Documentation
¶
Index ¶
- Constants
- Variables
- func GetLegacyOrganization(getter annotation.AnnotationsGetter) string
- func IsDefaultNamespace(ns string) bool
- func IsOrgNamespace(ns string) bool
- func IsProtectedNamespace(ns string) bool
- func Organization(getter rbacLabel.LabelsGetter) string
- func OrganizationName(ns string) string
- func OrganizationReadClusterNamespaceRoleBindingName(organization string) string
- func OrganizationReadClusterRoleName(ns string) string
- func OrganizationReadDefaultCatalogsRoleBindingName(organization string) string
- func OrganizationReadOrganizationClusterRoleBindingName(organization string) string
- func OrganizationReadReleasesClusterRoleBindingName(organization string) string
- func OrganizationWriteClusterNamespaceRoleBindingName(organization string) string
- func ReadAllAutomationSAClusterRoleBindingName() string
- func ReadAllCustomerGroupClusterRoleBindingName() string
- func WriteAllAutomationSARoleBindingName() string
- func WriteAllCustomerGroupRoleBindingName() string
- func WriteAllGSGroupClusterRoleBindingName() string
- func WriteClientCertsAutomationSARoleBindingName() string
- func WriteFluxResourcesAutomationSARoleBindingName() string
- func WriteOrganizationsAutomationSARoleBindingName() string
- func WriteOrganizationsCustomerGroupClusterRoleBindingName() string
- func WriteSilencesAutomationSARoleBindingName() string
- func WriteSilencesAutomationSAinNSRoleBindingName(namespace string) string
Constants ¶
View Source
const ( AutomationServiceAccountName = "automation" ClusterAdminClusterRoleName = "cluster-admin" DefaultReadAllPermissionsName = "read-all" DefaultWriteAllPermissionsName = "write-all" DefaultNamespaceName = "default" NameLabel = "kubernetes.io/metadata.name" FluxCRDRoleBindingName = "flux-crd-controller" FluxNamespaceName = "flux-system" FluxReconcilerRoleBindingName = "flux-namespace-reconciler" ReadClusterNamespaceAppsRoleBinding = "read-in-cluster-ns" ReadClusterNamespaceAppsRole = "read-in-cluster-ns" ReadDefaultCatalogsRole = "read-default-catalogs" ReadReleasesRole = "read-releases" UpstreamFluxCRDClusterRole = "crd-controller" WriteClusterNamespaceAppsRoleBinding = "write-in-cluster-ns" WriteClusterNamespaceAppsRole = "write-in-cluster-ns" WriteOrganizationsPermissionsName = "write-organizations" WriteFluxResourcesPermissionsName = "write-flux-resources" WriteClientCertsPermissionsName = "write-client-certificates" WriteSilencesPermissionsName = "write-silences" )
Variables ¶
View Source
var ( // FluxCrdServiceAccounts Upstream Flux ServiceAccounts which need permissions for // "*.toolkit.fluxcd.io" resources in Organization namespace // see: https://github.com/fluxcd/flux2/blob/main/manifests/rbac/controller.yaml FluxCrdServiceAccounts = []string{ "helm-controller", "image-automation-controller", "image-reflector-controller", "kustomize-controller", "notification-controller", "source-controller", } // FluxReconcilerServiceAccounts Upstream Flux ServiceAccounts which need cluster-admin access to // reconcile resources in Organization namespace // see: https://github.com/fluxcd/flux2/blob/main/manifests/rbac/reconciler.yaml FluxReconcilerServiceAccounts = []string{ "helm-controller", "kustomize-controller", } )
Functions ¶
func GetLegacyOrganization ¶ added in v0.30.1
func GetLegacyOrganization(getter annotation.AnnotationsGetter) string
func IsDefaultNamespace ¶ added in v0.33.0
func IsOrgNamespace ¶
func IsProtectedNamespace ¶ added in v0.40.0
func Organization ¶ added in v0.22.0
func Organization(getter rbacLabel.LabelsGetter) string
func OrganizationName ¶
func OrganizationReadClusterNamespaceRoleBindingName ¶ added in v0.23.0
func OrganizationReadDefaultCatalogsRoleBindingName ¶ added in v0.22.0
func OrganizationReadOrganizationClusterRoleBindingName ¶ added in v0.24.0
func OrganizationReadReleasesClusterRoleBindingName ¶ added in v0.22.0
func OrganizationWriteClusterNamespaceRoleBindingName ¶ added in v0.23.0
func ReadAllAutomationSAClusterRoleBindingName ¶
func ReadAllAutomationSAClusterRoleBindingName() string
func ReadAllCustomerGroupClusterRoleBindingName ¶
func ReadAllCustomerGroupClusterRoleBindingName() string
func WriteAllAutomationSARoleBindingName ¶
func WriteAllAutomationSARoleBindingName() string
func WriteAllCustomerGroupRoleBindingName ¶
func WriteAllCustomerGroupRoleBindingName() string
func WriteAllGSGroupClusterRoleBindingName ¶
func WriteAllGSGroupClusterRoleBindingName() string
func WriteClientCertsAutomationSARoleBindingName ¶ added in v0.18.0
func WriteClientCertsAutomationSARoleBindingName() string
func WriteFluxResourcesAutomationSARoleBindingName ¶ added in v0.17.0
func WriteFluxResourcesAutomationSARoleBindingName() string
func WriteOrganizationsAutomationSARoleBindingName ¶ added in v0.16.0
func WriteOrganizationsAutomationSARoleBindingName() string
func WriteOrganizationsCustomerGroupClusterRoleBindingName ¶ added in v0.14.0
func WriteOrganizationsCustomerGroupClusterRoleBindingName() string
func WriteSilencesAutomationSARoleBindingName ¶ added in v0.18.2
func WriteSilencesAutomationSARoleBindingName() string
func WriteSilencesAutomationSAinNSRoleBindingName ¶ added in v0.30.0
Types ¶
This section is empty.
Source Files
Click to show internal directories.
Click to hide internal directories.