mirror of
https://github.com/projectcapsule/capsule.git
synced 2026-02-14 09:59:57 +00:00
730151cb44
* chore: improve dev targets Signed-off-by: Oliver Bähler <oliverbaehler@hotmail.com> * feat(controller): implement deterministic rolebinding reflection Signed-off-by: Oliver Bähler <oliverbaehler@hotmail.com> * feat(controller): capsule users are determined from configuration status Signed-off-by: Oliver Bähler <oliverbaehler@hotmail.com> * feat(tenantowners): added agreggate option - tenantowners are always considered capsule users Signed-off-by: Oliver Bähler <oliverbaehler@hotmail.com> * feat(tenantowner): add implicit aggregation for tenants Signed-off-by: Oliver Bähler <oliverbaehler@hotmail.com> * chore: remove helm flags Signed-off-by: Oliver Bähler <oliverbaehler@hotmail.com> * fix(config): remove usergroups default Signed-off-by: Oliver Bähler <oliverbaehler@hotmail.com> --------- Signed-off-by: Oliver Bähler <oliverbaehler@hotmail.com>
36 lines
1.0 KiB
Go
36 lines
1.0 KiB
Go
// Copyright 2020-2025 Project Capsule Authors
|
|
// SPDX-License-Identifier: Apache-2.0
|
|
|
|
package configuration
|
|
|
|
import (
|
|
"regexp"
|
|
|
|
capsuleapi "github.com/projectcapsule/capsule/pkg/api"
|
|
)
|
|
|
|
const (
|
|
TenantCRDName = "tenants.capsule.clastix.io"
|
|
)
|
|
|
|
type Configuration interface {
|
|
ProtectedNamespaceRegexp() (*regexp.Regexp, error)
|
|
ForceTenantPrefix() bool
|
|
// EnableTLSConfiguration enabled the TLS reconciler, responsible for creating CA and TLS certificate required
|
|
// for the CRD conversion and webhooks.
|
|
EnableTLSConfiguration() bool
|
|
AllowServiceAccountPromotion() bool
|
|
TLSSecretName() string
|
|
MutatingWebhookConfigurationName() string
|
|
ValidatingWebhookConfigurationName() string
|
|
TenantCRDName() string
|
|
UserNames() []string
|
|
UserGroups() []string
|
|
Users() capsuleapi.UserListSpec
|
|
GetUsersByStatus() capsuleapi.UserListSpec
|
|
IgnoreUserWithGroups() []string
|
|
ForbiddenUserNodeLabels() *capsuleapi.ForbiddenListSpec
|
|
ForbiddenUserNodeAnnotations() *capsuleapi.ForbiddenListSpec
|
|
Administrators() capsuleapi.UserListSpec
|
|
}
|