reconciliation

package
v0.0.0-...-d88c8b5 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Feb 9, 2021 License: Apache-2.0 Imports: 14 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

This section is empty.

Types

type ClusterRoleBindingAdapter

type ClusterRoleBindingAdapter struct {
	ClusterRoleBinding *rbacv1.ClusterRoleBinding
}

+k8s:deepcopy-gen=true +k8s:deepcopy-gen:interfaces=k8s.io/kubernetes/pkg/registry/rbac/reconciliation.RoleBinding +k8s:deepcopy-gen:nonpointer-interfaces=true

func (*ClusterRoleBindingAdapter) DeepCopy

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ClusterRoleBindingAdapter.

func (*ClusterRoleBindingAdapter) DeepCopyInto

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (ClusterRoleBindingAdapter) DeepCopyRoleBinding

func (in ClusterRoleBindingAdapter) DeepCopyRoleBinding() RoleBinding

DeepCopyRoleBinding is an autogenerated deepcopy function, copying the receiver, creating a new RoleBinding.

func (ClusterRoleBindingAdapter) GetAnnotations

func (o ClusterRoleBindingAdapter) GetAnnotations() map[string]string

func (ClusterRoleBindingAdapter) GetLabels

func (o ClusterRoleBindingAdapter) GetLabels() map[string]string

func (ClusterRoleBindingAdapter) GetName

func (o ClusterRoleBindingAdapter) GetName() string

func (ClusterRoleBindingAdapter) GetNamespace

func (o ClusterRoleBindingAdapter) GetNamespace() string

func (ClusterRoleBindingAdapter) GetObject

func (ClusterRoleBindingAdapter) GetRoleRef

func (o ClusterRoleBindingAdapter) GetRoleRef() rbacv1.RoleRef

func (ClusterRoleBindingAdapter) GetSubjects

func (o ClusterRoleBindingAdapter) GetSubjects() []rbacv1.Subject

func (ClusterRoleBindingAdapter) GetUID

func (o ClusterRoleBindingAdapter) GetUID() types.UID

func (ClusterRoleBindingAdapter) SetAnnotations

func (o ClusterRoleBindingAdapter) SetAnnotations(in map[string]string)

func (ClusterRoleBindingAdapter) SetLabels

func (o ClusterRoleBindingAdapter) SetLabels(in map[string]string)

func (ClusterRoleBindingAdapter) SetSubjects

func (o ClusterRoleBindingAdapter) SetSubjects(in []rbacv1.Subject)

type ClusterRoleBindingClientAdapter

type ClusterRoleBindingClientAdapter struct {
	Client rbacv1client.ClusterRoleBindingInterface
}

func (ClusterRoleBindingClientAdapter) Create

func (ClusterRoleBindingClientAdapter) Delete

func (c ClusterRoleBindingClientAdapter) Delete(namespace, name string, uid types.UID) error

func (ClusterRoleBindingClientAdapter) Get

func (c ClusterRoleBindingClientAdapter) Get(namespace, name string) (RoleBinding, error)

func (ClusterRoleBindingClientAdapter) Update

type ClusterRoleModifier

type ClusterRoleModifier struct {
	Client rbacv1client.ClusterRoleInterface
}

func (ClusterRoleModifier) Create

func (c ClusterRoleModifier) Create(in RuleOwner) (RuleOwner, error)

func (ClusterRoleModifier) Get

func (c ClusterRoleModifier) Get(namespace, name string) (RuleOwner, error)

func (ClusterRoleModifier) Update

func (c ClusterRoleModifier) Update(in RuleOwner) (RuleOwner, error)

type ClusterRoleRuleOwner

type ClusterRoleRuleOwner struct {
	ClusterRole *rbacv1.ClusterRole
}

+k8s:deepcopy-gen=true +k8s:deepcopy-gen:interfaces=k8s.io/kubernetes/pkg/registry/rbac/reconciliation.RuleOwner +k8s:deepcopy-gen:nonpointer-interfaces=true

func (*ClusterRoleRuleOwner) DeepCopy

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ClusterRoleRuleOwner.

func (*ClusterRoleRuleOwner) DeepCopyInto

func (in *ClusterRoleRuleOwner) DeepCopyInto(out *ClusterRoleRuleOwner)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (ClusterRoleRuleOwner) DeepCopyRuleOwner

func (in ClusterRoleRuleOwner) DeepCopyRuleOwner() RuleOwner

DeepCopyRuleOwner is an autogenerated deepcopy function, copying the receiver, creating a new RuleOwner.

func (ClusterRoleRuleOwner) GetAggregationRule

func (o ClusterRoleRuleOwner) GetAggregationRule() *rbacv1.AggregationRule

func (ClusterRoleRuleOwner) GetAnnotations

func (o ClusterRoleRuleOwner) GetAnnotations() map[string]string

func (ClusterRoleRuleOwner) GetLabels

func (o ClusterRoleRuleOwner) GetLabels() map[string]string

func (ClusterRoleRuleOwner) GetName

func (o ClusterRoleRuleOwner) GetName() string

func (ClusterRoleRuleOwner) GetNamespace

func (o ClusterRoleRuleOwner) GetNamespace() string

func (ClusterRoleRuleOwner) GetObject

func (o ClusterRoleRuleOwner) GetObject() runtime.Object

func (ClusterRoleRuleOwner) GetRules

func (o ClusterRoleRuleOwner) GetRules() []rbacv1.PolicyRule

func (ClusterRoleRuleOwner) SetAggregationRule

func (o ClusterRoleRuleOwner) SetAggregationRule(in *rbacv1.AggregationRule)

func (ClusterRoleRuleOwner) SetAnnotations

func (o ClusterRoleRuleOwner) SetAnnotations(in map[string]string)

func (ClusterRoleRuleOwner) SetLabels

func (o ClusterRoleRuleOwner) SetLabels(in map[string]string)

func (ClusterRoleRuleOwner) SetRules

func (o ClusterRoleRuleOwner) SetRules(in []rbacv1.PolicyRule)

type ReconcileClusterRoleBindingResult

type ReconcileClusterRoleBindingResult struct {
	// RoleBinding is the reconciled rolebinding from the reconciliation operation.
	// If the reconcile was performed as a dry-run, or the existing rolebinding was protected, the reconciled rolebinding is not persisted.
	RoleBinding RoleBinding

	// MissingSubjects contains expected subjects that were missing from the currently persisted rolebinding
	MissingSubjects []rbacv1.Subject
	// ExtraSubjects contains extra subjects the currently persisted rolebinding had
	ExtraSubjects []rbacv1.Subject

	// Operation is the API operation required to reconcile.
	// If no reconciliation was needed, it is set to ReconcileNone.
	// If options.Confirm == false, the reconcile was in dry-run mode, so the operation was not performed.
	// If result.Protected == true, the rolebinding opted out of reconciliation, so the operation was not performed.
	// Otherwise, the operation was performed.
	Operation ReconcileOperation
	// Protected indicates an existing role prevented reconciliation
	Protected bool
}

ReconcileClusterRoleBindingResult holds the result of a reconciliation operation.

type ReconcileClusterRoleResult

type ReconcileClusterRoleResult struct {
	// Role is the reconciled role from the reconciliation operation.
	// If the reconcile was performed as a dry-run, or the existing role was protected, the reconciled role is not persisted.
	Role RuleOwner

	// MissingRules contains expected rules that were missing from the currently persisted role
	MissingRules []rbacv1.PolicyRule
	// ExtraRules contains extra permissions the currently persisted role had
	ExtraRules []rbacv1.PolicyRule

	// MissingAggregationRuleSelectors contains expected selectors that were missing from the currently persisted role
	MissingAggregationRuleSelectors []metav1.LabelSelector
	// ExtraAggregationRuleSelectors contains extra selectors the currently persisted role had
	ExtraAggregationRuleSelectors []metav1.LabelSelector

	// Operation is the API operation required to reconcile.
	// If no reconciliation was needed, it is set to ReconcileNone.
	// If options.Confirm == false, the reconcile was in dry-run mode, so the operation was not performed.
	// If result.Protected == true, the role opted out of reconciliation, so the operation was not performed.
	// Otherwise, the operation was performed.
	Operation ReconcileOperation
	// Protected indicates an existing role prevented reconciliation
	Protected bool
}

type ReconcileOperation

type ReconcileOperation string
var (
	ReconcileCreate   ReconcileOperation = "create"
	ReconcileUpdate   ReconcileOperation = "update"
	ReconcileRecreate ReconcileOperation = "recreate"
	ReconcileNone     ReconcileOperation = "none"
)

type ReconcileRoleBindingOptions

type ReconcileRoleBindingOptions struct {
	// RoleBinding is the expected rolebinding that will be reconciled
	RoleBinding RoleBinding
	// Confirm indicates writes should be performed. When false, results are returned as a dry-run.
	Confirm bool
	// RemoveExtraSubjects indicates reconciliation should remove extra subjects from an existing role binding
	RemoveExtraSubjects bool
	// Client is used to look up existing rolebindings, and create/update the rolebinding when Confirm=true
	Client RoleBindingModifier
}

ReconcileRoleBindingOptions holds options for running a role binding reconciliation

func (*ReconcileRoleBindingOptions) Run

type ReconcileRoleOptions

type ReconcileRoleOptions struct {
	// Role is the expected role that will be reconciled
	Role RuleOwner
	// Confirm indicates writes should be performed. When false, results are returned as a dry-run.
	Confirm bool
	// RemoveExtraPermissions indicates reconciliation should remove extra permissions from an existing role
	RemoveExtraPermissions bool
	// Client is used to look up existing roles, and create/update the role when Confirm=true
	Client RuleOwnerModifier
}

func (*ReconcileRoleOptions) Run

type RoleBinding

type RoleBinding interface {
	GetObject() runtime.Object
	GetNamespace() string
	GetName() string
	GetUID() types.UID
	GetLabels() map[string]string
	SetLabels(map[string]string)
	GetAnnotations() map[string]string
	SetAnnotations(map[string]string)
	GetRoleRef() rbacv1.RoleRef
	GetSubjects() []rbacv1.Subject
	SetSubjects([]rbacv1.Subject)
	DeepCopyRoleBinding() RoleBinding
}

type RoleBindingAdapter

type RoleBindingAdapter struct {
	RoleBinding *rbacv1.RoleBinding
}

+k8s:deepcopy-gen=true +k8s:deepcopy-gen:interfaces=k8s.io/kubernetes/pkg/registry/rbac/reconciliation.RoleBinding +k8s:deepcopy-gen:nonpointer-interfaces=true

func (*RoleBindingAdapter) DeepCopy

func (in *RoleBindingAdapter) DeepCopy() *RoleBindingAdapter

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new RoleBindingAdapter.

func (*RoleBindingAdapter) DeepCopyInto

func (in *RoleBindingAdapter) DeepCopyInto(out *RoleBindingAdapter)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (RoleBindingAdapter) DeepCopyRoleBinding

func (in RoleBindingAdapter) DeepCopyRoleBinding() RoleBinding

DeepCopyRoleBinding is an autogenerated deepcopy function, copying the receiver, creating a new RoleBinding.

func (RoleBindingAdapter) GetAnnotations

func (o RoleBindingAdapter) GetAnnotations() map[string]string

func (RoleBindingAdapter) GetLabels

func (o RoleBindingAdapter) GetLabels() map[string]string

func (RoleBindingAdapter) GetName

func (o RoleBindingAdapter) GetName() string

func (RoleBindingAdapter) GetNamespace

func (o RoleBindingAdapter) GetNamespace() string

func (RoleBindingAdapter) GetObject

func (o RoleBindingAdapter) GetObject() runtime.Object

func (RoleBindingAdapter) GetRoleRef

func (o RoleBindingAdapter) GetRoleRef() rbacv1.RoleRef

func (RoleBindingAdapter) GetSubjects

func (o RoleBindingAdapter) GetSubjects() []rbacv1.Subject

func (RoleBindingAdapter) GetUID

func (o RoleBindingAdapter) GetUID() types.UID

func (RoleBindingAdapter) SetAnnotations

func (o RoleBindingAdapter) SetAnnotations(in map[string]string)

func (RoleBindingAdapter) SetLabels

func (o RoleBindingAdapter) SetLabels(in map[string]string)

func (RoleBindingAdapter) SetSubjects

func (o RoleBindingAdapter) SetSubjects(in []rbacv1.Subject)

type RoleBindingClientAdapter

type RoleBindingClientAdapter struct {
	Client          rbacv1client.RoleBindingsGetter
	NamespaceClient corev1client.NamespaceInterface
}

func (RoleBindingClientAdapter) Create

func (RoleBindingClientAdapter) Delete

func (c RoleBindingClientAdapter) Delete(namespace, name string, uid types.UID) error

func (RoleBindingClientAdapter) Get

func (c RoleBindingClientAdapter) Get(namespace, name string) (RoleBinding, error)

func (RoleBindingClientAdapter) Update

type RoleBindingModifier

type RoleBindingModifier interface {
	Get(namespace, name string) (RoleBinding, error)
	Delete(namespace, name string, uid types.UID) error
	Create(RoleBinding) (RoleBinding, error)
	Update(RoleBinding) (RoleBinding, error)
}

type RoleModifier

type RoleModifier struct {
	Client          rbacv1client.RolesGetter
	NamespaceClient corev1client.NamespaceInterface
}

func (RoleModifier) Create

func (c RoleModifier) Create(in RuleOwner) (RuleOwner, error)

func (RoleModifier) Get

func (c RoleModifier) Get(namespace, name string) (RuleOwner, error)

func (RoleModifier) Update

func (c RoleModifier) Update(in RuleOwner) (RuleOwner, error)

type RoleRuleOwner

type RoleRuleOwner struct {
	Role *rbacv1.Role
}

+k8s:deepcopy-gen=true +k8s:deepcopy-gen:interfaces=k8s.io/kubernetes/pkg/registry/rbac/reconciliation.RuleOwner +k8s:deepcopy-gen:nonpointer-interfaces=true

func (*RoleRuleOwner) DeepCopy

func (in *RoleRuleOwner) DeepCopy() *RoleRuleOwner

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new RoleRuleOwner.

func (*RoleRuleOwner) DeepCopyInto

func (in *RoleRuleOwner) DeepCopyInto(out *RoleRuleOwner)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (RoleRuleOwner) DeepCopyRuleOwner

func (in RoleRuleOwner) DeepCopyRuleOwner() RuleOwner

DeepCopyRuleOwner is an autogenerated deepcopy function, copying the receiver, creating a new RuleOwner.

func (RoleRuleOwner) GetAggregationRule

func (o RoleRuleOwner) GetAggregationRule() *rbacv1.AggregationRule

func (RoleRuleOwner) GetAnnotations

func (o RoleRuleOwner) GetAnnotations() map[string]string

func (RoleRuleOwner) GetLabels

func (o RoleRuleOwner) GetLabels() map[string]string

func (RoleRuleOwner) GetName

func (o RoleRuleOwner) GetName() string

func (RoleRuleOwner) GetNamespace

func (o RoleRuleOwner) GetNamespace() string

func (RoleRuleOwner) GetObject

func (o RoleRuleOwner) GetObject() runtime.Object

func (RoleRuleOwner) GetRules

func (o RoleRuleOwner) GetRules() []rbacv1.PolicyRule

func (RoleRuleOwner) SetAggregationRule

func (o RoleRuleOwner) SetAggregationRule(in *rbacv1.AggregationRule)

func (RoleRuleOwner) SetAnnotations

func (o RoleRuleOwner) SetAnnotations(in map[string]string)

func (RoleRuleOwner) SetLabels

func (o RoleRuleOwner) SetLabels(in map[string]string)

func (RoleRuleOwner) SetRules

func (o RoleRuleOwner) SetRules(in []rbacv1.PolicyRule)

type RuleOwner

type RuleOwner interface {
	GetObject() runtime.Object
	GetNamespace() string
	GetName() string
	GetLabels() map[string]string
	SetLabels(map[string]string)
	GetAnnotations() map[string]string
	SetAnnotations(map[string]string)
	GetRules() []rbacv1.PolicyRule
	SetRules([]rbacv1.PolicyRule)
	GetAggregationRule() *rbacv1.AggregationRule
	SetAggregationRule(*rbacv1.AggregationRule)
	DeepCopyRuleOwner() RuleOwner
}

type RuleOwnerModifier

type RuleOwnerModifier interface {
	Get(namespace, name string) (RuleOwner, error)
	Create(RuleOwner) (RuleOwner, error)
	Update(RuleOwner) (RuleOwner, error)
}

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL