• Kubernetes Submit Queue's avatar
    Merge pull request #31491 from dims/fixes-issue-13598 · c46bc88f
    Kubernetes Submit Queue authored
    Automatic merge from submit-queue
    
    Allow secure access to apiserver from Admission Controllers
    
    * Allow options.InsecurePort to be set to 0 to switch off insecure access
    * In NewSelfClient, Set the TLSClientConfig to the cert and key files
      if InsecurePort is switched off
    * Mint a bearer token that allows the client(s) created in NewSelfClient
      to talk to the api server
    * Add a new authenticator that checks for this specific bearer token
    
    Fixes #13598
    c46bc88f
authz.go 6.42 KB