github/sample-controller
4
0
Fork 0
mirror of https://github.com/kubernetes/sample-controller.git synced 2026-05-01 00:00:03 +08:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #59495 from ericchiang/client-auth-exec

Browse Source 
Automatic merge from submit-queue. If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.

 client-go: add an exec-based client auth provider

Updates https://github.com/kubernetes/features/issues/541
Implements https://github.com/kubernetes/community/pull/1503
Closes https://github.com/kubernetes/kubernetes/issues/57164

```release-note
client-go: alpha support for exec-based credential providers
```

/sig auth
/kind feature

Kubernetes-commit: cb9d6b51556a1677f262e35e4aded0051c424818
This commit is contained in:
Kubernetes Publisher
2018-02-28 22:03:16 -08:00
parent 780aeeea62 74fbe5057f
commit 6ec5f89077
28 changed files with 1511 additions and 239 deletions
Download Patch File Download Diff File Expand all files Collapse all files
vendor/k8s.io/client-go/tools/clientcmd/validation.go
Generated Vendored
+19
View File
@@ -237,6 +237,25 @@ func validateAuthInfo(authInfoName string, authInfo clientcmdapi.AuthInfo) []err
}
}
if authInfo.Exec != nil {
if authInfo.AuthProvider != nil {
validationErrors = append(validationErrors, fmt.Errorf("authProvider cannot be provided in combination with an exec plugin for %s", authInfoName))
}
if len(authInfo.Exec.Command) == 0 {
validationErrors = append(validationErrors, fmt.Errorf("command must be specified for %v to use exec authentication plugin", authInfoName))
}
if len(authInfo.Exec.APIVersion) == 0 {
validationErrors = append(validationErrors, fmt.Errorf("apiVersion must be specified for %v to use exec authentication plugin", authInfoName))
}
for _, v := range authInfo.Exec.Env {
if len(v.Name) == 0 {
validationErrors = append(validationErrors, fmt.Errorf("env variable name must be specified for %v to use exec authentication plugin", authInfoName))
} else if len(v.Value) == 0 {
validationErrors = append(validationErrors, fmt.Errorf("env variable %s value must be specified for %v to use exec authentication plugin", v.Name, authInfoName))
}
}
}
// authPath also provides information for the client to identify the server, so allow multiple auth methods in that case
if (len(methods) > 1) && (!usingAuthPath) {
validationErrors = append(validationErrors, fmt.Errorf("more than one authentication method found for %v; found %v, only one is allowed", authInfoName, methods))