github/kubernetes
4
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
107,932 Commits 1 Branch 31 Tags 1,019 MiB
fba69f7eb9
Commit Graph

17 Commits

Author SHA1 Message Date
Jan Chaloupka
a5920f7edb Move helpers from pkg/registry/rbac/reconciliation and pkg/registry/rbac/validation under k8s.io/component-helpers 2020-11-02 17:51:16 +01:00
Davanum Srinivas
442a69c3bd
switch over k/k to use klog v2 
Signed-off-by: Davanum Srinivas <davanum@gmail.com>
 2020-05-16 07:54:27 -04:00
yuxiaobo
81e9f21f83 Correct spelling mistakes 
Signed-off-by: yuxiaobo <yuxiaobogo@163.com>
 2019-11-06 20:25:19 +08:00
Clayton Coleman
4c87a14e6b
Avoid allocating when performing VisitRulesFor on service accounts 
Service account authorization checks are done frequently and were
observed to perform 7% of allocations on a system running e2e tests.
The allocation comes from when we walk the authorization rules to
find matching service accounts.

Optimize the check for service account names to avoid allocating.
 2019-03-13 17:40:21 -04:00
Davanum Srinivas
954996e231
Move from glog to klog 
- Move from the old github.com/golang/glog to k8s.io/klog
- klog as explicit InitFlags() so we add them as necessary
- we update the other repositories that we vendor that made a similar
change from glog to klog
  * github.com/kubernetes/repo-infra
  * k8s.io/gengo/
  * k8s.io/kube-openapi/
  * github.com/google/cadvisor
- Entirely remove all references to glog
- Fix some tests by explicit InitFlags in their init() methods

Change-Id: I92db545ff36fcec83afe98f550c9e630098b3135
 2018-11-10 07:50:31 -05:00
Jordan Liggitt
3710ce3561
make RBAC escalation error message more useful 2018-07-06 11:49:08 -04:00
David Eads
092714ea0f switch rbac to external 2018-05-22 08:17:05 -04:00
Mike Danese
54fd2aaefd replace request.Context with context.Context 2018-04-24 08:59:00 -07:00
WanLinghao
f35402e515 fix a error in return value 
modified:   pkg/registry/rbac/validation/rule.go
 2018-03-21 14:52:52 +08:00
Jordan Liggitt
b4fb25261e
return reason for allowed rbac authorizations 
includes the binding, role, and subject that allowed a request so audit can make use of it
 2018-01-19 14:32:39 -05:00
Jordan Liggitt
67360883bc
Switch to pointer to policy rule, visit and short circuit during authorization 2017-04-20 10:52:53 -04:00
Cao Shufeng
63346d979c remove extra function call 
We have read user info from context in previous line. No need to call
this function again.
 2017-03-03 08:41:03 -05:00
Dr. Stefan Schimanski
3d9449a353 genericapiserver: fix imports 2017-01-19 13:06:47 +01:00
Dr. Stefan Schimanski
bf307d9948 genericapiserver: cut off pkg/serviceaccount dependency 2017-01-17 09:36:10 +01:00
deads2k
77b4d55982 mechanical 2017-01-16 09:35:12 -05:00
deads2k
31b6ba4e94 mechanicals 2017-01-13 16:33:09 -05:00
Dr. Stefan Schimanski
cf60bec396 Split out server side code from pkg/apis/rbac/validation 2017-01-11 18:31:58 +01:00