- fixing up on the comments raised by on the review

gambol99 · gambol99 · commit 79cff25eb4dd · 2018-07-06T20:14:35.000+01:00
diff --git a/node-authorizer/pkg/authorizers/alwaysallow/authorizer.go b/node-authorizer/pkg/authorizers/alwaysallow/authorizer.go
@@ -25,19 +25,19 @@ import (
 // alwaysAllowAuth is the implementation for a node authozier
 type alwaysAllowAuth struct{}
 
-// NewAuthorizer creates and returns a aws node authorizer
+// NewAuthorizer creates and returns a alwaysAllow node authorizer
 func NewAuthorizer() (server.Authorizer, error) {
 	return &alwaysAllowAuth{}, nil
 }
 
-// Admit is responsible for accepting the request
+// Authorize is responsible for accepting the request
 func (a *alwaysAllowAuth) Authorize(_ context.Context, req *server.NodeRegistration) error {
 	req.Status.Allowed = true
 
 	return nil
 }
 
-// Name returns the name of of the authozier
+// Name returns the name of the authorizer
 func (a *alwaysAllowAuth) Name() string {
 	return "alwaysAllow"
 }
diff --git a/node-authorizer/pkg/authorizers/aws/authorizer.go b/node-authorizer/pkg/authorizers/aws/authorizer.go
@@ -41,13 +41,13 @@ import (
 
 const (
 	// the default tag used to indicates a kubernetes cluster name
-	kubenetesClusterTag = "KubernetesCluster"
+	kubernetesClusterTag = "KubernetesCluster"
 )
 
 // a collection of aws public signing certificates
 var publicCertificates []*x509.Certificate
 
-// awsNodeAuthorizer is the implementation for a node authozier
+// awsNodeAuthorizer is the implementation for a node authorizer
 type awsNodeAuthorizer struct {
 	// client is the ec2 interface
 	client ec2iface.EC2API
@@ -157,7 +157,7 @@ func (a *awsNodeAuthorizer) validateNodeInstance(ctx context.Context, doc *ec2me
 	}
 
 	// @check the instance is tagged with our kubernetes cluster id
-	if !hasInstanceTags(kubenetesClusterTag, a.config.ClusterName, instance.Tags) {
+	if !hasInstanceTags(kubernetesClusterTag, a.config.ClusterName, instance.Tags) {
 		return "missing cluster tag", nil
 	}
 
diff --git a/node-authorizer/pkg/server/metrics.go b/node-authorizer/pkg/server/metrics.go
@@ -30,7 +30,7 @@ var (
 	authorizeRequestLatencyMetric = prometheus.NewSummary(
 		prometheus.SummaryOpts{
 			Name: "node_request_latency_seconds",
-			Help: "A summary of the latency for incoming node authoriation requests",
+			Help: "A summary of the latency for incoming node authorization requests",
 		},
 	)
 	authorizerLatencyMetric = prometheus.NewSummary(
diff --git a/node-authorizer/pkg/server/types.go b/node-authorizer/pkg/server/types.go
@@ -115,7 +115,7 @@ type Token struct {
 type NodeRegistrationSpec struct {
 	// NodeName is the name of the node
 	NodeName string
-	// RemoteaAddr is the address of the requester
+	// RemoteAddr is the address of the requester
 	RemoteAddr string
 	// Request is the request body
 	Request []byte
@@ -161,9 +161,6 @@ func (c *Config) IsValid() error {
 	if c.TLSPrivateKeyPath == "" {
 		return errors.New("no private key")
 	}
-	if c.Port <= 0 && c.Port >= 65535 {
-		return errors.New("invalid port")
-	}
 
 	return nil
 }
diff --git a/nodeup/pkg/model/node_authorizer.go b/nodeup/pkg/model/node_authorizer.go
@@ -92,7 +92,7 @@ func (b *NodeAuthorizationBuilder) Build(c *fi.ModelBuilderContext) error {
 	glog.V(3).Infof("bootstrap: %t, node authorization: %t, node authorizer: %t", b.UseBootstrapTokens(),
 		b.UseNodeAuthorization(), b.UseNodeAuthorizer())
 
-	// @check if the NodeAuhtorizer provision the client service for nodes
+	// @check if the NodeAuthorizer provision the client service for nodes
 	if b.UseNodeAuthorizer() && !b.IsMaster {
 		na := b.Cluster.Spec.NodeAuthorization.NodeAuthorizer
 
diff --git a/pkg/model/bootstrapscript.go b/pkg/model/bootstrapscript.go
@@ -138,7 +138,7 @@ func (b *BootstrapScript) ResourceNodeUp(ig *kops.InstanceGroup, cluster *kops.C
 			}
 			if cs.KubeAPIServer.EnableBootstrapAuthToken != nil {
 				spec["kubeAPIServer"] = map[string]interface{}{
-					"enableBootstrapTokenAuth": cs.KubeAPIServer.EnableBootstrapAuthToken,
+					"enableBootstrapAuthToken": cs.KubeAPIServer.EnableBootstrapAuthToken,
 				}
 			}
 
diff --git a/upup/pkg/fi/cloudup/bootstrapchannelbuilder.go b/upup/pkg/fi/cloudup/bootstrapchannelbuilder.go
@@ -113,7 +113,7 @@ func (b *BootstrapChannelBuilder) buildManifest() (*channelsapi.Addons, map[stri
 	// @check if podsecuritypolicies are enabled and if so, push the default kube-system policy
 	if b.cluster.Spec.KubeAPIServer != nil && b.cluster.Spec.KubeAPIServer.HasAdmissionController("PodSecurityPolicy") {
 		key := "podsecuritypolicy.addons.k8s.io"
-		version := "0.0.3"
+		version := "0.0.4"
 
 		{
 			location := key + "/k8s-1.9.yaml"

Original file line number	Diff line number	Diff line change
`@@ -25,19 +25,19 @@ import (`
`25`	`25`	`// alwaysAllowAuth is the implementation for a node authozier`
`26`	`26`	`type alwaysAllowAuth struct{}`
`27`	`27`
`28`		`-// NewAuthorizer creates and returns a aws node authorizer`
	`28`	`+// NewAuthorizer creates and returns a alwaysAllow node authorizer`
`29`	`29`	`func NewAuthorizer() (server.Authorizer, error) {`
`30`	`30`	`return &alwaysAllowAuth{}, nil`
`31`	`31`	`}`
`32`	`32`
`33`		`-// Admit is responsible for accepting the request`
	`33`	`+// Authorize is responsible for accepting the request`
`34`	`34`	`func (a alwaysAllowAuth) Authorize(_ context.Context, req server.NodeRegistration) error {`
`35`	`35`	`req.Status.Allowed = true`
`36`	`36`
`37`	`37`	`return nil`
`38`	`38`	`}`
`39`	`39`
`40`		`-// Name returns the name of of the authozier`
	`40`	`+// Name returns the name of the authorizer`
`41`	`41`	`func (a *alwaysAllowAuth) Name() string {`
`42`	`42`	`return "alwaysAllow"`
`43`	`43`	`}`
Original file line number	Diff line number	Diff line change
`@@ -41,13 +41,13 @@ import (`
`41`	`41`
`42`	`42`	`const (`
`43`	`43`	`// the default tag used to indicates a kubernetes cluster name`
`44`		`- kubenetesClusterTag = "KubernetesCluster"`
	`44`	`+ kubernetesClusterTag = "KubernetesCluster"`
`45`	`45`	`)`
`46`	`46`
`47`	`47`	`// a collection of aws public signing certificates`
`48`	`48`	`var publicCertificates []*x509.Certificate`
`49`	`49`
`50`		`-// awsNodeAuthorizer is the implementation for a node authozier`
	`50`	`+// awsNodeAuthorizer is the implementation for a node authorizer`
`51`	`51`	`type awsNodeAuthorizer struct {`
`52`	`52`	`// client is the ec2 interface`
`53`	`53`	`client ec2iface.EC2API`
`@@ -157,7 +157,7 @@ func (a awsNodeAuthorizer) validateNodeInstance(ctx context.Context, doc ec2me`
`157`	`157`	`}`
`158`	`158`
`159`	`159`	`// @check the instance is tagged with our kubernetes cluster id`
`160`		`- if !hasInstanceTags(kubenetesClusterTag, a.config.ClusterName, instance.Tags) {`
	`160`	`+ if !hasInstanceTags(kubernetesClusterTag, a.config.ClusterName, instance.Tags) {`
`161`	`161`	`return "missing cluster tag", nil`
`162`	`162`	`}`
`163`	`163`
Original file line number	Diff line number	Diff line change
`@@ -30,7 +30,7 @@ var (`
`30`	`30`	`authorizeRequestLatencyMetric = prometheus.NewSummary(`
`31`	`31`	`prometheus.SummaryOpts{`
`32`	`32`	`Name: "node_request_latency_seconds",`
`33`		`- Help: "A summary of the latency for incoming node authoriation requests",`
	`33`	`+ Help: "A summary of the latency for incoming node authorization requests",`
`34`	`34`	`},`
`35`	`35`	`)`
`36`	`36`	`authorizerLatencyMetric = prometheus.NewSummary(`
Original file line number	Diff line number	Diff line change
`@@ -138,7 +138,7 @@ func (b BootstrapScript) ResourceNodeUp(ig kops.InstanceGroup, cluster *kops.C`
`138`	`138`	`}`
`139`	`139`	`if cs.KubeAPIServer.EnableBootstrapAuthToken != nil {`
`140`	`140`	`spec["kubeAPIServer"] = map[string]interface{}{`
`141`		`- "enableBootstrapTokenAuth": cs.KubeAPIServer.EnableBootstrapAuthToken,`
	`141`	`+ "enableBootstrapAuthToken": cs.KubeAPIServer.EnableBootstrapAuthToken,`
`142`	`142`	`}`
`143`	`143`	`}`
`144`	`144`
Original file line number	Diff line number	Diff line change
`@@ -113,7 +113,7 @@ func (b BootstrapChannelBuilder) buildManifest() (channelsapi.Addons, map[stri`
`113`	`113`	`// @check if podsecuritypolicies are enabled and if so, push the default kube-system policy`
`114`	`114`	`if b.cluster.Spec.KubeAPIServer != nil && b.cluster.Spec.KubeAPIServer.HasAdmissionController("PodSecurityPolicy") {`
`115`	`115`	`key := "podsecuritypolicy.addons.k8s.io"`
`116`		`- version := "0.0.3"`
	`116`	`+ version := "0.0.4"`
`117`	`117`
`118`	`118`	`{`
`119`	`119`	`location := key + "/k8s-1.9.yaml"`