extensionclusterrole

package
v1.101.3 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Sep 6, 2024 License: Apache-2.0 Imports: 28 Imported by: 0

Documentation

Index

Constants

View Source
const ControllerName = "controllerregistration-extension-clusterrole"

ControllerName is the name of this controller.

Variables

This section is empty.

Functions

This section is empty.

Types

type Reconciler

type Reconciler struct {
	Client client.Client
}

Reconciler reconciles ClusterRoles for additional extension permissions and creates ClusterRoleBindings for binding extension service accounts to such ClusterRoles.

func (*Reconciler) AddToManager

func (r *Reconciler) AddToManager(ctx context.Context, mgr manager.Manager) error

AddToManager adds Reconciler to the given manager.

func (*Reconciler) MapToMatchingClusterRoles

func (r *Reconciler) MapToMatchingClusterRoles(ctx context.Context, log logr.Logger, reader client.Reader, serviceAccount client.Object) []reconcile.Request

MapToMatchingClusterRoles returns reconcile.Request objects for all ClusterRoles whose service account selector matches the labels of the given service account object.

func (*Reconciler) Reconcile

func (r *Reconciler) Reconcile(ctx context.Context, request reconcile.Request) (reconcile.Result, error)

Reconcile reconciles ClusterRoles. It creates related ClusterRoleBindings or updates their subjects to match ServiceAccounts selected by the ClusterRoles via 'authorization.gardener.cloud/extensions-serviceaccount-selector' annotation.

func (*Reconciler) ServiceAccountPredicate

func (r *Reconciler) ServiceAccountPredicate() predicate.Predicate

ServiceAccountPredicate returns true when the namespace is prefixed with `seed-`.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL