Documentation ¶
Index ¶
- Constants
- func ValidateFleetMemberClusterUpdate(currentMC, oldMC clusterv1beta1.MemberCluster, req admission.Request, ...) admission.Response
- func ValidateMCIdentity(ctx context.Context, client client.Client, req admission.Request, ...) admission.Response
- func ValidateUserForFleetCRD(req admission.Request, whiteListedUsers []string, group string) admission.Response
- func ValidateUserForResource(req admission.Request, whiteListedUsers []string) admission.Response
- func ValidateV1Alpha1MemberClusterUpdate(currentMC, oldMC fleetv1alpha1.MemberCluster, req admission.Request, ...) admission.Response
- func ValidatedUpstreamMemberClusterUpdate(currentMC, oldMC clusterv1beta1.MemberCluster, req admission.Request, ...) admission.Response
Constants ¶
const ( ResourceAllowedFormat = "user: '%s' in '%s' is allowed to %s resource %+v/%s: %+v" ResourceDeniedFormat = "user: '%s' in '%s' is not allowed to %s resource %+v/%s: %+v" ResourceAllowedGetMCFailed = "user: '%s' in '%s' is allowed to %s resource %+v/%s: %+v because we failed to get MC" )
Variables ¶
This section is empty.
Functions ¶
func ValidateFleetMemberClusterUpdate ¶ added in v0.10.10
func ValidateFleetMemberClusterUpdate(currentMC, oldMC clusterv1beta1.MemberCluster, req admission.Request, whiteListedUsers []string) admission.Response
ValidateFleetMemberClusterUpdate checks to see if user had updated the fleet member cluster resource and allows/denies the request.
func ValidateMCIdentity ¶ added in v0.7.0
func ValidateMCIdentity(ctx context.Context, client client.Client, req admission.Request, mcName string, isFleetV1Beta1API bool) admission.Response
ValidateMCIdentity returns admission allowed/denied based on the member cluster's identity.
func ValidateUserForFleetCRD ¶ added in v0.6.5
func ValidateUserForFleetCRD(req admission.Request, whiteListedUsers []string, group string) admission.Response
ValidateUserForFleetCRD checks to see if user is not allowed to modify fleet CRDs.
func ValidateUserForResource ¶ added in v0.6.5
ValidateUserForResource checks to see if user is allowed to modify argued resource modified by request.
func ValidateV1Alpha1MemberClusterUpdate ¶ added in v0.8.9
func ValidateV1Alpha1MemberClusterUpdate(currentMC, oldMC fleetv1alpha1.MemberCluster, req admission.Request, whiteListedUsers []string) admission.Response
ValidateV1Alpha1MemberClusterUpdate checks to see if user had updated the member cluster resource and allows/denies the request.
func ValidatedUpstreamMemberClusterUpdate ¶ added in v0.10.10
func ValidatedUpstreamMemberClusterUpdate(currentMC, oldMC clusterv1beta1.MemberCluster, req admission.Request, whiteListedUsers []string) admission.Response
ValidatedUpstreamMemberClusterUpdate checks to see if user had updated the upstream member cluster resource and allows/denies the request.
Types ¶
This section is empty.