Documentation
¶
Index ¶
Constants ¶
This section is empty.
Variables ¶
var ( ErrorProcessRoleRule = errors.New("error processing role rule") ErrorProcessRoleRuleField = errors.New("error processing role rule field") )
Functions ¶
This section is empty.
Types ¶
type RoleRule ¶
type RoleRule struct { Groups RoleRuleField Resources RoleRuleField Verbs RoleRuleField URLs RoleRuleField }
RoleRule contains the info needed to create the kubebuilder:rbac markers in the controller when a resource that is of a role or clusterrole type is found. This is because the underlying controller needs the same permissions for the role or clusterrole that it is attempting to manage.
type RoleRuleField ¶
type RoleRuleField []string
type Rules ¶
type Rules []Rule
func ForResource ¶
func ForResource(manifest *unstructured.Unstructured) (*Rules, error)
ForResource will return a set of rules for a particular kubernetes resource. This includes a rule for the resource itself, in addition to adding particular rules for whatever roles and cluster roles are requesting. This is because the controller needs to have permissions to manage the children that roles and cluster roles are requesting.
func ForWorkloads ¶
func ForWorkloads(workloads ...rbacWorkloadProcessor) *Rules
ForWorkloads will return a set of rules for a particular set of workloads. It should be noted that this only returns the specific rules for the actual workload and not the managed resources. See ForManifest for details on the rules for a particular manifest.