objects

Documentation

Index

• Constants
• func EnsureRBAC(ctx context.Context, cli client.Client, sesame *operatorv1alpha1.Sesame) error
• func EnsureRBACDeleted(ctx context.Context, cli client.Client, Sesame *operatorv1alpha1.Sesame) error
• func NewUnprivilegedPodSecurity() *corev1.PodSecurityContext
• func TagFromImage(image string) string

Constants

const (
	// SesameRbacName is the name used for Sesame RBAC resources.
	SesameRbacName = "sesame"
	// EnvoyRbacName is the name used for Envoy RBAC resources.
	EnvoyRbacName = "envoy"
	// CertGenRbacName is the name used for Sesame certificate
	// generation RBAC resources.
	CertGenRbacName = "sesame-certgen"
)

Functions

func EnsureRBAC

func EnsureRBAC(ctx context.Context, cli client.Client, sesame *operatorv1alpha1.Sesame) error

EnsureRBAC ensures all the necessary RBAC resources exist for the provided sesame.

func EnsureRBACDeleted

func EnsureRBACDeleted(ctx context.Context, cli client.Client, Sesame *operatorv1alpha1.Sesame) error

EnsureRBACDeleted ensures all the necessary RBAC resources for the provided sesame are deleted if Sesame owner labels exist.

func NewUnprivilegedPodSecurity

func NewUnprivilegedPodSecurity() *corev1.PodSecurityContext

NewUnprivilegedPodSecurity makes a a non-root PodSecurityContext object using 65534 as the user and group ID.

func TagFromImage

func TagFromImage(image string) string

TagFromImage returns the tag from the provided image or an empty string if the image does not contain a tag.