Skip to content
Projects
Groups
Snippets
Help
This project
Loading...
Sign in / Register
Toggle navigation
K
k3s
Project
Project
Details
Activity
Cycle Analytics
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Charts
Issues
0
Issues
0
List
Board
Labels
Milestones
Merge Requests
0
Merge Requests
0
CI / CD
CI / CD
Pipelines
Jobs
Schedules
Charts
Registry
Registry
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Charts
Create a new issue
Jobs
Commits
Issue Boards
Open sidebar
Jacklull
k3s
Commits
da3c0198
Commit
da3c0198
authored
Dec 17, 2018
by
WanLinghao
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
fix log information error
parent
1ec04bc9
Hide whitespace changes
Inline
Side-by-side
Showing
1 changed file
with
7 additions
and
7 deletions
+7
-7
client_builder.go
pkg/controller/client_builder.go
+7
-7
No files found.
pkg/controller/client_builder.go
View file @
da3c0198
...
@@ -146,15 +146,15 @@ func (b SAControllerClientBuilder) Config(name string) (*restclient.Config, erro
...
@@ -146,15 +146,15 @@ func (b SAControllerClientBuilder) Config(name string) (*restclient.Config, erro
}
}
validConfig
,
valid
,
err
:=
b
.
getAuthenticatedConfig
(
sa
,
string
(
secret
.
Data
[
v1
.
ServiceAccountTokenKey
]))
validConfig
,
valid
,
err
:=
b
.
getAuthenticatedConfig
(
sa
,
string
(
secret
.
Data
[
v1
.
ServiceAccountTokenKey
]))
if
err
!=
nil
{
if
err
!=
nil
{
klog
.
Warningf
(
"error validating API token for %s/%s in secret %s: %v"
,
sa
.
Name
,
sa
.
Namespac
e
,
secret
.
Name
,
err
)
klog
.
Warningf
(
"error validating API token for %s/%s in secret %s: %v"
,
sa
.
Name
space
,
sa
.
Nam
e
,
secret
.
Name
,
err
)
// continue watching for good tokens
// continue watching for good tokens
return
false
,
nil
return
false
,
nil
}
}
if
!
valid
{
if
!
valid
{
klog
.
Warningf
(
"secret %s contained an invalid API token for %s/%s"
,
secret
.
Name
,
sa
.
Name
,
sa
.
Namespac
e
)
klog
.
Warningf
(
"secret %s contained an invalid API token for %s/%s"
,
secret
.
Name
,
sa
.
Name
space
,
sa
.
Nam
e
)
// try to delete the secret containing the invalid token
// try to delete the secret containing the invalid token
if
err
:=
b
.
CoreClient
.
Secrets
(
secret
.
Namespace
)
.
Delete
(
secret
.
Name
,
&
metav1
.
DeleteOptions
{});
err
!=
nil
&&
!
apierrors
.
IsNotFound
(
err
)
{
if
err
:=
b
.
CoreClient
.
Secrets
(
secret
.
Namespace
)
.
Delete
(
secret
.
Name
,
&
metav1
.
DeleteOptions
{});
err
!=
nil
&&
!
apierrors
.
IsNotFound
(
err
)
{
klog
.
Warningf
(
"error deleting secret %s containing invalid API token for %s/%s: %v"
,
secret
.
Name
,
sa
.
Name
,
sa
.
Namespac
e
,
err
)
klog
.
Warningf
(
"error deleting secret %s containing invalid API token for %s/%s: %v"
,
secret
.
Name
,
sa
.
Name
space
,
sa
.
Nam
e
,
err
)
}
}
// continue watching for good tokens
// continue watching for good tokens
return
false
,
nil
return
false
,
nil
...
@@ -208,14 +208,14 @@ func (b SAControllerClientBuilder) getAuthenticatedConfig(sa *v1.ServiceAccount,
...
@@ -208,14 +208,14 @@ func (b SAControllerClientBuilder) getAuthenticatedConfig(sa *v1.ServiceAccount,
tokenReview
:=
&
v1authenticationapi
.
TokenReview
{
Spec
:
v1authenticationapi
.
TokenReviewSpec
{
Token
:
token
}}
tokenReview
:=
&
v1authenticationapi
.
TokenReview
{
Spec
:
v1authenticationapi
.
TokenReviewSpec
{
Token
:
token
}}
if
tokenResult
,
err
:=
b
.
AuthenticationClient
.
TokenReviews
()
.
Create
(
tokenReview
);
err
==
nil
{
if
tokenResult
,
err
:=
b
.
AuthenticationClient
.
TokenReviews
()
.
Create
(
tokenReview
);
err
==
nil
{
if
!
tokenResult
.
Status
.
Authenticated
{
if
!
tokenResult
.
Status
.
Authenticated
{
klog
.
Warningf
(
"Token for %s/%s did not authenticate correctly"
,
sa
.
Name
,
sa
.
Namespac
e
)
klog
.
Warningf
(
"Token for %s/%s did not authenticate correctly"
,
sa
.
Name
space
,
sa
.
Nam
e
)
return
nil
,
false
,
nil
return
nil
,
false
,
nil
}
}
if
tokenResult
.
Status
.
User
.
Username
!=
username
{
if
tokenResult
.
Status
.
User
.
Username
!=
username
{
klog
.
Warningf
(
"Token for %s/%s authenticated as unexpected username: %s"
,
sa
.
Name
,
sa
.
Namespac
e
,
tokenResult
.
Status
.
User
.
Username
)
klog
.
Warningf
(
"Token for %s/%s authenticated as unexpected username: %s"
,
sa
.
Name
space
,
sa
.
Nam
e
,
tokenResult
.
Status
.
User
.
Username
)
return
nil
,
false
,
nil
return
nil
,
false
,
nil
}
}
klog
.
V
(
4
)
.
Infof
(
"Verified credential for %s/%s"
,
sa
.
Name
,
sa
.
Namespac
e
)
klog
.
V
(
4
)
.
Infof
(
"Verified credential for %s/%s"
,
sa
.
Name
space
,
sa
.
Nam
e
)
return
clientConfig
,
true
,
nil
return
clientConfig
,
true
,
nil
}
}
...
@@ -229,7 +229,7 @@ func (b SAControllerClientBuilder) getAuthenticatedConfig(sa *v1.ServiceAccount,
...
@@ -229,7 +229,7 @@ func (b SAControllerClientBuilder) getAuthenticatedConfig(sa *v1.ServiceAccount,
}
}
err
=
client
.
Get
()
.
AbsPath
(
"/apis"
)
.
Do
()
.
Error
()
err
=
client
.
Get
()
.
AbsPath
(
"/apis"
)
.
Do
()
.
Error
()
if
apierrors
.
IsUnauthorized
(
err
)
{
if
apierrors
.
IsUnauthorized
(
err
)
{
klog
.
Warningf
(
"Token for %s/%s did not authenticate correctly: %v"
,
sa
.
Name
,
sa
.
Namespac
e
,
err
)
klog
.
Warningf
(
"Token for %s/%s did not authenticate correctly: %v"
,
sa
.
Name
space
,
sa
.
Nam
e
,
err
)
return
nil
,
false
,
nil
return
nil
,
false
,
nil
}
}
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment