hscloud/cluster/certs/BUILD.bazel
Sergiusz Bazanski b13b7ffcdb prod{access,vider}: implement
Prodaccess/Prodvider allow issuing short-lived certificates for all SSO
users to access the kubernetes cluster.

Currently, all users get a personal-$username namespace in which they
have adminitrative rights. Otherwise, they get no access.

In addition, we define a static CRB to allow some admins access to
everything. In the future, this will be more granular.

We also update relevant documentation.

Change-Id: Ia18594eea8a9e5efbb3e9a25a04a28bbd6a42153
2019-08-30 23:08:18 +02:00

18 lines
429 B
Text

load("@io_bazel_rules_go//go:def.bzl", "go_library")
load("@io_bazel_rules_go//extras:embed_data.bzl", "go_embed_data")
go_embed_data(
name = "certs_data",
srcs = glob(["*.crt"]),
package = "certs",
flatten = True,
)
go_library(
name = "go_default_library",
srcs = [
":certs_data", # keep
],
importpath = "code.hackerspace.pl/cluster/certs",
visibility = ["//visibility:public"],
)