[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: Web hooks moving in v1beta3 to be at a different path






> On May 7, 2015, at 5:03 PM, Erik M Jacobs <ejacobs redhat com> wrote:
> 
>> On 05/07/2015 01:33 PM, Clayton Coleman wrote:
>> https://github.com/openshift/origin/pull/2082 moves webhooks for v1beta3 from:
>> 
>>    /osapi/v1beta1/buildConfigHooks/<name>/<secret>/<type>
>> 
>> to
>> 
>>    /osapi/v1beta3/namespaces/<namespace>/buildconfigs/<name>/webhooks/<secret>/<type>
>> 
>> Web hooks will now be secured by the default policy engine (but by default, system:unauthenticated AKA everyone has access to them).
> 
> So I interpret this as meaning that we can require authentication if we
> wanted?

Yes

> 
> Would this be user-configurable (eg: non-cluster-admin)?
> 

If the cluster admin granted anonymous webhook permission globally, it couldn't revoked in a particular namespace (permissions are additive only), but otherwise yes. 


> _______________________________________________
> dev mailing list
> dev lists openshift redhat com
> http://lists.openshift.redhat.com/openshiftmm/listinfo/dev


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]