Documentation
¶
Index ¶
- Constants
- func GetBootstrapServiceAccountProjectRoleBindingNames(roleBindings projectRoleBindings) sets.Set[string]
- func GetBuilderServiceAccountProjectRoleBindings(namespace string) rbacv1.RoleBinding
- func GetDeployerServiceAccountProjectRoleBindings(namespace string) rbacv1.RoleBinding
- func GetImagePullerProjectRoleBindings(namespace string) rbacv1.RoleBinding
- func GetRoleBindingsForController(controller string) projectRoleBindings
- type RoleBindingController
Constants ¶
const ( ImagePullerRoleName = "system:image-puller" ImageBuilderRoleName = "system:image-builder" DeployerRoleName = "system:deployer" DeployerRoleBindingName = DeployerRoleName + "s" ImagePullerRoleBindingName = ImagePullerRoleName + "s" ImageBuilderRoleBindingName = ImageBuilderRoleName + "s" BuilderServiceAccountName = "builder" DeployerServiceAccountName = "deployer" )
Variables ¶
This section is empty.
Functions ¶
func GetBuilderServiceAccountProjectRoleBindings ¶
func GetBuilderServiceAccountProjectRoleBindings(namespace string) rbacv1.RoleBinding
GetBuilderServiceAccountProjectRoleBindings generates the role bindings specific to the "builder" service account of given namespace. These should only be created if the "Build" capability is enabled on the cluster.
func GetDeployerServiceAccountProjectRoleBindings ¶
func GetDeployerServiceAccountProjectRoleBindings(namespace string) rbacv1.RoleBinding
GetDeployerServiceAccountProjectRoleBindings generates the role bindings specific to the "builder" service account of given namespace. These should only be created if the "DeploymentConfig" capability is enabled on the cluster.
func GetImagePullerProjectRoleBindings ¶
func GetImagePullerProjectRoleBindings(namespace string) rbacv1.RoleBinding
GetImagePullerProjectRoleBindings generates a role binding that allows all pods to pull ImageStream images associated with given namespace. These should only be created if the "ImageRegistry" capability is enabled on the cluster.
func GetRoleBindingsForController ¶
func GetRoleBindingsForController(controller string) projectRoleBindings
GetRoleBindingsForController returns the appropriate generator function for the given named controller that will reconcile role bindings in a namespace.
Types ¶
type RoleBindingController ¶
type RoleBindingController struct {
// contains filtered or unexported fields
}
RoleBindingController is a controller to combine cluster roles
func NewRoleBindingsController ¶
func NewRoleBindingsController(roleBindingInformer rbacinformers.RoleBindingInformer, namespaceInformer coreinformers.NamespaceInformer, roleBindingClient rbacclient.RoleBindingsGetter, controllerName string) *RoleBindingController
NewRoleBinding creates a new controller
func (*RoleBindingController) Run ¶
func (c *RoleBindingController) Run(workers int, stopCh <-chan struct{})
Run starts the controller and blocks until stopCh is closed.
Source Files