Make output more pretty

Ladicle · May 18, 2019 · e812bfb · e812bfb
1 parent fa6a087
commit e812bfb
Show file tree

Hide file tree

Showing 12 changed files with 553 additions and 243 deletions.
diff --git a/README.md b/README.md
@@ -1,3 +1,28 @@
 # kubectl-bindrole
 
 Finding Kubernetes Roles bound to a specified ServiceAccount, Group or User.
+
+
+## Design
+
+```bash
+$ kubectl bindrole test-user
+
+[ServiceAccount] default/test-user
+Secrets:
+* default/test-user-token
+BindedRoles:
+* */edit
+* default/test-role
+
+Policies:
+- Name: default/test-role
+  APIPolicies: |-
+
+  PodSecurityPolicies:  |-
+
+- Name: edit
+  APIPolicies: |-
+  PodSecurityPolicies:  |-
+
+```
diff --git a/cmd/cmd.go b/cmd/cmd.go
@@ -9,6 +9,7 @@ import (
 	"github.com/Ladicle/kubectl-bindrole/pkg/util/subject"
 	"github.com/spf13/pflag"
 	rbacv1 "k8s.io/api/rbac/v1"
+	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 	"k8s.io/cli-runtime/pkg/genericclioptions"
 	"k8s.io/client-go/kubernetes"
 )
@@ -62,17 +63,32 @@ func Execute() error {
 		return err
 	}
 
-	exp := explorer.NewPolicyExplorer(sub, client)
-
-	pp := printer.DefaultPrettyPrinter()
-	pp.PrintSubject(exp.Subject)
-	pp.BlankLine()
-	if _, err := exp.NamespacedPolicy(); err != nil {
+	exp := explorer.NewPolicyExplorer(client)
+	nsp, err := exp.NamespacedSbjRoles(sub)
+	if err != nil {
 		return err
 	}
-	pp.BlankLine()
-	if _, err := exp.ClusterPolicy(); err != nil {
+	clusterp, err := exp.ClusterSbjRoles(sub)
+	if err != nil {
 		return err
 	}
+
+	pp := printer.DefaultPrettyPrinter()
+	pp.PrintSubject(sub)
+	if sub.Kind == subject.KindSA {
+		sa, err := client.CoreV1().ServiceAccounts(sub.Namespace).
+			Get(sub.Name, metav1.GetOptions{})
+		if err != nil {
+			return err
+		}
+		pp.PrintSA(sa)
+	}
+
+	pp.BlankLine()
+	pp.PrintHeader("Policies")
+	pp.PrintPolicies(nsp)
+	pp.BlankLine()
+	pp.PrintPolicies(clusterp)
+
 	return nil
 }
diff --git a/go.mod b/go.mod
@@ -4,7 +4,8 @@ go 1.12
 
 require (
 	github.com/logrusorgru/aurora v0.0.0-20190428105938-cea283e61946
-	github.com/spf13/cobra v0.0.0-20180319062004-c439c4fa0937
+	github.com/mattn/go-runewidth v0.0.4 // indirect
+	github.com/olekukonko/tablewriter v0.0.1
 	github.com/spf13/pflag v1.0.3
 	k8s.io/api v0.0.0-20190511023547-e63b5755afac
 	k8s.io/apimachinery v0.0.0-20190511023455-ad85901afca0

diff --git a/go.sum b/go.sum
@@ -54,11 +54,15 @@ github.com/logrusorgru/aurora v0.0.0-20190428105938-cea283e61946 h1:z+WaKrgu3kCp
 github.com/logrusorgru/aurora v0.0.0-20190428105938-cea283e61946/go.mod h1:7rIyQOR62GCctdiQpZ/zOJlFyk6y+94wXzv6RNZgaR4=
 github.com/mailru/easyjson v0.0.0-20180823135443-60711f1a8329 h1:2gxZ0XQIU/5z3Z3bUBu+FXuk2pFbkN6tcwi/pjyaDic=
 github.com/mailru/easyjson v0.0.0-20180823135443-60711f1a8329/go.mod h1:C1wdFJiN94OJF2b5HbByQZoLdCWB1Yqtg26g4irojpc=
+github.com/mattn/go-runewidth v0.0.4 h1:2BvfKmzob6Bmd4YsL0zygOqfdFnK7GR4QL06Do4/p7Y=
+github.com/mattn/go-runewidth v0.0.4/go.mod h1:LwmH8dsx7+W8Uxz3IHJYH5QSwggIsqBzpuz5H//U1FU=
 github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd h1:TRLaZ9cD/w8PVh93nsPXa1VrQ6jlwL5oN8l14QlcNfg=
 github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd/go.mod h1:6dJC0mAP4ikYIbvyc7fijjWJddQyLn8Ig3JB5CqoB9Q=
 github.com/modern-go/reflect2 v1.0.1 h1:9f412s+6RmYXLWZSEzVVgPGK7C2PphHj5RJrvfx9AWI=
 github.com/modern-go/reflect2 v1.0.1/go.mod h1:bx2lNnkwVCuqBIxFjflWJWanXIb3RllmbCylyMrvgv0=
 github.com/mxk/go-flowrate v0.0.0-20140419014527-cca7078d478f/go.mod h1:ZdcZmHo+o7JKHSa8/e818NopupXU1YMK5fe1lsApnBw=
+github.com/olekukonko/tablewriter v0.0.1 h1:b3iUnf1v+ppJiOfNX4yxxqfWKMQPZR5yoh8urCTFX88=
+github.com/olekukonko/tablewriter v0.0.1/go.mod h1:vsDQFd/mU46D+Z4whnwzcISnGGzXWMclvtLoiIKAKIo=
 github.com/onsi/ginkgo v1.6.0/go.mod h1:lLunBs/Ym6LB5Z9jYTR76FiuTmxDTDusOGeTQH+WWjE=
 github.com/onsi/gomega v0.0.0-20190113212917-5533ce8a0da3/go.mod h1:ex+gbHU/CVuBBDIJjb2X0qEXbFg53c61hWP/1CpauHY=
 github.com/peterbourgon/diskv v2.0.1+incompatible h1:UBdAOUP5p4RWqPBg048CAvpKN+vxiaj6gdUUzhl4XmI=

diff --git a/pkg/explorer/apipolicy.go b/pkg/explorer/apipolicy.go
@@ -0,0 +1,58 @@
+package explorer
+
+import rbacv1 "k8s.io/api/rbac/v1"
+
+const (
+	VerbGet uint = 1 << iota
+	VerbList
+	VerbWatch
+	VerbCreate
+	VerbUpdate
+	VerbPatch
+	VerbDelete
+	VerbDeletionC
+)
+
+type ResourceAPIPolicy struct {
+	Resource       Resource
+	APIVerbFlag    uint
+	OtherVerbs     []string
+	ResourceName   []string
+	NonResourceURL []string
+}
+
+func NewResourceAPIPolicy(res Resource, rule rbacv1.PolicyRule) *ResourceAPIPolicy {
+	rapip := &ResourceAPIPolicy{
+		Resource:       res,
+		OtherVerbs:     []string{},
+		ResourceName:   rule.ResourceNames,
+		NonResourceURL: rule.NonResourceURLs,
+	}
+	rapip.SetVerbs(rule.Verbs)
+	return rapip
+}
+
+func (r *ResourceAPIPolicy) SetVerbs(verbs []string) {
+	for _, v := range verbs {
+		switch v {
+		case "get":
+			r.APIVerbFlag |= VerbGet
+		case "list":
+			r.APIVerbFlag |= VerbList
+		case "update":
+			r.APIVerbFlag |= VerbUpdate
+		case "delete":
+			r.APIVerbFlag |= VerbDelete
+		case "deletecollection":
+			r.APIVerbFlag |= VerbDeletionC
+		case "patch":
+			r.APIVerbFlag |= VerbPatch
+		case "create":
+			r.APIVerbFlag |= VerbCreate
+		case "watch":
+			r.APIVerbFlag |= VerbWatch
+		default:
+			r.OtherVerbs = append(r.OtherVerbs, v)
+		}
+	}
+}