auth

package

v0.0.0-...-1bc13c6 Latest Latest Go to latest Published: Apr 27, 2024 License: Apache-2.0 Imports: 14 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/openshift/cluster-logging-operator

Links

Open Source Insights

Documentation ¶

Index ¶

Variables
func NewMetaDataReaderClusterRoleBinding(saNamespace, name, saName string, owner metav1.OwnerReference) *rbacv1.ClusterRoleBinding
func NewSCC() *security.SecurityContextConstraints
func NewServiceAccountSCCRole(namespace, name string, owner metav1.OwnerReference) *rbacv1.Role
func NewServiceAccountSCCRoleBinding(namespace, name, saName string, owner metav1.OwnerReference) *rbacv1.RoleBinding
func ReconcileRBAC(er record.EventRecorder, k8sClient client.Client, saNamespace string, ...) error
func ReconcileServiceAccount(er record.EventRecorder, k8sClient client.Client, namespace string, ...) (err error)
func RemoveSecurityContextConstraint(k8sClient client.Client, sccName string) error

Constants ¶

This section is empty.

Variables ¶

View Source

var (
	RequiredDropCapabilities = []corev1.Capability{
		"CHOWN",
		"DAC_OVERRIDE",
		"FSETID",
		"FOWNER",
		"SETGID",
		"SETUID",
		"SETPCAP",
		"NET_BIND_SERVICE",
		"KILL",
	}

	DesiredSCCVolumes = []security.FSType{"configMap", "secret", "emptyDir", "projected"}
)

Functions ¶

func NewMetaDataReaderClusterRoleBinding ¶

func NewMetaDataReaderClusterRoleBinding(saNamespace, name, saName string, owner metav1.OwnerReference) *rbacv1.ClusterRoleBinding

NewMetaDataReaderClusterRoleBinding stubs a clusterrolebinding to allow reading of pod metadata (i.e. labels)

func NewSCC ¶

func NewSCC() *security.SecurityContextConstraints

func NewServiceAccountSCCRole ¶

func NewServiceAccountSCCRole(namespace, name string, owner metav1.OwnerReference) *rbacv1.Role

func NewServiceAccountSCCRoleBinding ¶

func NewServiceAccountSCCRoleBinding(namespace, name, saName string, owner metav1.OwnerReference) *rbacv1.RoleBinding

func ReconcileRBAC ¶

func ReconcileRBAC(er record.EventRecorder, k8sClient client.Client, saNamespace string, resNames *factory.ForwarderResourceNames, owner metav1.OwnerReference) error

ReconcileRBAC reconciles the RBAC specifically for the service account and SCC

func ReconcileServiceAccount ¶

func ReconcileServiceAccount(er record.EventRecorder, k8sClient client.Client, namespace string, resNames *factory.ForwarderResourceNames, owner metav1.OwnerReference) (err error)

ReconcileServiceAccount reconciles the serviceaccount for collector or logfilemetricexporter

func RemoveSecurityContextConstraint ¶

func RemoveSecurityContextConstraint(k8sClient client.Client, sccName string) error

Types ¶

This section is empty.

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL