auth

package
v0.1.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Jan 28, 2021 License: Apache-2.0 Imports: 10 Imported by: 0

Documentation

Index

Constants

View Source 
const (
	ResourceResults = "results"
	ResourceRecords = "records"

	PermissionCreate = "create"
	PermissionGet    = "get"
	PermissionList   = "list"
	PermissionDelete = "delete"
	PermissionUpdate = "update"
)

Variables

This section is empty.

Functions

This section is empty.

Types

type AllowAll 

type AllowAll struct{}

AllowAll is an auth check that allows every request, regardless of the params. Useful for testing or cases where you want to disable auth checks.

func (AllowAll) Check 

func (AllowAll) Check(context.Context, string, string, string) error

type Checker 

type Checker interface {
	Check(ctx context.Context, parent, resource, verb string) error
}

Checker handles authentication and authorization checks for an action on a resource.

type RBAC 

type RBAC struct {
	// contains filtered or unexported fields
}

RBAC is a Kubernetes RBAC based auth checker. This uses the Kubernetes TokenReview and SubjectAccessReview APIs to defer auth decisions to the cluster. Users should pass in `token` metadata through the gRPC context. This checks RBAC permissions in the `results.tekton.dev` group, and assumes checks are done at the namespace

func NewRBAC 

func NewRBAC(client kubernetes.Interface) *RBAC

func (*RBAC) Check 

func (r *RBAC) Check(ctx context.Context, namespace, resource, verb string) error

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.