Documentation
¶
Overview ¶
Package rbac contain libraries for generating RBAC manifests from RBAC markers in Go source files.
The markers take the form:
+kubebuilder:rbac:groups=<groups>,resources=<resources>,verbs=<verbs>,urls=<non resource urls>
Index ¶
Constants ¶
This section is empty.
Variables ¶
View Source
var ( // RuleDefinition is a marker for defining RBAC rules. // Call ToRule on the value to get a Kubernetes RBAC policy rule. RuleDefinition = markers.Must(markers.MakeDefinition("kubebuilder:rbac", markers.DescribesPackage, Rule{})) )
Functions ¶
func GenerateClusterRole ¶
func GenerateClusterRole(ctx *genall.GenerationContext, roleName string) (*rbacv1.ClusterRole, error)
GenerateClusterRole generates a rbacv1.ClusterRole object
Types ¶
type Generator ¶ added in v0.2.0
type Generator struct {
// RoleName sets the name of the generated ClusterRole.
RoleName string
}
Generator generates ClusterRole objects.
func (Generator) Generate ¶ added in v0.2.0
func (g Generator) Generate(ctx *genall.GenerationContext) error
func (Generator) Help ¶ added in v0.2.0
func (Generator) Help() *markers.DefinitionHelp
type Rule ¶ added in v0.2.0
type Rule struct {
// Groups specifies the API groups that this rule encompasses.
Groups []string `marker:",optional"`
// Resources specifies the API resources that this rule encompasses.
Resources []string `marker:",optional"`
// Verbs specifies the (lowercase) kubernetes API verbs that this rule encompasses.
Verbs []string
// URL specifies the non-resource URLs that this rule encompasses.
URLs []string `marker:"urls,optional"`
}
Rule specifies an RBAC rule to all access to some resources or non-resource URLs.
func (Rule) Help ¶ added in v0.2.0
func (Rule) Help() *markers.DefinitionHelp
func (*Rule) ToRule ¶ added in v0.2.0
func (r *Rule) ToRule() rbacv1.PolicyRule
ToRule converts this rule to its Kubernetes API form.
Source Files
Click to show internal directories.
Click to hide internal directories.