reconciliation

package
v0.0.0-...-4f3658d Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Jun 10, 2020 License: Apache-2.0 Imports: 9 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

This section is empty.

Types

type ClusterRoleBindingAdapter

type ClusterRoleBindingAdapter struct {
	ClusterRoleBinding *rbac.ClusterRoleBinding
}

func (ClusterRoleBindingAdapter) GetAnnotations

func (o ClusterRoleBindingAdapter) GetAnnotations() map[string]string

func (ClusterRoleBindingAdapter) GetLabels

func (o ClusterRoleBindingAdapter) GetLabels() map[string]string

func (ClusterRoleBindingAdapter) GetName

func (o ClusterRoleBindingAdapter) GetName() string

func (ClusterRoleBindingAdapter) GetNamespace

func (o ClusterRoleBindingAdapter) GetNamespace() string

func (ClusterRoleBindingAdapter) GetRoleRef

func (o ClusterRoleBindingAdapter) GetRoleRef() rbac.RoleRef

func (ClusterRoleBindingAdapter) GetSubjects

func (o ClusterRoleBindingAdapter) GetSubjects() []rbac.Subject

func (ClusterRoleBindingAdapter) GetUID

func (o ClusterRoleBindingAdapter) GetUID() types.UID

func (ClusterRoleBindingAdapter) SetAnnotations

func (o ClusterRoleBindingAdapter) SetAnnotations(in map[string]string)

func (ClusterRoleBindingAdapter) SetLabels

func (o ClusterRoleBindingAdapter) SetLabels(in map[string]string)

func (ClusterRoleBindingAdapter) SetSubjects

func (o ClusterRoleBindingAdapter) SetSubjects(in []rbac.Subject)

type ClusterRoleBindingClientAdapter

type ClusterRoleBindingClientAdapter struct {
	Client internalversion.ClusterRoleBindingInterface
}

func (ClusterRoleBindingClientAdapter) Create

func (ClusterRoleBindingClientAdapter) Delete

func (c ClusterRoleBindingClientAdapter) Delete(namespace, name string, uid types.UID) error

func (ClusterRoleBindingClientAdapter) Get

func (c ClusterRoleBindingClientAdapter) Get(namespace, name string) (RoleBinding, error)

func (ClusterRoleBindingClientAdapter) Update

type ClusterRoleModifier

type ClusterRoleModifier struct {
	Client internalversion.ClusterRoleInterface
}

func (ClusterRoleModifier) Create

func (c ClusterRoleModifier) Create(in RuleOwner) (RuleOwner, error)

func (ClusterRoleModifier) Get

func (c ClusterRoleModifier) Get(namespace, name string) (RuleOwner, error)

func (ClusterRoleModifier) Update

func (c ClusterRoleModifier) Update(in RuleOwner) (RuleOwner, error)

type ClusterRoleRuleOwner

type ClusterRoleRuleOwner struct {
	ClusterRole *rbac.ClusterRole
}

func (ClusterRoleRuleOwner) GetAnnotations

func (o ClusterRoleRuleOwner) GetAnnotations() map[string]string

func (ClusterRoleRuleOwner) GetLabels

func (o ClusterRoleRuleOwner) GetLabels() map[string]string

func (ClusterRoleRuleOwner) GetName

func (o ClusterRoleRuleOwner) GetName() string

func (ClusterRoleRuleOwner) GetNamespace

func (o ClusterRoleRuleOwner) GetNamespace() string

func (ClusterRoleRuleOwner) GetRules

func (o ClusterRoleRuleOwner) GetRules() []rbac.PolicyRule

func (ClusterRoleRuleOwner) SetAnnotations

func (o ClusterRoleRuleOwner) SetAnnotations(in map[string]string)

func (ClusterRoleRuleOwner) SetLabels

func (o ClusterRoleRuleOwner) SetLabels(in map[string]string)

func (ClusterRoleRuleOwner) SetRules

func (o ClusterRoleRuleOwner) SetRules(in []rbac.PolicyRule)

type ReconcileClusterRoleBindingResult

type ReconcileClusterRoleBindingResult struct {
	// RoleBinding is the reconciled rolebinding from the reconciliation operation.
	// If the reconcile was performed as a dry-run, or the existing rolebinding was protected, the reconciled rolebinding is not persisted.
	RoleBinding RoleBinding

	// MissingSubjects contains expected subjects that were missing from the currently persisted rolebinding
	MissingSubjects []rbac.Subject
	// ExtraSubjects contains extra subjects the currently persisted rolebinding had
	ExtraSubjects []rbac.Subject

	// Operation is the API operation required to reconcile.
	// If no reconciliation was needed, it is set to ReconcileNone.
	// If options.Confirm == false, the reconcile was in dry-run mode, so the operation was not performed.
	// If result.Protected == true, the rolebinding opted out of reconciliation, so the operation was not performed.
	// Otherwise, the operation was performed.
	Operation ReconcileOperation
	// Protected indicates an existing role prevented reconciliation
	Protected bool
}

ReconcileClusterRoleBindingResult holds the result of a reconciliation operation.

type ReconcileClusterRoleResult

type ReconcileClusterRoleResult struct {
	// Role is the reconciled role from the reconciliation operation.
	// If the reconcile was performed as a dry-run, or the existing role was protected, the reconciled role is not persisted.
	Role RuleOwner

	// MissingRules contains expected rules that were missing from the currently persisted role
	MissingRules []rbac.PolicyRule
	// ExtraRules contains extra permissions the currently persisted role had
	ExtraRules []rbac.PolicyRule

	// Operation is the API operation required to reconcile.
	// If no reconciliation was needed, it is set to ReconcileNone.
	// If options.Confirm == false, the reconcile was in dry-run mode, so the operation was not performed.
	// If result.Protected == true, the role opted out of reconciliation, so the operation was not performed.
	// Otherwise, the operation was performed.
	Operation ReconcileOperation
	// Protected indicates an existing role prevented reconciliation
	Protected bool
}

type ReconcileOperation

type ReconcileOperation string
var (
	ReconcileCreate   ReconcileOperation = "create"
	ReconcileUpdate   ReconcileOperation = "update"
	ReconcileRecreate ReconcileOperation = "recreate"
	ReconcileNone     ReconcileOperation = "none"
)

type ReconcileRoleBindingOptions

type ReconcileRoleBindingOptions struct {
	// RoleBinding is the expected rolebinding that will be reconciled
	RoleBinding RoleBinding
	// Confirm indicates writes should be performed. When false, results are returned as a dry-run.
	Confirm bool
	// RemoveExtraSubjects indicates reconciliation should remove extra subjects from an existing role binding
	RemoveExtraSubjects bool
	// Client is used to look up existing rolebindings, and create/update the rolebinding when Confirm=true
	Client RoleBindingModifier
}

ReconcileRoleBindingOptions holds options for running a role binding reconciliation

func (*ReconcileRoleBindingOptions) Run

type ReconcileRoleOptions

type ReconcileRoleOptions struct {
	// Role is the expected role that will be reconciled
	Role RuleOwner
	// Confirm indicates writes should be performed. When false, results are returned as a dry-run.
	Confirm bool
	// RemoveExtraPermissions indicates reconciliation should remove extra permissions from an existing role
	RemoveExtraPermissions bool
	// Client is used to look up existing roles, and create/update the role when Confirm=true
	Client RuleOwnerModifier
}

func (*ReconcileRoleOptions) Run

type RoleBinding

type RoleBinding interface {
	GetNamespace() string
	GetName() string
	GetUID() types.UID
	GetLabels() map[string]string
	SetLabels(map[string]string)
	GetAnnotations() map[string]string
	SetAnnotations(map[string]string)
	GetRoleRef() rbac.RoleRef
	GetSubjects() []rbac.Subject
	SetSubjects([]rbac.Subject)
}

type RoleBindingAdapter

type RoleBindingAdapter struct {
	RoleBinding *rbac.RoleBinding
}

func (RoleBindingAdapter) GetAnnotations

func (o RoleBindingAdapter) GetAnnotations() map[string]string

func (RoleBindingAdapter) GetLabels

func (o RoleBindingAdapter) GetLabels() map[string]string

func (RoleBindingAdapter) GetName

func (o RoleBindingAdapter) GetName() string

func (RoleBindingAdapter) GetNamespace

func (o RoleBindingAdapter) GetNamespace() string

func (RoleBindingAdapter) GetRoleRef

func (o RoleBindingAdapter) GetRoleRef() rbac.RoleRef

func (RoleBindingAdapter) GetSubjects

func (o RoleBindingAdapter) GetSubjects() []rbac.Subject

func (RoleBindingAdapter) GetUID

func (o RoleBindingAdapter) GetUID() types.UID

func (RoleBindingAdapter) SetAnnotations

func (o RoleBindingAdapter) SetAnnotations(in map[string]string)

func (RoleBindingAdapter) SetLabels

func (o RoleBindingAdapter) SetLabels(in map[string]string)

func (RoleBindingAdapter) SetSubjects

func (o RoleBindingAdapter) SetSubjects(in []rbac.Subject)

type RoleBindingClientAdapter

type RoleBindingClientAdapter struct {
	Client internalversion.RoleBindingsGetter
}

func (RoleBindingClientAdapter) Create

func (RoleBindingClientAdapter) Delete

func (c RoleBindingClientAdapter) Delete(namespace, name string, uid types.UID) error

func (RoleBindingClientAdapter) Get

func (c RoleBindingClientAdapter) Get(namespace, name string) (RoleBinding, error)

func (RoleBindingClientAdapter) Update

type RoleBindingModifier

type RoleBindingModifier interface {
	Get(namespace, name string) (RoleBinding, error)
	Delete(namespace, name string, uid types.UID) error
	Create(RoleBinding) (RoleBinding, error)
	Update(RoleBinding) (RoleBinding, error)
}

type RoleModifier

type RoleModifier struct {
	Client internalversion.RolesGetter
}

func (RoleModifier) Create

func (c RoleModifier) Create(in RuleOwner) (RuleOwner, error)

func (RoleModifier) Get

func (c RoleModifier) Get(namespace, name string) (RuleOwner, error)

func (RoleModifier) Update

func (c RoleModifier) Update(in RuleOwner) (RuleOwner, error)

type RoleRuleOwner

type RoleRuleOwner struct {
	Role *rbac.Role
}

func (RoleRuleOwner) GetAnnotations

func (o RoleRuleOwner) GetAnnotations() map[string]string

func (RoleRuleOwner) GetLabels

func (o RoleRuleOwner) GetLabels() map[string]string

func (RoleRuleOwner) GetName

func (o RoleRuleOwner) GetName() string

func (RoleRuleOwner) GetNamespace

func (o RoleRuleOwner) GetNamespace() string

func (RoleRuleOwner) GetRules

func (o RoleRuleOwner) GetRules() []rbac.PolicyRule

func (RoleRuleOwner) SetAnnotations

func (o RoleRuleOwner) SetAnnotations(in map[string]string)

func (RoleRuleOwner) SetLabels

func (o RoleRuleOwner) SetLabels(in map[string]string)

func (RoleRuleOwner) SetRules

func (o RoleRuleOwner) SetRules(in []rbac.PolicyRule)

type RuleOwner

type RuleOwner interface {
	GetNamespace() string
	GetName() string
	GetLabels() map[string]string
	SetLabels(map[string]string)
	GetAnnotations() map[string]string
	SetAnnotations(map[string]string)
	GetRules() []rbac.PolicyRule
	SetRules([]rbac.PolicyRule)
}

type RuleOwnerModifier

type RuleOwnerModifier interface {
	Get(namespace, name string) (RuleOwner, error)
	Create(RuleOwner) (RuleOwner, error)
	Update(RuleOwner) (RuleOwner, error)
}

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL