permissionclaim

package

v0.25.0 Latest Latest Go to latest Published: Aug 26, 2024 License: Apache-2.0 Imports: 14 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/kcp-dev/kcp

Links

Open Source Insights

Documentation ¶

Index ¶

Variables
func InstallIndexers(apiExportInformer apisv1alpha1informers.APIExportClusterInformer)
type Labeler
- func NewLabeler(apiBindingInformer apisv1alpha1informers.APIBindingClusterInformer, ...) *Labeler
- func (l *Labeler) LabelsFor(ctx context.Context, cluster logicalcluster.Name, ...) (map[string]string, error)

Constants ¶

This section is empty.

Variables ¶

View Source

var NonPersistedResourcesClaimable = map[schema.GroupResource]bool{
	authorizationv1.SchemeGroupVersion.WithResource("localsubjectaccessreviews").GroupResource(): true,
	authorizationv1.SchemeGroupVersion.WithResource("selfsubjectaccessreviews").GroupResource():  false,
	authorizationv1.SchemeGroupVersion.WithResource("selfsubjectrulesreviews").GroupResource():   false,
	authorizationv1.SchemeGroupVersion.WithResource("subjectaccessreviews").GroupResource():      true,
	authenticationv1.SchemeGroupVersion.WithResource("selfsubjectreviews").GroupResource():       false,
	authenticationv1.SchemeGroupVersion.WithResource("tokenreviews").GroupResource():             false,
}

NonPersistedResourcesClaimable is a list of resources that are not persisted to etcd, and therefore should not be labeled with permission claims. The value means whether they are claimable or not.

Functions ¶

func InstallIndexers ¶ added in v0.25.0

func InstallIndexers(apiExportInformer apisv1alpha1informers.APIExportClusterInformer)

InstallIndexers adds the additional indexers that this controller requires to the informers.

Types ¶

type Labeler ¶

type Labeler struct {
	// contains filtered or unexported fields
}

Labeler calculates labels to apply to all instances of a cluster-group-resource based on permission claims.

func (*Labeler) LabelsFor ¶

func (l *Labeler) LabelsFor(ctx context.Context, cluster logicalcluster.Name, groupResource schema.GroupResource, resourceName string) (map[string]string, error)

LabelsFor returns all the applicable labels for the cluster-group-resource relating to permission claims. This is the intersection of (1) all APIBindings in the cluster that have accepted claims for the group-resource with (2) associated APIExports that are claiming group-resource.

Source Files ¶

View all Source files

permissionclaim_labeler.go

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL