forked from openshift/origin
-
Notifications
You must be signed in to change notification settings - Fork 1
/
constants.go
68 lines (59 loc) · 2.38 KB
/
constants.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
package bootstrappolicy
// known namespaces
const (
DefaultOpenShiftSharedResourcesNamespace = "openshift"
)
// users
const (
RouterUnqualifiedUsername = "openshift-router"
RegistryUnqualifiedUsername = "openshift-registry"
RouterUsername = "system:" + RouterUnqualifiedUsername
RegistryUsername = "system:" + RegistryUnqualifiedUsername
)
// groups
const (
UnauthenticatedUsername = "system:anonymous"
InternalComponentUsername = "system:openshift-client"
InternalComponentKubeUsername = "system:kube-client"
DeployerUsername = "system:openshift-deployer"
AuthenticatedGroup = "system:authenticated"
UnauthenticatedGroup = "system:unauthenticated"
ClusterAdminGroup = "system:cluster-admins"
ClusterReaderGroup = "system:cluster-readers"
NodesGroup = "system:nodes"
RouterGroup = "system:routers"
RegistryGroup = "system:registries"
)
// Roles
const (
ClusterAdminRoleName = "cluster-admin"
ClusterReaderRoleName = "cluster-reader"
AdminRoleName = "admin"
EditRoleName = "edit"
ViewRoleName = "view"
SelfProvisionerRoleName = "self-provisioner"
BasicUserRoleName = "basic-user"
StatusCheckerRoleName = "cluster-status"
DeployerRoleName = "system:deployer"
RouterRoleName = "system:router"
RegistryRoleName = "system:registry"
InternalComponentRoleName = "system:component"
DeleteTokensRoleName = "system:delete-tokens"
WebHooksRoleName = "system:webhook"
OpenshiftSharedResourceViewRoleName = "shared-resource-viewer"
)
// RoleBindings
const (
SelfProvisionerRoleBindingName = SelfProvisionerRoleName + "s"
InternalComponentRoleBindingName = InternalComponentRoleName + "s"
DeployerRoleBindingName = DeployerRoleName + "s"
ClusterAdminRoleBindingName = ClusterAdminRoleName + "s"
ClusterReaderRoleBindingName = ClusterReaderRoleName + "s"
BasicUserRoleBindingName = BasicUserRoleName + "s"
DeleteTokensRoleBindingName = DeleteTokensRoleName + "-binding"
StatusCheckerRoleBindingName = StatusCheckerRoleName + "-binding"
RouterRoleBindingName = RouterRoleName + "s"
RegistryRoleBindingName = RegistryRoleName + "s"
WebHooksRoleBindingName = WebHooksRoleName + "s"
OpenshiftSharedResourceViewRoleBindingName = OpenshiftSharedResourceViewRoleName + "s"
)