403 responses

Question

403 responses

Closed this issue 2 years ago · 3 comments

I took a look at /apis/operation/1.26/deleteApiregistrationV1APIService/ and I can see that responses could have status 200, 202, or 401.

However, I think Kubernetes could also return a 403 Forbidden response, which KAB doesn't yet list.

This was for container image quay.io/tengqm/kab:0.12.0.

Answer 1 · 2023-01-03T10:01:55.000Z

Okay. Checking.

Answer 2 · 2023-01-03T10:49:43.000Z

Checked the swagger.json (v2) and the JSON files for OpenAPI v3, the response code there only lists '200', '401'. Sometimes, '202' is listed as well.
Tracking back to the source code, we can see that the k8s.io/apiserver package hardcoded 401 as the only common response code, and used that as the default for almost all operations. (https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apiserver/pkg/server/config.go#L536-L542).

Currently, for operations, KAB only faithfully dump whatever responses as documented in the upstream OpenAPI JSON. Fixing that would be a huge job.

Answer 3 · 2023-01-03T10:57:11.000Z

OK, so this really needs to go upstream. Makes sense.