Documentation
¶
Index ¶
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func NewCommand ¶
func RemoveMember ¶
func RemoveMember(ctx context.Context, dyn dynamic.Interface, groupName string, memberKind iamtypes.SubjectKind, memberName string) (bool, error)
RemoveMember idempotently removes (memberKind, memberName) from the spec.members of groupName, retrying on conflict. It returns:
- removed=true when an Update succeeded and dropped the member;
- removed=false on a no-op (member was not present);
- a non-nil error wrapping the underlying cause for any other failure.
Exposed at package level so tests can drive the logic with a fake dynamic client; the cobra command above is a thin wrapper around it.
Types ¶
type EnsureMemberOpts ¶
type EnsureMemberOpts struct {
// CreateGroupIfMissing creates the parent Group CR if it does not exist.
CreateGroupIfMissing bool
// CycleCheck loads the membership graph and refuses to add the member
// if it would introduce a cycle. Only meaningful when MemberKind==Group;
// User members can never form a cycle.
CycleCheck bool
}
EnsureMemberOpts controls EnsureMember behavior. Zero value is valid: CreateGroupIfMissing=false, CycleCheck=false (no-op for User members).
type EnsureMemberResult ¶
EnsureMemberResult tells the caller what happened so it can print the right message ("created", "already member", etc.) without re-reading state.
func EnsureMember ¶
func EnsureMember(ctx context.Context, dyn dynamic.Interface, groupName string, memberKind iamtypes.SubjectKind, memberName string, opts EnsureMemberOpts) (EnsureMemberResult, error)
EnsureMember idempotently adds a (memberKind, memberName) pair to the spec.members of groupName. It is the single implementation shared by `d8 iam group add-member` and `d8 iam user create --member-of`.
Returns an EnsureMemberResult describing what changed; the caller is responsible for printing user-facing messages.
Source Files