kubernetes
/
apiserver
mirror of https://github.com/kubernetes/apiserver.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #119795 from sttts/sttts-httplog-impersonation 

apiserver/httplog: pretty up impersonation output

Kubernetes-commit: 19f6d5be8269d4051acffc5709ec4bee7274268a
This commit is contained in:
Kubernetes Publisher 2023-08-15 23:13:18 -07:00
parent a11da9bae8 13a3aab581
commit 1f19e00d1c
4 changed files with 23 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
go.mod
View File

@ -44,7 +44,7 @@ require (
k8s.io/api v0.0.0-20230810042731-2f6eec10c476 k8s.io/api v0.0.0-20230810042731-2f6eec10c476
k8s.io/apimachinery v0.0.0-20230815235018-4c378f8a8a61 k8s.io/apimachinery v0.0.0-20230815235018-4c378f8a8a61
k8s.io/client-go v0.0.0-20230816040348-b97d8af0937c k8s.io/client-go v0.0.0-20230816040348-b97d8af0937c
k8s.io/component-base v0.0.0-20230807211050-31137ad9f7f2 k8s.io/component-base v0.0.0-20230816041302-b54afcf379c0
k8s.io/klog/v2 v2.100.1 k8s.io/klog/v2 v2.100.1
k8s.io/kms v0.0.0-20230807211544-e54c40adc2b2 k8s.io/kms v0.0.0-20230807211544-e54c40adc2b2
k8s.io/kube-openapi v0.0.0-20230717233707-2695361300d9 k8s.io/kube-openapi v0.0.0-20230717233707-2695361300d9
@ -129,6 +129,6 @@ replace (
k8s.io/api => k8s.io/api v0.0.0-20230810042731-2f6eec10c476 k8s.io/api => k8s.io/api v0.0.0-20230810042731-2f6eec10c476
k8s.io/apimachinery => k8s.io/apimachinery v0.0.0-20230815235018-4c378f8a8a61 k8s.io/apimachinery => k8s.io/apimachinery v0.0.0-20230815235018-4c378f8a8a61
k8s.io/client-go => k8s.io/client-go v0.0.0-20230816040348-b97d8af0937c k8s.io/client-go => k8s.io/client-go v0.0.0-20230816040348-b97d8af0937c
k8s.io/component-base => k8s.io/component-base v0.0.0-20230807211050-31137ad9f7f2 k8s.io/component-base => k8s.io/component-base v0.0.0-20230816041302-b54afcf379c0
k8s.io/kms => k8s.io/kms v0.0.0-20230807211544-e54c40adc2b2 k8s.io/kms => k8s.io/kms v0.0.0-20230807211544-e54c40adc2b2
) )

4
go.sum
View File

@ -676,8 +676,8 @@ k8s.io/apimachinery v0.0.0-20230815235018-4c378f8a8a61 h1:PQAKasgkOolbHn5mI2MIMa
k8s.io/apimachinery v0.0.0-20230815235018-4c378f8a8a61/go.mod h1:X0xh/chESs2hP9koe+SdIAcXWcQ+RM5hy0ZynB+yEvw= k8s.io/apimachinery v0.0.0-20230815235018-4c378f8a8a61/go.mod h1:X0xh/chESs2hP9koe+SdIAcXWcQ+RM5hy0ZynB+yEvw=
k8s.io/client-go v0.0.0-20230816040348-b97d8af0937c h1:P3i5n8yHv4kog3UH5DsTY/Ea/lKR5kIABlNHdpi3IVA= k8s.io/client-go v0.0.0-20230816040348-b97d8af0937c h1:P3i5n8yHv4kog3UH5DsTY/Ea/lKR5kIABlNHdpi3IVA=
k8s.io/client-go v0.0.0-20230816040348-b97d8af0937c/go.mod h1:8j1NqdeVD9eU4kSF8iq14yzTJQLAM897lcLSv3p/JB4= k8s.io/client-go v0.0.0-20230816040348-b97d8af0937c/go.mod h1:8j1NqdeVD9eU4kSF8iq14yzTJQLAM897lcLSv3p/JB4=
k8s.io/component-base v0.0.0-20230807211050-31137ad9f7f2 h1:bgkLpsQhIRm8Rd6h9V/n50sN63k6sEzX+Q8nCpZCCX4= k8s.io/component-base v0.0.0-20230816041302-b54afcf379c0 h1:uuljDMCaiT42hJDJgaxdoXrMEcej8ADI5y+kGjt4Dtw=
k8s.io/component-base v0.0.0-20230807211050-31137ad9f7f2/go.mod h1:wjy+fowSTnR9NfN23CZuwDq+yF+viZTN5nbGbXcOYBM= k8s.io/component-base v0.0.0-20230816041302-b54afcf379c0/go.mod h1:W5sXP3/QrFKETZVvaWLTjcl1LmhmxJhE8MFFRysUHPw=
k8s.io/klog/v2 v2.100.1 h1:7WCHKK6K8fNhTqfBhISHQ97KrnJNFZMcQvKp7gP/tmg= k8s.io/klog/v2 v2.100.1 h1:7WCHKK6K8fNhTqfBhISHQ97KrnJNFZMcQvKp7gP/tmg=
k8s.io/klog/v2 v2.100.1/go.mod h1:y1WjHnz7Dj687irZUWR/WLkLc5N1YHtjLdmgWjndZn0= k8s.io/klog/v2 v2.100.1/go.mod h1:y1WjHnz7Dj687irZUWR/WLkLc5N1YHtjLdmgWjndZn0=
k8s.io/kms v0.0.0-20230807211544-e54c40adc2b2 h1:BOGPJSH0D8wqePatlYZlSJK08/SADckKy05IyvIi9mA= k8s.io/kms v0.0.0-20230807211544-e54c40adc2b2 h1:BOGPJSH0D8wqePatlYZlSJK08/SADckKy05IyvIi9mA=

20
pkg/endpoints/filters/impersonation.go
View File

@ -164,7 +164,7 @@ func WithImpersonation(handler http.Handler, a authorizer.Authorizer, s runtime.
req = req.WithContext(request.WithUser(ctx, newUser)) req = req.WithContext(request.WithUser(ctx, newUser))
oldUser, _ := request.UserFrom(ctx) oldUser, _ := request.UserFrom(ctx)
httplog.LogOf(req, w).Addf("%v is acting as %v", oldUser, newUser) httplog.LogOf(req, w).Addf("%v is impersonating %v", userString(oldUser), userString(newUser))
ae := audit.AuditEventFrom(ctx) ae := audit.AuditEventFrom(ctx)
audit.LogImpersonatedUser(ae, newUser) audit.LogImpersonatedUser(ae, newUser)
@ -183,6 +183,24 @@ func WithImpersonation(handler http.Handler, a authorizer.Authorizer, s runtime.
}) })
} }
func userString(u user.Info) string {
if u == nil {
return "<none>"
}
b := strings.Builder{}
if name := u.GetName(); name == "" {
b.WriteString("<empty>")
} else {
b.WriteString(name)
}
if groups := u.GetGroups(); len(groups) > 0 {
b.WriteString("[")
b.WriteString(strings.Join(groups, ","))
b.WriteString("]")
}
return b.String()
}
func unescapeExtraKey(encodedKey string) string { func unescapeExtraKey(encodedKey string) string {
key, err := url.PathUnescape(encodedKey) // Decode %-encoded bytes. key, err := url.PathUnescape(encodedKey) // Decode %-encoded bytes.
if err != nil { if err != nil {

1
pkg/server/httplog/httplog.go
View File

@ -205,7 +205,6 @@ func StatusIsNot(statuses ...int) StacktracePred {
func (rl *respLogger) Addf(format string, data ...interface{}) { func (rl *respLogger) Addf(format string, data ...interface{}) {
rl.mutex.Lock() rl.mutex.Lock()
defer rl.mutex.Unlock() defer rl.mutex.Unlock()
rl.addedInfo.WriteString("\n")
rl.addedInfo.WriteString(fmt.Sprintf(format, data...)) rl.addedInfo.WriteString(fmt.Sprintf(format, data...))
} }