceAccountTokenController
rootCA = c.rootClientBuilder.ConfigOrDie("tokens-controller").CAData
}
tokenGenerator, err := serviceaccount.JWTTokenGenerator(serviceaccount.LegacyIssuer, privateKey)
if err != nil {
return nil, false, fmt.Errorf("failed to build token generator: %v", err)
}
controller, err := serviceaccountcontroller.NewTokensController(
ctx.InformerFactory.Core().V1().ServiceAccounts(),
ctx.InformerFactory.Core().V1().Secrets(),
c.rootClientBuilder.ClientOrDie("tokens-controller"),
serviceaccountcontroller.TokensControllerOptions{
TokenGenerator: serviceaccount.JWTTokenGenerator(serviceaccount.LegacyIssuer, privateKey),
TokenGenerator: tokenGenerator,
RootCA: rootCA,
},
)