search

jetstack / kube-oidc-proxy

Reverse proxy to authenticate to managed Kubernetes API servers via OIDC.
https://jetstack.io
Apache License 2.0
477 stars 91 forks source link

Auditing #138

Closed JoshVanL closed 4 years ago

JoshVanL commented 4 years ago

This PR adds auditing functionality. This exposes the same options that the Kubernetes apiserver has except it does not support dynamic configuration. This PR adds e2e tests for the auditing, including the audit webhook by using a custom webhook that writes incoming audit logs to file.

This is rebased on top of #136 and should be merged first

/hold fixes #62 /assign @simonswine 

Adds Auditing functionality
jetstack-bot commented 4 years ago

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: JoshVanL

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Needs approval from an approver in each of these files: - ~~[OWNERS](https://github.com/jetstack/kube-oidc-proxy/blob/master/OWNERS)~~ [JoshVanL] Approvers can indicate their approval by writing `/approve` in a comment Approvers can cancel approval by writing `/approve cancel` in a comment
munnerz commented 4 years ago

/cc

JoshVanL commented 4 years ago

/unassign @simonswine
/assign @munnerz

JoshVanL commented 4 years ago

/retest

JoshVanL commented 4 years ago

/hold cancel

JoshVanL commented 4 years ago

Think I have addressed all of your comments, should be good for another look /assign @munnerz

munnerz commented 4 years ago

I'll leave unholding to you :)

/lgtm /hold

JoshVanL commented 4 years ago

/hold cancel