specs

func BuildRole ¶

func BuildRole(
	cluster *cnpgv1.Cluster,
	barmanObjects []barmancloudv1.ObjectStore,
) *rbacv1.Role

BuildRole builds the Role object for this cluster

func BuildRoleBinding ¶

func BuildRoleBinding(
	cluster *cnpgv1.Cluster,
) *rbacv1.RoleBinding

BuildRoleBinding builds the role binding object for this cluster

func BuildRoleRules ¶ added in v0.12.0

func BuildRoleRules(barmanObjects []barmancloudv1.ObjectStore) []rbacv1.PolicyRule

BuildRoleRules builds the RBAC PolicyRules for the given ObjectStores.

func CollectSecretNamesFromCredentials ¶

func CollectSecretNamesFromCredentials(barmanCredentials *barmanapi.BarmanCredentials) []string

CollectSecretNamesFromCredentials collects the names of the secrets

func GetRBACName ¶

func GetRBACName(clusterName string) string

GetRBACName returns the name of the RBAC entities for the barman cloud plugin

func ObjectStoreNamesFromRole ¶ added in v0.12.0

func ObjectStoreNamesFromRole(role *rbacv1.Role) []string

ObjectStoreNamesFromRole extracts the ObjectStore names referenced by a plugin-managed Role. It finds the objectstores rule semantically (by APIGroup and Resource, not by index) and returns a copy of its ResourceNames. Returns nil if no matching rule is found.

func SetControllerReference ¶ added in v0.12.0

func SetControllerReference(owner, controlled metav1.Object) error

SetControllerReference sets an owner reference on controlled pointing to owner, reading the GVK from the owner object's metadata rather than from a scheme. This is necessary because the operator does not know the CNPG API group at compile time (it may be customized), while the Cluster object decoded from the gRPC request carries the correct GVK in its TypeMeta.

This function replaces all existing owner references rather than merging, so it assumes the controlled object has a single owner. This holds for plugin-managed Roles and RoleBindings, which are exclusively owned by one Cluster.