Search Options

Results per page
Sort
Preferred Languages
Advance

Results 1 - 6 of 6 for AddAuditAnnotation (0.23 sec)

  2. github.com/kubernetes/kubernetes

    staging/src/k8s.io/apiserver/pkg/audit/context_test.go 

    				go func(i int) {
					AddAuditAnnotation(test.ctx, fmt.Sprintf(annotationKeyTemplate, i), annotationValue)
					wg.Done()
				}(i)
			}
			wg.Wait()

			test.validator(t, test.ctx)
		})
	}
}

func TestAuditAnnotationsWithAuditLoggingSetup(t *testing.T) {
	// No audit context data in the request context
	ctx := context.Background()
	AddAuditAnnotation(ctx, "nil", "0")
    Registered: Sat Jun 15 01:39:40 UTC 2024
    - Last Modified: Mon Jul 03 16:16:51 UTC 2023
    - 5K bytes
    - Viewed (0)
  3. github.com/kubernetes/kubernetes

    staging/src/k8s.io/apiserver/pkg/audit/context.go 

    // as at that point the audit event has already been sent to the audit sink.
// Handlers that are unaware of their position in the overall request flow should
// prefer AddAuditAnnotation over LogAnnotation to avoid dropping annotations.
func AddAuditAnnotation(ctx context.Context, key, value string) {
	ac := AuditContextFrom(ctx)
	if !ac.Enabled() {
		return
	}

	ac.annotationMutex.Lock()
	defer ac.annotationMutex.Unlock()
    Registered: Sat Jun 15 01:39:40 UTC 2024
    - Last Modified: Mon Jul 03 16:16:51 UTC 2023
    - 6.1K bytes
    - Viewed (0)
  4. github.com/kubernetes/kubernetes

    pkg/serviceaccount/legacy.go 

    				audit.AddAuditAnnotation(ctx, "authentication.k8s.io/legacy-token-autogenerated-secret", secret.Name)
				autoGeneratedTokensTotal.WithContext(ctx).Inc()
				break
			}
		}

		// Check if it's a manually created secret-based token
		if !autoGenerated {
			audit.AddAuditAnnotation(ctx, "authentication.k8s.io/legacy-token-manual-secret", secret.Name)
    Registered: Sat Jun 15 01:39:40 UTC 2024
    - Last Modified: Wed Nov 01 08:32:23 UTC 2023
    - 8.4K bytes
    - Viewed (0)
  5. github.com/kubernetes/kubernetes

    staging/src/k8s.io/apiserver/pkg/endpoints/filters/authorization.go 

    			audit.AddAuditAnnotations(ctx,
				decisionAnnotationKey, decisionAllow,
				reasonAnnotationKey, reason)
			handler.ServeHTTP(w, req)
			return
		}
		if err != nil {
			audit.AddAuditAnnotation(ctx, reasonAnnotationKey, reasonError)
			responsewriters.InternalError(w, req, err)
			return
		}

		klog.V(4).InfoS("Forbidden", "URI", req.RequestURI, "reason", reason)
		audit.AddAuditAnnotations(ctx,
    Registered: Sat Jun 15 01:39:40 UTC 2024
    - Last Modified: Thu Apr 20 13:35:55 UTC 2023
    - 3.8K bytes
    - Viewed (0)
  6. github.com/kubernetes/kubernetes

    staging/src/k8s.io/apiserver/pkg/authentication/token/cache/cached_token_authenticator.go 

    type cacheRecord struct {
	resp *authenticator.Response
	ok   bool
	err  error

	// this cache assumes token authn has no side-effects or temporal dependence.
	// neither of these are true for audit annotations set via AddAuditAnnotation.
	//
	// for audit annotations, the assumption is that for some period of time (cache TTL),
	// all requests with the same API audiences and the same bearer token result in the
    Registered: Sat Jun 15 01:39:40 UTC 2024
    - Last Modified: Mon Jul 03 16:16:51 UTC 2023
    - 9.8K bytes
    - Viewed (0)
  7. github.com/kubernetes/kubernetes

    staging/src/k8s.io/apiserver/pkg/util/x509metrics/server_cert_deprecations.go 

    		if hostname := req.URL.Hostname(); len(hostname) > 0 {
			prefix := fmt.Sprintf("%s.invalid-cert.kubernetes.io", c.id)
			klog.Infof("%s: invalid certificate detected connecting to %q: %s", prefix, hostname, c.reason)
			audit.AddAuditAnnotation(req.Context(), prefix+"/"+hostname, c.reason)
		}
	}
	c.counter.Inc()
}

// NewDeprecatedCertificateRoundTripperWrapperConstructor returns a RoundTripper wrapper that's usable within ClientConfig.Wrap.
//
    Registered: Sat Jun 15 01:39:40 UTC 2024
    - Last Modified: Tue Jul 26 17:14:05 UTC 2022
    - 7.3K bytes
    - Viewed (0)
Back to top