Affected by GO-2022-0617 and 21 other vulnerabilities

GO-2022-0617: WITHDRAWN: Potential proxy IP restriction bypass in Kubernetes in k8s.io/kubernetes

GO-2022-0782: Symlink Attack in kubectl cp in k8s.io/kubernetes

GO-2022-0885: Improper Authentication in Kubernetes in k8s.io/kubernetes

GO-2022-0890: Server Side Request Forgery (SSRF) in Kubernetes in k8s.io/kubernetes

GO-2022-0907: Access Restriction Bypass in kube-apiserver in k8s.io/kubernetes

GO-2022-0910: Files or Directories Accessible to External Parties in kubernetes in k8s.io/kubernetes

GO-2022-0983: ANSI escape characters not filtered in kubectl in k8s.io/kubernetes

GO-2023-1864: Kubelet vulnerable to bypass of seccomp profile enforcement in k8s.io/kubernetes

GO-2023-1891: Vulnerable to policy bypass in kube-apiserver in k8s.io/kubernetes

GO-2023-1892: Kubernetes mountable secrets policy bypass in k8s.io/kubernetes

GO-2023-1985: Kubernetes in OpenShift3 Access Control Misconfiguration in k8s.io/kubernetes

GO-2023-2159: Kube-proxy may unintentionally forward traffic in k8s.io/kubernetes

GO-2023-2341: Kubernetes Improper Input Validation vulnerability in k8s.io/kubernetes

GO-2024-2748: Privilege Escalation in Kubernetes in k8s.io/apimachinery

GO-2024-2754: Sensitive Information leak for users of Ceph RBD via Log File in k8s.io/kubernetes

GO-2024-2755: Sensitive Information leak for VSphere users via Log File in k8s.io/kubernetes

GO-2024-2994: Kubernetes sets incorrect permissions on Windows containers logs in k8s.io/kubernetes

GO-2024-3277: Kubernetes Nil pointer dereference in KCM after v1 HPA patch request in k8s.io/kubernetes

GO-2025-3465: Node Denial of Service via kubelet Checkpoint API in k8s.io/kubernetes

GO-2025-3521: Kubernetes GitRepo Volume Inadvertent Local Repository Access in k8s.io/kubernetes

GO-2025-3522: Kubernetes allows Command Injection affecting Windows nodes via nodes/*/logs/query API in k8s.io/kubernetes

GO-2025-3915: Kubernetes Nodes can delete themselves by adding an OwnerReference in k8s.io/kubernetes

service

package

v0.4.2 Latest Latest Go to latest Published: Oct 29, 2014 License: Apache-2.0 Imports: 18 Imported by: 0

Details

Valid go.mod file
Redistributable license
Tagged version
Stable version
Learn more about best practices

Repository

github.com/kubernetes/kubernetes

Links

Open Source Insights

Documentation ¶

Overview ¶

Package service provides Registry interface and it's RESTStorage implementation for storing Service api objects.

Index ¶

func GetServiceEnvironmentVariables(ctx api.Context, registry Registry, machine string) ([]api.EnvVar, error)
type REST
- func NewREST(registry Registry, cloud cloudprovider.Interface, machines minion.Registry) *REST
type Registry

Constants ¶

This section is empty.

Variables ¶

This section is empty.

Functions ¶

func GetServiceEnvironmentVariables ¶

func GetServiceEnvironmentVariables(ctx api.Context, registry Registry, machine string) ([]api.EnvVar, error)

GetServiceEnvironmentVariables populates a list of environment variables that are use in the container environment to get access to services.

Types ¶

type REST ¶

type REST struct {
	// contains filtered or unexported fields
}

REST adapts a service registry into apiserver's RESTStorage model.

func NewREST ¶

func NewREST(registry Registry, cloud cloudprovider.Interface, machines minion.Registry) *REST

NewREST returns a new REST.

func (*REST) Create ¶

func (rs *REST) Create(ctx api.Context, obj runtime.Object) (<-chan runtime.Object, error)

func (*REST) Delete ¶

func (rs *REST) Delete(ctx api.Context, id string) (<-chan runtime.Object, error)

func (*REST) Get ¶

func (rs *REST) Get(ctx api.Context, id string) (runtime.Object, error)

func (*REST) List ¶

func (rs *REST) List(ctx api.Context, label, field labels.Selector) (runtime.Object, error)

TODO: implement field selector?

func (*REST) New ¶

func (*REST) New() runtime.Object

func (*REST) ResourceLocation ¶

func (rs *REST) ResourceLocation(ctx api.Context, id string) (string, error)

ResourceLocation returns a URL to which one can send traffic for the specified service.

func (*REST) Update ¶

func (rs *REST) Update(ctx api.Context, obj runtime.Object) (<-chan runtime.Object, error)

func (*REST) Watch ¶

func (rs *REST) Watch(ctx api.Context, label, field labels.Selector, resourceVersion string) (watch.Interface, error)

Watch returns Services events via a watch.Interface. It implements apiserver.ResourceWatcher.

type Registry ¶

type Registry interface {
	ListServices(ctx api.Context) (*api.ServiceList, error)
	CreateService(ctx api.Context, svc *api.Service) error
	GetService(ctx api.Context, name string) (*api.Service, error)
	DeleteService(ctx api.Context, name string) error
	UpdateService(ctx api.Context, svc *api.Service) error
	WatchServices(ctx api.Context, labels, fields labels.Selector, resourceVersion string) (watch.Interface, error)

	// TODO: endpoints and their implementation should be separated, setting endpoints should be
	// supported via the API, and the endpoints-controller should use the API to update endpoints.
	endpoint.Registry
}

Registry is an interface for things that know how to store services.

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL