-
Notifications
You must be signed in to change notification settings - Fork 38.6k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Cleanup genericapiserver handler chain #33164
Cleanup genericapiserver handler chain #33164
Conversation
f19ef45
to
ccdfc49
Compare
}), nil | ||
} else { | ||
return handler, errors.New("Unknown RequestContextMapper implementation.") | ||
func WithRequestContext(handler http.Handler, mapper RequestContextMapper) http.Handler { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Any idea why it's in this package? Doesn't have to be this pull, but unless there's a strong reason, I'd like it moved eventually.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Had the same question. Also the Context
interface looks api independent. Doesn't have to be so deep in the package hierarchy. A good topic for a follow-up PR.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Had the same question. Also the Context interface looks api independent. Doesn't have to be so deep in the package hierarchy. A good topic for a follow-up PR.
agreed.
@@ -462,7 +144,7 @@ func (r *requestAttributeGetter) GetAttribs(req *http.Request) authorizer.Attrib | |||
} | |||
|
|||
// WithAuthorizationCheck passes all authorized requests on to handler, and returns a forbidden error otherwise. | |||
func WithAuthorizationCheck(handler http.Handler, getAttribs RequestAttributeGetter, a authorizer.Authorizer) http.Handler { | |||
func WithAuthorization(handler http.Handler, getAttribs RequestAttributeGetter, a authorizer.Authorizer) http.Handler { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
If a == nil, let's be friendly, skip adding this, and glog a warning.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Most filters just return the passed handler when the parameters are nil. Will do the same here.
@@ -337,18 +346,64 @@ func (c Config) New() (*GenericAPIServer, error) { | |||
}) | |||
} | |||
|
|||
if len(c.AuditLogPath) != 0 { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Let's add to our running issue. I think all the audit stuff should be gathered up into a pointer to a struct.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Not in this pull.
} | ||
|
||
func (s *GenericAPIServer) buildHandlerChains(c *Config, handler http.Handler) (secure http.Handler, insecure http.Handler) { | ||
longRunningRE := regexp.MustCompile(c.LongRunningRequestRE) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Can't we push these into WithTimeoutForNonLongRunningRequests
?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
yes, makes sense
longRunningFunc := genericfilters.BasicLongRunningRequestCheck(longRunningRE, map[string]string{"watch": "true"}) | ||
|
||
// common filters | ||
handler = genericfilters.WithCORS(handler, allowedOriginRegexps(c.CorsAllowedOriginList), nil, nil, "true") |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
common
?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
common for secure and insecure.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
common for secure and insecure.
Yeah, I was suggesting a rename. Doesn't really matter to me.
attributeGetter := apiserver.NewRequestAttributeGetter(c.RequestContextMapper, s.NewRequestInfoResolver()) | ||
secure = handler | ||
secure = apiserver.WithAuthorization(secure, attributeGetter, c.Authorizer) | ||
secure = audit.WithAudit(secure, attributeGetter, s.auditWriter) // before impersonation to read original user |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Isn't this after impersonation right now?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Good spot. In origin it's correct.
return s, nil | ||
} | ||
|
||
func (s *GenericAPIServer) buildHandlerChains(c *Config, handler http.Handler) (secure http.Handler, insecure http.Handler) { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
So much cleaner. TODO to type the function and take it as an optional struct value in genericapiserver.
return | ||
} | ||
|
||
func allowedOriginRegexps(allowedOrigins []string) []*regexp.Regexp { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Seems like this should live in your cors file
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
moved
"strings" | ||
) | ||
|
||
// TODO: use restful.CrossOriginResourceSharing |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I don't think we're likely to do this.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Somebody somewhen was planning to do that :)
// WithCORS is a simple CORS implementation that wraps an http Handler. | ||
// Pass nil for allowedMethods and allowedHeaders to use the defaults. If allowedOriginPatterns | ||
// is empty or nil, no CORS support is installed. | ||
func WithCORS(handler http.Handler, allowedOriginPatterns []*regexp.Regexp, allowedMethods []string, allowedHeaders []string, allowCredentials string) http.Handler { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
straight move?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
yes
Assuming most of the code is straight moves, I've got a few minor comments, but this looks a lot better. Any specific reason its still WIP? I'd be fine tying off this chunk without adding more to it. |
lgtm. squash and tag when you're happy with it. |
secure = apiserver.WithImpersonation(secure, c.RequestContextMapper, c.Authorizer) | ||
secure = audit.WithAudit(secure, attributeGetter, s.auditWriter) // before impersonation to read original user |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
👍
3a31ed6
to
daef268
Compare
Squashed. Waiting for #33095 to merge. |
Automatic merge from submit-queue Remove closing audit log file and add error check when writing to audit This picks the order fix from #33164. Additionally I've removed entirely closing the log file, since it didn't make sense where it was. I've also added error checks when actually writing to audit logs. @sttts ptal **1.4 justification:** Risk: the code only runs if auditing is enabled with an apiserver flag. So the risk is low. Rollback: nothing should depend on this Cost: the auditing feature is broken because the impersonation filter is applied before and you might not see the proper user when using `--as` flag. Additionally no errors are logged if writing to audit fails.
0b6ad8d
to
11a608a
Compare
Rebased. |
Jenkins verification failed for commit 11a608a6599ec1c7c705906b89f53798e8a71774. Full PR test history. The magic incantation to run this job again is |
11a608a
to
4a93c94
Compare
4a93c94
to
1350325
Compare
1350325
to
87356c0
Compare
@k8s-bot test this [submit-queue is verifying that this PR is safe to merge] |
Automatic merge from submit-queue |
pkg/genericapiserver/filters
genericapiserver.New()
pkg/apiserver
)This change is