Introduce changes from master to sig-auth-acceptance branch #300
Conversation
ibihim
force-pushed
the
sig-auth-acceptance-bump
branch
4 times, most recently
from
f1f64b6
to
ee29cc5
Compare
ibihim
force-pushed
the
sig-auth-acceptance-bump
branch
6 times, most recently
from
7c1476a
to
5c0c8bc
Compare
ibihim
force-pushed
the
sig-auth-acceptance-bump
branch
from
5c0c8bc
to
96e75e7
Compare
ibihim
force-pushed
the
sig-auth-acceptance-bump
branch
from
96e75e7
to
c7e1aff
Compare
|
/lgtm |
| IssuerURL: config.IssuerURL, | ||
| ClientID: config.ClientID, | ||
| tokenAuthenticator, err := oidc.New(ctx, oidc.Options{ | ||
| JWTAuthenticator: apiserver.JWTAuthenticator{ |
There was a problem hiding this comment.
can we remove the old options and just wire the new config, since we have the chance?
There was a problem hiding this comment.
Not quite what I had in mind. Keeping the legacy struct for legacy options is fine, and I think preferable.
Perhaps this is not for this PR (I'd rather we removed a610979) but why don't we try to move https://github.com/kubernetes/kubernetes/blob/04434b7bf4f8afe258fed430f163102abe1a24d5/pkg/kubeapiserver/options/authentication.go#L719-L787 somewhere where we could import it - it's how most of the other functionality in that file is implemented and this TODO mentions that it might be preferable here, too.
There was a problem hiding this comment.
I understand. Let me remove the change.
Introducing the suggested change, is definitely another PR.
There was a problem hiding this comment.
would you create a k/k issue and link it to this PR, please?
There was a problem hiding this comment.
What do you expect me to create an issue for? That we finally need to move that into one place instead of copying it across different places and that this PR is an example of why we need it?
ibihim
force-pushed
the
sig-auth-acceptance-bump
branch
3 times, most recently
from
f356040
to
a610979
Compare
ibihim
force-pushed
the
sig-auth-acceptance-bump
branch
from
a610979
to
0b4a724
Compare
ibihim
force-pushed
the
sig-auth-acceptance-bump
branch
from
0b4a724
to
c7e1aff
Compare
| name: "should pass through", | ||
| cfg: &identityheaders.AuthnHeaderConfig{}, | ||
| req: func() *http.Request { | ||
| req, err := http.NewRequest(http.MethodGet, "http://example.com", nil) |
There was a problem hiding this comment.
Add a set of chaining functions that construct a request as necessary
edit: does not have to be chaining
There was a problem hiding this comment.
I don't quite understand the benefit.
There was a problem hiding this comment.
removal of duplicated code + it's easier to write future unit tests
|
please squash the last two changes to where the code was originally introduced and let's merge this PR |
ibihim
force-pushed
the
sig-auth-acceptance-bump
branch
from
e42f4f4
to
027349e
Compare
What
Why