kubernetes
/
kops
mirror of https://github.com/kubernetes/kops.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

make admin user in token auth have the same group (system:masters) as basic auth. 

this should fix https://github.com/kubernetes/kops/issues/4369
This commit is contained in:
Touch Ungboriboonpisal 2018-03-04 16:46:17 -08:00
parent 75cef70d58
commit eddf4ae7a0
1 changed files with 11 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

13
nodeup/pkg/model/secrets.go
View File

@ -34,6 +34,11 @@ type SecretBuilder struct {
var _ fi.ModelBuilder = &SecretBuilder{}
const (
adminUser = "admin"
adminGroup = "system:masters"
)
// Build is responsible for pulling down the secrets
func (b *SecretBuilder) Build(c *fi.ModelBuilderContext) error {
if b.KeyStore == nil {
@ -196,7 +201,7 @@ func (b *SecretBuilder) Build(c *fi.ModelBuilderContext) error {
if token == nil {
return fmt.Errorf("token not found: %q", key)
}
csv := string(token.Data) + ",admin,admin,system:masters"
csv := string(token.Data) + "," + adminUser + "," + adminUser + "," + adminGroup
t := &nodetasks.File{
Path: filepath.Join(b.PathSrvKubernetes(), "basic_auth.csv"),
@ -215,7 +220,11 @@ func (b *SecretBuilder) Build(c *fi.ModelBuilderContext) error {
var lines []string
for id, token := range allTokens {
lines = append(lines, token+","+id+","+id)
if id == adminUser {
lines = append(lines, token+","+id+","+id+","+adminGroup)
} else {
lines = append(lines, token+","+id+","+id)
}
}
csv := strings.Join(lines, "\n")