mirror of https://github.com/k3s-io/k3s
1eb221e96f
Automatic merge from submit-queue Configuration for GCP webhook authentication and authorization This PR adds configuration for GCP webhook authentication and authorization in ContainerVM and GCI. The change of configure-vm.sh and kube-apiserver.manifest is directly copied from @cjcullen's PR #25380 and #25296. The change in GCI script configure-helper.sh includes the support for webhook authentication and authorization, and also some code refactor to improve readability. @cjcullen @roberthbailey @zmerlynn please review it. The original PRs are P1, please mark this as P1. cc/ @fabioy @kubernetes/goog-image FYI. I verified it by running e2e tests on GCI cluster. Without the GCI side change, cluster creation fails as being capture by GKE Jenkins tests. I don't test when the two env GCP_AUTHN_URL and GCP_AUTHZ_URL are set, because they are only set in GKE. After this PR is merged, @cjcullen will test in GKE. |
||
|---|---|---|
| .. | ||
| configure-helper.sh | ||
| configure.sh | ||
| helper.sh | ||
| master.yaml | ||
| node.yaml | ||