package token
import "k8s.io/kubernetes/pkg/kubelet/token"
Package token implements a manager of serviceaccount tokens for pods running on the node.
Index ¶
Types ¶
type Manager ¶
type Manager struct {
// contains filtered or unexported fields
}
Manager manages service account tokens for pods.
func NewManager ¶
NewManager returns a new token manager.
func (*Manager) DeleteServiceAccountToken ¶
DeleteServiceAccountToken should be invoked when pod got deleted. It simply clean token manager cache.
func (*Manager) GetServiceAccountToken ¶
func (m *Manager) GetServiceAccountToken(namespace, name string, tr *authenticationv1.TokenRequest) (*authenticationv1.TokenRequest, error)
GetServiceAccountToken gets a service account token for a pod from cache or from the TokenRequest API. This process is as follows: * Check the cache for the current token request. * If the token exists and does not require a refresh, return the current token. * Attempt to refresh the token. * If the token is refreshed successfully, save it in the cache and return the token. * If refresh fails and the old token is still valid, log an error and return the old token. * If refresh fails and the old token is no longer valid, return an error
Source Files ¶
token_manager.go
- Version
- v1.33.0 (latest)
- Published
- Apr 23, 2025
- Platform
- linux/amd64
- Imports
- 14 packages
- Last checked
- 3 hours ago –
Tools for package owners.