Skip to content
Permalink
Browse files

Merge pull request #78315 from dekkagaijin/mip

specify additional static auth for components by env var
  • Loading branch information...
k8s-ci-robot committed May 24, 2019
2 parents 914f80d + 5a9af2e commit 01a5ec3d3d8f0b1aaa05845d34a8684f32a2b8b0
Showing with 9 additions and 0 deletions.
  1. +9 −0 cluster/gce/gci/configure-helper.sh
@@ -611,6 +611,15 @@ function create-master-auth {
if [[ -n "${ADDON_MANAGER_TOKEN:-}" ]]; then
append_or_replace_prefixed_line "${known_tokens_csv}" "${ADDON_MANAGER_TOKEN}," "system:addon-manager,uid:system:addon-manager,system:masters"
fi
if [[ -n "${EXTRA_STATIC_AUTH_COMPONENTS:-}" ]]; then
# Create a static Bearer token and kubeconfig for extra, comma-separated components.
IFS="," read -r -a extra_components <<< "${EXTRA_STATIC_AUTH_COMPONENTS:-}"
for extra_component in "${extra_components[@]}"; do
local token="$(secure_random 32)"
append_or_replace_prefixed_line "${known_tokens_csv}" "${token}," "system:${extra_component},uid:system:${extra_component}"
create-kubeconfig "${extra_component}" "${token}"
done
fi
local use_cloud_config="false"
cat <<EOF >/etc/gce.conf
[global]

0 comments on commit 01a5ec3

Please sign in to comment.
You can’t perform that action at this time.