Commit Graph

171 Commits

Author SHA1 Message Date
Tim Allclair
9d3670f358 Ensure testing credentials are labeled as such 2020-02-04 10:36:05 -08:00
Yuriy Gridasov
f641ecd6f8 Whitelisting *.pkg.dev for the GCP credential provider 2020-01-24 10:19:19 -08:00
Oleg Bulatov
5bec54ed5b
fix: padded base64 encoded docker auth field
base64 allows usage of new line characters and some tools use them.
As a result, the length of the encoded string cannot be used to
determine whether it's padded or not.

This patch fixes the regression after #82148.
2019-11-28 17:12:03 +01:00
jadarsie
3322ff9551 generalize solution 2019-11-21 19:14:47 -08:00
jadarsie
55828d059d misc fixes 2019-11-21 10:19:25 -08:00
jadarsie
ec57d8a4d0 Support Azure Stack dynamic environments 2019-11-18 15:06:32 -08:00
hwdef
170eadc3d2 pkg/credentialprovider: fix staticcheck warning 2019-11-11 09:46:52 +08:00
Roy Hvaara
e40c473334
Fix golint errors in pkg/credentialprovider/gcp 2019-10-28 21:54:45 +01:00
Bob Killen
666c5e5040
Prune inactive owners from pkg/credentialprovider/* OWNERS files. 2019-10-13 08:51:44 -04:00
Kubernetes Prow Robot
5675ef858e
Merge pull request #82148 from bbourbie/fix_docker_credential
fix: adding padding the encoded docker auth field
2019-09-25 11:04:14 -07:00
hwdef
4e7ef9ad36 delete unused var 2019-09-19 18:04:13 +08:00
Han Kang
866ea74326 remove pkg/version and some of redundant copies of it
Change-Id: Ia58367c1b1274bfb49c8a4784051463abaf795de
2019-09-16 16:24:35 -07:00
Benoît Bourbié
a3e434cee4 fix: handling unpadded base64 encoded docker auth field
docker-credential-desk does not pad anymore the auth field.
it is then possible to have unpadded auth field.

field might be encoded either with RawStdEncoding or StdEncoding

we now determine if it is correctly padded in order to handle
both cases.
2019-09-09 21:30:03 -07:00
Stephen Augustus
a8ea88960d Update Azure imports to latest API versions
Signed-off-by: Stephen Augustus <saugustus@vmware.com>
2019-08-19 13:27:27 -04:00
Stephen Augustus
c7858aa976 Lint Azure imports
Signed-off-by: Stephen Augustus <saugustus@vmware.com>
2019-08-15 18:03:05 -04:00
Angela Li
a02289a91b Determine system model for windows nodes 2019-07-30 14:28:53 -07:00
Ted Yu
7a5e7030d2 Handle error return from http.NewRequest() 2019-07-08 17:41:02 -07:00
tiffany jernigan
27a0d91f2d Remove lazy provide from credential provider and kubelet (#79674)
* Remove LazyProvide from kubelet

* Remove LazyProvide from cloud providers

* Remove LazyProvide from credential provider keyring and provider
2019-07-03 13:52:52 -07:00
Stephen Augustus
a64cf7a1e2 Update azure-sdk-for-go/services/containerregistry to 2018-09-01
Signed-off-by: Stephen Augustus <saugustus@vmware.com>
2019-07-01 00:24:15 -04:00
Claudiu Belu
16da70c249 credentialprovider: Sets homeDirPath to os.UserHomeDir()
Currently, the credential provider will look in the path set in
the $HOME env variable, but that environment does not exist on
Windows, but $HOMEPATH does. Because of this, if credentials are
set in ~/.docker on Windows, they will not be used by kubelet
when pulling images.

The function os.UserHomeDir can solve this problem [1].

[1] https://golang.org/pkg/os/#UserHomeDir
2019-05-25 12:52:32 -07:00
danielqsj
142fe19f2d fix increment-decrement lint error 2019-05-06 13:14:51 +08:00
Tongyao Si
a2f4f51b77 Add more test cases 2019-04-30 16:52:07 +08:00
Tongyao Si
b5cdb78190 Fix ACR MSI cross-subscription authentication error 2019-04-30 16:40:05 +08:00
Kubernetes Prow Robot
2776cc1e72
Merge pull request #77099 from dims/remove-rancher-credential-provider-from-upstream-kubernetes
Remove Rancher Credential Provider from upstream kubernetes
2019-04-26 04:32:39 -07:00
Stephen Augustus
2f74c90480 Staging the legacy Azure Cloud Provider
Signed-off-by: Stephen Augustus <saugustus@vmware.com>
2019-04-25 20:03:45 -04:00
Davanum Srinivas
edf8577654
Remove Rancher Credential Provider from upstream kubernetes
This is useful only in rancher environment, they are using this in a
very old branch (1.6), they are currently at 2.2.x. There is just no
point in us carrying this code as this is not useful to anyone else
outside of the rancher environment. Let us please remove this code from
upstream.

Change-Id: I5196d0edd79a7809c3a04e6028ddbd01063f224b
2019-04-25 19:10:01 -04:00
Davanum Srinivas
7b8c9acc09
remove unused code
Change-Id: If821920ec8872e326b7d85437ad8d2620807799d
2019-04-19 08:36:31 -04:00
Haiyan Meng
529ac8a2d8
Limit the read length of ioutil.ReadAll in pkg/credentialprovider
Signed-off-by: Haiyan Meng <haiyanmeng@google.com>
2019-04-16 13:59:44 -07:00
Kubernetes Prow Robot
90e9f29bad
Merge pull request #71900 from charrywanganthony/remove-unused-parseAcrToken
remove unused function
2019-04-02 00:14:35 -07:00
Kubernetes Prow Robot
dabeb20a1a
Merge pull request #75587 from tiffanyfay/cred-provider
Refactor AWS credential provider
2019-03-29 14:48:47 -07:00
tiffany jernigan
0d63fa4543 Update aws provider build files 2019-03-28 07:15:28 +00:00
tiffany jernigan
11efc01328 Refactors and fixes bugs in AWS credentialprovider
Adds caching per registry. Fixes caching of invalid ECR tokens.
2019-03-28 07:15:28 +00:00
Andrew Sy Kim
b8a92e82b2 add @andrewsykim and @mcrute as pkg/credentialprovider revierws
Signed-off-by: Andrew Sy Kim <kiman@vmware.com>
2019-03-27 11:03:50 -04:00
tiffany jernigan
ecbb090f32 Credential provider Provide takes image (clouds) 2019-03-27 01:00:26 +00:00
tiffany jernigan
847cb24aa1 Credential provider Provide takes image (general) 2019-03-27 01:00:26 +00:00
andyzhangx
3c7de52cc2 add Azure Container Registry anonymous repo support
apply fix for msi and fix test failure
2019-02-28 12:16:21 +00:00
Kubernetes Prow Robot
808f2cf0ef
Merge pull request #72525 from justinsb/owners_should_not_be_executable
Remove executable file permission from OWNERS files
2019-02-14 23:55:45 -08:00
Roy Lenferink
b43c04452f Updated OWNERS files to include link to docs 2019-02-04 22:33:12 +01:00
Tara Gu
c8f6038c96 Fix type in comment 2019-02-03 15:25:09 -05:00
Justin SB
dd19b923b7
Remove executable file permission from OWNERS files 2019-01-11 16:42:59 -08:00
Micah Hausler
949d5f97c4 Added kubernetes version to user-agent for AWS SDK calls 2018-12-20 21:04:44 -08:00
Chao Wang
7f1327ffd8 remove unused function 2018-12-10 15:24:33 +08:00
Davanum Srinivas
954996e231
Move from glog to klog
- Move from the old github.com/golang/glog to k8s.io/klog
- klog as explicit InitFlags() so we add them as necessary
- we update the other repositories that we vendor that made a similar
change from glog to klog
  * github.com/kubernetes/repo-infra
  * k8s.io/gengo/
  * k8s.io/kube-openapi/
  * github.com/google/cadvisor
- Entirely remove all references to glog
- Fix some tests by explicit InitFlags in their init() methods

Change-Id: I92db545ff36fcec83afe98f550c9e630098b3135
2018-11-10 07:50:31 -05:00
Davanum Srinivas
43f523d405
Switch to sigs.k8s.io/yaml from ghodss/yaml
Change-Id: Ic72b5131bf441d159012d67a6a3d87088d0e6d31
2018-11-07 13:17:32 -05:00
k8s-ci-robot
a49e4e128e
Merge pull request #69708 from mcrute/fix-aws-imports
Fix AWS volume and cloud provider import order
2018-10-30 13:44:50 -07:00
Mike Crute
49df100af9 fix AWS volume and cloud provider import order 2018-10-30 08:18:45 -07:00
k8s-ci-robot
dad07683b1
Merge pull request #69013 from ibrasho-forks/switch-to-http.Error
Update usages of http.ResponseWriter.WriteHeader to use http.Error
2018-10-23 15:31:55 -07:00
Ibrahim AshShohail
2fb3ba71f1
Update usages of http.ResponseWriter.WriteHeader to use http.Error
Signed-off-by: Ibrahim AshShohail <me@ibrasho.com>
2018-10-14 05:58:00 +03:00
Yu-Ju Hong
ed92397eff GCP: Remove the deprecated google-json-key support
The flag was deprecated in 1.10. According to the deprecation policy, it
is safe to remove the flag now.
2018-10-02 16:53:28 -07:00
Clayton Coleman
7e398dc31f
Remove dependency on docker daemon for core credential types
We are removing dependencies on docker types where possible in the core
libraries. credentialprovider is generic to Docker and uses a public API
(the config file format) that must remain stable. Create an equivalent type
and use a type cast (which would error if we ever change the type) in the
dockershim. We already perform a transformation like this for CRI and so
we aren't changing much.
2018-09-07 16:36:14 -04:00