kubernetes: k8s.io/kubernetes/pkg/registry/rbac/reconciliation Index | Files

package reconciliation

import "k8s.io/kubernetes/pkg/registry/rbac/reconciliation"

Index

Package Files

clusterrole_interfaces.go clusterrolebinding_interfaces.go namespace.go reconcile_role.go reconcile_rolebindings.go role_interfaces.go rolebinding_interfaces.go zz_generated.deepcopy.go

type ClusterRoleBindingAdapter Uses

type ClusterRoleBindingAdapter struct {
    ClusterRoleBinding *rbacv1.ClusterRoleBinding
}

+k8s:deepcopy-gen=true +k8s:deepcopy-gen:interfaces=k8s.io/kubernetes/pkg/registry/rbac/reconciliation.RoleBinding +k8s:deepcopy-gen:nonpointer-interfaces=true

func (*ClusterRoleBindingAdapter) DeepCopy Uses

func (in *ClusterRoleBindingAdapter) DeepCopy() *ClusterRoleBindingAdapter

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ClusterRoleBindingAdapter.

func (*ClusterRoleBindingAdapter) DeepCopyInto Uses

func (in *ClusterRoleBindingAdapter) DeepCopyInto(out *ClusterRoleBindingAdapter)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (ClusterRoleBindingAdapter) DeepCopyRoleBinding Uses

func (in ClusterRoleBindingAdapter) DeepCopyRoleBinding() RoleBinding

DeepCopyRoleBinding is an autogenerated deepcopy function, copying the receiver, creating a new RoleBinding.

func (ClusterRoleBindingAdapter) GetAnnotations Uses

func (o ClusterRoleBindingAdapter) GetAnnotations() map[string]string

func (ClusterRoleBindingAdapter) GetLabels Uses

func (o ClusterRoleBindingAdapter) GetLabels() map[string]string

func (ClusterRoleBindingAdapter) GetName Uses

func (o ClusterRoleBindingAdapter) GetName() string

func (ClusterRoleBindingAdapter) GetNamespace Uses

func (o ClusterRoleBindingAdapter) GetNamespace() string

func (ClusterRoleBindingAdapter) GetObject Uses

func (o ClusterRoleBindingAdapter) GetObject() runtime.Object

func (ClusterRoleBindingAdapter) GetRoleRef Uses

func (o ClusterRoleBindingAdapter) GetRoleRef() rbacv1.RoleRef

func (ClusterRoleBindingAdapter) GetSubjects Uses

func (o ClusterRoleBindingAdapter) GetSubjects() []rbacv1.Subject

func (ClusterRoleBindingAdapter) GetUID Uses

func (o ClusterRoleBindingAdapter) GetUID() types.UID

func (ClusterRoleBindingAdapter) SetAnnotations Uses

func (o ClusterRoleBindingAdapter) SetAnnotations(in map[string]string)

func (ClusterRoleBindingAdapter) SetLabels Uses

func (o ClusterRoleBindingAdapter) SetLabels(in map[string]string)

func (ClusterRoleBindingAdapter) SetSubjects Uses

func (o ClusterRoleBindingAdapter) SetSubjects(in []rbacv1.Subject)

type ClusterRoleBindingClientAdapter Uses

type ClusterRoleBindingClientAdapter struct {
    Client rbacv1client.ClusterRoleBindingInterface
}

func (ClusterRoleBindingClientAdapter) Create Uses

func (c ClusterRoleBindingClientAdapter) Create(in RoleBinding) (RoleBinding, error)

func (ClusterRoleBindingClientAdapter) Delete Uses

func (c ClusterRoleBindingClientAdapter) Delete(namespace, name string, uid types.UID) error

func (ClusterRoleBindingClientAdapter) Get Uses

func (c ClusterRoleBindingClientAdapter) Get(namespace, name string) (RoleBinding, error)

func (ClusterRoleBindingClientAdapter) Update Uses

func (c ClusterRoleBindingClientAdapter) Update(in RoleBinding) (RoleBinding, error)

type ClusterRoleModifier Uses

type ClusterRoleModifier struct {
    Client rbacv1client.ClusterRoleInterface
}

func (ClusterRoleModifier) Create Uses

func (c ClusterRoleModifier) Create(in RuleOwner) (RuleOwner, error)

func (ClusterRoleModifier) Get Uses

func (c ClusterRoleModifier) Get(namespace, name string) (RuleOwner, error)

func (ClusterRoleModifier) Update Uses

func (c ClusterRoleModifier) Update(in RuleOwner) (RuleOwner, error)

type ClusterRoleRuleOwner Uses

type ClusterRoleRuleOwner struct {
    ClusterRole *rbacv1.ClusterRole
}

+k8s:deepcopy-gen=true +k8s:deepcopy-gen:interfaces=k8s.io/kubernetes/pkg/registry/rbac/reconciliation.RuleOwner +k8s:deepcopy-gen:nonpointer-interfaces=true

func (*ClusterRoleRuleOwner) DeepCopy Uses

func (in *ClusterRoleRuleOwner) DeepCopy() *ClusterRoleRuleOwner

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ClusterRoleRuleOwner.

func (*ClusterRoleRuleOwner) DeepCopyInto Uses

func (in *ClusterRoleRuleOwner) DeepCopyInto(out *ClusterRoleRuleOwner)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (ClusterRoleRuleOwner) DeepCopyRuleOwner Uses

func (in ClusterRoleRuleOwner) DeepCopyRuleOwner() RuleOwner

DeepCopyRuleOwner is an autogenerated deepcopy function, copying the receiver, creating a new RuleOwner.

func (ClusterRoleRuleOwner) GetAggregationRule Uses

func (o ClusterRoleRuleOwner) GetAggregationRule() *rbacv1.AggregationRule

func (ClusterRoleRuleOwner) GetAnnotations Uses

func (o ClusterRoleRuleOwner) GetAnnotations() map[string]string

func (ClusterRoleRuleOwner) GetLabels Uses

func (o ClusterRoleRuleOwner) GetLabels() map[string]string

func (ClusterRoleRuleOwner) GetName Uses

func (o ClusterRoleRuleOwner) GetName() string

func (ClusterRoleRuleOwner) GetNamespace Uses

func (o ClusterRoleRuleOwner) GetNamespace() string

func (ClusterRoleRuleOwner) GetObject Uses

func (o ClusterRoleRuleOwner) GetObject() runtime.Object

func (ClusterRoleRuleOwner) GetRules Uses

func (o ClusterRoleRuleOwner) GetRules() []rbacv1.PolicyRule

func (ClusterRoleRuleOwner) SetAggregationRule Uses

func (o ClusterRoleRuleOwner) SetAggregationRule(in *rbacv1.AggregationRule)

func (ClusterRoleRuleOwner) SetAnnotations Uses

func (o ClusterRoleRuleOwner) SetAnnotations(in map[string]string)

func (ClusterRoleRuleOwner) SetLabels Uses

func (o ClusterRoleRuleOwner) SetLabels(in map[string]string)

func (ClusterRoleRuleOwner) SetRules Uses

func (o ClusterRoleRuleOwner) SetRules(in []rbacv1.PolicyRule)

type ReconcileClusterRoleBindingResult Uses

type ReconcileClusterRoleBindingResult struct {
    // RoleBinding is the reconciled rolebinding from the reconciliation operation.
    // If the reconcile was performed as a dry-run, or the existing rolebinding was protected, the reconciled rolebinding is not persisted.
    RoleBinding RoleBinding

    // MissingSubjects contains expected subjects that were missing from the currently persisted rolebinding
    MissingSubjects []rbacv1.Subject
    // ExtraSubjects contains extra subjects the currently persisted rolebinding had
    ExtraSubjects []rbacv1.Subject

    // Operation is the API operation required to reconcile.
    // If no reconciliation was needed, it is set to ReconcileNone.
    // If options.Confirm == false, the reconcile was in dry-run mode, so the operation was not performed.
    // If result.Protected == true, the rolebinding opted out of reconciliation, so the operation was not performed.
    // Otherwise, the operation was performed.
    Operation ReconcileOperation
    // Protected indicates an existing role prevented reconciliation
    Protected bool
}

ReconcileClusterRoleBindingResult holds the result of a reconciliation operation.

type ReconcileClusterRoleResult Uses

type ReconcileClusterRoleResult struct {
    // Role is the reconciled role from the reconciliation operation.
    // If the reconcile was performed as a dry-run, or the existing role was protected, the reconciled role is not persisted.
    Role RuleOwner

    // MissingRules contains expected rules that were missing from the currently persisted role
    MissingRules []rbacv1.PolicyRule
    // ExtraRules contains extra permissions the currently persisted role had
    ExtraRules []rbacv1.PolicyRule

    // MissingAggregationRuleSelectors contains expected selectors that were missing from the currently persisted role
    MissingAggregationRuleSelectors []metav1.LabelSelector
    // ExtraAggregationRuleSelectors contains extra selectors the currently persisted role had
    ExtraAggregationRuleSelectors []metav1.LabelSelector

    // Operation is the API operation required to reconcile.
    // If no reconciliation was needed, it is set to ReconcileNone.
    // If options.Confirm == false, the reconcile was in dry-run mode, so the operation was not performed.
    // If result.Protected == true, the role opted out of reconciliation, so the operation was not performed.
    // Otherwise, the operation was performed.
    Operation ReconcileOperation
    // Protected indicates an existing role prevented reconciliation
    Protected bool
}

type ReconcileOperation Uses

type ReconcileOperation string
var (
    ReconcileCreate   ReconcileOperation = "create"
    ReconcileUpdate   ReconcileOperation = "update"
    ReconcileRecreate ReconcileOperation = "recreate"
    ReconcileNone     ReconcileOperation = "none"
)

type ReconcileRoleBindingOptions Uses

type ReconcileRoleBindingOptions struct {
    // RoleBinding is the expected rolebinding that will be reconciled
    RoleBinding RoleBinding
    // Confirm indicates writes should be performed. When false, results are returned as a dry-run.
    Confirm bool
    // RemoveExtraSubjects indicates reconciliation should remove extra subjects from an existing role binding
    RemoveExtraSubjects bool
    // Client is used to look up existing rolebindings, and create/update the rolebinding when Confirm=true
    Client RoleBindingModifier
}

ReconcileRoleBindingOptions holds options for running a role binding reconciliation

func (*ReconcileRoleBindingOptions) Run Uses

func (o *ReconcileRoleBindingOptions) Run() (*ReconcileClusterRoleBindingResult, error)

type ReconcileRoleOptions Uses

type ReconcileRoleOptions struct {
    // Role is the expected role that will be reconciled
    Role RuleOwner
    // Confirm indicates writes should be performed. When false, results are returned as a dry-run.
    Confirm bool
    // RemoveExtraPermissions indicates reconciliation should remove extra permissions from an existing role
    RemoveExtraPermissions bool
    // Client is used to look up existing roles, and create/update the role when Confirm=true
    Client RuleOwnerModifier
}

func (*ReconcileRoleOptions) Run Uses

func (o *ReconcileRoleOptions) Run() (*ReconcileClusterRoleResult, error)

type RoleBinding Uses

type RoleBinding interface {
    GetObject() runtime.Object
    GetNamespace() string
    GetName() string
    GetUID() types.UID
    GetLabels() map[string]string
    SetLabels(map[string]string)
    GetAnnotations() map[string]string
    SetAnnotations(map[string]string)
    GetRoleRef() rbacv1.RoleRef
    GetSubjects() []rbacv1.Subject
    SetSubjects([]rbacv1.Subject)
    DeepCopyRoleBinding() RoleBinding
}

type RoleBindingAdapter Uses

type RoleBindingAdapter struct {
    RoleBinding *rbacv1.RoleBinding
}

+k8s:deepcopy-gen=true +k8s:deepcopy-gen:interfaces=k8s.io/kubernetes/pkg/registry/rbac/reconciliation.RoleBinding +k8s:deepcopy-gen:nonpointer-interfaces=true

func (*RoleBindingAdapter) DeepCopy Uses

func (in *RoleBindingAdapter) DeepCopy() *RoleBindingAdapter

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new RoleBindingAdapter.

func (*RoleBindingAdapter) DeepCopyInto Uses

func (in *RoleBindingAdapter) DeepCopyInto(out *RoleBindingAdapter)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (RoleBindingAdapter) DeepCopyRoleBinding Uses

func (in RoleBindingAdapter) DeepCopyRoleBinding() RoleBinding

DeepCopyRoleBinding is an autogenerated deepcopy function, copying the receiver, creating a new RoleBinding.

func (RoleBindingAdapter) GetAnnotations Uses

func (o RoleBindingAdapter) GetAnnotations() map[string]string

func (RoleBindingAdapter) GetLabels Uses

func (o RoleBindingAdapter) GetLabels() map[string]string

func (RoleBindingAdapter) GetName Uses

func (o RoleBindingAdapter) GetName() string

func (RoleBindingAdapter) GetNamespace Uses

func (o RoleBindingAdapter) GetNamespace() string

func (RoleBindingAdapter) GetObject Uses

func (o RoleBindingAdapter) GetObject() runtime.Object

func (RoleBindingAdapter) GetRoleRef Uses

func (o RoleBindingAdapter) GetRoleRef() rbacv1.RoleRef

func (RoleBindingAdapter) GetSubjects Uses

func (o RoleBindingAdapter) GetSubjects() []rbacv1.Subject

func (RoleBindingAdapter) GetUID Uses

func (o RoleBindingAdapter) GetUID() types.UID

func (RoleBindingAdapter) SetAnnotations Uses

func (o RoleBindingAdapter) SetAnnotations(in map[string]string)

func (RoleBindingAdapter) SetLabels Uses

func (o RoleBindingAdapter) SetLabels(in map[string]string)

func (RoleBindingAdapter) SetSubjects Uses

func (o RoleBindingAdapter) SetSubjects(in []rbacv1.Subject)

type RoleBindingClientAdapter Uses

type RoleBindingClientAdapter struct {
    Client          rbacv1client.RoleBindingsGetter
    NamespaceClient corev1client.NamespaceInterface
}

func (RoleBindingClientAdapter) Create Uses

func (c RoleBindingClientAdapter) Create(in RoleBinding) (RoleBinding, error)

func (RoleBindingClientAdapter) Delete Uses

func (c RoleBindingClientAdapter) Delete(namespace, name string, uid types.UID) error

func (RoleBindingClientAdapter) Get Uses

func (c RoleBindingClientAdapter) Get(namespace, name string) (RoleBinding, error)

func (RoleBindingClientAdapter) Update Uses

func (c RoleBindingClientAdapter) Update(in RoleBinding) (RoleBinding, error)

type RoleBindingModifier Uses

type RoleBindingModifier interface {
    Get(namespace, name string) (RoleBinding, error)
    Delete(namespace, name string, uid types.UID) error
    Create(RoleBinding) (RoleBinding, error)
    Update(RoleBinding) (RoleBinding, error)
}

type RoleModifier Uses

type RoleModifier struct {
    Client          rbacv1client.RolesGetter
    NamespaceClient corev1client.NamespaceInterface
}

func (RoleModifier) Create Uses

func (c RoleModifier) Create(in RuleOwner) (RuleOwner, error)

func (RoleModifier) Get Uses

func (c RoleModifier) Get(namespace, name string) (RuleOwner, error)

func (RoleModifier) Update Uses

func (c RoleModifier) Update(in RuleOwner) (RuleOwner, error)

type RoleRuleOwner Uses

type RoleRuleOwner struct {
    Role *rbacv1.Role
}

+k8s:deepcopy-gen=true +k8s:deepcopy-gen:interfaces=k8s.io/kubernetes/pkg/registry/rbac/reconciliation.RuleOwner +k8s:deepcopy-gen:nonpointer-interfaces=true

func (*RoleRuleOwner) DeepCopy Uses

func (in *RoleRuleOwner) DeepCopy() *RoleRuleOwner

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new RoleRuleOwner.

func (*RoleRuleOwner) DeepCopyInto Uses

func (in *RoleRuleOwner) DeepCopyInto(out *RoleRuleOwner)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (RoleRuleOwner) DeepCopyRuleOwner Uses

func (in RoleRuleOwner) DeepCopyRuleOwner() RuleOwner

DeepCopyRuleOwner is an autogenerated deepcopy function, copying the receiver, creating a new RuleOwner.

func (RoleRuleOwner) GetAggregationRule Uses

func (o RoleRuleOwner) GetAggregationRule() *rbacv1.AggregationRule

func (RoleRuleOwner) GetAnnotations Uses

func (o RoleRuleOwner) GetAnnotations() map[string]string

func (RoleRuleOwner) GetLabels Uses

func (o RoleRuleOwner) GetLabels() map[string]string

func (RoleRuleOwner) GetName Uses

func (o RoleRuleOwner) GetName() string

func (RoleRuleOwner) GetNamespace Uses

func (o RoleRuleOwner) GetNamespace() string

func (RoleRuleOwner) GetObject Uses

func (o RoleRuleOwner) GetObject() runtime.Object

func (RoleRuleOwner) GetRules Uses

func (o RoleRuleOwner) GetRules() []rbacv1.PolicyRule

func (RoleRuleOwner) SetAggregationRule Uses

func (o RoleRuleOwner) SetAggregationRule(in *rbacv1.AggregationRule)

func (RoleRuleOwner) SetAnnotations Uses

func (o RoleRuleOwner) SetAnnotations(in map[string]string)

func (RoleRuleOwner) SetLabels Uses

func (o RoleRuleOwner) SetLabels(in map[string]string)

func (RoleRuleOwner) SetRules Uses

func (o RoleRuleOwner) SetRules(in []rbacv1.PolicyRule)

type RuleOwner Uses

type RuleOwner interface {
    GetObject() runtime.Object
    GetNamespace() string
    GetName() string
    GetLabels() map[string]string
    SetLabels(map[string]string)
    GetAnnotations() map[string]string
    SetAnnotations(map[string]string)
    GetRules() []rbacv1.PolicyRule
    SetRules([]rbacv1.PolicyRule)
    GetAggregationRule() *rbacv1.AggregationRule
    SetAggregationRule(*rbacv1.AggregationRule)
    DeepCopyRuleOwner() RuleOwner
}

type RuleOwnerModifier Uses

type RuleOwnerModifier interface {
    Get(namespace, name string) (RuleOwner, error)
    Create(RuleOwner) (RuleOwner, error)
    Update(RuleOwner) (RuleOwner, error)
}

Package reconciliation imports 13 packages (graph) and is imported by 16 packages. Updated 2019-02-23. Refresh now. Tools for package owners.