diff options
Diffstat (limited to 'vendor/k8s.io/apiserver/pkg/authentication/serviceaccount/util.go')
| -rw-r--r-- | vendor/k8s.io/apiserver/pkg/authentication/serviceaccount/util.go | 73 |
1 files changed, 0 insertions, 73 deletions
diff --git a/vendor/k8s.io/apiserver/pkg/authentication/serviceaccount/util.go b/vendor/k8s.io/apiserver/pkg/authentication/serviceaccount/util.go deleted file mode 100644 index 1b7bbc139..000000000 --- a/vendor/k8s.io/apiserver/pkg/authentication/serviceaccount/util.go +++ /dev/null @@ -1,73 +0,0 @@ -/* -Copyright 2014 The Kubernetes Authors. - -Licensed under the Apache License, Version 2.0 (the "License"); -you may not use this file except in compliance with the License. -You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. -*/ - -package serviceaccount - -import ( - "fmt" - "strings" - - apimachineryvalidation "k8s.io/apimachinery/pkg/api/validation" -) - -const ( - ServiceAccountUsernamePrefix = "system:serviceaccount:" - ServiceAccountUsernameSeparator = ":" - ServiceAccountGroupPrefix = "system:serviceaccounts:" - AllServiceAccountsGroup = "system:serviceaccounts" -) - -// MakeUsername generates a username from the given namespace and ServiceAccount name. -// The resulting username can be passed to SplitUsername to extract the original namespace and ServiceAccount name. -func MakeUsername(namespace, name string) string { - return ServiceAccountUsernamePrefix + namespace + ServiceAccountUsernameSeparator + name -} - -var invalidUsernameErr = fmt.Errorf("Username must be in the form %s", MakeUsername("namespace", "name")) - -// SplitUsername returns the namespace and ServiceAccount name embedded in the given username, -// or an error if the username is not a valid name produced by MakeUsername -func SplitUsername(username string) (string, string, error) { - if !strings.HasPrefix(username, ServiceAccountUsernamePrefix) { - return "", "", invalidUsernameErr - } - trimmed := strings.TrimPrefix(username, ServiceAccountUsernamePrefix) - parts := strings.Split(trimmed, ServiceAccountUsernameSeparator) - if len(parts) != 2 { - return "", "", invalidUsernameErr - } - namespace, name := parts[0], parts[1] - if len(apimachineryvalidation.ValidateNamespaceName(namespace, false)) != 0 { - return "", "", invalidUsernameErr - } - if len(apimachineryvalidation.ValidateServiceAccountName(name, false)) != 0 { - return "", "", invalidUsernameErr - } - return namespace, name, nil -} - -// MakeGroupNames generates service account group names for the given namespace -func MakeGroupNames(namespace string) []string { - return []string{ - AllServiceAccountsGroup, - MakeNamespaceGroupName(namespace), - } -} - -// MakeNamespaceGroupName returns the name of the group all service accounts in the namespace are included in -func MakeNamespaceGroupName(namespace string) string { - return ServiceAccountGroupPrefix + namespace -} |