Documentation
¶
Overview ¶
Package rbac contains utilities to reconcile RBAC resources for the barman-cloud plugin.
Index ¶
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func EnsureRole ¶
func EnsureRole( ctx context.Context, c client.Client, cluster *cnpgv1.Cluster, barmanObjects []barmancloudv1.ObjectStore, ) error
EnsureRole ensures the RBAC Role for the given Cluster matches the desired state derived from the given ObjectStores. On creation, the Cluster is set as the owner of the Role for garbage collection.
This function is called from the Pre hook (gRPC). It creates the Role if it does not exist, then patches rules and labels to match the desired state.
Note: the ObjectStore controller (EnsureRoleRules) can patch the same Role concurrently. Both paths use RetryOnConflict but compute desired rules from their own view of ObjectStores. If the Pre hook reads stale ObjectStore data from the informer cache, it may briefly revert a fresher update. This is self-healing: the next ObjectStore reconcile restores the correct state.
func EnsureRoleRules ¶
func EnsureRoleRules( ctx context.Context, c client.Client, roleKey client.ObjectKey, barmanObjects []barmancloudv1.ObjectStore, ) error
EnsureRoleRules updates the rules of an existing Role to match the desired state derived from the given ObjectStores. Unlike EnsureRole, this function does not create Roles or set owner references — it only patches rules on Roles that already exist. It is intended for the ObjectStore controller path where no Cluster object is available. Returns nil if the Role does not exist (the Pre hook has not created it yet).
Types ¶
This section is empty.
Source Files