Add security requirement to root OpenAPI V3

kubernetes / kube-openapi

Kubernetes OpenAPI spec generation & serving

Apache License 2.0

317 stars 205 forks source link

Add security requirement to root OpenAPI V3 #432

Closed Jefftree closed 1 year ago

Jefftree commented 1 year ago

While looking into k8s authentication, noticed this field should be used but is missing from the OpenAPI V3. See https://spec.openapis.org/oas/v3.0.0#openapi-object and https://spec.openapis.org/oas/v3.0.0#securityRequirementObject

/assign @apelisse

apelisse commented 1 year ago

~Do we have corresponding fields for this in OpenAPI v2?~

EDIT: Sorry, I should have looked at the patch beforehand. I thought they were values, not fields :-)

Jefftree commented 1 year ago

Yes this field is already present and used in v2. swagger.json contains an extra

  "security": [
    {
      "BearerToken": []
    }
  ],

that is not present in the v3 json. How many people rely on this -shrug-, but it's good to be consistent.

Jefftree commented 1 year ago

@apelisse fixed the CI :)

apelisse commented 1 year ago

/lgtm /approve

k8s-ci-robot commented 1 year ago

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: apelisse, Jefftree

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Needs approval from an approver in each of these files: - ~~[OWNERS](https://github.com/kubernetes/kube-openapi/blob/master/OWNERS)~~ [Jefftree,apelisse] Approvers can indicate their approval by writing `/approve` in a comment Approvers can cancel approval by writing `/approve cancel` in a comment