github/kubernetes
4
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
41,136 Commits 1 Branch 31 Tags 1,019 MiB
84d0a5d1d9
Commit Graph

16 Commits

Author SHA1 Message Date
deads2k
a3564c0aa8 start kubeapiserver package for sharing between kubeapiserver and federation 2016-12-22 07:43:42 -05:00
Chao Xu
03d8820edc rename /release_1_5 to /clientset 2016-12-14 12:39:48 -08:00
Mike Danese
c87de85347 autoupdate BUILD files 2016-12-12 13:30:07 -08:00
deads2k
2923d09091 remove rbac super user 2016-12-05 13:49:54 -05:00
deads2k
ab9a842f3c add loopback auth defaulting to generic apiserver 2016-11-29 11:02:35 -05:00
deads2k
6846855929 add delegating authorization flags and options 2016-11-29 10:59:43 -05:00
deads2k
ca2b5f136e split authorization from main options struct 2016-11-29 10:59:43 -05:00
Jordan Liggitt
d3991aa7c6
Cleanup auth logging, allow starting secured kubelet in local-up-cluster.sh 2016-11-03 16:17:11 -04:00
Mike Danese
df713b478c fix tests by declaring testdata 2016-10-21 17:32:32 -07:00
Mike Danese
3b6a067afc autogenerated 2016-10-21 17:32:32 -07:00
deads2k
e1638f11a3 run authorization from a cache 2016-10-13 07:53:40 -04:00
deads2k
8c20af79a4 fix loopback authorizer 2016-10-03 12:46:39 -04:00
Kubernetes Submit Queue
c46bc88f04 Merge pull request #31491 from dims/fixes-issue-13598 
Automatic merge from submit-queue

Allow secure access to apiserver from Admission Controllers

* Allow options.InsecurePort to be set to 0 to switch off insecure access
* In NewSelfClient, Set the TLSClientConfig to the cert and key files
  if InsecurePort is switched off
* Mint a bearer token that allows the client(s) created in NewSelfClient
  to talk to the api server
* Add a new authenticator that checks for this specific bearer token

Fixes #13598
 2016-09-21 21:31:56 -07:00
Davanum Srinivas
25d4a70827 Allow secure access to apiserver from Admission Controllers 
* Allow options.InsecurePort to be set to 0 to switch off insecure access
* In NewSelfClient, Set the TLSClientConfig to the cert and key files
  if InsecurePort is switched off
* Mint a bearer token that allows the client(s) created in NewSelfClient
  to talk to the api server
* Add a new authenticator that checks for this specific bearer token

Fixes #13598
 2016-09-20 10:42:21 -04:00
deads2k
a2a6423574 separate RESTStorage by API group 2016-09-20 08:00:50 -04:00
Eric Chiang
b4eaf625a0 pkg/genericapiserver/options: don't import pkg/apiserver 
Refactor the authorization options for the API server so
pkg/apiserver isn't directly imported by the options package.
 2016-08-18 13:01:50 -07:00