forked from openshift/origin
-
Notifications
You must be signed in to change notification settings - Fork 1
/
Copy pathconstants.go
80 lines (70 loc) · 2.92 KB
/
constants.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
package bootstrappolicy
// known namespaces
const (
DefaultOpenShiftSharedResourcesNamespace = "openshift"
)
// users
const (
DefaultServiceAccountName = "default"
BuilderServiceAccountName = "builder"
RouterUnqualifiedUsername = "openshift-router"
RegistryUnqualifiedUsername = "openshift-registry"
RouterUsername = "system:" + RouterUnqualifiedUsername
RegistryUsername = "system:" + RegistryUnqualifiedUsername
)
// groups
const (
UnauthenticatedUsername = "system:anonymous"
InternalComponentUsername = "system:openshift-client"
DeployerUsername = "system:openshift-deployer"
AuthenticatedGroup = "system:authenticated"
UnauthenticatedGroup = "system:unauthenticated"
ClusterAdminGroup = "system:cluster-admins"
ClusterReaderGroup = "system:cluster-readers"
NodesGroup = "system:nodes"
RouterGroup = "system:routers"
RegistryGroup = "system:registries"
)
// Roles
const (
ClusterAdminRoleName = "cluster-admin"
ClusterReaderRoleName = "cluster-reader"
AdminRoleName = "admin"
EditRoleName = "edit"
ViewRoleName = "view"
SelfProvisionerRoleName = "self-provisioner"
BasicUserRoleName = "basic-user"
StatusCheckerRoleName = "cluster-status"
ImagePullerRoleName = "system:image-puller"
ImageBuilderRoleName = "system:image-builder"
DeployerRoleName = "system:deployer"
RouterRoleName = "system:router"
RegistryRoleName = "system:registry"
NodeRoleName = "system:node"
NodeProxierRoleName = "system:node-proxier"
SDNReaderRoleName = "system:sdn-reader"
SDNManagerRoleName = "system:sdn-manager"
InternalComponentRoleName = "system:component"
OAuthTokenDeleterRoleName = "system:oauth-token-deleter"
WebHooksRoleName = "system:webhook"
OpenshiftSharedResourceViewRoleName = "shared-resource-viewer"
)
// RoleBindings
const (
SelfProvisionerRoleBindingName = SelfProvisionerRoleName + "s"
InternalComponentRoleBindingName = InternalComponentRoleName + "s"
DeployerRoleBindingName = DeployerRoleName + "s"
ClusterAdminRoleBindingName = ClusterAdminRoleName + "s"
ClusterReaderRoleBindingName = ClusterReaderRoleName + "s"
BasicUserRoleBindingName = BasicUserRoleName + "s"
OAuthTokenDeleterRoleBindingName = OAuthTokenDeleterRoleName + "s"
StatusCheckerRoleBindingName = StatusCheckerRoleName + "-binding"
RouterRoleBindingName = RouterRoleName + "s"
RegistryRoleBindingName = RegistryRoleName + "s"
NodeRoleBindingName = NodeRoleName + "s"
NodeProxierRoleBindingName = NodeProxierRoleName + "s"
SDNReaderRoleBindingName = SDNReaderRoleName + "s"
SDNManagerRoleBindingName = SDNManagerRoleName + "s"
WebHooksRoleBindingName = WebHooksRoleName + "s"
OpenshiftSharedResourceViewRoleBindingName = OpenshiftSharedResourceViewRoleName + "s"
)