Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

restrict the access permissions of kruise-daemon to secrets #1482

Merged
merged 2 commits into from
Jan 4, 2024
Merged

restrict the access permissions of kruise-daemon to secrets #1482

merged 2 commits into from
Jan 4, 2024

Conversation

zmberg
Copy link
Member

@zmberg zmberg commented Jan 3, 2024

Ⅰ. Describe what this PR does

Ⅱ. Does this pull request fix one issue?

Ⅲ. Describe how to verify it

Ⅳ. Special notes for reviews

@zmberg
restrict the access permissions of kruise-daemon to secrets
f1da1d3 
Signed-off-by: mingzhou.swx <mingzhou.swx@alibaba-inc.com>
@kruise-bot kruise-bot added the size/XL size/XL: 500-999 label Jan 3, 2024
@codecov Codecov
Copy link

codecov bot commented Jan 3, 2024
edited
Loading

Codecov Report

All modified and coverable lines are covered by tests ✅

Comparison is base (fa7a1da) 47.66% compared to head (6071d80) 47.99%.
Report is 1 commits behind head on master.

Additional details and impacted files 
@@            Coverage Diff             @@
##           master    #1482      +/-   ##
==========================================
+ Coverage   47.66%   47.99%   +0.33%     
==========================================
  Files         157      157              
  Lines       22427    22432       +5     
==========================================
+ Hits        10689    10766      +77     
+ Misses      10570    10479      -91     
- Partials     1168     1187      +19
Flag Coverage Δ
unittests 47.99% <100.00%> (+0.33%) ⬆️

Flags with carried forward coverage won't be shown. Click here to find out more.

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

@zmberg
util meta ut
6071d80 
Signed-off-by: liheng.zms <liheng.zms@alibaba-inc.com>
@zmberg zmberg force-pushed the security-kruise-daemon branch from f710c02 to 6071d80 Compare January 4, 2024 01:55
furykerry
furykerry reviewed Jan 4, 2024
View reviewed changes
Copy link
Member

@furykerry furykerry left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

/lgtm

@kruise-bot kruise-bot added the lgtm label Jan 4, 2024
@furykerry
Copy link
Member

/approve

@kruise-bot
Copy link

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: furykerry

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Needs approval from an approver in each of these files:

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

@kruise-bot kruise-bot merged commit 6f1b1d4 into openkruise:master Jan 4, 2024
27 checks passed
zmberg added a commit that referenced this pull request Jan 26, 2024
@zmberg
restrict the access permissions of kruise-daemon to secrets (#1482)
a6701b0 
* restrict the access permissions of kruise-daemon to secrets

Signed-off-by: mingzhou.swx <mingzhou.swx@alibaba-inc.com>

* util meta ut

Signed-off-by: liheng.zms <liheng.zms@alibaba-inc.com>

---------

Signed-off-by: mingzhou.swx <mingzhou.swx@alibaba-inc.com>
Signed-off-by: liheng.zms <liheng.zms@alibaba-inc.com>
Co-authored-by: mingzhou.swx <mingzhou.swx@alibaba-inc.com>
zmberg added a commit that referenced this pull request Jan 26, 2024
@zmberg
restrict the access permissions of kruise-daemon to secrets (#1482)
fe0b277 
* restrict the access permissions of kruise-daemon to secrets

Signed-off-by: mingzhou.swx <mingzhou.swx@alibaba-inc.com>

* util meta ut

Signed-off-by: liheng.zms <liheng.zms@alibaba-inc.com>

---------

Signed-off-by: mingzhou.swx <mingzhou.swx@alibaba-inc.com>
Signed-off-by: liheng.zms <liheng.zms@alibaba-inc.com>
Co-authored-by: mingzhou.swx <mingzhou.swx@alibaba-inc.com>
zmberg added a commit that referenced this pull request Jan 26, 2024
@zmberg
restrict the access permissions of kruise-daemon to secrets (#1482)
c0384d6 
* restrict the access permissions of kruise-daemon to secrets

Signed-off-by: mingzhou.swx <mingzhou.swx@alibaba-inc.com>

* util meta ut

Signed-off-by: liheng.zms <liheng.zms@alibaba-inc.com>

---------

Signed-off-by: mingzhou.swx <mingzhou.swx@alibaba-inc.com>
Signed-off-by: liheng.zms <liheng.zms@alibaba-inc.com>
Co-authored-by: mingzhou.swx <mingzhou.swx@alibaba-inc.com>
@zmberg zmberg added this to the 1.6 milestone Mar 7, 2024
ppbits pushed a commit to ppbits/kruise that referenced this pull request Apr 4, 2024
@zmberg
restrict the access permissions of kruise-daemon to secrets (openkrui…
95cf9be 
…se#1482)

* restrict the access permissions of kruise-daemon to secrets


* util meta ut


---------

Co-authored-by: mingzhou.swx <mingzhou.swx@alibaba-inc.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@furykerry furykerry furykerry left review comments

@FillZpp FillZpp Awaiting requested review from FillZpp

Assignees

@furykerry furykerry

Labels
approved lgtm size/XL size/XL: 500-999
Projects
None yet
Milestone
1.6
Development

Successfully merging this pull request may close these issues.
3 participants
@zmberg @furykerry @kruise-bot