Add nodeutil opt to bootstrapping from rest.Config
This uses a rest.Config to bootstrap TLS for the http server, webhook auth, and the client. This can be expanded later to do other kinds of TLS bootstrapping. For now this seems to get the job done in terms of what VK expects for permissions on the cluster. Signed-off-by: Brian Goff <cpuguy83@gmail.com>
This commit is contained in:
Brian Goff
33
errdefs/auth.go
Normal file
33
errdefs/auth.go
Normal file
@@ -0,0 +1,33 @@
|
||||
package errdefs
|
||||
|
||||
import (
|
||||
"errors"
|
||||
"fmt"
|
||||
)
|
||||
|
||||
var (
|
||||
// ErrForbidden is returned when the user is not authorized to perform the operation.
|
||||
ErrForbidden = errors.New("forbidden")
|
||||
// ErrUnauthorized is returned when the user is not authenticated.
|
||||
ErrUnauthorized = errors.New("unauthorized")
|
||||
)
|
||||
|
||||
// Unauthorized wraps ErrUnauthorized with a message.
|
||||
func Unauthorized(msg string) error {
|
||||
return fmt.Errorf("%w: %s", ErrUnauthorized, msg)
|
||||
}
|
||||
|
||||
// Forbidden wraps ErrForbidden with a message.
|
||||
func Forbidden(msg string) error {
|
||||
return fmt.Errorf("%w: %s", ErrForbidden, msg)
|
||||
}
|
||||
|
||||
// IsForbidden returns true if the error has ErrForbidden in the error chain.
|
||||
func IsForbidden(err error) bool {
|
||||
return errors.Is(err, ErrForbidden)
|
||||
}
|
||||
|
||||
// IsUnauthorized returns true if the error has ErrUnauthorized in the error chain.
|
||||
func IsUnauthorized(err error) bool {
|
||||
return errors.Is(err, ErrUnauthorized)
|
||||
}
|
||||
Reference in New Issue
Block a user