Skip to content
Projects
Groups
Snippets
Help
This project
Loading...
Sign in / Register
Toggle navigation
K
k3s
Project
Project
Details
Activity
Cycle Analytics
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Charts
Issues
0
Issues
0
List
Board
Labels
Milestones
Merge Requests
0
Merge Requests
0
CI / CD
CI / CD
Pipelines
Jobs
Schedules
Charts
Registry
Registry
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Charts
Create a new issue
Jobs
Commits
Issue Boards
Open sidebar
Jacklull
k3s
Commits
72be2f40
Unverified
Commit
72be2f40
authored
Feb 18, 2019
by
Kubernetes Prow Robot
Committed by
GitHub
Feb 18, 2019
Browse files
Options
Browse Files
Download
Plain Diff
Merge pull request #74217 from justinsb/add_comment_about_why_insecure_address_is_not_removed
Add code comments to guard inadvertent removal of insecure-bind-address
parents
de2ceac5
7dbbab04
Hide whitespace changes
Inline
Side-by-side
Showing
1 changed file
with
4 additions
and
1 deletion
+4
-1
deprecated_insecure_serving.go
...iserver/pkg/server/options/deprecated_insecure_serving.go
+4
-1
No files found.
staging/src/k8s.io/apiserver/pkg/server/options/deprecated_insecure_serving.go
View file @
72be2f40
...
@@ -69,11 +69,13 @@ func (s *DeprecatedInsecureServingOptions) AddFlags(fs *pflag.FlagSet) {
...
@@ -69,11 +69,13 @@ func (s *DeprecatedInsecureServingOptions) AddFlags(fs *pflag.FlagSet) {
fs
.
IPVar
(
&
s
.
BindAddress
,
"insecure-bind-address"
,
s
.
BindAddress
,
""
+
fs
.
IPVar
(
&
s
.
BindAddress
,
"insecure-bind-address"
,
s
.
BindAddress
,
""
+
"The IP address on which to serve the --insecure-port (set to 0.0.0.0 for all IPv4 interfaces and :: for all IPv6 interfaces)."
)
"The IP address on which to serve the --insecure-port (set to 0.0.0.0 for all IPv4 interfaces and :: for all IPv6 interfaces)."
)
// Though this flag is deprecated, we discovered security concerns over how to do health checks without it e.g. #43784
fs
.
MarkDeprecated
(
"insecure-bind-address"
,
"This flag will be removed in a future version."
)
fs
.
MarkDeprecated
(
"insecure-bind-address"
,
"This flag will be removed in a future version."
)
fs
.
Lookup
(
"insecure-bind-address"
)
.
Hidden
=
false
fs
.
Lookup
(
"insecure-bind-address"
)
.
Hidden
=
false
fs
.
IntVar
(
&
s
.
BindPort
,
"insecure-port"
,
s
.
BindPort
,
""
+
fs
.
IntVar
(
&
s
.
BindPort
,
"insecure-port"
,
s
.
BindPort
,
""
+
"The port on which to serve unsecured, unauthenticated access."
)
"The port on which to serve unsecured, unauthenticated access."
)
// Though this flag is deprecated, we discovered security concerns over how to do health checks without it e.g. #43784
fs
.
MarkDeprecated
(
"insecure-port"
,
"This flag will be removed in a future version."
)
fs
.
MarkDeprecated
(
"insecure-port"
,
"This flag will be removed in a future version."
)
fs
.
Lookup
(
"insecure-port"
)
.
Hidden
=
false
fs
.
Lookup
(
"insecure-port"
)
.
Hidden
=
false
}
}
...
@@ -130,7 +132,8 @@ func (o *DeprecatedInsecureServingOptions) WithLoopback() *DeprecatedInsecureSer
...
@@ -130,7 +132,8 @@ func (o *DeprecatedInsecureServingOptions) WithLoopback() *DeprecatedInsecureSer
}
}
// DeprecatedInsecureServingOptionsWithLoopback adds loopback functionality to the DeprecatedInsecureServingOptions.
// DeprecatedInsecureServingOptionsWithLoopback adds loopback functionality to the DeprecatedInsecureServingOptions.
// DEPRECATED: all insecure serving options are removed in a future version
// DEPRECATED: all insecure serving options will be removed in a future version, however note that
// there are security concerns over how health checks can work here - see e.g. #43784
type
DeprecatedInsecureServingOptionsWithLoopback
struct
{
type
DeprecatedInsecureServingOptionsWithLoopback
struct
{
*
DeprecatedInsecureServingOptions
*
DeprecatedInsecureServingOptions
}
}
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment