feat(config): deny resources by using RESTMapper as an interceptor
This approach ensures that resources in the deny list are **always**
processed regardless of the implementation.
The RESTMapper takes care of verifying that the requested Group Version Kind
complies with the deny list while checking for the REST endpoint.
---
feat(config): provide a limited clientset which check access
---
review: addressed PR comments
---
feat(config): provide a limited metrics clientset to check access
---
review: addressed PR comments regarding pods_exec
A new configuration options is available: `--list-output`
There are two modes available:
- `yaml`: current default (will be changed in subsequent PR), which returns a multi-document YAML
- `table`: returns a plain-text table as created by the kube-api server when requested with
`Accept: application/json;as=Table;v=v1;g=meta.k8s.io`
Additional logic has been added to the table format to include the apiVersion and kind.
This is not returned by the server, kubectl doesn't include this either.
However, this is extremely handy for the LLM when using the generic resource tools.
