Skip to content

Commit

Permalink
Snip dependencies on internal API type
Browse files Browse the repository at this point in the history
  • Loading branch information
@liggitt
liggitt committed Oct 25, 2018
1 parent 5d4334b commit eeb44ef
Show file tree
Hide file tree
Showing 2 changed files with 3 additions and 8 deletions.
5 changes: 2 additions & 3 deletions pkg/process.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -6,7 +6,6 @@ import (
rbacv1 "k8s.io/api/rbac/v1"
metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
"k8s.io/apiserver/pkg/authorization/authorizer"
"k8s.io/kubernetes/pkg/apis/rbac"
rbacv1helper "k8s.io/kubernetes/pkg/apis/rbac/v1"
"k8s.io/kubernetes/pkg/registry/rbac/validation"
rbacauthorizer "k8s.io/kubernetes/plugin/pkg/auth/authorizer/rbac"
Expand Down Expand Up @@ -168,7 +167,7 @@ func (g *Generator) ensureClusterRoleAndBinding(subject rbacv1.Subject) *rbacv1.
}
g.clusterRoleBinding = &rbacv1.ClusterRoleBinding{
ObjectMeta: metav1.ObjectMeta{Name: g.Options.Name, Labels: g.Options.Labels, Annotations: g.Options.Annotations},
RoleRef: rbacv1.RoleRef{APIGroup: rbac.GroupName, Kind: "ClusterRole", Name: g.clusterRole.Name},
RoleRef: rbacv1.RoleRef{APIGroup: rbacv1.GroupName, Kind: "ClusterRole", Name: g.clusterRole.Name},
Subjects: []rbacv1.Subject{subject},
}

Expand All @@ -191,7 +190,7 @@ func (g *Generator) ensureNamespacedRoleAndBinding(subject rbacv1.Subject, names
}
g.namespacedRoleBinding[namespace] = &rbacv1.RoleBinding{
ObjectMeta: metav1.ObjectMeta{Name: g.Options.Name, Namespace: namespace, Labels: g.Options.Labels, Annotations: g.Options.Annotations},
RoleRef: rbacv1.RoleRef{APIGroup: rbac.GroupName, Kind: "Role", Name: g.namespacedRole[namespace].Name},
RoleRef: rbacv1.RoleRef{APIGroup: rbacv1.GroupName, Kind: "Role", Name: g.namespacedRole[namespace].Name},
Subjects: []rbacv1.Subject{subject},
}

Expand Down
6 changes: 1 addition & 5 deletions pkg/util.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -19,7 +19,6 @@ import (
"k8s.io/apiserver/pkg/authentication/serviceaccount"
"k8s.io/apiserver/pkg/authentication/user"
"k8s.io/apiserver/pkg/authorization/authorizer"
"k8s.io/kubernetes/pkg/apis/rbac"
rbacv1helper "k8s.io/kubernetes/pkg/apis/rbac/v1"
"k8s.io/kubernetes/pkg/registry/rbac/validation"
)
Expand All @@ -28,7 +27,7 @@ func userToSubject(user user.Info) rbacv1.Subject {
if ns, name, err := serviceaccount.SplitUsername(user.GetName()); err == nil {
return rbacv1.Subject{Name: name, Namespace: ns, Kind: "ServiceAccount"}
}
return rbacv1.Subject{Name: user.GetName(), Kind: "User", APIGroup: rbac.GroupName}
return rbacv1.Subject{Name: user.GetName(), Kind: "User", APIGroup: rbacv1.GroupName}
}

func attributesToResourceRule(request authorizer.AttributesRecord, options GenerateOptions) rbacv1.PolicyRule {
Expand Down Expand Up @@ -184,9 +183,6 @@ func init() {
if err := rbacv1.AddToScheme(Scheme); err != nil {
panic(err)
}
if err := rbac.AddToScheme(Scheme); err != nil {
panic(err)
}

if err := auditv1.AddToScheme(Scheme); err != nil {
panic(err)
Expand Down

0 comments on commit eeb44ef

Please sign in to comment.