Merge pull request #125131 from ah8ad3/auth-cani-approve
Add approve as a valid verb in can-i Kubernetes-commit: 7ba244f50e57257e9d435b42f3b0f17a92a0611a
This commit is contained in:
Kubernetes Publisher
commit
627b5dabb0
2
go.mod
2
go.mod
|
|
@ -32,7 +32,7 @@ require (
|
|||
k8s.io/api v0.0.0-20240528083513-7480c4668141
|
||||
k8s.io/apimachinery v0.0.0-20240528083227-d8a3da39bf82
|
||||
k8s.io/cli-runtime v0.0.0-20240528091233-f82feee4b536
|
||||
k8s.io/client-go v0.0.0-20240528083908-f53839a9ad6d
|
||||
k8s.io/client-go v0.0.0-20240529003851-3f130bd83012
|
||||
k8s.io/component-base v0.0.0-20240528084817-bf51cae4d7aa
|
||||
k8s.io/component-helpers v0.0.0-20240528084957-01aaeb49cda3
|
||||
k8s.io/klog/v2 v2.120.1
|
||||
|
|
|
|||
4
go.sum
4
go.sum
|
|
@ -272,8 +272,8 @@ k8s.io/apimachinery v0.0.0-20240528083227-d8a3da39bf82 h1:VdBSu9hfIGtUc3VYM0eGHn
|
|||
k8s.io/apimachinery v0.0.0-20240528083227-d8a3da39bf82/go.mod h1:Tbh97rImB1AK+ESEKVAzaakMJKJaMzpxIdHfDmHds3U=
|
||||
k8s.io/cli-runtime v0.0.0-20240528091233-f82feee4b536 h1:aXwb4tceQ3nY6mndpxJN012d+YIlgeh9VA1ucwE5cR4=
|
||||
k8s.io/cli-runtime v0.0.0-20240528091233-f82feee4b536/go.mod h1:C9KhxobcPB0tQckItM4Hzgk+biufhcpj0l7oH+PuNT4=
|
||||
k8s.io/client-go v0.0.0-20240528083908-f53839a9ad6d h1:MuPyO9czPo8DjKOWIkiA3DMJPlEIAynEZsdFxpBjvyc=
|
||||
k8s.io/client-go v0.0.0-20240528083908-f53839a9ad6d/go.mod h1:+c5wPEi2MNKtdV/wDx7qDyUXI3cMU2qaK0q/VDl4Fbg=
|
||||
k8s.io/client-go v0.0.0-20240529003851-3f130bd83012 h1:Ia03YFFHR6x3NQpJzr8gqchJ2EasOZ9d2nqMTTx04Ok=
|
||||
k8s.io/client-go v0.0.0-20240529003851-3f130bd83012/go.mod h1:pRwViaYrqKDNdgYyKqU7OK5Pc43mVS/goqBvGAZD3Pc=
|
||||
k8s.io/component-base v0.0.0-20240528084817-bf51cae4d7aa h1:1+L1S2gK7/eBRGjU6y31177QOYZhDlNx+Io7ruK0u2Y=
|
||||
k8s.io/component-base v0.0.0-20240528084817-bf51cae4d7aa/go.mod h1:lhuGni/wsFDYwGe330Fvy+97lQs+VrkEHzKh9FfMbM4=
|
||||
k8s.io/component-helpers v0.0.0-20240528084957-01aaeb49cda3 h1:Jr2k4h6O8q4J0q/SdCA10KPlILBxb2nO+h3tWEPTbOQ=
|
||||
|
|
|
|||
|
|
@ -100,10 +100,13 @@ var (
|
|||
# Check to see if I can access the URL /logs/
|
||||
kubectl auth can-i get /logs/
|
||||
|
||||
# Check to see if I can approve certificates.k8s.io
|
||||
kubectl auth can-i approve certificates.k8s.io
|
||||
|
||||
# List all allowed actions in namespace "foo"
|
||||
kubectl auth can-i --list --namespace=foo`)
|
||||
|
||||
resourceVerbs = sets.NewString("get", "list", "watch", "create", "update", "patch", "delete", "deletecollection", "use", "bind", "impersonate", "*")
|
||||
resourceVerbs = sets.NewString("get", "list", "watch", "create", "update", "patch", "delete", "deletecollection", "use", "bind", "impersonate", "*", "approve")
|
||||
nonResourceURLVerbs = sets.NewString("get", "put", "post", "head", "options", "delete", "patch", "*")
|
||||
// holds all the server-supported resources that cannot be discovered by clients. i.e. users and groups for the impersonate verb
|
||||
nonStandardResourceNames = sets.NewString("users", "groups")
|
||||
|
|
@ -183,7 +186,7 @@ func (o *CanIOptions) Complete(f cmdutil.Factory, args []string) error {
|
|||
default:
|
||||
errString := "you must specify two arguments: verb resource or verb resource/resourceName."
|
||||
usageString := "See 'kubectl auth can-i -h' for help and examples."
|
||||
return errors.New(fmt.Sprintf("%s\n%s", errString, usageString))
|
||||
return fmt.Errorf("%s\n%s", errString, usageString)
|
||||
}
|
||||
}
|
||||
|
||||
|
|
|
|||
Loading…
Reference in New Issue