mirror of
https://github.com/k3s-io/kubernetes.git
synced 2025-07-31 07:20:13 +00:00
add role/clusterrole to describe.go
This commit is contained in:
xilabao
parent
9fe2ef54ba
commit
bfd184274b
@ -71,6 +71,7 @@ import (
|
|||||||
deploymentutil "k8s.io/kubernetes/pkg/controller/deployment/util"
|
deploymentutil "k8s.io/kubernetes/pkg/controller/deployment/util"
|
||||||
"k8s.io/kubernetes/pkg/fieldpath"
|
"k8s.io/kubernetes/pkg/fieldpath"
|
||||||
"k8s.io/kubernetes/pkg/printers"
|
"k8s.io/kubernetes/pkg/printers"
|
||||||
|
"k8s.io/kubernetes/pkg/registry/rbac/validation"
|
||||||
"k8s.io/kubernetes/pkg/util/slice"
|
"k8s.io/kubernetes/pkg/util/slice"
|
||||||
)
|
)
|
||||||
|
|
||||||
@ -144,6 +145,8 @@ func describerMap(c clientset.Interface) map[schema.GroupKind]printers.Describer
|
|||||||
certificates.Kind("CertificateSigningRequest"): &CertificateSigningRequestDescriber{c},
|
certificates.Kind("CertificateSigningRequest"): &CertificateSigningRequestDescriber{c},
|
||||||
storage.Kind("StorageClass"): &StorageClassDescriber{c},
|
storage.Kind("StorageClass"): &StorageClassDescriber{c},
|
||||||
policy.Kind("PodDisruptionBudget"): &PodDisruptionBudgetDescriber{c},
|
policy.Kind("PodDisruptionBudget"): &PodDisruptionBudgetDescriber{c},
|
||||||
|
rbac.Kind("Role"): &RoleDescriber{c},
|
||||||
|
rbac.Kind("ClusterRole"): &ClusterRoleDescriber{c},
|
||||||
rbac.Kind("RoleBinding"): &RoleBindingDescriber{c},
|
rbac.Kind("RoleBinding"): &RoleBindingDescriber{c},
|
||||||
rbac.Kind("ClusterRoleBinding"): &ClusterRoleBindingDescriber{c},
|
rbac.Kind("ClusterRoleBinding"): &ClusterRoleBindingDescriber{c},
|
||||||
}
|
}
|
||||||
@ -2114,6 +2117,101 @@ func describeServiceAccount(serviceAccount *api.ServiceAccount, tokens []api.Sec
|
|||||||
})
|
})
|
||||||
}
|
}
|
||||||
|
|
||||||
|
// RoleDescriber generates information about a node.
|
||||||
|
type RoleDescriber struct {
|
||||||
|
clientset.Interface
|
||||||
|
}
|
||||||
|
|
||||||
|
func (d *RoleDescriber) Describe(namespace, name string, describerSettings printers.DescriberSettings) (string, error) {
|
||||||
|
role, err := d.Rbac().Roles(namespace).Get(name, metav1.GetOptions{})
|
||||||
|
if err != nil {
|
||||||
|
return "", err
|
||||||
|
}
|
||||||
|
|
||||||
|
breakdownRules := []rbac.PolicyRule{}
|
||||||
|
for _, rule := range role.Rules {
|
||||||
|
breakdownRules = append(breakdownRules, validation.BreakdownRule(rule)...)
|
||||||
|
}
|
||||||
|
|
||||||
|
compactRules, err := validation.CompactRules(breakdownRules)
|
||||||
|
if err != nil {
|
||||||
|
return "", err
|
||||||
|
}
|
||||||
|
sort.Stable(rbac.SortableRuleSlice(compactRules))
|
||||||
|
|
||||||
|
return tabbedString(func(out io.Writer) error {
|
||||||
|
w := NewPrefixWriter(out)
|
||||||
|
w.Write(LEVEL_0, "Name:\t%s\n", role.Name)
|
||||||
|
printLabelsMultiline(w, "Labels", role.Labels)
|
||||||
|
printAnnotationsMultiline(w, "Annotations", role.Annotations)
|
||||||
|
|
||||||
|
w.Write(LEVEL_0, "PolicyRule:\n")
|
||||||
|
w.Write(LEVEL_1, "Resources\tNon-Resource URLs\tResource Names\tVerbs\n")
|
||||||
|
w.Write(LEVEL_1, "---------\t-----------------\t--------------\t-----\n")
|
||||||
|
for _, r := range compactRules {
|
||||||
|
w.Write(LEVEL_1, "%s\t%v\t%v\t%v\n", combineResourceGroup(r.Resources, r.APIGroups), r.NonResourceURLs, r.ResourceNames, r.Verbs)
|
||||||
|
}
|
||||||
|
|
||||||
|
return nil
|
||||||
|
})
|
||||||
|
}
|
||||||
|
|
||||||
|
// ClusterRoleDescriber generates information about a node.
|
||||||
|
type ClusterRoleDescriber struct {
|
||||||
|
clientset.Interface
|
||||||
|
}
|
||||||
|
|
||||||
|
func (d *ClusterRoleDescriber) Describe(namespace, name string, describerSettings printers.DescriberSettings) (string, error) {
|
||||||
|
role, err := d.Rbac().ClusterRoles().Get(name, metav1.GetOptions{})
|
||||||
|
if err != nil {
|
||||||
|
return "", err
|
||||||
|
}
|
||||||
|
|
||||||
|
breakdownRules := []rbac.PolicyRule{}
|
||||||
|
for _, rule := range role.Rules {
|
||||||
|
breakdownRules = append(breakdownRules, validation.BreakdownRule(rule)...)
|
||||||
|
}
|
||||||
|
|
||||||
|
compactRules, err := validation.CompactRules(breakdownRules)
|
||||||
|
if err != nil {
|
||||||
|
return "", err
|
||||||
|
}
|
||||||
|
sort.Stable(rbac.SortableRuleSlice(compactRules))
|
||||||
|
|
||||||
|
return tabbedString(func(out io.Writer) error {
|
||||||
|
w := NewPrefixWriter(out)
|
||||||
|
w.Write(LEVEL_0, "Name:\t%s\n", role.Name)
|
||||||
|
printLabelsMultiline(w, "Labels", role.Labels)
|
||||||
|
printAnnotationsMultiline(w, "Annotations", role.Annotations)
|
||||||
|
|
||||||
|
w.Write(LEVEL_0, "PolicyRule:\n")
|
||||||
|
w.Write(LEVEL_1, "Resources\tNon-Resource URLs\tResource Names\tVerbs\n")
|
||||||
|
w.Write(LEVEL_1, "---------\t-----------------\t--------------\t-----\n")
|
||||||
|
for _, r := range compactRules {
|
||||||
|
w.Write(LEVEL_1, "%s\t%v\t%v\t%v\n", combineResourceGroup(r.Resources, r.APIGroups), r.NonResourceURLs, r.ResourceNames, r.Verbs)
|
||||||
|
}
|
||||||
|
|
||||||
|
return nil
|
||||||
|
})
|
||||||
|
}
|
||||||
|
|
||||||
|
func combineResourceGroup(resource, group []string) string {
|
||||||
|
if len(resource) == 0 {
|
||||||
|
return ""
|
||||||
|
}
|
||||||
|
parts := strings.SplitN(resource[0], "/", 2)
|
||||||
|
combine := parts[0]
|
||||||
|
|
||||||
|
if len(group) > 0 && group[0] != "" {
|
||||||
|
combine = combine + "." + group[0]
|
||||||
|
}
|
||||||
|
|
||||||
|
if len(parts) == 2 {
|
||||||
|
combine = combine + "/" + parts[1]
|
||||||
|
}
|
||||||
|
return combine
|
||||||
|
}
|
||||||
|
|
||||||
// RoleBindingDescriber generates information about a node.
|
// RoleBindingDescriber generates information about a node.
|
||||||
type RoleBindingDescriber struct {
|
type RoleBindingDescriber struct {
|
||||||
clientset.Interface
|
clientset.Interface
|
||||||
|
|||||||
Loading…
Reference in New Issue
Block a user