apiserver: enable certificates api
This commit is contained in:
George Tankersley
@@ -26,6 +26,7 @@ import (
|
||||
_ "k8s.io/kubernetes/pkg/apis/authorization/install"
|
||||
_ "k8s.io/kubernetes/pkg/apis/autoscaling/install"
|
||||
_ "k8s.io/kubernetes/pkg/apis/batch/install"
|
||||
_ "k8s.io/kubernetes/pkg/apis/certificates/install"
|
||||
_ "k8s.io/kubernetes/pkg/apis/componentconfig/install"
|
||||
_ "k8s.io/kubernetes/pkg/apis/extensions/install"
|
||||
_ "k8s.io/kubernetes/pkg/apis/policy/install"
|
||||
|
||||
@@ -40,6 +40,8 @@ import (
|
||||
"k8s.io/kubernetes/pkg/apis/batch"
|
||||
batchapiv1 "k8s.io/kubernetes/pkg/apis/batch/v1"
|
||||
batchapiv2alpha1 "k8s.io/kubernetes/pkg/apis/batch/v2alpha1"
|
||||
"k8s.io/kubernetes/pkg/apis/certificates"
|
||||
certificatesapiv1alpha1 "k8s.io/kubernetes/pkg/apis/certificates/v1alpha1"
|
||||
"k8s.io/kubernetes/pkg/apis/extensions"
|
||||
extensionsapiv1beta1 "k8s.io/kubernetes/pkg/apis/extensions/v1beta1"
|
||||
"k8s.io/kubernetes/pkg/apis/policy"
|
||||
@@ -53,6 +55,7 @@ import (
|
||||
"k8s.io/kubernetes/pkg/healthz"
|
||||
kubeletclient "k8s.io/kubernetes/pkg/kubelet/client"
|
||||
"k8s.io/kubernetes/pkg/master/ports"
|
||||
certificateetcd "k8s.io/kubernetes/pkg/registry/certificates/etcd"
|
||||
"k8s.io/kubernetes/pkg/registry/clusterrole"
|
||||
clusterroleetcd "k8s.io/kubernetes/pkg/registry/clusterrole/etcd"
|
||||
clusterrolepolicybased "k8s.io/kubernetes/pkg/registry/clusterrole/policybased"
|
||||
@@ -367,6 +370,26 @@ func (m *Master) InstallAPIs(c *Config) {
|
||||
apiGroupsInfo = append(apiGroupsInfo, apiGroupInfo)
|
||||
}
|
||||
|
||||
if c.APIResourceConfigSource.AnyResourcesForVersionEnabled(certificatesapiv1alpha1.SchemeGroupVersion) {
|
||||
certificateResources := m.getCertificateResources(c)
|
||||
certificatesGroupMeta := registered.GroupOrDie(certificates.GroupName)
|
||||
|
||||
// Hard code preferred group version to certificates/v1alpha1
|
||||
certificatesGroupMeta.GroupVersion = certificatesapiv1alpha1.SchemeGroupVersion
|
||||
|
||||
apiGroupInfo := genericapiserver.APIGroupInfo{
|
||||
GroupMeta: *certificatesGroupMeta,
|
||||
VersionedResourcesStorageMap: map[string]map[string]rest.Storage{
|
||||
"v1alpha1": certificateResources,
|
||||
},
|
||||
OptionsExternalVersion: ®istered.GroupOrDie(api.GroupName).GroupVersion,
|
||||
Scheme: api.Scheme,
|
||||
ParameterCodec: api.ParameterCodec,
|
||||
NegotiatedSerializer: api.Codecs,
|
||||
}
|
||||
apiGroupsInfo = append(apiGroupsInfo, apiGroupInfo)
|
||||
}
|
||||
|
||||
if c.APIResourceConfigSource.AnyResourcesForVersionEnabled(rbacapi.SchemeGroupVersion) {
|
||||
rbacResources := m.getRBACResources(c)
|
||||
rbacGroupMeta := registered.GroupOrDie(rbac.GroupName)
|
||||
@@ -851,6 +874,28 @@ func (m *Master) getAutoscalingResources(c *Config) map[string]rest.Storage {
|
||||
return storage
|
||||
}
|
||||
|
||||
// getCertificateResources returns the resources for certificates API
|
||||
func (m *Master) getCertificateResources(c *Config) map[string]rest.Storage {
|
||||
restOptions := func(resource string) generic.RESTOptions {
|
||||
return m.GetRESTOptionsOrDie(c, certificates.Resource(resource))
|
||||
}
|
||||
|
||||
// TODO update when we support more than one version of this group
|
||||
version := certificatesapiv1alpha1.SchemeGroupVersion
|
||||
|
||||
storage := map[string]rest.Storage{}
|
||||
|
||||
csrStorage, csrStatusStorage, csrApprovalStorage := certificateetcd.NewREST(restOptions("certificatesigningrequests"))
|
||||
|
||||
if c.APIResourceConfigSource.ResourceEnabled(version.WithResource("certificatesigningrequests")) {
|
||||
storage["certificatesigningrequests"] = csrStorage
|
||||
storage["certificatesigningrequests/status"] = csrStatusStorage
|
||||
storage["certificatesigningrequests/approval"] = csrApprovalStorage
|
||||
}
|
||||
|
||||
return storage
|
||||
}
|
||||
|
||||
// getBatchResources returns the resources for batch api
|
||||
func (m *Master) getBatchResources(c *Config, version unversioned.GroupVersion) map[string]rest.Storage {
|
||||
storage := map[string]rest.Storage{}
|
||||
@@ -979,7 +1024,7 @@ func (m *Master) IsTunnelSyncHealthy(req *http.Request) error {
|
||||
|
||||
func DefaultAPIResourceConfigSource() *genericapiserver.ResourceConfig {
|
||||
ret := genericapiserver.NewResourceConfig()
|
||||
ret.EnableVersions(apiv1.SchemeGroupVersion, extensionsapiv1beta1.SchemeGroupVersion, batchapiv1.SchemeGroupVersion, autoscalingapiv1.SchemeGroupVersion, appsapi.SchemeGroupVersion, policyapiv1alpha1.SchemeGroupVersion, rbacapi.SchemeGroupVersion)
|
||||
ret.EnableVersions(apiv1.SchemeGroupVersion, extensionsapiv1beta1.SchemeGroupVersion, batchapiv1.SchemeGroupVersion, autoscalingapiv1.SchemeGroupVersion, appsapi.SchemeGroupVersion, policyapiv1alpha1.SchemeGroupVersion, rbacapi.SchemeGroupVersion, certificatesapiv1alpha1.SchemeGroupVersion)
|
||||
|
||||
// all extensions resources except these are disabled by default
|
||||
ret.EnableResources(
|
||||
|
||||
Reference in New Issue
Block a user