----------------------------------------------------------- This is an automatically generated e-mail. To reply, visit: https://reviews.apache.org/r/72816/#review221751 -----------------------------------------------------------
Ship it! So we actually rely on `LocalImplicitResourceProviderObjectApprover` to authorize CSI server, right? https://github.com/apache/mesos/blob/1.10.0/src/authorizer/local/authorizer.cpp#L1128:L1140 - Qian Zhang On Aug. 29, 2020, 8:44 a.m., Greg Mann wrote: > > ----------------------------------------------------------- > This is an automatically generated e-mail. To reply, visit: > https://reviews.apache.org/r/72816/ > ----------------------------------------------------------- > > (Updated Aug. 29, 2020, 8:44 a.m.) > > > Review request for mesos and Qian Zhang. > > > Repository: mesos > > > Description > ------- > > The CSI server must use a principal when authenticating > which contains a claim that allows the authorizer to > implicitly approve requests from the CSI server to the > agent's HTTP API. > > > Diffs > ----- > > src/slave/csi_server.cpp 3f29a814daf5335a9079a9a33d77c6bee72d321d > > > Diff: https://reviews.apache.org/r/72816/diff/1/ > > > Testing > ------- > > Testing details at the end of this chain. This patch is required for the > upcoming tests to pass when Mesos is built with SSL enabled. > > > Thanks, > > Greg Mann > >
