github
/
k3s
mirror of https://github.com/k3s-io/k3s
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
41,705 Commits
32 Branches
881 Tags
633 MiB
Commit Graph

29 Commits (98acd800da0f38e348a5637ef1c8c67c8127d055)

Author SHA1 Message Date
Jordan Liggitt a2670d3b9d
Allow rolebinding/clusterrolebinding with explicit bind permission check 2017-01-10 14:34:33 -05:00
deads2k 4d7fcae85a mechanicals 2017-01-05 11:14:27 -05:00
deads2k ca58ec0237 mechanical changes for move 2017-01-04 10:27:05 -05:00
Jordan Liggitt 742ef34484
Convert user/group * to match authenticated users only in ABAC 2016-12-19 13:41:35 -05:00
Monis Khan a6bafbacbf
Refactor REST storage to use generic defaults 
Signed-off-by: Monis Khan <mkhan@redhat.com>
 2016-12-08 17:24:21 -05:00
deads2k 2923d09091 remove rbac super user 2016-12-05 13:49:54 -05:00
Jordan Liggitt d3991aa7c6
Cleanup auth logging, allow starting secured kubelet in local-up-cluster.sh 2016-11-03 16:17:11 -04:00
deads2k f56cbfa8d5 add healthz to genericapiserver 2016-11-01 14:39:33 -04:00
deads2k ceaf026881 slim down authorization listing interfaces 2016-10-13 07:50:01 -04:00
deads2k 518d5500c7 remove testapi.Default.GroupVersion 2016-10-07 10:10:54 -04:00
deads2k 9f4f6a1cba fix integration tests for loopback client 2016-10-04 08:40:59 -04:00
Dr. Stefan Schimanski 61409c821b Turn embedding into composition: master.Config.{Config -> GenericConfig} 2016-09-29 08:09:39 +02:00
Dr. Stefan Schimanski b4c6a68036 Unify genericapiserver Config.New() and master Config.New() 2016-09-28 19:19:54 +02:00
deads2k b330b0a220 start creating controller SA roles. start with just one 2016-09-26 09:31:36 -04:00
deads2k a2a6423574 separate RESTStorage by API group 2016-09-20 08:00:50 -04:00
deads2k 7d1f13d3e0 add GenericAPIServer posthooks for initialization 2016-09-19 14:58:27 -04:00
deads2k 8fac64b43f add localSAR 2016-09-13 08:54:23 -04:00
deads2k 8c788233e7 change rbac roleref type 2016-09-09 09:55:51 -04:00
deads2k 97529e3687 add selfsubjectaccessreview API 2016-08-29 09:51:54 -04:00
Eric Chiang b4eaf625a0 pkg/genericapiserver/options: don't import pkg/apiserver 
Refactor the authorization options for the API server so
pkg/apiserver isn't directly imported by the options package.
 2016-08-18 13:01:50 -07:00
Hongchao Deng d0938094d9 move new etcd storage into cacher 2016-08-12 18:40:20 -07:00
deads2k 32920b5617 add subjectaccessreviews resource 2016-08-05 11:20:56 -04:00
deads2k 60dd4a5d26 interesting changes to add tokenreviews endpoint to implement webhook 2016-08-03 08:37:45 -04:00
deads2k aa3db4d995 make the resource prefix in etcd configurable for cohabitation 2016-07-27 07:51:40 -04:00
Wojciech Tyczynski 4d0d115690 Revert "add tokenreviews endpoint to implement webhook" 2016-07-21 09:40:35 +02:00
deads2k 2c4a9f2e8d interesting changes to add tokenreviews endpoint to implement webhook 2016-07-20 15:11:56 -04:00
Michal Rostecki fa0dd46ab7 Return (bool, error) in Authorizer.Authorize() 
Before this change, Authorize() method was just returning an error,
regardless of whether the user is unauthorized or whether there
is some other unrelated error. Returning boolean with information
about user authorization and error (which should be unrelated to
the authorization) separately will make it easier to debug.

Fixes #27974
 2016-07-18 12:06:54 +02:00
deads2k f6f1ab34aa authorize based on user.Info 2016-07-14 07:48:42 -04:00
Mike Danese f3de21bdf0
move integration tests into individual pacakges 
Signed-off-by: Mike Danese <mikedanese@google.com>
 2016-07-07 00:54:15 -07:00