Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Populate API version in synthetic authorization requests #80007

Merged
merged 1 commit into from
Jul 11, 2019
Merged

Populate API version in synthetic authorization requests #80007

merged 1 commit into from
Jul 11, 2019

Conversation

liggitt
Copy link
Member

@liggitt liggitt commented Jul 11, 2019

What type of PR is this?
/kind cleanup

What this PR does / why we need it:
Populates the APIVersion field in synthetic authorization checks. All REST requests populate this, and most synthetic authorization checks already populated this, but a few did not.

None of the in-tree authorizers make use of the version field, but external authorizers could.

Does this PR introduce a user-facing change?:

SubjectAccessReview requests sent for RBAC escalation, impersonation, and pod security policy authorization checks now populate the version attribute.

/sig auth
/cc @enj
/priority backlog

@k8s-ci-robot k8s-ci-robot requested a review from enj July 11, 2019 01:31
@k8s-ci-robot k8s-ci-robot added release-note Denotes a PR that will be considered when it comes time to generate release notes. kind/cleanup Categorizes issue or PR as related to cleaning up code, process, or technical debt. size/S Denotes a PR that changes 10-29 lines, ignoring generated files. sig/auth Categorizes an issue or PR as relevant to SIG Auth. priority/backlog Higher priority than priority/awaiting-more-evidence. cncf-cla: yes Indicates the PR's author has signed the CNCF CLA. area/apiserver sig/api-machinery Categorizes an issue or PR as relevant to SIG API Machinery. labels Jul 11, 2019
@k8s-ci-robot
Copy link
Contributor

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: liggitt

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Needs approval from an approver in each of these files:

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

@k8s-ci-robot k8s-ci-robot added the approved Indicates a PR has been approved by an approver from all required OWNERS files. label Jul 11, 2019
@enj
Copy link
Member

enj commented Jul 11, 2019

/lgtm

@k8s-ci-robot k8s-ci-robot added the lgtm "Looks good to me", indicates that a PR is ready to be merged. label Jul 11, 2019
@liggitt
Copy link
Member Author

liggitt commented Jul 11, 2019

/retest

@k8s-ci-robot k8s-ci-robot merged commit ab960c6 into kubernetes:master Jul 11, 2019
@liggitt liggitt deleted the populate-version-authorization-check branch July 11, 2019 06:07
@liggitt liggitt added this to the v1.16 milestone Aug 6, 2019
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@enj enj Awaiting requested review from enj

Assignees

@enj enj

Labels
approved Indicates a PR has been approved by an approver from all required OWNERS files. area/apiserver cncf-cla: yes Indicates the PR's author has signed the CNCF CLA. kind/cleanup Categorizes issue or PR as related to cleaning up code, process, or technical debt. lgtm "Looks good to me", indicates that a PR is ready to be merged. priority/backlog Higher priority than priority/awaiting-more-evidence. release-note Denotes a PR that will be considered when it comes time to generate release notes. sig/api-machinery Categorizes an issue or PR as relevant to SIG API Machinery. sig/auth Categorizes an issue or PR as relevant to SIG Auth. size/S Denotes a PR that changes 10-29 lines, ignoring generated files.
Projects
None yet
Milestone
v1.16
Development

Successfully merging this pull request may close these issues.
3 participants
@liggitt @k8s-ci-robot @enj