github/kubernetes
1
0
Fork 0
mirror of https://github.com/k3s-io/kubernetes.git synced 2025-07-21 02:41:25 +00:00
Code Issues Projects Releases Wiki Activity

Merge pull request #112380 from SataQiu/clean-20220911

Browse Source 
Remove DeprecatedInsecureServingOptionsWithLoopback
This commit is contained in:
Kubernetes Prow Robot 2022-09-19 19:15:19 -07:00 committed by GitHub
commit efaf85f241
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 0 additions and 43 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

43
staging/src/k8s.io/apiserver/pkg/server/options/deprecated_insecure_serving.go
View File

@ -23,7 +23,6 @@ import (
"github.com/spf13/pflag"
"k8s.io/apiserver/pkg/server"
"k8s.io/client-go/rest"
)
// DeprecatedInsecureServingOptions are for creating an unauthenticated, unauthorized, insecure port.
@ -125,45 +124,3 @@ func (s *DeprecatedInsecureServingOptions) ApplyTo(c **server.DeprecatedInsecure
return nil
}
// WithLoopback adds loopback functionality to the serving options.
func (o *DeprecatedInsecureServingOptions) WithLoopback() *DeprecatedInsecureServingOptionsWithLoopback {
return &DeprecatedInsecureServingOptionsWithLoopback{o}
}
// DeprecatedInsecureServingOptionsWithLoopback adds loopback functionality to the DeprecatedInsecureServingOptions.
// DEPRECATED: all insecure serving options will be removed in a future version, however note that
// there are security concerns over how health checks can work here - see e.g. #43784
type DeprecatedInsecureServingOptionsWithLoopback struct {
*DeprecatedInsecureServingOptions
}
// ApplyTo fills up serving information in the server configuration.
func (s *DeprecatedInsecureServingOptionsWithLoopback) ApplyTo(insecureServingInfo **server.DeprecatedInsecureServingInfo, loopbackClientConfig **rest.Config) error {
if s == nil || s.DeprecatedInsecureServingOptions == nil || insecureServingInfo == nil {
return nil
}
if err := s.DeprecatedInsecureServingOptions.ApplyTo(insecureServingInfo); err != nil {
return err
}
if *insecureServingInfo == nil || loopbackClientConfig == nil {
return nil
}
secureLoopbackClientConfig, err := (*insecureServingInfo).NewLoopbackClientConfig()
switch {
// if we failed and there's no fallback loopback client config, we need to fail
case err != nil && *loopbackClientConfig == nil:
return err
// if we failed, but we already have a fallback loopback client config (usually insecure), allow it
case err != nil && *loopbackClientConfig != nil:
default:
*loopbackClientConfig = secureLoopbackClientConfig
}
return nil
}