github
/
k3s
mirror of https://github.com/k3s-io/k3s
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

Add abac_authorization_file local var to allow ABAC_AUTHZ_FILE to be set outside the script.

pull/6/head
CJ Cullen 2017-03-15 13:28:18 -07:00
parent 355f576c0b
commit 1534cbf1fa
1 changed files with 3 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
cluster/gce/gci/configure-helper.sh
View File

@ -1108,9 +1108,9 @@ function start-kube-apiserver {
# Load existing ABAC policy files written by versions < 1.6 of this script
# TODO: only default to this legacy path when in upgrade mode
ABAC_AUTHZ_FILE="${ABAC_AUTHZ_FILE:-/etc/srv/kubernetes/abac-authz-policy.jsonl}"
if [[ -n "${ABAC_AUTHZ_FILE:-}" && -e "${ABAC_AUTHZ_FILE}" ]]; then
params+=" --authorization-policy-file=${ABAC_AUTHZ_FILE}"
local abac_authorization_file="${ABAC_AUTHZ_FILE:-/etc/srv/kubernetes/abac-authz-policy.jsonl}"
if [[ -n "${abac_authorization_file:-}" && -e "${abac_authorization_file}" ]]; then
params+=" --authorization-policy-file=${abac_authorization_file}"
authorization_mode+=",ABAC"
fi
local webhook_config_mount=""