@@ -221,107 +221,6 @@ func GenerateRoles(ctx *genall.GenerationContext, roleName string) ([]interface{
221221 }
222222 }
223223
224- // NormalizeRules merge Rule with the same ruleKey and sort the Rules
225- NormalizeRules := func (rules []* Rule ) []rbacv1.PolicyRule {
226- ruleMap := make (map [ruleKey ]* Rule )
227- // all the Rules having the same ruleKey will be merged into the first Rule
228- for _ , rule := range rules {
229- // fix the group name first, since letting people type "core" is nice
230- for i , name := range rule .Groups {
231- if name == "core" {
232- rule .Groups [i ] = ""
233- }
234- }
235-
236- key := rule .key ()
237- if _ , ok := ruleMap [key ]; ! ok {
238- ruleMap [key ] = rule
239- continue
240- }
241- ruleMap [key ].addVerbs (rule .Verbs )
242- }
243-
244- // deduplicate resources
245- // 1. create map based on key without resources
246- ruleMapWithoutResources := make (map [string ][]* Rule )
247- for _ , rule := range ruleMap {
248- // get key without Resources
249- key := rule .keyWithGroupResourceNamesURLsVerbs ()
250- ruleMapWithoutResources [key ] = append (ruleMapWithoutResources [key ], rule )
251- }
252- // 2. merge to ruleMap
253- ruleMap = make (map [ruleKey ]* Rule )
254- for _ , rules := range ruleMapWithoutResources {
255- rule := rules [0 ]
256- for _ , mergeRule := range rules [1 :] {
257- rule .Resources = append (rule .Resources , mergeRule .Resources ... )
258- }
259-
260- key := rule .key ()
261- ruleMap [key ] = rule
262- }
263-
264- // deduplicate groups
265- // 1. create map based on key without group
266- ruleMapWithoutGroup := make (map [string ][]* Rule )
267- for _ , rule := range ruleMap {
268- // get key without Group
269- key := rule .keyWithResourcesResourceNamesURLsVerbs ()
270- ruleMapWithoutGroup [key ] = append (ruleMapWithoutGroup [key ], rule )
271- }
272- // 2. merge to ruleMap
273- ruleMap = make (map [ruleKey ]* Rule )
274- for _ , rules := range ruleMapWithoutGroup {
275- rule := rules [0 ]
276- for _ , mergeRule := range rules [1 :] {
277- rule .Groups = append (rule .Groups , mergeRule .Groups ... )
278- }
279- key := rule .key ()
280- ruleMap [key ] = rule
281- }
282-
283- // deduplicate URLs
284- // 1. create map based on key without URLs
285- ruleMapWithoutURLs := make (map [string ][]* Rule )
286- for _ , rule := range ruleMap {
287- // get key without Group
288- key := rule .keyWitGroupResourcesResourceNamesVerbs ()
289- ruleMapWithoutURLs [key ] = append (ruleMapWithoutURLs [key ], rule )
290- }
291- // 2. merge to ruleMap
292- ruleMap = make (map [ruleKey ]* Rule )
293- for _ , rules := range ruleMapWithoutURLs {
294- rule := rules [0 ]
295- for _ , mergeRule := range rules [1 :] {
296- rule .URLs = append (rule .URLs , mergeRule .URLs ... )
297- }
298- key := rule .key ()
299- ruleMap [key ] = rule
300- }
301-
302- // sort the Rules in rules according to their ruleKeys
303- keys := make ([]ruleKey , 0 , len (ruleMap ))
304- for key := range ruleMap {
305- keys = append (keys , key )
306- }
307- sort .Sort (ruleKeys (keys ))
308-
309- // Normalize rule verbs to "*" if any verb in the rule is an asterisk
310- for _ , rule := range ruleMap {
311- for _ , verb := range rule .Verbs {
312- if verb == "*" {
313- rule .Verbs = []string {"*" }
314- break
315- }
316- }
317- }
318- var policyRules []rbacv1.PolicyRule
319- for _ , key := range keys {
320- policyRules = append (policyRules , ruleMap [key ].ToRule ())
321- }
322- return policyRules
323- }
324-
325224 // collect all the namespaces and sort them
326225 var namespaces []string
327226 for ns := range rulesByNSResource {
@@ -393,3 +292,104 @@ func (g Generator) Generate(ctx *genall.GenerationContext) error {
393292
394293 return ctx .WriteYAML (fileName , headerText , objs , genall .WithTransform (genall .TransformRemoveCreationTimestamp ))
395294}
295+
296+ // NormalizeRules merge Rule with the same ruleKey and sort the Rules
297+ func NormalizeRules (rules []* Rule ) []rbacv1.PolicyRule {
298+ ruleMap := make (map [ruleKey ]* Rule )
299+ // all the Rules having the same ruleKey will be merged into the first Rule
300+ for _ , rule := range rules {
301+ // fix the group name first, since letting people type "core" is nice
302+ for i , name := range rule .Groups {
303+ if name == "core" {
304+ rule .Groups [i ] = ""
305+ }
306+ }
307+
308+ key := rule .key ()
309+ if _ , ok := ruleMap [key ]; ! ok {
310+ ruleMap [key ] = rule
311+ continue
312+ }
313+ ruleMap [key ].addVerbs (rule .Verbs )
314+ }
315+
316+ // deduplicate resources
317+ // 1. create map based on key without resources
318+ ruleMapWithoutResources := make (map [string ][]* Rule )
319+ for _ , rule := range ruleMap {
320+ // get key without Resources
321+ key := rule .keyWithGroupResourceNamesURLsVerbs ()
322+ ruleMapWithoutResources [key ] = append (ruleMapWithoutResources [key ], rule )
323+ }
324+ // 2. merge to ruleMap
325+ ruleMap = make (map [ruleKey ]* Rule )
326+ for _ , rules := range ruleMapWithoutResources {
327+ rule := rules [0 ]
328+ for _ , mergeRule := range rules [1 :] {
329+ rule .Resources = append (rule .Resources , mergeRule .Resources ... )
330+ }
331+
332+ key := rule .key ()
333+ ruleMap [key ] = rule
334+ }
335+
336+ // deduplicate groups
337+ // 1. create map based on key without group
338+ ruleMapWithoutGroup := make (map [string ][]* Rule )
339+ for _ , rule := range ruleMap {
340+ // get key without Group
341+ key := rule .keyWithResourcesResourceNamesURLsVerbs ()
342+ ruleMapWithoutGroup [key ] = append (ruleMapWithoutGroup [key ], rule )
343+ }
344+ // 2. merge to ruleMap
345+ ruleMap = make (map [ruleKey ]* Rule )
346+ for _ , rules := range ruleMapWithoutGroup {
347+ rule := rules [0 ]
348+ for _ , mergeRule := range rules [1 :] {
349+ rule .Groups = append (rule .Groups , mergeRule .Groups ... )
350+ }
351+ key := rule .key ()
352+ ruleMap [key ] = rule
353+ }
354+
355+ // deduplicate URLs
356+ // 1. create map based on key without URLs
357+ ruleMapWithoutURLs := make (map [string ][]* Rule )
358+ for _ , rule := range ruleMap {
359+ // get key without Group
360+ key := rule .keyWitGroupResourcesResourceNamesVerbs ()
361+ ruleMapWithoutURLs [key ] = append (ruleMapWithoutURLs [key ], rule )
362+ }
363+ // 2. merge to ruleMap
364+ ruleMap = make (map [ruleKey ]* Rule )
365+ for _ , rules := range ruleMapWithoutURLs {
366+ rule := rules [0 ]
367+ for _ , mergeRule := range rules [1 :] {
368+ rule .URLs = append (rule .URLs , mergeRule .URLs ... )
369+ }
370+ key := rule .key ()
371+ ruleMap [key ] = rule
372+ }
373+
374+ // sort the Rules in rules according to their ruleKeys
375+ keys := make ([]ruleKey , 0 , len (ruleMap ))
376+ for key := range ruleMap {
377+ keys = append (keys , key )
378+ }
379+ sort .Sort (ruleKeys (keys ))
380+
381+ // Normalize rule verbs to "*" if any verb in the rule is an asterisk
382+ for _ , rule := range ruleMap {
383+ for _ , verb := range rule .Verbs {
384+ if verb == "*" {
385+ rule .Verbs = []string {"*" }
386+ break
387+ }
388+ }
389+ }
390+ var policyRules []rbacv1.PolicyRule
391+ for _ , key := range keys {
392+ policyRules = append (policyRules , ruleMap [key ].ToRule ())
393+ }
394+ return policyRules
395+ }
0 commit comments