github/kubernetes
1
0
Fork 0
mirror of https://github.com/k3s-io/kubernetes.git synced 2025-07-23 11:50:44 +00:00
Code Issues Projects Releases Wiki Activity

Merge pull request #62062 from CaoShuFeng/TokenRequest-information

Browse Source 
Automatic merge from submit-queue. If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.

not expose object detail when creating TokenRequest

**What this PR does / why we need it**:

**Which issue(s) this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close the issue(s) when PR gets merged)*:
Fixes #

**Special notes for your reviewer**:
/assign @liggitt @mikedanese 

**Release note**:
```release-note
NONE
```
This commit is contained in:
Kubernetes Submit Queue 2018-05-01 22:47:19 -07:00 committed by GitHub
commit ed9b25c902
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 2 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
pkg/registry/core/serviceaccount/storage/token.go
View File

@ -79,7 +79,7 @@ func (r *TokenREST) Create(ctx context.Context, name string, obj runtime.Object,
}
pod = podObj.(*api.Pod)
if name != pod.Spec.ServiceAccountName {
return nil, errors.NewBadRequest(fmt.Sprintf("cannot bind token for serviceaccount %q to pod running with serviceaccount %q", name, pod.Spec.ServiceAccountName))
return nil, errors.NewBadRequest(fmt.Sprintf("cannot bind token for serviceaccount %q to pod running with different serviceaccount name.", name))
}
uid = pod.UID
case gvk.Group == "" && gvk.Kind == "Secret":
@ -94,7 +94,7 @@ func (r *TokenREST) Create(ctx context.Context, name string, obj runtime.Object,
return nil, errors.NewBadRequest(fmt.Sprintf("cannot bind token to object of type %s", gvk.String()))
}
if ref.UID != "" && uid != ref.UID {
return nil, errors.NewConflict(schema.GroupResource{Group: gvk.Group, Resource: gvk.Kind}, ref.Name, fmt.Errorf("the UID in the bound object reference (%s) does not match the UID in record (%s). The object might have been deleted and then recreated", ref.UID, uid))
return nil, errors.NewConflict(schema.GroupResource{Group: gvk.Group, Resource: gvk.Kind}, ref.Name, fmt.Errorf("the UID in the bound object reference (%s) does not match the UID in record. The object might have been deleted and then recreated", ref.UID))
}
}
if len(out.Spec.Audiences) == 0 {