Skip to content

Commit

Permalink
Add new rules to permission script and remove outdated permission (#2992
Browse files Browse the repository at this point in the history
)
  • Loading branch information
chrismuellner authored Apr 10, 2024
1 parent 4976d7a commit 756a221
Show file tree
Hide file tree
Showing 3 changed files with 14 additions and 7 deletions.
2 changes: 2 additions & 0 deletions .gitignore
Original file line number Diff line number Diff line change
Expand Up @@ -104,3 +104,5 @@ kind-logs-*
test/testdata/secrets/*

local/

permissions.md
Original file line number Diff line number Diff line change
Expand Up @@ -88,7 +88,6 @@ rules:
resourceNames:
- dynakubes.dynatrace.com
- edgeconnects.dynatrace.com
- activegates.dynatrace.com
verbs:
- get
- update
Expand Down
18 changes: 12 additions & 6 deletions hack/doc/role-permissions2md.py
Original file line number Diff line number Diff line change
Expand Up @@ -39,15 +39,21 @@
"virtualservices": "VirtualServices",
"leases": "Leases",
"endpoints": "EndPoints",
"securitycontextconstraints": "SecurityContextConstraints"
"securitycontextconstraints": "SecurityContextConstraints",
"edgeconnects": "EdgeConnects",
"edgeconnects/finalizers": "EdgeConnects/Finalizers",
"edgeconnects/status": "EdgeConnects/Status",
"activegates": "ActiveGates",
"activegates/finalizers": "ActiveGates/Finalizers",
"activegates/status": "ActiveGates/Status",
}

sectionTitles = {
"dynatrace-operator": "Dynatrace Operator",
"dynatrace-kubernetes-monitoring": "Dynatrace Kubernetes Monitoring (ActiveGate)",
"dynatrace-kubernetes-monitoring": "Dynatrace Activegate (Kubernetes Monitoring)",
"dynatrace-webhook": "Dynatrace webhook server",
"dynatrace-oneagent-csi-driver": "Dynatrace CSI driver",
"dynatrace-activegate": "Dynatrace Kubernetes Monitoring (ActiveGate)",
"dynatrace-activegate": "Dynatrace ActiveGate (Default)",
"dynatrace-dynakube-oneagent": "Dynatrace OneAgent"
}

Expand All @@ -70,7 +76,7 @@ def multiline_codestyle_block(entries):
if len(entry) > 0:
result_string += f"`{entry}`"
else:
result_string += f"`-`"
result_string += f"`\"\"`"
return result_string

def get_resource_names(rule):
Expand All @@ -95,8 +101,8 @@ def create_role_table(role):
for resource in resources:
apis = get_apis(rule)
resource_names = get_resource_names(rule)
api_gropus = get_api_groups(rule)
print(f"|`{resourceTerms[resource]}` |{api_gropus} |{apis} |{resource_names} |")
api_groups = get_api_groups(rule)
print(f"|`{resourceTerms[resource]}` |{api_groups} |{apis} |{resource_names} |")

def convert_cluster_roles_to_markdown(role):
print(f"\n## {sectionTitles[role['metadata']['name']]} (cluster-wide)\n")
Expand Down

0 comments on commit 756a221

Please sign in to comment.