kubernetes
/
apiserver
mirror of https://github.com/kubernetes/apiserver.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

add comment to describe why we set the UID in the response headers 

Kubernetes-commit: cecd90f52418458d7ef146846fa6efabeddc3f7c
This commit is contained in:
Abu Kashem 2020-12-01 14:31:54 -05:00 committed by Kubernetes Publisher
parent 042ea6f3b0
commit 239a5f624e
1 changed files with 5 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
pkg/server/filters/priority-and-fairness.go
View File

@ -122,8 +122,13 @@ func WithPriorityAndFairness(
served = true
innerCtx := context.WithValue(ctx, priorityAndFairnessKey, classification)
innerReq := r.Clone(innerCtx)
// We intentionally set the UID of the flow-schema and priority-level instead of name. This is so that
// the names that cluster-admins choose for categorization and priority levels are not exposed, also
// the names might make it obvious to the users that they are rejected due to classification with low priority.
w.Header().Set(flowcontrol.ResponseHeaderMatchedPriorityLevelConfigurationUID, string(classification.PriorityLevelUID))
w.Header().Set(flowcontrol.ResponseHeaderMatchedFlowSchemaUID, string(classification.FlowSchemaUID))
handler.ServeHTTP(w, innerReq)
}
digest := utilflowcontrol.RequestDigest{RequestInfo: requestInfo, User: user}