From 5de246013b8a18cdef92a6b663128562e2a57c45 Mon Sep 17 00:00:00 2001 From: lhan Date: Mon, 5 Jun 2023 16:47:28 +0900 Subject: [PATCH 1/2] fix #31 --- cmd/cmd.go | 10 +++++----- test.sh | 3 +++ 2 files changed, 8 insertions(+), 5 deletions(-) diff --git a/cmd/cmd.go b/cmd/cmd.go index db9ab9e..f5aca72 100644 --- a/cmd/cmd.go +++ b/cmd/cmd.go @@ -43,6 +43,7 @@ type Option struct { SubjectKind string SubjectName string ShowOptionFlag bool + ClusterOnly bool f cmdutil.Factory } @@ -77,6 +78,7 @@ func NewRolesumCmd() *cobra.Command { opt.f = cmdutil.NewFactory(matchVersionFlags) cmd.Flags().StringVarP(&opt.SubjectKind, "subject-kind", "k", subject.KindSA, "Set SubjectKind to summarize") + cmd.Flags().BoolVarP(&opt.ClusterOnly, "cluster-only", "c", false, "Ignore namespaced Roles") cmd.Flags().BoolVarP(&opt.ShowOptionFlag, "options", "o", false, "List of all options for this command") return cmd @@ -110,15 +112,13 @@ func (o *Option) Run() error { Name: o.SubjectName, Kind: o.SubjectKind, } - namespaced := false - if sub.Kind == subject.KindSA { + if !o.ClusterOnly { k8sCfg := o.f.ToRawKubeConfigLoader() ns, _, err := k8sCfg.Namespace() if err != nil { return err } sub.Namespace = ns - namespaced = true } client, err := o.f.KubernetesClientSet() @@ -128,7 +128,7 @@ func (o *Option) Run() error { exp := explorer.NewPolicyExplorer(client) var nsp []*explorer.SubjectRole - if namespaced { + if !o.ClusterOnly { nsp, err = exp.NamespacedSbjRoles(ctx, sub) if err != nil { return err @@ -158,7 +158,7 @@ func (o *Option) Run() error { pp.BlankLine() pp.PrintHeader("Policies") - if namespaced { + if !o.ClusterOnly { pp.PrintPolicies(nsp) pp.BlankLine() } diff --git a/test.sh b/test.sh index 54319c4..022f3a0 100755 --- a/test.sh +++ b/test.sh @@ -73,4 +73,7 @@ echo; echo "Test..." echo; echo "Test[Group]..." ./_output/kubectl-rolesum -k Group developer +echo; echo "Test[Group w/ ClusterOnly]..." +./_output/kubectl-rolesum -k Group developer -c + ./clean.sh From bfeaca2b2ece40c143d6880fd0342e753631ece8 Mon Sep 17 00:00:00 2001 From: lhan Date: Mon, 5 Jun 2023 17:07:38 +0900 Subject: [PATCH 2/2] add usage --- README.md | 1 + pkg/util/cmd/usage.go | 1 + 2 files changed, 2 insertions(+) diff --git a/README.md b/README.md index 0b1019a..04b85a3 100644 --- a/README.md +++ b/README.md @@ -54,6 +54,7 @@ Options: -n, --namespace string Change the namespace scope for this CLI request -k, --subject-kind string Set SubjectKind to summarize (default: ServiceAccount) -o, --options List of all options for this command + -c, --cluster-only Ingore namespaced Roles and show only ClusterRoles --version Show version for this command Use "kubectl rolesum --options" for a list of all options (applies to this command). diff --git a/pkg/util/cmd/usage.go b/pkg/util/cmd/usage.go index 60c0e3a..3dea355 100644 --- a/pkg/util/cmd/usage.go +++ b/pkg/util/cmd/usage.go @@ -29,6 +29,7 @@ Available Commands:{{range .Commands}}{{if (or .IsAvailableCommand (eq .Name "he -n, --namespace string Change the namespace scope for this CLI request -k, --subject-kind string Set SubjectKind to summarize (default: ServiceAccount) -o, --options List of all options for this command + -c, --cluster-only Ingore namespaced Roles and show only ClusterRoles --version Show version for this command Use "kubectl rolesum --options" for a list of all options (applies to this command).