kubernetes
/
kops
mirror of https://github.com/kubernetes/kops.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #1357 from justinsb/authn_flags 

Add authz flags
This commit is contained in:
Kris Nova 2017-01-21 11:36:46 -07:00 committed by GitHub
parent 92dfa71968 33884d232c
commit 97afdf9f97
4 changed files with 13 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
pkg/apis/kops/componentconfig.go
View File

@ -412,6 +412,9 @@ type KubeAPIServerConfig struct {
// If set, the OpenID server's certificate will be verified by one of the authorities in the oidc-ca-file // If set, the OpenID server's certificate will be verified by one of the authorities in the oidc-ca-file
// otherwise the host's root CA set will be used. // otherwise the host's root CA set will be used.
OIDCCAFile *string `json:"oidcCAFile,omitempty" flag:"oidc-ca-file"` OIDCCAFile *string `json:"oidcCAFile,omitempty" flag:"oidc-ca-file"`
AuthorizationMode *string `json:"authorizationMode,omitempty" flag:"authorization-mode"`
AuthorizationRBACSuperUser *string `json:"authorizationRbacSuperUser,omitempty" flag:"authorization-rbac-super-user"`
} }
type KubeControllerManagerConfig struct { type KubeControllerManagerConfig struct {

3
pkg/apis/kops/v1alpha1/componentconfig.go
View File

@ -408,6 +408,9 @@ type KubeAPIServerConfig struct {
// If set, the OpenID server's certificate will be verified by one of the authorities in the oidc-ca-file // If set, the OpenID server's certificate will be verified by one of the authorities in the oidc-ca-file
// otherwise the host's root CA set will be used. // otherwise the host's root CA set will be used.
OIDCCAFile *string `json:"oidcCAFile,omitempty" flag:"oidc-ca-file"` OIDCCAFile *string `json:"oidcCAFile,omitempty" flag:"oidc-ca-file"`
AuthorizationMode *string `json:"authorizationMode,omitempty" flag:"authorization-mode"`
AuthorizationRBACSuperUser *string `json:"authorizationRbacSuperUser,omitempty" flag:"authorization-rbac-super-user"`
} }
type KubeControllerManagerConfig struct { type KubeControllerManagerConfig struct {

4
pkg/apis/kops/v1alpha1/zz_generated.conversion.go
View File

@ -964,6 +964,8 @@ func autoConvert_v1alpha1_KubeAPIServerConfig_To_kops_KubeAPIServerConfig(in *Ku
out.OIDCIssuerURL = in.OIDCIssuerURL out.OIDCIssuerURL = in.OIDCIssuerURL
out.OIDCClientID = in.OIDCClientID out.OIDCClientID = in.OIDCClientID
out.OIDCCAFile = in.OIDCCAFile out.OIDCCAFile = in.OIDCCAFile
out.AuthorizationMode = in.AuthorizationMode
out.AuthorizationRBACSuperUser = in.AuthorizationRBACSuperUser
return nil return nil
} }
@ -999,6 +1001,8 @@ func autoConvert_kops_KubeAPIServerConfig_To_v1alpha1_KubeAPIServerConfig(in *ko
out.OIDCIssuerURL = in.OIDCIssuerURL out.OIDCIssuerURL = in.OIDCIssuerURL
out.OIDCClientID = in.OIDCClientID out.OIDCClientID = in.OIDCClientID
out.OIDCCAFile = in.OIDCCAFile out.OIDCCAFile = in.OIDCCAFile
out.AuthorizationMode = in.AuthorizationMode
out.AuthorizationRBACSuperUser = in.AuthorizationRBACSuperUser
return nil return nil
} }

3
pkg/apis/kops/v1alpha2/componentconfig.go
View File

@ -176,6 +176,9 @@ type KubeAPIServerConfig struct {
// If set, the OpenID server's certificate will be verified by one of the authorities in the oidc-ca-file // If set, the OpenID server's certificate will be verified by one of the authorities in the oidc-ca-file
// otherwise the host's root CA set will be used. // otherwise the host's root CA set will be used.
OIDCCAFile *string `json:"oidcCAFile,omitempty" flag:"oidc-ca-file"` OIDCCAFile *string `json:"oidcCAFile,omitempty" flag:"oidc-ca-file"`
AuthorizationMode *string `json:"authorizationMode,omitempty" flag:"authorization-mode"`
AuthorizationRBACSuperUser *string `json:"authorizationRbacSuperUser,omitempty" flag:"authorization-rbac-super-user"`
} }
type KubeControllerManagerConfig struct { type KubeControllerManagerConfig struct {