mirror of
https://github.com/kubernetes-sigs/kustomize.git
synced 2026-05-18 04:15:26 +00:00
a7df00c07a
[doc]: https://github.com/golang/go/wiki/Modules#releasing-modules-v2-or-higher Per this Go modules [doc] a repo or branch that's already tagged v2 or higher should increment the major version (e.g. go to v3) when releasing their first Go module-based packages. At the moment, the kustomize repo has these top level packages in the sigs.k8s.io/kustomize module: - `cmd` - holds main program for kustomize Conceivably someone can depend on this package for integration tests. - `internal` - intentionally unreleased subpackages - `k8sdeps` - an adapter wrapping k8s dependencies This exists only for use in pre-Go-modules kustomize-into-kubectl integration and won't live much longer (as everything involved is switching to Go modules). - `pkg` - kustomize packages for export This should shrink in later versions, since the surface area is too large, containing sub-packages that should be in 'internal'. - `plugin` - holds main programs for plugins This PR changes the top level go.mod file from ``` module sigs.k8s.io/kustomize ``` to ``` module sigs.k8s.io/kustomize/v3 ``` and adjusts all import statements to reflect the change.
127 lines
3.4 KiB
Go
127 lines
3.4 KiB
Go
// Code generated by pluginator on NamespaceTransformer; DO NOT EDIT.
|
|
package builtin
|
|
|
|
import (
|
|
"sigs.k8s.io/kustomize/v3/pkg/gvk"
|
|
"sigs.k8s.io/kustomize/v3/pkg/ifc"
|
|
"sigs.k8s.io/kustomize/v3/pkg/resid"
|
|
"sigs.k8s.io/kustomize/v3/pkg/resmap"
|
|
"sigs.k8s.io/kustomize/v3/pkg/resource"
|
|
"sigs.k8s.io/kustomize/v3/pkg/transformers"
|
|
"sigs.k8s.io/kustomize/v3/pkg/transformers/config"
|
|
"sigs.k8s.io/yaml"
|
|
)
|
|
|
|
// Change or set the namespace of non-cluster level resources.
|
|
type NamespaceTransformerPlugin struct {
|
|
Namespace string `json:"namespace,omitempty" yaml:"namespace,omitempty"`
|
|
FieldSpecs []config.FieldSpec `json:"fieldSpecs,omitempty" yaml:"fieldSpecs,omitempty"`
|
|
}
|
|
|
|
//noinspection GoUnusedGlobalVariable
|
|
func NewNamespaceTransformerPlugin() *NamespaceTransformerPlugin {
|
|
return &NamespaceTransformerPlugin{}
|
|
}
|
|
|
|
func (p *NamespaceTransformerPlugin) Config(
|
|
ldr ifc.Loader, rf *resmap.Factory, c []byte) (err error) {
|
|
p.Namespace = ""
|
|
p.FieldSpecs = nil
|
|
return yaml.Unmarshal(c, p)
|
|
}
|
|
|
|
func (p *NamespaceTransformerPlugin) Transform(m resmap.ResMap) error {
|
|
if len(p.Namespace) == 0 {
|
|
return nil
|
|
}
|
|
for _, r := range m.Resources() {
|
|
id := r.OrgId()
|
|
fs, ok := p.isSelected(id)
|
|
if !ok {
|
|
continue
|
|
}
|
|
if len(r.Map()) == 0 {
|
|
// Don't mutate empty objects?
|
|
continue
|
|
}
|
|
if doIt(id, fs) {
|
|
if err := p.changeNamespace(r, fs); err != nil {
|
|
return err
|
|
}
|
|
}
|
|
}
|
|
p.updateClusterRoleBinding(m)
|
|
return nil
|
|
}
|
|
|
|
const metaNamespace = "metadata/namespace"
|
|
|
|
// Special casing metadata.namespace since
|
|
// all objects have it, even "ClusterKind" objects
|
|
// that don't exist in a namespace (the Namespace
|
|
// object itself doesn't live in a namespace).
|
|
func doIt(id resid.ResId, fs *config.FieldSpec) bool {
|
|
return fs.Path != metaNamespace ||
|
|
(fs.Path == metaNamespace && !id.IsClusterKind())
|
|
}
|
|
|
|
func (p *NamespaceTransformerPlugin) changeNamespace(
|
|
r *resource.Resource, fs *config.FieldSpec) error {
|
|
return transformers.MutateField(
|
|
r.Map(), fs.PathSlice(), fs.CreateIfNotPresent,
|
|
func(_ interface{}) (interface{}, error) {
|
|
return p.Namespace, nil
|
|
})
|
|
}
|
|
|
|
func (p *NamespaceTransformerPlugin) isSelected(
|
|
id resid.ResId) (*config.FieldSpec, bool) {
|
|
for _, fs := range p.FieldSpecs {
|
|
if id.IsSelected(&fs.Gvk) {
|
|
return &fs, true
|
|
}
|
|
}
|
|
return nil, false
|
|
}
|
|
|
|
func (p *NamespaceTransformerPlugin) updateClusterRoleBinding(m resmap.ResMap) {
|
|
srvAccount := gvk.Gvk{Version: "v1", Kind: "ServiceAccount"}
|
|
saMap := map[string]bool{}
|
|
for _, id := range m.AllIds() {
|
|
if id.Gvk.Equals(srvAccount) {
|
|
saMap[id.Name] = true
|
|
}
|
|
}
|
|
|
|
for _, res := range m.Resources() {
|
|
if res.OrgId().Kind != "ClusterRoleBinding" &&
|
|
res.OrgId().Kind != "RoleBinding" {
|
|
continue
|
|
}
|
|
objMap := res.Map()
|
|
subjects, ok := objMap["subjects"].([]interface{})
|
|
if subjects == nil || !ok {
|
|
continue
|
|
}
|
|
for i := range subjects {
|
|
subject := subjects[i].(map[string]interface{})
|
|
kind, foundK := subject["kind"]
|
|
name, foundN := subject["name"]
|
|
if !foundK || !foundN || kind.(string) != srvAccount.Kind {
|
|
continue
|
|
}
|
|
// a ServiceAccount named “default” exists in every active namespace
|
|
if name.(string) == "default" || saMap[name.(string)] {
|
|
subject := subjects[i].(map[string]interface{})
|
|
transformers.MutateField(
|
|
subject, []string{"namespace"},
|
|
true, func(_ interface{}) (interface{}, error) {
|
|
return p.Namespace, nil
|
|
})
|
|
subjects[i] = subject
|
|
}
|
|
}
|
|
objMap["subjects"] = subjects
|
|
}
|
|
}
|