- Sort Score
- Result 10 results
- Languages All
Results 111 - 120 of 257 for authorizer (0.23 sec)
-
security/pkg/server/ca/server_test.go
callerClusterID cluster.ID trustedNodeAccounts sets.Set[types.NamespacedName] isMultiCluster bool remoteClusterPods []pod code codes.Code }{ { name: "No node authorizer", authenticators: []security.Authenticator{&mockAuthenticator{ identities: []string{"test-identity"}, kubernetesInfo: ztunnelCaller, }}, ca: &mockca.FakeCA{ SignedCert: []byte("cert"),
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Wed Feb 28 16:41:38 UTC 2024 - 15.8K bytes - Viewed (0) -
plugin/pkg/auth/authorizer/rbac/bootstrappolicy/policy.go
rbacv1helpers.NewRule("get").Groups(legacyGroup).Resources("persistentvolumeclaims", "persistentvolumes").RuleOrDie(), // TODO: add to the Node authorizer and restrict to endpoints referenced by pods or PVs bound to the node // Needed for glusterfs volumes rbacv1helpers.NewRule("get").Groups(legacyGroup).Resources("endpoints").RuleOrDie(),
Registered: Sat Jun 15 01:39:40 UTC 2024 - Last Modified: Fri Mar 08 19:25:10 UTC 2024 - 34.4K bytes - Viewed (0) -
pkg/kubelet/apis/config/types.go
// Authorization in the Kubelet. type KubeletWebhookAuthorization struct { // cacheAuthorizedTTL is the duration to cache 'authorized' responses from the webhook authorizer. CacheAuthorizedTTL metav1.Duration // cacheUnauthorizedTTL is the duration to cache 'unauthorized' responses from the webhook authorizer. CacheUnauthorizedTTL metav1.Duration } // KubeletAuthentication holds the Kubetlet Authentication setttings.
Registered: Sat Jun 15 01:39:40 UTC 2024 - Last Modified: Tue Mar 05 21:10:42 UTC 2024 - 35.1K bytes - Viewed (0) -
staging/src/k8s.io/apiserver/pkg/server/genericapiserver_graceful_termination_test.go
"testing" "time" utilnet "k8s.io/apimachinery/pkg/util/net" "k8s.io/apimachinery/pkg/util/wait" auditinternal "k8s.io/apiserver/pkg/apis/audit" "k8s.io/apiserver/pkg/audit" "k8s.io/apiserver/pkg/authorization/authorizer" apirequest "k8s.io/apiserver/pkg/endpoints/request" "k8s.io/apiserver/pkg/server/dynamiccertificates" "k8s.io/klog/v2" "k8s.io/klog/v2/ktesting" "github.com/google/go-cmp/cmp" "golang.org/x/net/http2" )
Registered: Sat Jun 15 01:39:40 UTC 2024 - Last Modified: Mon Apr 29 18:59:21 UTC 2024 - 38.3K bytes - Viewed (0) -
plugin/pkg/admission/serviceaccount/admission.go
s.serviceAccountLister = serviceAccountInformer.Lister() s.SetReadyFunc(func() bool { return serviceAccountInformer.Informer().HasSynced() }) } // ValidateInitialization ensures an authorizer is set. func (s *Plugin) ValidateInitialization() error { if s.client == nil { return fmt.Errorf("missing client") } if s.serviceAccountLister == nil { return fmt.Errorf("missing serviceAccountLister")
Registered: Sat Jun 15 01:39:40 UTC 2024 - Last Modified: Fri Apr 12 17:49:30 UTC 2024 - 18.6K bytes - Viewed (0) -
api/openapi-spec/v3/apis__admissionregistration.k8s.io__v1alpha1_openapi.json
its lazily evaluated value.\n For example, a variable named 'foo' can be accessed as 'variables.foo'.\n- 'authorizer' - A CEL Authorizer. May be used to perform authorization checks for the principal (user or service account) of the request.\n See https://pkg.go.dev/k8s.io/apiserver/pkg/cel/library#Authz\n- 'authorizer.requestResource' - A CEL ResourceCheck constructed from the 'authorizer' and configured with the\n request resource.\n\nThe `apiVersion`, `kind`, `metadata.name` and `metadata.generateName`...
Registered: Sat Jun 15 01:39:40 UTC 2024 - Last Modified: Fri Mar 08 04:18:56 UTC 2024 - 235.4K bytes - Viewed (0) -
api/openapi-spec/v3/apis__admissionregistration.k8s.io__v1beta1_openapi.json
its lazily evaluated value.\n For example, a variable named 'foo' can be accessed as 'variables.foo'.\n- 'authorizer' - A CEL Authorizer. May be used to perform authorization checks for the principal (user or service account) of the request.\n See https://pkg.go.dev/k8s.io/apiserver/pkg/cel/library#Authz\n- 'authorizer.requestResource' - A CEL ResourceCheck constructed from the 'authorizer' and configured with the\n request resource.\n\nThe `apiVersion`, `kind`, `metadata.name` and `metadata.generateName`...
Registered: Sat Jun 15 01:39:40 UTC 2024 - Last Modified: Fri Mar 08 04:18:56 UTC 2024 - 235.7K bytes - Viewed (0) -
pkg/controlplane/instance_test.go
err := etcdOptions.ApplyWithStorageFactoryTo(storageFactory, config.ControlPlane.Generic) if err != nil { t.Fatal(err) } kubeVersion := kubeversion.Get() config.ControlPlane.Generic.Authorization.Authorizer = authorizerfactory.NewAlwaysAllowAuthorizer() config.ControlPlane.Generic.Version = &kubeVersion config.ControlPlane.StorageFactory = storageFactory
Registered: Sat Jun 15 01:39:40 UTC 2024 - Last Modified: Mon Jun 03 11:50:04 UTC 2024 - 21.5K bytes - Viewed (0) -
cmd/kubelet/app/options/options.go
fs.DurationVar(&c.Authorization.Webhook.CacheAuthorizedTTL.Duration, "authorization-webhook-cache-authorized-ttl", c.Authorization.Webhook.CacheAuthorizedTTL.Duration, ""+ "The duration to cache 'authorized' responses from the webhook authorizer.")
Registered: Sat Jun 15 01:39:40 UTC 2024 - Last Modified: Thu Apr 18 07:00:05 UTC 2024 - 41.6K bytes - Viewed (0) -
staging/src/k8s.io/apiserver/pkg/endpoints/installer.go
Creater: a.group.Creater, Convertor: a.group.Convertor, Defaulter: a.group.Defaulter, Typer: a.group.Typer, UnsafeConvertor: a.group.UnsafeConvertor, Authorizer: a.group.Authorizer, EquivalentResourceMapper: a.group.EquivalentResourceRegistry, // TODO: Check for the interface on storage TableConvertor: tableProvider,
Registered: Sat Jun 15 01:39:40 UTC 2024 - Last Modified: Fri Mar 01 18:15:22 UTC 2024 - 51.5K bytes - Viewed (0)