- Sort Score
- Result 10 results
- Languages All
Results 51 - 60 of 583 for authorizer (0.23 sec)
-
pkg/registry/admissionregistration/validatingadmissionpolicybinding/authz.go
// identical paramRef and policy to old object return nil } return v.authorize(ctx, binding) } func (v *validatingAdmissionPolicyBindingStrategy) authorize(ctx context.Context, binding *admissionregistration.ValidatingAdmissionPolicyBinding) error { if v.authorizer == nil || v.resourceResolver == nil || binding.Spec.ParamRef == nil { return nil } // for superuser, skip all checks
Registered: Sat Jun 15 01:39:40 UTC 2024 - Last Modified: Wed May 01 12:19:03 UTC 2024 - 3.7K bytes - Viewed (0) -
pkg/registry/authorization/rest/storage_authorization.go
) type RESTStorageProvider struct { Authorizer authorizer.Authorizer RuleResolver authorizer.RuleResolver } func (p RESTStorageProvider) NewRESTStorage(apiResourceConfigSource serverstorage.APIResourceConfigSource, restOptionsGetter generic.RESTOptionsGetter) (genericapiserver.APIGroupInfo, error) { if p.Authorizer == nil { return genericapiserver.APIGroupInfo{}, nil }
Registered: Sat Jun 15 01:39:40 UTC 2024 - Last Modified: Wed Feb 23 18:36:33 UTC 2022 - 3.4K bytes - Viewed (0) -
staging/src/k8s.io/apiserver/pkg/admission/plugin/policy/generic/plugin.go
c.dynamicClient = client } func (c *Plugin[H]) SetDrainedNotification(stopCh <-chan struct{}) { c.stopCh = stopCh } func (c *Plugin[H]) SetAuthorizer(authorizer authorizer.Authorizer) { c.authorizer = authorizer } func (c *Plugin[H]) SetMatcher(matcher *matching.Matcher) { c.matcher = matcher } func (c *Plugin[H]) SetEnabled(enabled bool) { c.enabled = enabled }
Registered: Sat Jun 15 01:39:40 UTC 2024 - Last Modified: Tue Mar 05 19:11:10 UTC 2024 - 6.6K bytes - Viewed (0) -
pkg/registry/authorization/util/helpers.go
"k8s.io/apiserver/pkg/authorization/authorizer" authorizationapi "k8s.io/kubernetes/pkg/apis/authorization" ) // ResourceAttributesFrom combines the API object information and the user.Info from the context to build a full authorizer.AttributesRecord for resource access func ResourceAttributesFrom(user user.Info, in authorizationapi.ResourceAttributes) authorizer.AttributesRecord { return authorizer.AttributesRecord{ User: user,
Registered: Sat Jun 15 01:39:40 UTC 2024 - Last Modified: Tue Apr 25 16:06:18 UTC 2023 - 2.8K bytes - Viewed (0) -
cmd/kubelet/app/auth.go
if dynamicCAContentFromFile != nil { go dynamicCAContentFromFile.Run(ctx, 1) } }, err } // BuildAuthz creates an authorizer compatible with the kubelet's needs func BuildAuthz(client authorizationclient.AuthorizationV1Interface, authz kubeletconfig.KubeletAuthorization) (authorizer.Authorizer, error) { switch authz.Mode { case kubeletconfig.KubeletAuthorizationModeAlwaysAllow:
Registered: Sat Jun 15 01:39:40 UTC 2024 - Last Modified: Mon Mar 07 14:37:01 UTC 2022 - 5K bytes - Viewed (0) -
staging/src/k8s.io/apiserver/pkg/endpoints/filters/metrics_test.go
"authorization_attempts_total", "authorization_decision_annotations_total", } testCases := []struct { desc string authorizer fakeAuthorizer want string }{ { desc: "auth ok", authorizer: fakeAuthorizer{ authorizer.DecisionAllow, "RBAC: allowed to patch pod", nil, }, want: `
Registered: Sat Jun 15 01:39:40 UTC 2024 - Last Modified: Thu Apr 20 13:35:55 UTC 2023 - 8.7K bytes - Viewed (0) -
staging/src/k8s.io/apiserver/pkg/cel/environment/environment_test.go
}, invalidExpressions: []string{"authorizer.path('/healthz').check('get').allowed()"}, activation: map[string]any{"authorizer": library.NewAuthorizerVal(nil, fakeAuthorizer{decision: authorizer.DecisionAllow})}, opts: []VersionedOptions{ {IntroducedVersion: version.MajorMinor(1, 27), EnvOptions: []cel.EnvOption{cel.Variable("authorizer", library.AuthorizerType)}}, }, }, {
Registered: Sat Jun 15 01:39:40 UTC 2024 - Last Modified: Fri May 10 22:07:40 UTC 2024 - 10K bytes - Viewed (0) -
staging/src/k8s.io/apiserver/pkg/endpoints/handlers/update.go
func withAuthorization(validate rest.ValidateObjectFunc, a authorizer.Authorizer, attributes authorizer.Attributes) rest.ValidateObjectFunc { var once sync.Once var authorizerDecision authorizer.Decision var authorizerReason string var authorizerErr error return func(ctx context.Context, obj runtime.Object) error { if a == nil { return errors.NewInternalError(fmt.Errorf("no authorizer provided, unable to authorize a create on update")) }
Registered: Sat Jun 15 01:39:40 UTC 2024 - Last Modified: Mon May 01 20:19:46 UTC 2023 - 11.5K bytes - Viewed (0) -
staging/src/k8s.io/apiserver/pkg/admission/plugin/cel/interface.go
VersionedParams runtime.Object // Authorizer provides the authorizer used for the "authorizer" and // "authorizer.requestResource" variable bindings. If the expression was compiled with // OptionalVariableDeclarations.HasAuthorizer set to true this must be non-nil. Authorizer authorizer.Authorizer } // Filter contains a function to evaluate compiled CEL-typed values
Registered: Sat Jun 15 01:39:40 UTC 2024 - Last Modified: Fri May 10 22:07:40 UTC 2024 - 3.9K bytes - Viewed (0) -
staging/src/k8s.io/apiserver/pkg/admission/initializer/initializer.go
"k8s.io/apiserver/pkg/authorization/authorizer" "k8s.io/client-go/dynamic" "k8s.io/client-go/informers" "k8s.io/client-go/kubernetes" "k8s.io/component-base/featuregate" ) type pluginInitializer struct { externalClient kubernetes.Interface dynamicClient dynamic.Interface externalInformers informers.SharedInformerFactory authorizer authorizer.Authorizer featureGates featuregate.FeatureGate
Registered: Sat Jun 15 01:39:40 UTC 2024 - Last Modified: Wed Mar 06 00:00:21 UTC 2024 - 3K bytes - Viewed (0)