mirror of
https://github.com/k3s-io/kubernetes.git
synced 2025-07-24 12:15:52 +00:00
Rename WithAuditID to WithAuditInit
This commit is contained in:
parent
f1d684b7b6
commit
ea28a21a67
@ -290,7 +290,7 @@ func handleInternal(storage map[string]rest.Storage, admissionControl admission.
|
||||
handler := genericapifilters.WithAudit(mux, auditSink, fakeRuleEvaluator, longRunningCheck)
|
||||
handler = genericapifilters.WithRequestDeadline(handler, auditSink, fakeRuleEvaluator, longRunningCheck, codecs, 60*time.Second)
|
||||
handler = genericapifilters.WithRequestInfo(handler, testRequestInfoResolver())
|
||||
handler = genericapifilters.WithAuditID(handler)
|
||||
handler = genericapifilters.WithAuditInit(handler)
|
||||
|
||||
return &defaultAPIServer{handler, container}
|
||||
}
|
||||
|
@ -125,7 +125,7 @@ func evaluatePolicyAndCreateAuditEvent(req *http.Request, policy audit.PolicyRul
|
||||
ac := audit.AuditContextFrom(ctx)
|
||||
if ac == nil {
|
||||
// Auditing not enabled.
|
||||
return ac, nil
|
||||
return nil, nil
|
||||
}
|
||||
|
||||
attribs, err := GetAuthorizerAttributes(ctx)
|
||||
|
@ -26,21 +26,17 @@ import (
|
||||
"github.com/google/uuid"
|
||||
)
|
||||
|
||||
// WithAuditID attaches the Audit-ID associated with a request to the context.
|
||||
// WithAuditInit initializes the audit context and attaches the Audit-ID associated with a request.
|
||||
//
|
||||
// a. If the caller does not specify a value for Audit-ID in the request header, we generate a new audit ID
|
||||
// b. We echo the Audit-ID value to the caller via the response Header 'Audit-ID'.
|
||||
func WithAuditID(handler http.Handler) http.Handler {
|
||||
return withAuditID(handler, func() string {
|
||||
func WithAuditInit(handler http.Handler) http.Handler {
|
||||
return withAuditInit(handler, func() string {
|
||||
return uuid.New().String()
|
||||
})
|
||||
}
|
||||
|
||||
func withAuditID(handler http.Handler, newAuditIDFunc func() string) http.Handler {
|
||||
if newAuditIDFunc == nil {
|
||||
return handler
|
||||
}
|
||||
|
||||
func withAuditInit(handler http.Handler, newAuditIDFunc func() string) http.Handler {
|
||||
return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
|
||||
ctx := audit.WithAuditContext(r.Context())
|
||||
r = r.WithContext(ctx)
|
@ -78,9 +78,9 @@ func TestWithAuditID(t *testing.T) {
|
||||
auditIDGot = string(v)
|
||||
})
|
||||
|
||||
wrapped := WithAuditID(handler)
|
||||
wrapped := WithAuditInit(handler)
|
||||
if test.newAuditIDFunc != nil {
|
||||
wrapped = withAuditID(handler, test.newAuditIDFunc)
|
||||
wrapped = withAuditInit(handler, test.newAuditIDFunc)
|
||||
}
|
||||
|
||||
testRequest, err := http.NewRequest(http.MethodGet, "/api/v1/namespaces", nil)
|
@ -676,7 +676,7 @@ func TestAudit(t *testing.T) {
|
||||
// simplified long-running check
|
||||
return ri.Verb == "watch"
|
||||
})
|
||||
handler = WithAuditID(handler)
|
||||
handler = WithAuditInit(handler)
|
||||
|
||||
req, _ := http.NewRequest(test.verb, test.path, nil)
|
||||
req = withTestContext(req, &user.DefaultInfo{Name: "admin"}, nil)
|
||||
@ -812,7 +812,7 @@ func TestAuditIDHttpHeader(t *testing.T) {
|
||||
})
|
||||
fakeRuleEvaluator := policy.NewFakePolicyRuleEvaluator(test.level, nil)
|
||||
handler = WithAudit(handler, sink, fakeRuleEvaluator, nil)
|
||||
handler = WithAuditID(handler)
|
||||
handler = WithAuditInit(handler)
|
||||
|
||||
req, _ := http.NewRequest("GET", "/api/v1/namespaces/default/pods", nil)
|
||||
req.RemoteAddr = "127.0.0.1"
|
||||
|
@ -871,7 +871,7 @@ func DefaultBuildHandlerChain(apiHandler http.Handler, c *Config) http.Handler {
|
||||
handler = genericapifilters.WithRequestReceivedTimestamp(handler)
|
||||
handler = genericapifilters.WithMuxAndDiscoveryComplete(handler, c.lifecycleSignals.MuxAndDiscoveryComplete.Signaled())
|
||||
handler = genericfilters.WithPanicRecovery(handler, c.RequestInfoResolver)
|
||||
handler = genericapifilters.WithAuditID(handler)
|
||||
handler = genericapifilters.WithAuditInit(handler)
|
||||
return handler
|
||||
}
|
||||
|
||||
|
@ -1197,7 +1197,7 @@ func newHandlerChain(t *testing.T, handler http.Handler, filter utilflowcontrol.
|
||||
handler = apifilters.WithRequestDeadline(handler, nil, nil, longRunningRequestCheck, nil, requestTimeout)
|
||||
handler = apifilters.WithRequestInfo(handler, requestInfoFactory)
|
||||
handler = WithPanicRecovery(handler, requestInfoFactory)
|
||||
handler = apifilters.WithAuditID(handler)
|
||||
handler = apifilters.WithAuditInit(handler)
|
||||
return handler
|
||||
}
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user