github/kubernetes
4
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

re-reorder authorizers (RBAC before Webhook).

Browse Source
This commit is contained in:
CJ Cullen
2018-05-22 16:44:46 -07:00
parent dc20badcd4
commit b3a31b28af
1 changed files with 1 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
cluster/gce/gci/configure-helper.sh
View File

@@ -1683,7 +1683,7 @@ function start-kube-apiserver {
local webhook_config_mount="" local webhook_config_mount=""
local webhook_config_volume="" local webhook_config_volume=""
if [[ -n "${GCP_AUTHZ_URL:-}" ]]; then if [[ -n "${GCP_AUTHZ_URL:-}" ]]; then
authorization_mode="Webhook,${authorization_mode}" authorization_mode="${authorization_mode},Webhook"
params+=" --authorization-webhook-config-file=/etc/gcp_authz.config" params+=" --authorization-webhook-config-file=/etc/gcp_authz.config"
webhook_config_mount="{\"name\": \"webhookconfigmount\",\"mountPath\": \"/etc/gcp_authz.config\", \"readOnly\": false}," webhook_config_mount="{\"name\": \"webhookconfigmount\",\"mountPath\": \"/etc/gcp_authz.config\", \"readOnly\": false},"
webhook_config_volume="{\"name\": \"webhookconfigmount\",\"hostPath\": {\"path\": \"/etc/gcp_authz.config\", \"type\": \"FileOrCreate\"}}," webhook_config_volume="{\"name\": \"webhookconfigmount\",\"hostPath\": {\"path\": \"/etc/gcp_authz.config\", \"type\": \"FileOrCreate\"}},"