Documentation ¶
Index ¶
- Constants
- func ISO8601(t time.Time) string
- func NewAllOpenShiftGroupLister(blacklist []string, ldapURL string, groupClient userv1client.GroupInterface) interfaces.LDAPGroupListerNameMapper
- func NewEntryAttributeGroupNameMapper(nameAttribute []string, groupGetter interfaces.LDAPGroupGetter) interfaces.LDAPGroupNameMapper
- func NewLDAPBlacklistGroupLister(blacklist []string, baseLister interfaces.LDAPGroupLister) interfaces.LDAPGroupLister
- func NewLDAPWhitelistGroupLister(whitelist []string) interfaces.LDAPGroupLister
- func NewOpenShiftGroupLister(whitelist, blacklist []string, ldapURL string, ...) interfaces.LDAPGroupListerNameMapper
- func NewUserDefinedGroupNameMapper(mapping map[string]string) interfaces.LDAPGroupNameMapper
- func NewUserNameMapper(nameAttributes []string) interfaces.LDAPUserNameMapper
- type DNLDAPGroupNameMapper
- type DefaultLDAPUserNameMapper
- type EntryAttributeLDAPGroupNameMapper
- type GroupPruner
- type GroupSyncer
- type LDAPGroupPruner
- type LDAPGroupSyncer
- type UnionGroupNameMapper
- type UserDefinedLDAPGroupNameMapper
Constants ¶
const ( // LDAPHostLabel is the Label value that stores the host of the LDAP server // TODO: we don't store port here because labels don't allow for colons. We might want to add this back // with a different separator LDAPHostLabel string = "openshift.io/ldap.host" // LDAPURLAnnotation is the Annotation value that stores the host:port of the LDAP server LDAPURLAnnotation string = "openshift.io/ldap.url" // LDAPUIDAnnotation is the Annotation value that stores the corresponding LDAP group UID for the Group LDAPUIDAnnotation string = "openshift.io/ldap.uid" // LDAPSyncTime is the Annotation value that stores the last time this Group was synced with LDAP LDAPSyncTimeAnnotation string = "openshift.io/ldap.sync-time" )
These constants contain values for annotations and labels affixed to Groups by the LDAP sync job
Variables ¶
This section is empty.
Functions ¶
func NewAllOpenShiftGroupLister ¶
func NewAllOpenShiftGroupLister(blacklist []string, ldapURL string, groupClient userv1client.GroupInterface) interfaces.LDAPGroupListerNameMapper
NewAllOpenShiftGroupLister returns a new allOpenShiftGroupLister
func NewEntryAttributeGroupNameMapper ¶
func NewEntryAttributeGroupNameMapper(nameAttribute []string, groupGetter interfaces.LDAPGroupGetter) interfaces.LDAPGroupNameMapper
NewEntryAttributeGroupNameMapper returns a new EntryAttributeLDAPGroupNameMapper
func NewLDAPBlacklistGroupLister ¶
func NewLDAPBlacklistGroupLister(blacklist []string, baseLister interfaces.LDAPGroupLister) interfaces.LDAPGroupLister
NewLDAPBlacklistGroupLister filters out the blacklisted names from the base lister
func NewLDAPWhitelistGroupLister ¶
func NewLDAPWhitelistGroupLister(whitelist []string) interfaces.LDAPGroupLister
NewLDAPWhitelistGroupLister returns a new whitelistLDAPGroupLister that divulges the given whitelist of LDAP group unique identifiers
func NewOpenShiftGroupLister ¶
func NewOpenShiftGroupLister(whitelist, blacklist []string, ldapURL string, client userv1client.GroupInterface) interfaces.LDAPGroupListerNameMapper
NewOpenShiftGroupLister returns a new openshiftGroupLister that divulges the LDAP group unique identifier for each entry in the given whitelist of OpenShift Group names
func NewUserDefinedGroupNameMapper ¶
func NewUserDefinedGroupNameMapper(mapping map[string]string) interfaces.LDAPGroupNameMapper
NewUserDefinedGroupNameMapper returns a new UserDefinedLDAPGroupNameMapper which maps a ldapGroupUID representing an LDAP group to the OpenShift Group name for the resource
func NewUserNameMapper ¶
func NewUserNameMapper(nameAttributes []string) interfaces.LDAPUserNameMapper
NewUserNameMapper returns a new DefaultLDAPGroupUserNameMapper
Types ¶
type DNLDAPGroupNameMapper ¶
type DNLDAPGroupNameMapper struct{}
DNLDAPGroupNameMapper passes through the ldapGroupUID as the OpenShift group name
func (*DNLDAPGroupNameMapper) GroupNameFor ¶
func (m *DNLDAPGroupNameMapper) GroupNameFor(ldapGroupUID string) (string, error)
type DefaultLDAPUserNameMapper ¶
type DefaultLDAPUserNameMapper struct {
// contains filtered or unexported fields
}
DefaultLDAPUserNameMapper extracts the OpenShift User name of an LDAP entry representing a user in a deterministic manner
func (*DefaultLDAPUserNameMapper) UserNameFor ¶
func (m *DefaultLDAPUserNameMapper) UserNameFor(ldapUser *ldap.Entry) (string, error)
type EntryAttributeLDAPGroupNameMapper ¶
type EntryAttributeLDAPGroupNameMapper struct {
// contains filtered or unexported fields
}
EntryAttributeLDAPGroupNameMapper references the name attribute mapping to determine which attribute of a first-class LDAP group entry should be used as the OpenShift Group name for the resource
func (*EntryAttributeLDAPGroupNameMapper) GroupNameFor ¶
func (m *EntryAttributeLDAPGroupNameMapper) GroupNameFor(ldapGroupUID string) (string, error)
type GroupPruner ¶
type GroupPruner interface {
Prune() (errors []error)
}
GroupPruner runs a prune job on Groups
type GroupSyncer ¶
type GroupSyncer interface { // Sync syncs groups in OpenShift with records from an external source Sync() (groupsAffected []*userv1.Group, errors []error) }
GroupSyncer runs a Sync job on Groups
type LDAPGroupPruner ¶
type LDAPGroupPruner struct { // Lists all groups to be synced GroupLister interfaces.LDAPGroupLister // Fetches a group and extracts object metainformation and membership list from a group GroupDetector interfaces.LDAPGroupDetector // Maps an LDAP group enrty to an OpenShift Group's Name GroupNameMapper interfaces.LDAPGroupNameMapper // Allows the Pruner to search for OpenShift Groups GroupClient userv1client.GroupInterface // Host stores the address:port of the LDAP server Host string // DryRun indicates that no changes should be made. DryRun bool // Out is used to provide output while the sync job is happening Out io.Writer Err io.Writer }
LDAPGroupPruner prunes Groups referencing records on an external LDAP server
func (*LDAPGroupPruner) Prune ¶
func (s *LDAPGroupPruner) Prune() []error
Prune allows the LDAPGroupPruner to be a GroupPruner
type LDAPGroupSyncer ¶
type LDAPGroupSyncer struct { // Lists all groups to be synced GroupLister interfaces.LDAPGroupLister // Fetches a group and extracts object metainformation and membership list from a group GroupMemberExtractor interfaces.LDAPMemberExtractor // Maps an LDAP user entry to an OpenShift User's Name UserNameMapper interfaces.LDAPUserNameMapper // Maps an LDAP group enrty to an OpenShift Group's Name GroupNameMapper interfaces.LDAPGroupNameMapper // Allows the Syncer to search for OpenShift Groups GroupClient userv1client.GroupInterface // Host stores the address:port of the LDAP server Host string // DryRun indicates that no changes should be made. DryRun bool // Out is used to provide output while the sync job is happening Out io.Writer Err io.Writer }
LDAPGroupSyncer sync Groups with records on an external LDAP server
type UnionGroupNameMapper ¶
type UnionGroupNameMapper struct {
GroupNameMappers []interfaces.LDAPGroupNameMapper
}
func (*UnionGroupNameMapper) GroupNameFor ¶
func (m *UnionGroupNameMapper) GroupNameFor(ldapGroupUID string) (string, error)
type UserDefinedLDAPGroupNameMapper ¶
type UserDefinedLDAPGroupNameMapper struct {
// contains filtered or unexported fields
}
UserDefinedLDAPGroupNameMapper maps a ldapGroupUID representing an LDAP group to the OpenShift Group name for the resource by using a pre-defined mapping of ldapGroupUID to name (e.g. from a file)
func (*UserDefinedLDAPGroupNameMapper) GroupNameFor ¶
func (m *UserDefinedLDAPGroupNameMapper) GroupNameFor(ldapGroupUID string) (string, error)