github
/
k3s
mirror of https://github.com/k3s-io/k3s
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
61,885 Commits
32 Branches
881 Tags
633 MiB
Commit Graph

75 Commits (efa63b7a5877252a3e542bc866cd0fe637933aed)

Author SHA1 Message Date
Jeff Grafton ef56a8d6bb Autogenerated: hack/update-bazel.sh 2018-02-16 13:43:01 -08:00
Mike Danese 7d74c35963 svcacct: move claim generation out of TokenGenerator 2018-02-06 13:19:54 -08:00
Ti Zhou 10cda2686f Add tests for pkg/serviceaccount. 2018-02-02 11:11:13 +08:00
Mike Danese c89cb942cd serviceaccount: handle jwt flow specific validation in seperate validator struct 2018-01-24 20:40:54 -08:00
Mike Danese 057b7af798 serviceaccount: check token is issued by correct iss before verifying 
Right now if a JWT for an unknown issuer, for any subject hits the
serviceaccount token authenticator, we return a errors as if the token
was meant for us but we couldn't find a key to verify it. We should
instead return nil, false, nil.

This change helps us support multiple service account token
authenticators with different issuers.
 2018-01-24 20:21:59 -08:00
Mike Danese 33046de3cf move service account signing to using go-jose 
also extract custom validation to seperate function
 2018-01-23 17:40:08 -08:00
linweibin fa8afc1d39 Remove unused code in UT files in pkg/ 2018-01-15 16:02:35 +08:00
iloayuil c4b908ad52
typo wrong, not "namespace", but "secretName" 
namespace, _ := claims[NamespaceClaim].(string)
		if len(namespace) == 0 {
			return nil, false, errors.New("namespace claim is missing")
		}
		secretName, _ := claims[SecretNameClaim].(string)
		if len(namespace) == 0 {
			return nil, false, errors.New("secretName claim is missing")
		}
 2017-12-15 09:27:52 +08:00
Dr. Stefan Schimanski bec617f3cc Update generated files 2017-11-09 12:14:08 +01:00
Dr. Stefan Schimanski 012b085ac8 pkg/apis/core: mechanical import fixes in dependencies 2017-11-09 12:14:08 +01:00
Jeff Grafton aee5f457db update BUILD files 2017-10-15 18:18:13 -07:00
Kubernetes Submit Queue afabd09889 Merge pull request #50876 from enj/enj/f/owners_reviewer 
Automatic merge from submit-queue

Add enj as reviewer to OWNERS

Adding myself as a reviewer for the following areas:

- API
- auth
- registry
- storage (etcd)

Signed-off-by: Monis Khan <mkhan@redhat.com>

**Release note**:

```release-note
NONE
```

@kubernetes/sig-api-machinery-pr-reviews
@kubernetes/sig-auth-pr-reviews
 2017-08-18 05:42:07 -07:00
Kubernetes Submit Queue c3a39f763e Merge pull request #48263 from CaoShuFeng/useless_argument 
Automatic merge from submit-queue

remove useless argument "name"

**Release note**:

```
NONE
```
 2017-08-18 05:41:45 -07:00
Monis Khan dd06794bc2
Add enj as reviewer to OWNERS 
Adding myself as a reviewer for the following areas:

- API
- auth
- registry
- storage (etcd)

Signed-off-by: Monis Khan <mkhan@redhat.com>
 2017-08-17 20:42:46 -04:00
Jeff Grafton a7f49c906d Use buildozer to delete licenses() rules except under third_party/ 2017-08-11 09:32:39 -07:00
Jeff Grafton 33276f06be Use buildozer to remove deprecated automanaged tags 2017-08-11 09:31:50 -07:00
Jeff Grafton cf55f9ed45 Autogenerate BUILD files 2017-08-11 09:30:23 -07:00
Christoph Blecker aac4d5382d
Move remaining cert helper functions to client-go/util/cert 
- Move public key functions to client-go/util/cert
- Move pki file helper functions to client-go/util/cert
- Standardize on certutil package alias
- Update dependencies to client-go/util/cert
 2017-08-03 13:17:07 -07:00
Jacob Simpson 29c1b81d4c Scripted migration from clientset_generated to client-go. 2017-07-17 15:05:37 -07:00
deads2k 0939602ca6 don't accept delete tokens that are waiting to be reaped 2017-06-30 09:22:36 -04:00
Cao Shufeng 2e97611bc6 remove useless argument "name" 2017-06-29 17:36:00 +08:00
Chao Xu 60604f8818 run hack/update-all 2017-06-22 11:31:03 -07:00
Chao Xu f4989a45a5 run root-rewrite-v1-..., compile 2017-06-22 10:25:57 -07:00
Mike Danese a05c3c0efd autogenerated 2017-04-14 10:40:57 -07:00
Christoph Blecker 89d1b09fdf
Move Private Key parsing to k8s.io/client-go/util/cert 2017-02-03 17:41:34 -08:00
Jordan Liggitt ff124c4aec
Allow reading ECDSA key files containing parameter blocks 2017-02-01 10:18:58 -05:00
Jordan Liggitt 3590928fa9
Add OWNERS file for pkg/serviceaccount 2017-01-27 09:11:04 -05:00
Clayton Coleman 9a2a50cda7
refactor: use metav1.ObjectMeta in other types 2017-01-17 16:17:19 -05:00
Dr. Stefan Schimanski bf307d9948 genericapiserver: cut off pkg/serviceaccount dependency 2017-01-17 09:36:10 +01:00
Jeff Grafton 20d221f75c Enable auto-generating sources rules 2017-01-05 14:14:13 -08:00
deads2k 4d7fcae85a mechanicals 2017-01-05 11:14:27 -05:00
deads2k 80143ee0b4 snip links from genericapiserver to api/validation 2017-01-04 15:17:18 -05:00
deads2k ca58ec0237 mechanical changes for move 2017-01-04 10:27:05 -05:00
Mike Danese 161c391f44 autogenerated 2016-12-29 13:04:10 -08:00
Chao Xu 03d8820edc rename /release_1_5 to /clientset 2016-12-14 12:39:48 -08:00
Mike Danese c87de85347 autoupdate BUILD files 2016-12-12 13:30:07 -08:00
Chao Xu bcc783c594 run hack/update-all.sh 2016-11-23 15:53:09 -08:00
Chao Xu 4f3d0e3bde more dependencies packages: 
pkg/metrics
pkg/credentialprovider
pkg/security
pkg/securitycontext
pkg/serviceaccount
pkg/storage
pkg/fieldpath
 2016-11-23 15:53:09 -08:00
Mike Danese 3b6a067afc autogenerated 2016-10-21 17:32:32 -07:00
Jordan Liggitt 3c92eb75b3
Enable service account signing key rotation 2016-10-04 14:16:38 -04:00
Jordan Liggitt 6333d8fd86
Add ECDSA support 2016-09-27 12:44:54 -04:00
Jordan Liggitt cce67724a9
Check for valid serviceaccount JWT token before inspecting claims 2016-07-06 14:25:15 -04:00
Jordan Liggitt 751a93b858
Revert "Revert "update jwt-go to v3.0.0-4-g01aeca5"" 
This reverts commit 7f456e49c9.
 2016-07-06 14:25:11 -04:00
krousey 7f456e49c9 Revert "update jwt-go to v3.0.0-4-g01aeca5" 2016-07-06 10:41:50 -07:00
Cole Mickens db006d6e6b fix serviceaccount's usage of jwt-go 
update pkg/serviceaccount for v3.x jwt-go.
 2016-07-05 20:48:36 -07:00
David McMahon ef0c9f0c5b Remove "All rights reserved" from all the headers. 2016-06-29 17:47:36 -07:00
Tim Hockin 152c86ab06 Make name validators return string slices 2016-05-18 00:48:01 -07:00
Xiangpeng Zhao c381a7b61e Improve error messages in jwt_test.go 
Fix typos and add more info to error messages.
 2016-04-21 11:37:14 +08:00
Chao Xu ad46715f51 generate fake client for release_1_2 2016-02-17 16:10:02 -08:00
Chao Xu 184440f8ef rename release_1_2 to internalclientset 2016-02-05 14:02:28 -08:00