kubectl

package
v0.17.0-rc.3 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Jan 9, 2023 License: MIT Imports: 10 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

View Source 
var (
	// ErrVerbNotSupported is returned when the verb is not supported for the resource.
	ErrVerbNotSupported = errors.New("verb not supported")

	// ErrResourceNotFound is returned when the resource is not found on the server.
	ErrResourceNotFound = errors.New("resource not found")
)

Functions

This section is empty.

Types

type Checker 

type Checker struct {
	// contains filtered or unexported fields
}

Checker provides helper functionality to check whether a given kubectl verb and resource are allowed.

func NewChecker 

func NewChecker(resourceVariants ResourceVariantsFunc) *Checker

NewChecker returns a new Checker instance.

func (*Checker) IsResourceAllowedInNs 

func (c *Checker) IsResourceAllowedInNs(config EnabledKubectl, resource string) bool

IsResourceAllowedInNs returns true if resource was found in a given config.

func (*Checker) IsVerbAllowedInNs 

func (c *Checker) IsVerbAllowedInNs(config EnabledKubectl, verb string) bool

IsVerbAllowedInNs returns true if verb was found in a given config.

type CmdGuard added in v0.15.0 

type CmdGuard interface {
	GetServerResourceMap() (map[string]metav1.APIResource, error)
	GetResourceDetailsFromMap(selectedVerb, resourceType string, resMap map[string]metav1.APIResource) (Resource, error)
}

CmdGuard is responsible for guarding kubectl commands.

type Command added in v0.15.0 

type Command struct {
	Name string
	Cmd  string
}

Command defines a command that is executed by the app.

type CommandGuard added in v0.15.0 

type CommandGuard struct {
	// contains filtered or unexported fields
}

CommandGuard is responsible for getting allowed resources for a given command.

func NewCommandGuard added in v0.15.0 

func NewCommandGuard(log logrus.FieldLogger, discoveryCli K8sDiscoveryInterface) *CommandGuard

NewCommandGuard creates a new CommandGuard instance.

func (*CommandGuard) FilterSupportedVerbs added in v0.15.0 

func (g *CommandGuard) FilterSupportedVerbs(allVerbs []string) []string

FilterSupportedVerbs filters out unsupported verbs by the interactive commands.

func (*CommandGuard) GetAllowedResourcesForVerb added in v0.15.0 

func (g *CommandGuard) GetAllowedResourcesForVerb(verb string, allConfiguredResources []string) ([]Resource, error)

GetAllowedResourcesForVerb returns a list of allowed resources for a given verb.

func (*CommandGuard) GetResourceDetails added in v0.15.0 

func (g *CommandGuard) GetResourceDetails(selectedVerb, resourceType string) (Resource, error)

GetResourceDetails returns a Resource struct for a given resource type and verb.

func (*CommandGuard) GetResourceDetailsFromMap added in v0.15.0 

func (g *CommandGuard) GetResourceDetailsFromMap(selectedVerb, resourceType string, resMap map[string]v1.APIResource) (Resource, error)

GetResourceDetailsFromMap returns a Resource struct for a given resource type and verb based on the server resource map.

func (*CommandGuard) GetServerResourceMap added in v0.15.0 

func (g *CommandGuard) GetServerResourceMap() (map[string]v1.APIResource, error)

GetServerResourceMap returns a map of all resources available on the server. LIMITATION: This method ignores second occurrences of the same resource name.

type Commander added in v0.15.0 

type Commander struct {
	// contains filtered or unexported fields
}

Commander is responsible for generating kubectl commands for the given event.

func NewCommander added in v0.15.0 

func NewCommander(log logrus.FieldLogger, merger EnabledKubectlMerger, guard CmdGuard) *Commander

NewCommander creates a new Commander instance.

func (*Commander) GetCommandsForEvent added in v0.15.0 

func (c *Commander) GetCommandsForEvent(event event.Event, executorBindings []string) ([]Command, error)

GetCommandsForEvent returns a list of commands for the given event based on the executor bindings.

type EnabledKubectl 

type EnabledKubectl struct {
	AllowedKubectlVerb     map[string]struct{}
	AllowedKubectlResource map[string]struct{}

	AllowedNamespacesPerResource map[string]config.Namespaces

	DefaultNamespace string
	RestrictAccess   bool
}

EnabledKubectl configuration for executing commands inside cluster

type EnabledKubectlMerger added in v0.15.0 

type EnabledKubectlMerger interface {
	MergeForNamespace(includeBindings []string, forNamespace string) EnabledKubectl
}

EnabledKubectlMerger is responsible for merging enabled kubectl commands for the given namespace.

type K8sDiscoveryInterface added in v0.15.0 

type K8sDiscoveryInterface interface {
	ServerPreferredResources() ([]*v1.APIResourceList, error)
}

K8sDiscoveryInterface describes an interface for getting K8s server resources.

type Merger 

type Merger struct {
	// contains filtered or unexported fields
}

Merger provides functionality to merge multiple bindings associated with the kubectl executor.

func NewMerger 

func NewMerger(executors map[string]config.Executors) *Merger

NewMerger returns a new Merger instance.

func (*Merger) GetAllEnabled 

func (kc *Merger) GetAllEnabled(includeBindings []string) map[string]config.Kubectl

GetAllEnabled returns the collection of enabled kubectl executors for a given list of bindings without merging them.

func (*Merger) IsAtLeastOneEnabled 

func (kc *Merger) IsAtLeastOneEnabled() bool

IsAtLeastOneEnabled returns true if at least one kubectl executor is enabled.

func (*Merger) MergeAllEnabled 

func (kc *Merger) MergeAllEnabled(includeBindings []string) EnabledKubectl

MergeAllEnabled returns kubectl configuration for all kubectl configs.

func (*Merger) MergeForNamespace 

func (kc *Merger) MergeForNamespace(includeBindings []string, forNamespace string) EnabledKubectl

MergeForNamespace returns kubectl configuration for a given set of bindings.

It merges entries only if a given Namespace is matched.

  • kubectl.commands.verbs - strategy append
  • kubectl.commands.resources - strategy append
  • kubectl.defaultNamespace - strategy override (if not empty)
  • kubectl.restrictAccess - strategy override (if not empty)

The order of merging is the same as the order of items specified in the includeBindings list.

type Resource added in v0.15.0 

type Resource struct {
	// Name is always plural, e.g. "pods".
	Name       string
	Namespaced bool

	// SlashSeparatedInCommand indicates if the resource name should be separated with a slash in the command.
	// So, instead of `kubectl logs pods <name>` it should be `kubectl logs pods/<name>`.
	SlashSeparatedInCommand bool
}

Resource represents a Kubernetes resource.

type ResourceNormalizer 

type ResourceNormalizer struct {
	// contains filtered or unexported fields
}

ResourceNormalizer contains helper maps to normalize the resource name specified in the kubectl command.

func NewResourceNormalizer 

func NewResourceNormalizer(log logrus.FieldLogger, discoveryCli discovery.DiscoveryInterface) (ResourceNormalizer, error)

NewResourceNormalizer returns new ResourceNormalizer instance.

func (ResourceNormalizer) Normalize 

func (r ResourceNormalizer) Normalize(in string) []string

Normalize returns list with alternative names for a given input resource.

type ResourceVariantsFunc 

type ResourceVariantsFunc func(resource string) []string

ResourceVariantsFunc returns list of alternative namings for a given resource.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.