v1

package
v0.2.3 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Apr 19, 2021 License: Apache-2.0 Imports: 6 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func APIGroupMatches

func APIGroupMatches(rule *rbacv1.PolicyRule, requestedGroup string) bool

func CompactString

func CompactString(r rbacv1.PolicyRule) string

CompactString exposes a compact string representation for use in escalation error messages

func NonResourceURLMatches

func NonResourceURLMatches(rule *rbacv1.PolicyRule, requestedURL string) bool

func ResourceMatches

func ResourceMatches(rule *rbacv1.PolicyRule, combinedRequestedResource, requestedSubresource string) bool

func ResourceNameMatches

func ResourceNameMatches(rule *rbacv1.PolicyRule, requestedName string) bool

func RoleRefGroupKind

func RoleRefGroupKind(roleRef rbacv1.RoleRef) schema.GroupKind

func String

func String(r rbacv1.PolicyRule) string

func SubjectsStrings

func SubjectsStrings(subjects []rbacv1.Subject) ([]string, []string, []string, []string)

subjectsStrings returns users, groups, serviceaccounts, unknown for display purposes.

func VerbMatches

func VerbMatches(rule *rbacv1.PolicyRule, requestedVerb string) bool

Types

type ClusterRoleBindingBuilder

type ClusterRoleBindingBuilder struct {
	ClusterRoleBinding rbacv1.ClusterRoleBinding `protobuf:"bytes,1,opt,name=clusterRoleBinding"`
}

ClusterRoleBindingBuilder let's us attach methods. A no-no for API types. We use it to construct bindings in code. It's more compact than trying to write them out in a literal.

func NewClusterBinding

func NewClusterBinding(clusterRoleName string) *ClusterRoleBindingBuilder

func (*ClusterRoleBindingBuilder) Binding

func (*ClusterRoleBindingBuilder) BindingOrDie

func (*ClusterRoleBindingBuilder) Groups

func (*ClusterRoleBindingBuilder) SAs

func (r *ClusterRoleBindingBuilder) SAs(namespace string, serviceAccountNames ...string) *ClusterRoleBindingBuilder

func (*ClusterRoleBindingBuilder) Users

type PolicyRuleBuilder

type PolicyRuleBuilder struct {
	PolicyRule rbacv1.PolicyRule `protobuf:"bytes,1,opt,name=policyRule"`
}

PolicyRuleBuilder let's us attach methods. A no-no for API types. We use it to construct rules in code. It's more compact than trying to write them out in a literal and allows us to perform some basic checking during construction

func NewRule

func NewRule(verbs ...string) *PolicyRuleBuilder

func (*PolicyRuleBuilder) Groups

func (r *PolicyRuleBuilder) Groups(groups ...string) *PolicyRuleBuilder

func (*PolicyRuleBuilder) Names

func (r *PolicyRuleBuilder) Names(names ...string) *PolicyRuleBuilder

func (*PolicyRuleBuilder) Resources

func (r *PolicyRuleBuilder) Resources(resources ...string) *PolicyRuleBuilder

func (*PolicyRuleBuilder) Rule

func (*PolicyRuleBuilder) RuleOrDie

func (r *PolicyRuleBuilder) RuleOrDie() rbacv1.PolicyRule

func (*PolicyRuleBuilder) URLs

func (r *PolicyRuleBuilder) URLs(urls ...string) *PolicyRuleBuilder

type RoleBindingBuilder

type RoleBindingBuilder struct {
	RoleBinding rbacv1.RoleBinding
}

RoleBindingBuilder let's us attach methods. It is similar to ClusterRoleBindingBuilder above.

func NewRoleBinding

func NewRoleBinding(roleName, namespace string) *RoleBindingBuilder

NewRoleBinding creates a RoleBinding builder that can be used to define the subjects of a role binding. At least one of the `Groups`, `Users` or `SAs` method must be called before calling the `Binding*` methods.

func NewRoleBindingForClusterRole

func NewRoleBindingForClusterRole(roleName, namespace string) *RoleBindingBuilder

func (*RoleBindingBuilder) Binding

func (r *RoleBindingBuilder) Binding() (rbacv1.RoleBinding, error)

Binding builds and returns the RoleBinding API object from the builder object.

func (*RoleBindingBuilder) BindingOrDie

func (r *RoleBindingBuilder) BindingOrDie() rbacv1.RoleBinding

BindingOrDie calls the binding method and panics if there is an error.

func (*RoleBindingBuilder) Groups

func (r *RoleBindingBuilder) Groups(groups ...string) *RoleBindingBuilder

Groups adds the specified groups as the subjects of the RoleBinding.

func (*RoleBindingBuilder) SAs

func (r *RoleBindingBuilder) SAs(namespace string, serviceAccountNames ...string) *RoleBindingBuilder

SAs adds the specified service accounts as the subjects of the RoleBinding.

func (*RoleBindingBuilder) Users

func (r *RoleBindingBuilder) Users(users ...string) *RoleBindingBuilder

Users adds the specified users as the subjects of the RoleBinding.

type SortableRuleSlice

type SortableRuleSlice []rbacv1.PolicyRule

func (SortableRuleSlice) Len

func (s SortableRuleSlice) Len() int

func (SortableRuleSlice) Less

func (s SortableRuleSlice) Less(i, j int) bool

func (SortableRuleSlice) Swap

func (s SortableRuleSlice) Swap(i, j int)

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL