Documentation
¶
Index ¶
- Constants
- type Reconciler
- func (r *Reconciler) AddToManager(ctx context.Context, mgr manager.Manager) error
- func (r *Reconciler) MapToMatchingClusterRoles(ctx context.Context, log logr.Logger, reader client.Reader, ...) []reconcile.Request
- func (r *Reconciler) Reconcile(ctx context.Context, request reconcile.Request) (reconcile.Result, error)
- func (r *Reconciler) ServiceAccountPredicate() predicate.Predicate
Constants ¶
const ControllerName = "controllerregistration-extension-clusterrole"
ControllerName is the name of this controller.
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type Reconciler ¶
Reconciler reconciles ClusterRoles for additional extension permissions and creates ClusterRoleBindings for binding extension service accounts to such ClusterRoles.
func (*Reconciler) AddToManager ¶
AddToManager adds Reconciler to the given manager.
func (*Reconciler) MapToMatchingClusterRoles ¶
func (r *Reconciler) MapToMatchingClusterRoles(ctx context.Context, log logr.Logger, reader client.Reader, serviceAccount client.Object) []reconcile.Request
MapToMatchingClusterRoles returns reconcile.Request objects for all ClusterRoles whose service account selector matches the labels of the given service account object.
func (*Reconciler) Reconcile ¶
func (r *Reconciler) Reconcile(ctx context.Context, request reconcile.Request) (reconcile.Result, error)
Reconcile reconciles ClusterRoles. It creates related ClusterRoleBindings or updates their subjects to match ServiceAccounts selected by the ClusterRoles via 'authorization.gardener.cloud/extensions-serviceaccount-selector' annotation.
func (*Reconciler) ServiceAccountPredicate ¶
func (r *Reconciler) ServiceAccountPredicate() predicate.Predicate
ServiceAccountPredicate returns true when the namespace is prefixed with `seed-`.
Source Files