Affected by GO-2022-0617 and 18 other vulnerabilities

GO-2022-0617: WITHDRAWN: Potential proxy IP restriction bypass in Kubernetes in k8s.io/kubernetes

GO-2022-0782: Symlink Attack in kubectl cp in k8s.io/kubernetes

GO-2022-0885: Improper Authentication in Kubernetes in k8s.io/kubernetes

GO-2022-0890: Server Side Request Forgery (SSRF) in Kubernetes in k8s.io/kubernetes

GO-2022-0907: Access Restriction Bypass in kube-apiserver in k8s.io/kubernetes

GO-2022-0910: Files or Directories Accessible to External Parties in kubernetes in k8s.io/kubernetes

GO-2022-0983: kubectl ANSI escape characters not filtered in k8s.io/kubernetes

GO-2023-1864: Kubelet vulnerable to bypass of seccomp profile enforcement in k8s.io/kubernetes

GO-2023-1891: kube-apiserver vulnerable to policy bypass in k8s.io/kubernetes

GO-2023-1892: Kubernetes mountable secrets policy bypass in k8s.io/kubernetes

GO-2023-1985: Kubernetes in OpenShift3 Access Control Misconfiguration in k8s.io/kubernetes

GO-2023-2159: Kube-proxy may unintentionally forward traffic in k8s.io/kubernetes

GO-2023-2170: Kubernetes privilege escalation vulnerability in k8s.io/kubernetes

GO-2023-2330: Kubernetes privilege escalation vulnerability in k8s.io/kubernetes

GO-2023-2341: Kubernetes Improper Input Validation vulnerability in k8s.io/kubernetes

GO-2024-2748: Privilege Escalation in Kubernetes in k8s.io/apimachinery

GO-2024-2754: Sensitive Information leak via Log File in Kubernetes in k8s.io/kubernetes

GO-2024-2755: Sensitive Information leak via Log File in Kubernetes in k8s.io/kubernetes

GO-2024-2994: Kubernetes sets incorrect permissions on Windows containers logs in k8s.io/kubernetes

binding

package

v0.7.3 Latest Latest Go to latest Published: Jan 8, 2015 License: Apache-2.0 Imports: 6 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/kubernetes/kubernetes

Links

Open Source Insights

Documentation ¶

Overview ¶

Package binding contains the middle layer logic for bindings. Bindings are objects containing instructions for how a pod ought to be bound to a host. This allows a registry object which supports this action (ApplyBinding) to be served through an apiserver.

Index ¶

type MockRegistry
- func (mr MockRegistry) ApplyBinding(ctx api.Context, binding *api.Binding) error
type REST
- func NewREST(bindingRegistry Registry) *REST
type Registry

Constants ¶

This section is empty.

Variables ¶

This section is empty.

Functions ¶

This section is empty.

Types ¶

type MockRegistry ¶

type MockRegistry struct {
	OnApplyBinding func(binding *api.Binding) error
}

MockRegistry can be used for testing.

func (MockRegistry) ApplyBinding ¶

func (mr MockRegistry) ApplyBinding(ctx api.Context, binding *api.Binding) error

type REST ¶

type REST struct {
	// contains filtered or unexported fields
}

REST implements the RESTStorage interface for bindings. When bindings are written, it changes the location of the affected pods. This information is eventually reflected in the pod's CurrentState.Host field.

func NewREST ¶

func NewREST(bindingRegistry Registry) *REST

NewREST creates a new REST backed by the given bindingRegistry.

func (*REST) Create ¶

func (b *REST) Create(ctx api.Context, obj runtime.Object) (<-chan apiserver.RESTResult, error)

Create attempts to make the assignment indicated by the binding it recieves.

func (*REST) Delete ¶

func (*REST) Delete(ctx api.Context, id string) (<-chan apiserver.RESTResult, error)

Delete returns an error because bindings are write-only objects.

func (*REST) Get ¶

func (*REST) Get(ctx api.Context, id string) (runtime.Object, error)

Get returns an error because bindings are write-only objects.

func (*REST) List ¶

func (*REST) List(ctx api.Context, label, field labels.Selector) (runtime.Object, error)

List returns an error because bindings are write-only objects.

func (*REST) New ¶

func (*REST) New() runtime.Object

New returns a new binding object fit for having data unmarshalled into it.

func (*REST) Update ¶

func (b *REST) Update(ctx api.Context, obj runtime.Object) (<-chan apiserver.RESTResult, error)

Update returns an error-- this object may not be updated.

type Registry ¶

type Registry interface {
	// ApplyBinding should apply the binding. That is, it should actually
	// assign or place pod binding.PodID on machine binding.Host.
	ApplyBinding(ctx api.Context, binding *api.Binding) error
}

Registry contains the functions needed to support a BindingStorage.

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL