-
Notifications
You must be signed in to change notification settings - Fork 38.7k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Fix broken defaulting and validation in TokenRequest enablement #70967
Conversation
0553eef
to
d03cdab
Compare
[APPROVALNOTIFIER] This PR is APPROVED This pull-request has been approved by: mikedanese The full list of commands accepted by this bot can be found here. The pull request process is described here
Needs approval from an approver in each of these files:
Approvers can indicate their approval by writing |
086729c
to
08a7a3d
Compare
08a7a3d
to
108dd8e
Compare
108dd8e
to
5c656c5
Compare
} | ||
if s.Authentication.ServiceAccounts.MaxExpiration != 0 { | ||
lowBound := time.Hour | ||
upBound := time.Duration(1<<32) * time.Second |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Is this useful at all? The value is over 136 years, might as well skip capping the expiration
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
ehhh, it's the current behavior. I'd prefer to change outside of this PR if we want to.
5c656c5
to
7bdc9fd
Compare
7bdc9fd
to
20bad76
Compare
/lgtm |
/retest |
Defaults were not being applied correctly and the entire situation was pretty confused.
/kind bug
/sig auth