v1

package
v0.2.1-kubernetes.115 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Mar 30, 2021 License: Apache-2.0 Imports: 6 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func APIGroupMatches 

func APIGroupMatches(rule *rbacv1.PolicyRule, requestedGroup string) bool

func CompactString 

func CompactString(r rbacv1.PolicyRule) string

CompactString exposes a compact string representation for use in escalation error messages

func NonResourceURLMatches 

func NonResourceURLMatches(rule *rbacv1.PolicyRule, requestedURL string) bool

func ResourceMatches 

func ResourceMatches(rule *rbacv1.PolicyRule, combinedRequestedResource, requestedSubresource string) bool

func ResourceNameMatches 

func ResourceNameMatches(rule *rbacv1.PolicyRule, requestedName string) bool

func RoleRefGroupKind 

func RoleRefGroupKind(roleRef rbacv1.RoleRef) schema.GroupKind

func String 

func String(r rbacv1.PolicyRule) string

func SubjectsStrings 

func SubjectsStrings(subjects []rbacv1.Subject) ([]string, []string, []string, []string)

subjectsStrings returns users, groups, serviceaccounts, unknown for display purposes.

func VerbMatches 

func VerbMatches(rule *rbacv1.PolicyRule, requestedVerb string) bool

Types

type ClusterRoleBindingBuilder 

type ClusterRoleBindingBuilder struct {
	ClusterRoleBinding rbacv1.ClusterRoleBinding `protobuf:"bytes,1,opt,name=clusterRoleBinding"`
}

ClusterRoleBindingBuilder let's us attach methods. A no-no for API types. We use it to construct bindings in code. It's more compact than trying to write them out in a literal.

func NewClusterBinding 

func NewClusterBinding(clusterRoleName string) *ClusterRoleBindingBuilder

func (*ClusterRoleBindingBuilder) Binding 

func (r *ClusterRoleBindingBuilder) Binding() (rbacv1.ClusterRoleBinding, error)

func (*ClusterRoleBindingBuilder) BindingOrDie 

func (r *ClusterRoleBindingBuilder) BindingOrDie() rbacv1.ClusterRoleBinding

func (*ClusterRoleBindingBuilder) Groups 

func (r *ClusterRoleBindingBuilder) Groups(groups ...string) *ClusterRoleBindingBuilder

func (*ClusterRoleBindingBuilder) SAs 

func (r *ClusterRoleBindingBuilder) SAs(namespace string, serviceAccountNames ...string) *ClusterRoleBindingBuilder

func (*ClusterRoleBindingBuilder) Users 

func (r *ClusterRoleBindingBuilder) Users(users ...string) *ClusterRoleBindingBuilder

type PolicyRuleBuilder 

type PolicyRuleBuilder struct {
	PolicyRule rbacv1.PolicyRule `protobuf:"bytes,1,opt,name=policyRule"`
}

PolicyRuleBuilder let's us attach methods. A no-no for API types. We use it to construct rules in code. It's more compact than trying to write them out in a literal and allows us to perform some basic checking during construction

func NewRule 

func NewRule(verbs ...string) *PolicyRuleBuilder

func (*PolicyRuleBuilder) Groups 

func (r *PolicyRuleBuilder) Groups(groups ...string) *PolicyRuleBuilder

func (*PolicyRuleBuilder) Names 

func (r *PolicyRuleBuilder) Names(names ...string) *PolicyRuleBuilder

func (*PolicyRuleBuilder) Resources 

func (r *PolicyRuleBuilder) Resources(resources ...string) *PolicyRuleBuilder

func (*PolicyRuleBuilder) Rule 

func (r *PolicyRuleBuilder) Rule() (rbacv1.PolicyRule, error)

func (*PolicyRuleBuilder) RuleOrDie 

func (r *PolicyRuleBuilder) RuleOrDie() rbacv1.PolicyRule

func (*PolicyRuleBuilder) URLs 

func (r *PolicyRuleBuilder) URLs(urls ...string) *PolicyRuleBuilder

type RoleBindingBuilder 

type RoleBindingBuilder struct {
	RoleBinding rbacv1.RoleBinding
}

RoleBindingBuilder let's us attach methods. It is similar to ClusterRoleBindingBuilder above.

func NewRoleBinding 

func NewRoleBinding(roleName, namespace string) *RoleBindingBuilder

NewRoleBinding creates a RoleBinding builder that can be used to define the subjects of a role binding. At least one of the `Groups`, `Users` or `SAs` method must be called before calling the `Binding*` methods.

func NewRoleBindingForClusterRole 

func NewRoleBindingForClusterRole(roleName, namespace string) *RoleBindingBuilder

func (*RoleBindingBuilder) Binding 

func (r *RoleBindingBuilder) Binding() (rbacv1.RoleBinding, error)

Binding builds and returns the RoleBinding API object from the builder object.

func (*RoleBindingBuilder) BindingOrDie 

func (r *RoleBindingBuilder) BindingOrDie() rbacv1.RoleBinding

BindingOrDie calls the binding method and panics if there is an error.

func (*RoleBindingBuilder) Groups 

func (r *RoleBindingBuilder) Groups(groups ...string) *RoleBindingBuilder

Groups adds the specified groups as the subjects of the RoleBinding.

func (*RoleBindingBuilder) SAs 

func (r *RoleBindingBuilder) SAs(namespace string, serviceAccountNames ...string) *RoleBindingBuilder

SAs adds the specified service accounts as the subjects of the RoleBinding.

func (*RoleBindingBuilder) Users 

func (r *RoleBindingBuilder) Users(users ...string) *RoleBindingBuilder

Users adds the specified users as the subjects of the RoleBinding.

type SortableRuleSlice 

type SortableRuleSlice []rbacv1.PolicyRule

func (SortableRuleSlice) Len 

func (s SortableRuleSlice) Len() int

func (SortableRuleSlice) Less 

func (s SortableRuleSlice) Less(i, j int) bool

func (SortableRuleSlice) Swap 

func (s SortableRuleSlice) Swap(i, j int)

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.