Documentation
¶
Index ¶
- func DeleteClusterRole(clusterRole string, config *Config, logger logur.Logger) error
- func DeleteRBAC(saName string, config *Config, logger logur.Logger) error
- func WatchClusterRoles(config *Config, logger logur.Logger) error
- func WatchSATokens(config *Config, logger logur.Logger) error
- type Config
- type CustomGroup
- type CustomRule
- type RBACHandler
- type RBACList
- type SACredential
- type ServiceAccount
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func DeleteClusterRole ¶
DeleteClusterRole deletes ClusterRole resources
func DeleteRBAC ¶
DeleteRBAC deletes RBAC resources
func WatchClusterRoles ¶
WatchClusterRoles watch if any CustomGroup rule changes and apply them
Types ¶
type Config ¶
type Config struct {
CustomGroups []CustomGroup
KubeConfig string
TokenTTL string
GithubOrg string
EnableCreateSAToken bool
}
type CustomGroup ¶
type CustomGroup struct {
GroupName string
CustomRules []CustomRule
NameSpaces []string
}
type CustomRule ¶
type RBACHandler ¶
type RBACHandler struct {
// contains filtered or unexported fields
}
RBACHandler implements getting, creating and deleting resources
func NewRBACHandler ¶
func NewRBACHandler(kubeconfig string, logger logur.Logger) (*RBACHandler, error)
NewRBACHandler create RBACHandler
type RBACList ¶
type SACredential ¶
func CreateSAToken ¶
func CreateSAToken(saName string, config *Config, duration string, logger logur.Logger) (*SACredential, error)
CreateSAToken creates service account token with ttl
func GetK8sToken ¶
GetK8sToken getting serviceaccount secrets data
type ServiceAccount ¶
type ServiceAccount struct {
Name string
// contains filtered or unexported fields
}
serviceAccount implements create ServiceAccount
func CreateRBAC ¶
func CreateRBAC(user *tokenhandler.User, config *Config, logger logur.Logger) (*ServiceAccount, error)
CreateRBAC create RBAC resources
Source Files
Click to show internal directories.
Click to hide internal directories.