Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add Access Control List API types and conditions #140

Merged
merged 1 commit into from
Aug 9, 2021
Merged

Add Access Control List API types and conditions #140

merged 1 commit into from
Aug 9, 2021

Conversation

stefanprodan
Copy link
Member

@stefanprodan
Add Access Control List API types and conditions
e1440cd 
Signed-off-by: Stefan Prodan <stefan.prodan@gmail.com>
@stefanprodan stefanprodan added the area/api API related issues and pull requests label Aug 9, 2021
hiddeco
hiddeco reviewed Aug 9, 2021
View reviewed changes
apis/acl/conditions.go
// These constants define the Condition reasons for when the GitOps Toolkit components perform ACL assertions.
const (
// AccessDeniedReason indicates that access to a resource has been denied by an ACL assertion.
AccessDeniedReason string = "AccessDenied"
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Would there be more context defining / informative reasons for when the Condition type is AccessDenied?

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Not right now, as our ACL is based on namespace labels only, but if we add more matches, such as caller labels, then we could have 2 different reasons.

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Note that I've added here the reason so that it gets copied to Ready, as our helpers doesn't copy the condition type to the Ready reason.

@stefanprodan stefanprodan merged commit 328b23a into main Aug 9, 2021
@stefanprodan stefanprodan deleted the acl-api branch August 9, 2021 13:25
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@hiddeco hiddeco hiddeco approved these changes

Assignees
No one assigned
Labels
area/api API related issues and pull requests
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@stefanprodan @hiddeco