reconciliation

package
v1.14.9 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Nov 9, 2019 License: Apache-2.0 Imports: 13 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

This section is empty.

Types

type ClusterRoleBindingAdapter 

type ClusterRoleBindingAdapter struct {
	ClusterRoleBinding *rbacv1.ClusterRoleBinding
}

+k8s:deepcopy-gen=true +k8s:deepcopy-gen:interfaces=k8s.io/kubernetes/pkg/registry/rbac/reconciliation.RoleBinding +k8s:deepcopy-gen:nonpointer-interfaces=true

func (*ClusterRoleBindingAdapter) DeepCopy added in v1.8.0 

func (in *ClusterRoleBindingAdapter) DeepCopy() *ClusterRoleBindingAdapter

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ClusterRoleBindingAdapter.

func (*ClusterRoleBindingAdapter) DeepCopyInto added in v1.8.0 

func (in *ClusterRoleBindingAdapter) DeepCopyInto(out *ClusterRoleBindingAdapter)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (ClusterRoleBindingAdapter) DeepCopyRoleBinding added in v1.8.0 

func (in ClusterRoleBindingAdapter) DeepCopyRoleBinding() RoleBinding

DeepCopyRoleBinding is an autogenerated deepcopy function, copying the receiver, creating a new RoleBinding.

func (ClusterRoleBindingAdapter) GetAnnotations 

func (o ClusterRoleBindingAdapter) GetAnnotations() map[string]string

func (ClusterRoleBindingAdapter) GetLabels 

func (o ClusterRoleBindingAdapter) GetLabels() map[string]string

func (ClusterRoleBindingAdapter) GetName 

func (o ClusterRoleBindingAdapter) GetName() string

func (ClusterRoleBindingAdapter) GetNamespace 

func (o ClusterRoleBindingAdapter) GetNamespace() string

func (ClusterRoleBindingAdapter) GetObject added in v1.8.0 

func (o ClusterRoleBindingAdapter) GetObject() runtime.Object

func (ClusterRoleBindingAdapter) GetRoleRef 

func (o ClusterRoleBindingAdapter) GetRoleRef() rbacv1.RoleRef

func (ClusterRoleBindingAdapter) GetSubjects 

func (o ClusterRoleBindingAdapter) GetSubjects() []rbacv1.Subject

func (ClusterRoleBindingAdapter) GetUID 

func (o ClusterRoleBindingAdapter) GetUID() types.UID

func (ClusterRoleBindingAdapter) SetAnnotations 

func (o ClusterRoleBindingAdapter) SetAnnotations(in map[string]string)

func (ClusterRoleBindingAdapter) SetLabels 

func (o ClusterRoleBindingAdapter) SetLabels(in map[string]string)

func (ClusterRoleBindingAdapter) SetSubjects 

func (o ClusterRoleBindingAdapter) SetSubjects(in []rbacv1.Subject)

type ClusterRoleBindingClientAdapter 

type ClusterRoleBindingClientAdapter struct {
	Client rbacv1client.ClusterRoleBindingInterface
}

func (ClusterRoleBindingClientAdapter) Create 

func (c ClusterRoleBindingClientAdapter) Create(in RoleBinding) (RoleBinding, error)

func (ClusterRoleBindingClientAdapter) Delete 

func (c ClusterRoleBindingClientAdapter) Delete(namespace, name string, uid types.UID) error

func (ClusterRoleBindingClientAdapter) Get 

func (c ClusterRoleBindingClientAdapter) Get(namespace, name string) (RoleBinding, error)

func (ClusterRoleBindingClientAdapter) Update 

func (c ClusterRoleBindingClientAdapter) Update(in RoleBinding) (RoleBinding, error)

type ClusterRoleModifier 

type ClusterRoleModifier struct {
	Client rbacv1client.ClusterRoleInterface
}

func (ClusterRoleModifier) Create 

func (c ClusterRoleModifier) Create(in RuleOwner) (RuleOwner, error)

func (ClusterRoleModifier) Get 

func (c ClusterRoleModifier) Get(namespace, name string) (RuleOwner, error)

func (ClusterRoleModifier) Update 

func (c ClusterRoleModifier) Update(in RuleOwner) (RuleOwner, error)

type ClusterRoleRuleOwner 

type ClusterRoleRuleOwner struct {
	ClusterRole *rbacv1.ClusterRole
}

+k8s:deepcopy-gen=true +k8s:deepcopy-gen:interfaces=k8s.io/kubernetes/pkg/registry/rbac/reconciliation.RuleOwner +k8s:deepcopy-gen:nonpointer-interfaces=true

func (*ClusterRoleRuleOwner) DeepCopy added in v1.8.0 

func (in *ClusterRoleRuleOwner) DeepCopy() *ClusterRoleRuleOwner

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ClusterRoleRuleOwner.

func (*ClusterRoleRuleOwner) DeepCopyInto added in v1.8.0 

func (in *ClusterRoleRuleOwner) DeepCopyInto(out *ClusterRoleRuleOwner)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (ClusterRoleRuleOwner) DeepCopyRuleOwner added in v1.8.0 

func (in ClusterRoleRuleOwner) DeepCopyRuleOwner() RuleOwner

DeepCopyRuleOwner is an autogenerated deepcopy function, copying the receiver, creating a new RuleOwner.

func (ClusterRoleRuleOwner) GetAggregationRule added in v1.9.0 

func (o ClusterRoleRuleOwner) GetAggregationRule() *rbacv1.AggregationRule

func (ClusterRoleRuleOwner) GetAnnotations 

func (o ClusterRoleRuleOwner) GetAnnotations() map[string]string

func (ClusterRoleRuleOwner) GetLabels 

func (o ClusterRoleRuleOwner) GetLabels() map[string]string

func (ClusterRoleRuleOwner) GetName 

func (o ClusterRoleRuleOwner) GetName() string

func (ClusterRoleRuleOwner) GetNamespace 

func (o ClusterRoleRuleOwner) GetNamespace() string

func (ClusterRoleRuleOwner) GetObject added in v1.8.0 

func (o ClusterRoleRuleOwner) GetObject() runtime.Object

func (ClusterRoleRuleOwner) GetRules 

func (o ClusterRoleRuleOwner) GetRules() []rbacv1.PolicyRule

func (ClusterRoleRuleOwner) SetAggregationRule added in v1.9.0 

func (o ClusterRoleRuleOwner) SetAggregationRule(in *rbacv1.AggregationRule)

func (ClusterRoleRuleOwner) SetAnnotations 

func (o ClusterRoleRuleOwner) SetAnnotations(in map[string]string)

func (ClusterRoleRuleOwner) SetLabels 

func (o ClusterRoleRuleOwner) SetLabels(in map[string]string)

func (ClusterRoleRuleOwner) SetRules 

func (o ClusterRoleRuleOwner) SetRules(in []rbacv1.PolicyRule)

type ReconcileClusterRoleBindingResult 

type ReconcileClusterRoleBindingResult struct {
	// RoleBinding is the reconciled rolebinding from the reconciliation operation.
	// If the reconcile was performed as a dry-run, or the existing rolebinding was protected, the reconciled rolebinding is not persisted.
	RoleBinding RoleBinding

	// MissingSubjects contains expected subjects that were missing from the currently persisted rolebinding
	MissingSubjects []rbacv1.Subject
	// ExtraSubjects contains extra subjects the currently persisted rolebinding had
	ExtraSubjects []rbacv1.Subject

	// Operation is the API operation required to reconcile.
	// If no reconciliation was needed, it is set to ReconcileNone.
	// If options.Confirm == false, the reconcile was in dry-run mode, so the operation was not performed.
	// If result.Protected == true, the rolebinding opted out of reconciliation, so the operation was not performed.
	// Otherwise, the operation was performed.
	Operation ReconcileOperation
	// Protected indicates an existing role prevented reconciliation
	Protected bool
}

ReconcileClusterRoleBindingResult holds the result of a reconciliation operation.

type ReconcileClusterRoleResult 

type ReconcileClusterRoleResult struct {
	// Role is the reconciled role from the reconciliation operation.
	// If the reconcile was performed as a dry-run, or the existing role was protected, the reconciled role is not persisted.
	Role RuleOwner

	// MissingRules contains expected rules that were missing from the currently persisted role
	MissingRules []rbacv1.PolicyRule
	// ExtraRules contains extra permissions the currently persisted role had
	ExtraRules []rbacv1.PolicyRule

	// MissingAggregationRuleSelectors contains expected selectors that were missing from the currently persisted role
	MissingAggregationRuleSelectors []metav1.LabelSelector
	// ExtraAggregationRuleSelectors contains extra selectors the currently persisted role had
	ExtraAggregationRuleSelectors []metav1.LabelSelector

	// Operation is the API operation required to reconcile.
	// If no reconciliation was needed, it is set to ReconcileNone.
	// If options.Confirm == false, the reconcile was in dry-run mode, so the operation was not performed.
	// If result.Protected == true, the role opted out of reconciliation, so the operation was not performed.
	// Otherwise, the operation was performed.
	Operation ReconcileOperation
	// Protected indicates an existing role prevented reconciliation
	Protected bool
}

type ReconcileOperation 

type ReconcileOperation string
var (
	ReconcileCreate   ReconcileOperation = "create"
	ReconcileUpdate   ReconcileOperation = "update"
	ReconcileRecreate ReconcileOperation = "recreate"
	ReconcileNone     ReconcileOperation = "none"
)

type ReconcileRoleBindingOptions 

type ReconcileRoleBindingOptions struct {
	// RoleBinding is the expected rolebinding that will be reconciled
	RoleBinding RoleBinding
	// Confirm indicates writes should be performed. When false, results are returned as a dry-run.
	Confirm bool
	// RemoveExtraSubjects indicates reconciliation should remove extra subjects from an existing role binding
	RemoveExtraSubjects bool
	// Client is used to look up existing rolebindings, and create/update the rolebinding when Confirm=true
	Client RoleBindingModifier
}

ReconcileRoleBindingOptions holds options for running a role binding reconciliation

func (*ReconcileRoleBindingOptions) Run 

func (o *ReconcileRoleBindingOptions) Run() (*ReconcileClusterRoleBindingResult, error)

type ReconcileRoleOptions 

type ReconcileRoleOptions struct {
	// Role is the expected role that will be reconciled
	Role RuleOwner
	// Confirm indicates writes should be performed. When false, results are returned as a dry-run.
	Confirm bool
	// RemoveExtraPermissions indicates reconciliation should remove extra permissions from an existing role
	RemoveExtraPermissions bool
	// Client is used to look up existing roles, and create/update the role when Confirm=true
	Client RuleOwnerModifier
}

func (*ReconcileRoleOptions) Run 

func (o *ReconcileRoleOptions) Run() (*ReconcileClusterRoleResult, error)

type RoleBinding 

type RoleBinding interface {
	GetObject() runtime.Object
	GetNamespace() string
	GetName() string
	GetUID() types.UID
	GetLabels() map[string]string
	SetLabels(map[string]string)
	GetAnnotations() map[string]string
	SetAnnotations(map[string]string)
	GetRoleRef() rbacv1.RoleRef
	GetSubjects() []rbacv1.Subject
	SetSubjects([]rbacv1.Subject)
	DeepCopyRoleBinding() RoleBinding
}

type RoleBindingAdapter 

type RoleBindingAdapter struct {
	RoleBinding *rbacv1.RoleBinding
}

+k8s:deepcopy-gen=true +k8s:deepcopy-gen:interfaces=k8s.io/kubernetes/pkg/registry/rbac/reconciliation.RoleBinding +k8s:deepcopy-gen:nonpointer-interfaces=true

func (*RoleBindingAdapter) DeepCopy added in v1.8.0 

func (in *RoleBindingAdapter) DeepCopy() *RoleBindingAdapter

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new RoleBindingAdapter.

func (*RoleBindingAdapter) DeepCopyInto added in v1.8.0 

func (in *RoleBindingAdapter) DeepCopyInto(out *RoleBindingAdapter)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (RoleBindingAdapter) DeepCopyRoleBinding added in v1.8.0 

func (in RoleBindingAdapter) DeepCopyRoleBinding() RoleBinding

DeepCopyRoleBinding is an autogenerated deepcopy function, copying the receiver, creating a new RoleBinding.

func (RoleBindingAdapter) GetAnnotations 

func (o RoleBindingAdapter) GetAnnotations() map[string]string

func (RoleBindingAdapter) GetLabels 

func (o RoleBindingAdapter) GetLabels() map[string]string

func (RoleBindingAdapter) GetName 

func (o RoleBindingAdapter) GetName() string

func (RoleBindingAdapter) GetNamespace 

func (o RoleBindingAdapter) GetNamespace() string

func (RoleBindingAdapter) GetObject added in v1.8.0 

func (o RoleBindingAdapter) GetObject() runtime.Object

func (RoleBindingAdapter) GetRoleRef 

func (o RoleBindingAdapter) GetRoleRef() rbacv1.RoleRef

func (RoleBindingAdapter) GetSubjects 

func (o RoleBindingAdapter) GetSubjects() []rbacv1.Subject

func (RoleBindingAdapter) GetUID 

func (o RoleBindingAdapter) GetUID() types.UID

func (RoleBindingAdapter) SetAnnotations 

func (o RoleBindingAdapter) SetAnnotations(in map[string]string)

func (RoleBindingAdapter) SetLabels 

func (o RoleBindingAdapter) SetLabels(in map[string]string)

func (RoleBindingAdapter) SetSubjects 

func (o RoleBindingAdapter) SetSubjects(in []rbacv1.Subject)

type RoleBindingClientAdapter 

type RoleBindingClientAdapter struct {
	Client          rbacv1client.RoleBindingsGetter
	NamespaceClient corev1client.NamespaceInterface
}

func (RoleBindingClientAdapter) Create 

func (c RoleBindingClientAdapter) Create(in RoleBinding) (RoleBinding, error)

func (RoleBindingClientAdapter) Delete 

func (c RoleBindingClientAdapter) Delete(namespace, name string, uid types.UID) error

func (RoleBindingClientAdapter) Get 

func (c RoleBindingClientAdapter) Get(namespace, name string) (RoleBinding, error)

func (RoleBindingClientAdapter) Update 

func (c RoleBindingClientAdapter) Update(in RoleBinding) (RoleBinding, error)

type RoleBindingModifier 

type RoleBindingModifier interface {
	Get(namespace, name string) (RoleBinding, error)
	Delete(namespace, name string, uid types.UID) error
	Create(RoleBinding) (RoleBinding, error)
	Update(RoleBinding) (RoleBinding, error)
}

type RoleModifier 

type RoleModifier struct {
	Client          rbacv1client.RolesGetter
	NamespaceClient corev1client.NamespaceInterface
}

func (RoleModifier) Create 

func (c RoleModifier) Create(in RuleOwner) (RuleOwner, error)

func (RoleModifier) Get 

func (c RoleModifier) Get(namespace, name string) (RuleOwner, error)

func (RoleModifier) Update 

func (c RoleModifier) Update(in RuleOwner) (RuleOwner, error)

type RoleRuleOwner 

type RoleRuleOwner struct {
	Role *rbacv1.Role
}

+k8s:deepcopy-gen=true +k8s:deepcopy-gen:interfaces=k8s.io/kubernetes/pkg/registry/rbac/reconciliation.RuleOwner +k8s:deepcopy-gen:nonpointer-interfaces=true

func (*RoleRuleOwner) DeepCopy added in v1.8.0 

func (in *RoleRuleOwner) DeepCopy() *RoleRuleOwner

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new RoleRuleOwner.

func (*RoleRuleOwner) DeepCopyInto added in v1.8.0 

func (in *RoleRuleOwner) DeepCopyInto(out *RoleRuleOwner)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (RoleRuleOwner) DeepCopyRuleOwner added in v1.8.0 

func (in RoleRuleOwner) DeepCopyRuleOwner() RuleOwner

DeepCopyRuleOwner is an autogenerated deepcopy function, copying the receiver, creating a new RuleOwner.

func (RoleRuleOwner) GetAggregationRule added in v1.9.0 

func (o RoleRuleOwner) GetAggregationRule() *rbacv1.AggregationRule

func (RoleRuleOwner) GetAnnotations 

func (o RoleRuleOwner) GetAnnotations() map[string]string

func (RoleRuleOwner) GetLabels 

func (o RoleRuleOwner) GetLabels() map[string]string

func (RoleRuleOwner) GetName 

func (o RoleRuleOwner) GetName() string

func (RoleRuleOwner) GetNamespace 

func (o RoleRuleOwner) GetNamespace() string

func (RoleRuleOwner) GetObject added in v1.8.0 

func (o RoleRuleOwner) GetObject() runtime.Object

func (RoleRuleOwner) GetRules 

func (o RoleRuleOwner) GetRules() []rbacv1.PolicyRule

func (RoleRuleOwner) SetAggregationRule added in v1.9.0 

func (o RoleRuleOwner) SetAggregationRule(in *rbacv1.AggregationRule)

func (RoleRuleOwner) SetAnnotations 

func (o RoleRuleOwner) SetAnnotations(in map[string]string)

func (RoleRuleOwner) SetLabels 

func (o RoleRuleOwner) SetLabels(in map[string]string)

func (RoleRuleOwner) SetRules 

func (o RoleRuleOwner) SetRules(in []rbacv1.PolicyRule)

type RuleOwner 

type RuleOwner interface {
	GetObject() runtime.Object
	GetNamespace() string
	GetName() string
	GetLabels() map[string]string
	SetLabels(map[string]string)
	GetAnnotations() map[string]string
	SetAnnotations(map[string]string)
	GetRules() []rbacv1.PolicyRule
	SetRules([]rbacv1.PolicyRule)
	GetAggregationRule() *rbacv1.AggregationRule
	SetAggregationRule(*rbacv1.AggregationRule)
	DeepCopyRuleOwner() RuleOwner
}

type RuleOwnerModifier 

type RuleOwnerModifier interface {
	Get(namespace, name string) (RuleOwner, error)
	Create(RuleOwner) (RuleOwner, error)
	Update(RuleOwner) (RuleOwner, error)
}

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.