Skip to content

Commit

Permalink
update for 1.10
Browse files Browse the repository at this point in the history
  • Loading branch information
liggitt committed Apr 24, 2018
1 parent 0ed1605 commit 0d6dbf5
Show file tree
Hide file tree
Showing 2 changed files with 4 additions and 5 deletions.
5 changes: 2 additions & 3 deletions cmd/audit2rbac/audit2rbac.go
Original file line number Diff line number Diff line change
Expand Up @@ -19,7 +19,6 @@ import (
"k8s.io/apimachinery/pkg/apis/meta/v1"
metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
"k8s.io/apimachinery/pkg/apis/meta/v1/unstructured"
unstructuredconversion "k8s.io/apimachinery/pkg/conversion/unstructured"
"k8s.io/apimachinery/pkg/runtime"
"k8s.io/apimachinery/pkg/util/yaml"
"k8s.io/apiserver/pkg/apis/audit"
Expand Down Expand Up @@ -478,7 +477,7 @@ func typecast(in <-chan *streamObject, creator runtime.ObjectCreater) <-chan *st
out <- &streamObject{err: fmt.Errorf("expected *unstructured.Unstructured, got %T", result.obj)}
}

if err := unstructuredconversion.DefaultConverter.FromUnstructured(unstructuredObject.Object, typed); err != nil {
if err := runtime.DefaultUnstructuredConverter.FromUnstructured(unstructuredObject.Object, typed); err != nil {
out <- &streamObject{err: err}
continue
}
Expand Down Expand Up @@ -587,7 +586,7 @@ func getDiscoveryRoles() pkg.RBACObjects {
&rbacinternal.ClusterRole{
ObjectMeta: metav1.ObjectMeta{Name: "system:discovery"},
Rules: []rbacinternal.PolicyRule{
rbacinternal.NewRule("get").URLs("/healthz", "/version", "/swagger*", "/api*").RuleOrDie(),
rbacinternal.NewRule("get").URLs("/healthz", "/version", "/swagger*", "/openapi*", "/api*").RuleOrDie(),
},
},
},
Expand Down
4 changes: 2 additions & 2 deletions pkg/process.go
Original file line number Diff line number Diff line change
Expand Up @@ -88,10 +88,10 @@ func (g *Generator) Generate() *RBACObjects {
sortRequests(g.requests)

for _, request := range g.requests {
if ok, _, _ := existingAuthorizer.Authorize(request); ok {
if decision, _, _ := existingAuthorizer.Authorize(request); decision == authorizer.DecisionAllow {
continue
}
if ok, _, _ := generatedAuthorizer.Authorize(request); ok {
if decision, _, _ := generatedAuthorizer.Authorize(request); decision == authorizer.DecisionAllow {
continue
}

Expand Down

0 comments on commit 0d6dbf5

Please sign in to comment.