mirror of
https://github.com/k3s-io/kubernetes.git
synced 2025-07-23 11:50:44 +00:00
Update comment on ResourcePolicyRule
Track the long-ago addition of the ClusterScope field.
This commit is contained in:
parent
d7f74ca58c
commit
6c7c1cea6f
@ -241,8 +241,10 @@ type ServiceAccountSubject struct {
|
||||
// ResourcePolicyRule matches a resource request if and only if: (a)
|
||||
// at least one member of verbs matches the request, (b) at least one
|
||||
// member of apiGroups matches the request, (c) at least one member of
|
||||
// resources matches the request, and (d) least one member of
|
||||
// namespaces matches the request.
|
||||
// resources matches the request, and (d) either (d1) the request does
|
||||
// not specify a namespace (i.e., `Namespace==""`) and clusterScope is
|
||||
// true or (d2) the request specifies a namespace and least one member
|
||||
// of namespaces matches the request's namespace.
|
||||
type ResourcePolicyRule struct {
|
||||
// `verbs` is a list of matching verbs and may not be empty.
|
||||
// "*" matches all verbs and, if present, must be the only entry.
|
||||
|
@ -279,8 +279,10 @@ type ServiceAccountSubject struct {
|
||||
// ResourcePolicyRule matches a resource request if and only if: (a)
|
||||
// at least one member of verbs matches the request, (b) at least one
|
||||
// member of apiGroups matches the request, (c) at least one member of
|
||||
// resources matches the request, and (d) least one member of
|
||||
// namespaces matches the request.
|
||||
// resources matches the request, and (d) either (d1) the request does
|
||||
// not specify a namespace (i.e., `Namespace==""`) and clusterScope is
|
||||
// true or (d2) the request specifies a namespace and least one member
|
||||
// of namespaces matches the request's namespace.
|
||||
type ResourcePolicyRule struct {
|
||||
// `verbs` is a list of matching verbs and may not be empty.
|
||||
// "*" matches all verbs and, if present, must be the only entry.
|
||||
|
@ -279,8 +279,10 @@ type ServiceAccountSubject struct {
|
||||
// ResourcePolicyRule matches a resource request if and only if: (a)
|
||||
// at least one member of verbs matches the request, (b) at least one
|
||||
// member of apiGroups matches the request, (c) at least one member of
|
||||
// resources matches the request, and (d) least one member of
|
||||
// namespaces matches the request.
|
||||
// resources matches the request, and (d) either (d1) the request does
|
||||
// not specify a namespace (i.e., `Namespace==""`) and clusterScope is
|
||||
// true or (d2) the request specifies a namespace and least one member
|
||||
// of namespaces matches the request's namespace.
|
||||
type ResourcePolicyRule struct {
|
||||
// `verbs` is a list of matching verbs and may not be empty.
|
||||
// "*" matches all verbs and, if present, must be the only entry.
|
||||
|
Loading…
Reference in New Issue
Block a user