Affected by GO-2022-0617 and 18 other vulnerabilities

GO-2022-0617: WITHDRAWN: Potential proxy IP restriction bypass in Kubernetes in k8s.io/kubernetes

GO-2022-0782: Symlink Attack in kubectl cp in k8s.io/kubernetes

GO-2022-0885: Improper Authentication in Kubernetes in k8s.io/kubernetes

GO-2022-0890: Server Side Request Forgery (SSRF) in Kubernetes in k8s.io/kubernetes

GO-2022-0907: Access Restriction Bypass in kube-apiserver in k8s.io/kubernetes

GO-2022-0910: Files or Directories Accessible to External Parties in kubernetes in k8s.io/kubernetes

GO-2022-0983: kubectl ANSI escape characters not filtered in k8s.io/kubernetes

GO-2023-1864: Kubelet vulnerable to bypass of seccomp profile enforcement in k8s.io/kubernetes

GO-2023-1891: kube-apiserver vulnerable to policy bypass in k8s.io/kubernetes

GO-2023-1892: Kubernetes mountable secrets policy bypass in k8s.io/kubernetes

GO-2023-1985: Kubernetes in OpenShift3 Access Control Misconfiguration in k8s.io/kubernetes

GO-2023-2159: Kube-proxy may unintentionally forward traffic in k8s.io/kubernetes

GO-2023-2170: Kubernetes privilege escalation vulnerability in k8s.io/kubernetes

GO-2023-2330: Kubernetes privilege escalation vulnerability in k8s.io/kubernetes

GO-2023-2341: Kubernetes Improper Input Validation vulnerability in k8s.io/kubernetes

GO-2024-2748: Privilege Escalation in Kubernetes in k8s.io/apimachinery

GO-2024-2754: Sensitive Information leak via Log File in Kubernetes in k8s.io/kubernetes

GO-2024-2755: Sensitive Information leak via Log File in Kubernetes in k8s.io/kubernetes

GO-2024-2994: Kubernetes sets incorrect permissions on Windows containers logs in k8s.io/kubernetes

service

package

v0.4.2 Latest Latest Go to latest Published: Oct 29, 2014 License: Apache-2.0 Imports: 18 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/kubernetes/kubernetes

Links

Open Source Insights

Documentation ¶

Overview ¶

Package service provides Registry interface and it's RESTStorage implementation for storing Service api objects.

Index ¶

func GetServiceEnvironmentVariables(ctx api.Context, registry Registry, machine string) ([]api.EnvVar, error)
type REST
- func NewREST(registry Registry, cloud cloudprovider.Interface, machines minion.Registry) *REST
type Registry

Constants ¶

This section is empty.

Variables ¶

This section is empty.

Functions ¶

func GetServiceEnvironmentVariables ¶

func GetServiceEnvironmentVariables(ctx api.Context, registry Registry, machine string) ([]api.EnvVar, error)

GetServiceEnvironmentVariables populates a list of environment variables that are use in the container environment to get access to services.

Types ¶

type REST ¶

type REST struct {
	// contains filtered or unexported fields
}

REST adapts a service registry into apiserver's RESTStorage model.

func NewREST ¶

func NewREST(registry Registry, cloud cloudprovider.Interface, machines minion.Registry) *REST

NewREST returns a new REST.

func (*REST) Create ¶

func (rs *REST) Create(ctx api.Context, obj runtime.Object) (<-chan runtime.Object, error)

func (*REST) Delete ¶

func (rs *REST) Delete(ctx api.Context, id string) (<-chan runtime.Object, error)

func (*REST) Get ¶

func (rs *REST) Get(ctx api.Context, id string) (runtime.Object, error)

func (*REST) List ¶

func (rs *REST) List(ctx api.Context, label, field labels.Selector) (runtime.Object, error)

TODO: implement field selector?

func (*REST) New ¶

func (*REST) New() runtime.Object

func (*REST) ResourceLocation ¶

func (rs *REST) ResourceLocation(ctx api.Context, id string) (string, error)

ResourceLocation returns a URL to which one can send traffic for the specified service.

func (*REST) Update ¶

func (rs *REST) Update(ctx api.Context, obj runtime.Object) (<-chan runtime.Object, error)

func (*REST) Watch ¶

func (rs *REST) Watch(ctx api.Context, label, field labels.Selector, resourceVersion string) (watch.Interface, error)

Watch returns Services events via a watch.Interface. It implements apiserver.ResourceWatcher.

type Registry ¶

type Registry interface {
	ListServices(ctx api.Context) (*api.ServiceList, error)
	CreateService(ctx api.Context, svc *api.Service) error
	GetService(ctx api.Context, name string) (*api.Service, error)
	DeleteService(ctx api.Context, name string) error
	UpdateService(ctx api.Context, svc *api.Service) error
	WatchServices(ctx api.Context, labels, fields labels.Selector, resourceVersion string) (watch.Interface, error)

	// TODO: endpoints and their implementation should be separated, setting endpoints should be
	// supported via the API, and the endpoints-controller should use the API to update endpoints.
	endpoint.Registry
}

Registry is an interface for things that know how to store services.

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL