Revert "Merge pull request openshift#43 from deads2k/authz"

This reverts commit 794f9de, reversing changes made to 6ea3294.
prashbnair · Sep 20, 2021 · 8167d7a · 8167d7a
1 parent efe6804
commit 8167d7a
Show file tree

Hide file tree

Showing 3 changed files with 2 additions and 145 deletions.
diff --git a/main.go b/main.go
@@ -191,12 +191,6 @@ func main() {
 	if err != nil {
 		klog.Fatalf("Failed to create sar authorizer: %v", err)
 	}
-
-	staticAuthorizer, err := authz.NewStaticAuthorizer(cfg.auth.Authorization.Static)
-	if err != nil {
-		klog.Fatalf("Failed to create static authorizer: %v", err)
-	}
-
 	authorizer := union.New(
 		// prefix the authorizer with the permissions for metrics scraping which are well known.
 		// openshift RBAC policy will always allow this user to read metrics.
@@ -206,23 +200,11 @@ func main() {
 		sarAuthorizer,
 	)
 
-	auth, err := proxy.New(kubeClient, cfg.auth, authorizer, authenticator)
-
 	if err != nil {
-		klog.Fatalf("Failed to create rbac-proxy: %v", err)
-	}
 
-	upstreamTransport, err := initTransport(cfg.upstreamCAFile)
-	if err != nil {
 		klog.Fatalf("Failed to set up upstream TLS connection: %v", err)
-	}
-
 	if len(cfg.allowPaths) > 0 && len(cfg.ignorePaths) > 0 {
-		klog.Fatal("Cannot use --allow-paths and --ignore-paths together.")
-	}
 
-	proxy := httputil.NewSingleHostReverseProxy(upstreamURL)
-	proxy.Transport = upstreamTransport
 	mux := http.NewServeMux()
 	mux.Handle("/", http.HandlerFunc(func(w http.ResponseWriter, req *http.Request) {
 		found := len(cfg.allowPaths) == 0
@@ -391,14 +373,14 @@ func initKubeConfig(kcLocation string) *rest.Config {
 	if kcLocation != "" {
 		kubeConfig, err := clientcmd.BuildConfigFromFlags("", kcLocation)
 		if err != nil {
-			klog.Fatalf("unable to build rest config based on provided path to kubeconfig file: %v", err)
+			klog.Fatalf("unable to build rest config based on provided path to kubeconfig file: %v",err)
 		}
 		return kubeConfig
 	}
 
 	kubeConfig, err := rest.InClusterConfig()
 	if err != nil {
-		klog.Fatalf("cannot find Service Account in pod to build in-cluster rest config: %v", err)
+		klog.Fatalf("cannot find Service Account in pod to build in-cluster rest config: %v",err)
 	}
 
 	return kubeConfig

diff --git a/pkg/hardcodedauthorizer/metrics.go b/pkg/hardcodedauthorizer/metrics.go
diff --git a/pkg/hardcodedauthorizer/metrics_test.go b/pkg/hardcodedauthorizer/metrics_test.go