WIP: Make the console display an informative page when no auth source is configured #13802
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This is a different take on #13713.
The PR splits CSRF identification from authentication as these are generally two separate concepts.
There are generalization fixes that leverage the ability of static user authentication to be used as yet another authenticator.
The
k8s-auth
flag is deprecated and setting it no longer does anything. This removes a single use-case of a development pod running inside of the cluster withk8s-auth
being set to "service-account". This behavior can be emulated by using the SA token directly. As an alternative, we could add a "k8s-auth-bearer-token-file" option. This would've likely been a better idea than having the token be pasted in options as we do nowadays./assign @jhadvig