Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Fix broken defaulting and validation in TokenRequest enablement #70967

Merged
merged 3 commits into from
Nov 14, 2018
Merged

Fix broken defaulting and validation in TokenRequest enablement #70967

merged 3 commits into from
Nov 14, 2018

Conversation

mikedanese
Copy link
Member

@mikedanese mikedanese commented Nov 13, 2018
edited

Defaults were not being applied correctly and the entire situation was pretty confused.

/kind bug
/sig auth

NONE

@k8s-ci-robot k8s-ci-robot added release-note-none Denotes a PR that doesn't merit a release note. size/L Denotes a PR that changes 100-499 lines, ignoring generated files. kind/bug Categorizes issue or PR as related to a bug. cncf-cla: yes Indicates the PR's author has signed the CNCF CLA. labels Nov 13, 2018
@k8s-ci-robot k8s-ci-robot added needs-sig Indicates an issue or PR lacks a `sig/foo` label and requires one. needs-priority Indicates a PR lacks a `priority/foo` label and requires one. approved Indicates a PR has been approved by an approver from all required OWNERS files. area/apiserver sig/api-machinery Categorizes an issue or PR as relevant to SIG API Machinery. sig/auth Categorizes an issue or PR as relevant to SIG Auth. and removed needs-sig Indicates an issue or PR lacks a `sig/foo` label and requires one. labels Nov 13, 2018
@mikedanese mikedanese added the priority/important-soon Must be staffed and worked on either currently, or very soon, ideally in time for the next release. label Nov 13, 2018
@k8s-ci-robot k8s-ci-robot removed the needs-priority Indicates a PR lacks a `priority/foo` label and requires one. label Nov 13, 2018
@mikedanese mikedanese force-pushed the fixtropts branch 2 times, most recently from 0553eef to d03cdab Compare November 13, 2018 00:49
@k8s-ci-robot k8s-ci-robot added the sig/testing Categorizes an issue or PR as relevant to SIG Testing. label Nov 13, 2018
@k8s-ci-robot
Copy link
Contributor

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: mikedanese

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Needs approval from an approver in each of these files:

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

@mikedanese mikedanese force-pushed the fixtropts branch 2 times, most recently from 086729c to 08a7a3d Compare November 13, 2018 02:30
@mikedanese mikedanese added this to the v1.13 milestone Nov 13, 2018
awly
awly reviewed Nov 13, 2018
View reviewed changes
cmd/kube-apiserver/app/options/validation.go Outdated Show resolved Hide resolved
cmd/kube-apiserver/app/options/validation.go Outdated Show resolved Hide resolved
cmd/kube-apiserver/app/options/validation.go Outdated Show resolved Hide resolved
cmd/kube-apiserver/app/server.go Outdated Show resolved Hide resolved
cmd/kube-apiserver/app/server.go
}
if s.Authentication.ServiceAccounts.MaxExpiration != 0 {
lowBound := time.Hour
upBound := time.Duration(1<<32) * time.Second
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Is this useful at all? The value is over 136 years, might as well skip capping the expiration

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

ehhh, it's the current behavior. I'd prefer to change outside of this PR if we want to.

@mikedanese
Copy link
Member Author

@awly @cjcullen fixed.

@cjcullen
Copy link
Member

/lgtm

@k8s-ci-robot k8s-ci-robot added the lgtm "Looks good to me", indicates that a PR is ready to be merged. label Nov 14, 2018
@mikedanese
Copy link
Member Author

/retest

@k8s-ci-robot k8s-ci-robot merged commit 3e6d414 into kubernetes:master Nov 14, 2018
@mikedanese mikedanese deleted the fixtropts branch November 14, 2018 06:47
@pandaamanda pandaamanda mentioned this pull request Feb 9, 2021
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@liggitt liggitt liggitt left review comments

@awly awly awly left review comments

@cjcullen cjcullen cjcullen left review comments

@caesarxuchao caesarxuchao Awaiting requested review from caesarxuchao

@madhusudancs madhusudancs Awaiting requested review from madhusudancs

Assignees

@liggitt liggitt

@awly awly

@cjcullen cjcullen

Labels
approved Indicates a PR has been approved by an approver from all required OWNERS files. area/apiserver cncf-cla: yes Indicates the PR's author has signed the CNCF CLA. kind/bug Categorizes issue or PR as related to a bug. lgtm "Looks good to me", indicates that a PR is ready to be merged. priority/important-soon Must be staffed and worked on either currently, or very soon, ideally in time for the next release. release-note-none Denotes a PR that doesn't merit a release note. sig/api-machinery Categorizes an issue or PR as relevant to SIG API Machinery. sig/auth Categorizes an issue or PR as relevant to SIG Auth. sig/testing Categorizes an issue or PR as relevant to SIG Testing. size/L Denotes a PR that changes 100-499 lines, ignoring generated files.
Projects
None yet
Milestone
v1.13
Development

Successfully merging this pull request may close these issues.

None yet
5 participants
@mikedanese @k8s-ci-robot @cjcullen @liggitt @awly