Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Allow multiple providers for authorizationMode #42557

Merged
merged 1 commit into from
Apr 6, 2017
Merged

Allow multiple providers for authorizationMode #42557

merged 1 commit into from
Apr 6, 2017

Conversation

xilabao
Copy link
Contributor

@xilabao xilabao commented Mar 6, 2017

@k8s-ci-robot
Copy link
Contributor

Hi @xilabao. Thanks for your PR.

I'm waiting for a kubernetes member to verify that this patch is reasonable to test. If it is, they should reply with @k8s-bot ok to test on its own line. Until that is done, I will not automatically test new commits in this PR, but the usual testing commands by org members will still work. Regular contributors should join the org to skip this step.

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. I understand the commands that are listed here.

@k8s-ci-robot k8s-ci-robot added the cncf-cla: yes Indicates the PR's author has signed the CNCF CLA. label Mar 6, 2017
@k8s-reviewable
Copy link

This change is Reviewable

@k8s-github-robot k8s-github-robot added size/L Denotes a PR that changes 100-499 lines, ignoring generated files. release-note-label-needed labels Mar 6, 2017
@xilabao
Copy link
Contributor Author

xilabao commented Mar 8, 2017

@errordeveloper

@xilabao
Copy link
Contributor Author

xilabao commented Mar 8, 2017

@luxas

@xilabao
Copy link
Contributor Author

xilabao commented Mar 30, 2017

ping @errordeveloper

luxas
luxas reviewed Mar 31, 2017
View reviewed changes
Copy link
Member

@luxas luxas left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

One nit only, please fix that and add a test for it

cmd/kubeadm/app/apis/kubeadm/validation/validation.go
return field.ErrorList{field.Invalid(fldPath, authzMode, "invalid authorization mode")}
func ValidateAuthorizationModes(authzModes []string, fldPath *field.Path) field.ErrorList {
allErrs := field.ErrorList{}
for _, authzMode := range authzModes {
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

We should make sure here that you can't set it to RBAC,RBAC,ABAC,ABAC or the like. Duplicate values aren't allowed

@luxas
Copy link
Member

luxas commented Mar 31, 2017

Thanks for your patience! There's have been a lot going on before and during KubeCon etc. and with the v1.6 release. Hope you understand. However, now the code freeze is lifted so we can go on with v1.7 things 👍

@luxas luxas self-assigned this Mar 31, 2017
@luxas luxas added release-note-none Denotes a PR that doesn't merit a release note. and removed release-note-label-needed labels Mar 31, 2017
@xilabao xilabao force-pushed the use-authorizationModes branch 2 times, most recently from f38d197 to b1cfe6b Compare April 3, 2017 02:04
@xilabao
Copy link
Contributor Author

xilabao commented Apr 3, 2017

Done. @luxas

luxas
luxas reviewed Apr 3, 2017
View reviewed changes
cmd/kubeadm/app/apis/kubeadm/validation/validation.go Outdated
}
}

found := make(map[string]bool)
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I'd prefer if you moved this map above the first for loop to avoid having two
Also we use map[string]bool{} most often instead of make, but I have no super strong opinions

cmd/kubeadm/app/apis/kubeadm/validation/validation.go Outdated
for _, authzMode := range authzModes {
if found[authzMode] {
allErrs = append(allErrs, field.Invalid(fldPath, authzMode, "duplicate authorization mode"))
break
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I think this should be continue since we want to spot all duplicates

@xilabao
Copy link
Contributor Author

xilabao commented Apr 5, 2017

@luxas PTAL

@luxas
Copy link
Member

luxas commented Apr 5, 2017

/lgtm
/approve

Thanks for following this up @xilabao!

@k8s-ci-robot k8s-ci-robot added the lgtm "Looks good to me", indicates that a PR is ready to be merged. label Apr 5, 2017
@k8s-github-robot k8s-github-robot added the approved Indicates a PR has been approved by an approver from all required OWNERS files. label Apr 5, 2017
@luxas
Copy link
Member

luxas commented Apr 5, 2017

please fix the small test failure though...

@grodrigues3 grodrigues3 added the needs-ok-to-test Indicates a PR that requires an org member to verify it is safe to test. label Apr 5, 2017
@k8s-github-robot k8s-github-robot removed the lgtm "Looks good to me", indicates that a PR is ready to be merged. label Apr 6, 2017
@xilabao
Copy link
Contributor Author

xilabao commented Apr 6, 2017

ping @luxas

@luxas
Copy link
Member

luxas commented Apr 6, 2017

@k8s-bot test this

@luxas
Copy link
Member

luxas commented Apr 6, 2017

/lgtm
/approve

@k8s-ci-robot k8s-ci-robot added the lgtm "Looks good to me", indicates that a PR is ready to be merged. label Apr 6, 2017
@k8s-github-robot
Copy link

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: luxas, xilabao

Needs approval from an approver in each of these OWNERS Files:

You can indicate your approval by writing /approve in a comment
You can cancel your approval by writing /approve cancel in a comment

@k8s-github-robot
Copy link

Automatic merge from submit-queue

@k8s-github-robot k8s-github-robot merged commit 2d66f7b into kubernetes:master Apr 6, 2017
@xilabao xilabao mentioned this pull request Apr 6, 2017
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@luxas luxas luxas approved these changes

@errordeveloper errordeveloper errordeveloper approved these changes

Assignees

@errordeveloper errordeveloper

@luxas luxas

Labels
approved Indicates a PR has been approved by an approver from all required OWNERS files. cncf-cla: yes Indicates the PR's author has signed the CNCF CLA. lgtm "Looks good to me", indicates that a PR is ready to be merged. needs-ok-to-test Indicates a PR that requires an org member to verify it is safe to test. release-note-none Denotes a PR that doesn't merit a release note. size/L Denotes a PR that changes 100-499 lines, ignoring generated files.
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Allow multiple providers for authorizationMode
7 participants
@xilabao @k8s-ci-robot @k8s-reviewable @luxas @k8s-github-robot @errordeveloper @grodrigues3