acl

package module

v0.9.0 Latest Latest Go to latest Published: Aug 30, 2025 License: Apache-2.0 Imports: 0 Imported by: 11

Details

Valid go.mod file
Redistributable license
Tagged version
Stable version
Learn more about best practices

Repository

github.com/fluxcd/pkg

Links

Open Source Insights

Documentation ¶

Overview ¶

Package acl contains the API types for defining access control lists for use by GitOps Toolkit components. +kubebuilder:object:generate=true

Index ¶

Constants
type AccessFrom
- func (in *AccessFrom) DeepCopy() *AccessFrom
- func (in *AccessFrom) DeepCopyInto(out *AccessFrom)
type NamespaceSelector
- func (in *NamespaceSelector) DeepCopy() *NamespaceSelector
- func (in *NamespaceSelector) DeepCopyInto(out *NamespaceSelector)

Constants ¶

View Source

const (
	// AccessDeniedCondition indicates that access to a resource has been denied by an ACL assertion.
	// The Condition adheres to an "abnormal-true" polarity pattern, and MUST only be present on the resource if the
	// Condition is True.
	AccessDeniedCondition string = "AccessDenied"
)

These constants define the Condition types for when the GitOps Toolkit components perform ACL assertions.

View Source

const (
	// AccessDeniedReason indicates that access to a resource has been denied by an ACL assertion.
	AccessDeniedReason string = "AccessDenied"
)

These constants define the Condition reasons for when the GitOps Toolkit components perform ACL assertions.

Variables ¶

This section is empty.

Functions ¶

This section is empty.

Types ¶

type AccessFrom ¶

type AccessFrom struct {
	// NamespaceSelectors is the list of namespace selectors to which this ACL applies.
	// Items in this list are evaluated using a logical OR operation.
	// +required
	NamespaceSelectors []NamespaceSelector `json:"namespaceSelectors"`
}

AccessFrom defines an ACL for allowing cross-namespace references to a source object based on the caller's namespace labels.

func (*AccessFrom) DeepCopy ¶

func (in *AccessFrom) DeepCopy() *AccessFrom

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AccessFrom.

func (*AccessFrom) DeepCopyInto ¶

func (in *AccessFrom) DeepCopyInto(out *AccessFrom)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type NamespaceSelector ¶

type NamespaceSelector struct {
	// MatchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels
	// map is equivalent to an element of matchExpressions, whose key field is "key", the
	// operator is "In", and the values array contains only "value". The requirements are ANDed.
	// +optional
	MatchLabels map[string]string `json:"matchLabels,omitempty"`
}

NamespaceSelector selects the namespaces to which this ACL applies. An empty map of MatchLabels matches all namespaces in a cluster.

func (*NamespaceSelector) DeepCopy ¶

func (in *NamespaceSelector) DeepCopy() *NamespaceSelector

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new NamespaceSelector.

func (*NamespaceSelector) DeepCopyInto ¶

func (in *NamespaceSelector) DeepCopyInto(out *NamespaceSelector)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL