-
Notifications
You must be signed in to change notification settings - Fork 810
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
dashboard: support token #1188
dashboard: support token #1188
Conversation
Signed-off-by: xiang <xiang13225080@163.com>
Signed-off-by: xiang <xiang13225080@163.com>
Signed-off-by: xiang <xiang13225080@163.com>
Signed-off-by: xiang <xiang13225080@163.com>
Signed-off-by: wanyoulc <15694528183@163.com>
Signed-off-by: xiang <xiang13225080@163.com>
Signed-off-by: xiang <xiang13225080@163.com>
Signed-off-by: xiang <xiang13225080@163.com>
Signed-off-by: xiang <xiang13225080@163.com>
This reverts commit d54de84.
Signed-off-by: xiang <xiang13225080@163.com>
Signed-off-by: xiang <xiang13225080@163.com>
Signed-off-by: wanyoulc <15694528183@163.com>
Signed-off-by: xiang <xiang13225080@163.com>
Signed-off-by: xiang <xiang13225080@163.com>
Signed-off-by: wanyoulc <15694528183@163.com>
Signed-off-by: wanyoulc <15694528183@163.com>
Signed-off-by: wanyoulc <15694528183@163.com>
Signed-off-by: wanyoulc <15694528183@163.com>
* fix: experiment status Signed-off-by: Yue Yang <g1enyy0ung@gmail.com> * chore: use in.Status directly Signed-off-by: Yue Yang <g1enyy0ung@gmail.com> * chore: address comments Signed-off-by: Yue Yang <g1enyy0ung@gmail.com> Co-authored-by: ti-srebot <66930949+ti-srebot@users.noreply.github.com>
Signed-off-by: Yue Yang <g1enyy0ung@gmail.com>
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
rest LGTM
Signed-off-by: xiang <xiang13225080@163.com>
@STRRL all comment addressed, PTAL again |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM
It looks like you need to deal with the conflict. |
Signed-off-by: xiang <xiang13225080@163.com>
conflict resolved, PTAL again @fewdan |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM
Signed-off-by: xiang <xiang13225080@163.com>
Signed-off-by: xiang <xiang13225080@163.com>
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM
/merge |
Your auto merge job has been accepted, waiting for:
|
/run-all-tests |
@WangXiangUSTC merge failed. |
Signed-off-by: xiang <xiang13225080@163.com> Signed-off-by: wanyoulc <15694528183@163.com> Signed-off-by: Yue Yang <g1enyy0ung@gmail.com> Signed-off-by: STRRL <str_ruiling@outlook.com>
What problem does this PR solve?
RFC: https://github.com/chaos-mesh/rfcs/blob/main/text/2020-10-22-authn-and-authz-on-chaos-dashboard.md
Resolve #1092
Chaos can be created and deleted by anyone who has access to the dashboard, and the authority of the dashboard is very high, which means the Dashboard is a big security hazard.
The dashboard should use the k8s client with a token to visit the k8s cluster, and the token is provided by the user in the dashboard frontend. Users can only do chaos which is allowed by the token generated by the service account.
What is changed and how does it work?
Checklist
Tests
Side effects
Related changes
Does this PR introduce a user-facing change?