Set generator version in annotation

liggitt · Sep 12, 2017 · c4a739a · c4a739a
1 parent 13474f8
commit c4a739a
Show file tree

Hide file tree

Showing 2 changed files with 21 additions and 12 deletions.
diff --git a/cmd/audit2rbac/audit2rbac.go b/cmd/audit2rbac/audit2rbac.go
@@ -41,9 +41,10 @@ func checkErr(w io.Writer, err error) {
 
 func NewAudit2RBACCommand(stdout, stderr io.Writer) *cobra.Command {
 	options := &Audit2RBACOptions{
-		GeneratedPath:       ".",
-		GeneratedNamePrefix: "",
-		GeneratedLabels:     map[string]string{},
+		GeneratedPath:        ".",
+		GeneratedNamePrefix:  "",
+		GeneratedLabels:      map[string]string{},
+		GeneratedAnnotations: map[string]string{},
 
 		Stdout: stdout,
 		Stderr: stderr,
@@ -100,8 +101,10 @@ type Audit2RBACOptions struct {
 	GeneratedPath string
 	// Prefix for generated object names. Defaults to "audit2rbac:<user>"
 	GeneratedNamePrefix string
-	// Labels to apply to generated object names. Defaults to audit2rbac.liggitt.net/generated=true
+	// Labels to apply to generated object names.
 	GeneratedLabels map[string]string
+	// Annotations to apply to generated object names.
+	GeneratedAnnotations map[string]string
 
 	Stdout io.Writer
 	Stderr io.Writer
@@ -123,6 +126,9 @@ func (a *Audit2RBACOptions) Complete(serviceAccount string, args []string) error
 		a.GeneratedLabels["audit2rbac.liggitt.net/user"] = sanitizeLabel(a.User)
 		a.GeneratedLabels["audit2rbac.liggitt.net/generated"] = "true"
 	}
+	if len(a.GeneratedAnnotations) == 0 {
+		a.GeneratedAnnotations["audit2rbac.liggitt.net/version"] = pkg.Version
+	}
 
 	if len(a.GeneratedNamePrefix) == 0 {
 		user := a.User
@@ -198,6 +204,7 @@ func (a *Audit2RBACOptions) Run() error {
 
 	opts := pkg.DefaultGenerateOptions()
 	opts.Labels = a.GeneratedLabels
+	opts.Annotations = a.GeneratedAnnotations
 	opts.NamePrefix = a.GeneratedNamePrefix
 
 	generated := pkg.NewGenerator(getDiscoveryRoles(), attributes, opts).Generate()

diff --git a/pkg/process.go b/pkg/process.go
@@ -24,8 +24,9 @@ type GenerateOptions struct {
 	ExpandMultipleNamesToUnnamed            bool
 	ExpandMultipleNamespacesToClusterScoped bool
 
-	NamePrefix string
-	Labels     map[string]string
+	NamePrefix  string
+	Labels      map[string]string
+	Annotations map[string]string
 }
 
 // DefaultGenerateOptions returns default generation options
@@ -40,8 +41,9 @@ func DefaultGenerateOptions() GenerateOptions {
 		ExpandMultipleNamesToUnnamed:            true,
 		ExpandMultipleNamespacesToClusterScoped: true,
 
-		NamePrefix: "audit2rbac",
-		Labels:     map[string]string{},
+		NamePrefix:  "audit2rbac",
+		Labels:      map[string]string{},
+		Annotations: map[string]string{},
 	}
 }
 
@@ -152,10 +154,10 @@ func (g *Generator) ensureClusterRoleAndBinding(subject rbac.Subject) *rbac.Clus
 	}
 
 	g.clusterRole = &rbac.ClusterRole{
-		ObjectMeta: metav1.ObjectMeta{Name: g.Options.NamePrefix, Labels: g.Options.Labels},
+		ObjectMeta: metav1.ObjectMeta{Name: g.Options.NamePrefix, Labels: g.Options.Labels, Annotations: g.Options.Annotations},
 	}
 	g.clusterRoleBinding = &rbac.ClusterRoleBinding{
-		ObjectMeta: metav1.ObjectMeta{Name: g.Options.NamePrefix, Labels: g.Options.Labels},
+		ObjectMeta: metav1.ObjectMeta{Name: g.Options.NamePrefix, Labels: g.Options.Labels, Annotations: g.Options.Annotations},
 		RoleRef:    rbac.RoleRef{APIGroup: rbac.GroupName, Kind: "ClusterRole", Name: g.clusterRole.Name},
 		Subjects:   []rbac.Subject{subject},
 	}
@@ -175,10 +177,10 @@ func (g *Generator) ensureNamespacedRoleAndBinding(subject rbac.Subject, namespa
 	}
 
 	g.namespacedRole[namespace] = &rbac.Role{
-		ObjectMeta: metav1.ObjectMeta{Name: g.Options.NamePrefix, Namespace: namespace, Labels: g.Options.Labels},
+		ObjectMeta: metav1.ObjectMeta{Name: g.Options.NamePrefix, Namespace: namespace, Labels: g.Options.Labels, Annotations: g.Options.Annotations},
 	}
 	g.namespacedRoleBinding[namespace] = &rbac.RoleBinding{
-		ObjectMeta: metav1.ObjectMeta{Name: g.Options.NamePrefix, Namespace: namespace, Labels: g.Options.Labels},
+		ObjectMeta: metav1.ObjectMeta{Name: g.Options.NamePrefix, Namespace: namespace, Labels: g.Options.Labels, Annotations: g.Options.Annotations},
 		RoleRef:    rbac.RoleRef{APIGroup: rbac.GroupName, Kind: "Role", Name: g.namespacedRole[namespace].Name},
 		Subjects:   []rbac.Subject{subject},
 	}