Search in sources :

Example 1 with ClusterRole

use of io.fabric8.kubernetes.api.model.rbac.ClusterRole in project elastest-torm by elastest.

the class K8sService method deleteClusterRoleBindingAdmin.

public void deleteClusterRoleBindingAdmin(String name, String namespace) throws Exception {
    if (namespace != null && !"default".equals(namespace) && name != null && !"cluster-admin".equals("name")) {
        String role = "cluster-admin";
        logger.debug("Deleting Cluster Role Binding with name {} in the namespace {} with role {}", name, namespace, role);
        ClusterRoleBinding clusterRoleBinding = new ClusterRoleBindingBuilder().withNewMetadata().withName(name).endMetadata().withRoleRef(new RoleRefBuilder().withName(role).withKind("ClusterRole").withApiGroup("rbac.authorization.k8s.io").build()).withSubjects(new SubjectBuilder().withKind("ServiceAccount").withNamespace(namespace).withName("default").build()).build();
        client.rbac().clusterRoleBindings().delete(clusterRoleBinding);
        logger.debug("Cluster Role Binding with name {} deleted successfully from namespace {}", name, namespace);
    }
}
Also used : ClusterRoleBindingBuilder(io.fabric8.kubernetes.api.model.rbac.ClusterRoleBindingBuilder) ClusterRoleBinding(io.fabric8.kubernetes.api.model.rbac.ClusterRoleBinding) SubjectBuilder(io.fabric8.kubernetes.api.model.rbac.SubjectBuilder) RoleRefBuilder(io.fabric8.kubernetes.api.model.rbac.RoleRefBuilder)

Example 2 with ClusterRole

use of io.fabric8.kubernetes.api.model.rbac.ClusterRole in project elastest-torm by elastest.

the class K8sService method createClusterRoleBindingAdmin.

public void createClusterRoleBindingAdmin(String name, String namespace) throws Exception {
    String role = "cluster-admin";
    logger.debug("Creating Cluster Role Binding with name {} in the namespace {} with role {}", name, namespace, role);
    ClusterRoleBinding clusterRoleBinding = new ClusterRoleBindingBuilder().withNewMetadata().withName(name).endMetadata().withRoleRef(new RoleRefBuilder().withName(role).withKind("ClusterRole").withApiGroup("rbac.authorization.k8s.io").build()).withSubjects(new SubjectBuilder().withKind("ServiceAccount").withNamespace(namespace).withName("default").build()).build();
    client.rbac().clusterRoleBindings().create(clusterRoleBinding);
    logger.debug("Cluster Role Binding with name {} created successfully in the namespace {}", name, namespace);
}
Also used : ClusterRoleBindingBuilder(io.fabric8.kubernetes.api.model.rbac.ClusterRoleBindingBuilder) ClusterRoleBinding(io.fabric8.kubernetes.api.model.rbac.ClusterRoleBinding) SubjectBuilder(io.fabric8.kubernetes.api.model.rbac.SubjectBuilder) RoleRefBuilder(io.fabric8.kubernetes.api.model.rbac.RoleRefBuilder)

Example 3 with ClusterRole

use of io.fabric8.kubernetes.api.model.rbac.ClusterRole in project strimzi by strimzi.

the class ClusterRoleBindingOperatorIT method getOriginal.

@Override
protected ClusterRoleBinding getOriginal() {
    Subject ks = new SubjectBuilder().withKind("ServiceAccount").withName("my-service-account").withNamespace("my-namespace").build();
    RoleRef roleRef = new RoleRefBuilder().withName("my-cluster-role").withApiGroup("rbac.authorization.k8s.io").withKind("ClusterRole").build();
    return new ClusterRoleBindingBuilder().withNewMetadata().withName(resourceName).withLabels(singletonMap("state", "new")).endMetadata().withSubjects(ks).withRoleRef(roleRef).build();
}
Also used : RoleRef(io.fabric8.kubernetes.api.model.rbac.RoleRef) ClusterRoleBindingBuilder(io.fabric8.kubernetes.api.model.rbac.ClusterRoleBindingBuilder) SubjectBuilder(io.fabric8.kubernetes.api.model.rbac.SubjectBuilder) Subject(io.fabric8.kubernetes.api.model.rbac.Subject) RoleRefBuilder(io.fabric8.kubernetes.api.model.rbac.RoleRefBuilder)

Example 4 with ClusterRole

use of io.fabric8.kubernetes.api.model.rbac.ClusterRole in project strimzi by strimzi.

the class ClusterRoleBindingOperatorIT method getModified.

@Override
protected ClusterRoleBinding getModified() {
    Subject ks = new SubjectBuilder().withKind("ServiceAccount").withName("my-service-account2").withNamespace("my-namespace2").build();
    // RoleRef cannot be changed
    RoleRef roleRef = new RoleRefBuilder().withName("my-cluster-role").withApiGroup("rbac.authorization.k8s.io").withKind("ClusterRole").build();
    return new ClusterRoleBindingBuilder().withNewMetadata().withName(resourceName).withLabels(singletonMap("state", "modified")).endMetadata().withSubjects(ks).withRoleRef(roleRef).build();
}
Also used : RoleRef(io.fabric8.kubernetes.api.model.rbac.RoleRef) ClusterRoleBindingBuilder(io.fabric8.kubernetes.api.model.rbac.ClusterRoleBindingBuilder) SubjectBuilder(io.fabric8.kubernetes.api.model.rbac.SubjectBuilder) Subject(io.fabric8.kubernetes.api.model.rbac.Subject) RoleRefBuilder(io.fabric8.kubernetes.api.model.rbac.RoleRefBuilder)

Example 5 with ClusterRole

use of io.fabric8.kubernetes.api.model.rbac.ClusterRole in project strimzi by strimzi.

the class RoleBindingOperatorIT method getModified.

@Override
protected RoleBinding getModified() {
    Subject ks = new SubjectBuilder().withKind("ServiceAccount").withName("my-service-account2").withNamespace("my-namespace2").build();
    // RoleRef cannot be changed
    RoleRef roleRef = new RoleRefBuilder().withName("my-cluster-role").withApiGroup("rbac.authorization.k8s.io").withKind("ClusterRole").build();
    return new RoleBindingBuilder().withNewMetadata().withName(resourceName).withNamespace(namespace).withLabels(singletonMap("state", "modified")).endMetadata().withSubjects(ks).withRoleRef(roleRef).build();
}
Also used : RoleBindingBuilder(io.fabric8.kubernetes.api.model.rbac.RoleBindingBuilder) RoleRef(io.fabric8.kubernetes.api.model.rbac.RoleRef) SubjectBuilder(io.fabric8.kubernetes.api.model.rbac.SubjectBuilder) Subject(io.fabric8.kubernetes.api.model.rbac.Subject) RoleRefBuilder(io.fabric8.kubernetes.api.model.rbac.RoleRefBuilder)

Aggregations

SubjectBuilder (io.fabric8.kubernetes.api.model.rbac.SubjectBuilder)18 RoleRefBuilder (io.fabric8.kubernetes.api.model.rbac.RoleRefBuilder)16 RoleRef (io.fabric8.kubernetes.api.model.rbac.RoleRef)14 Subject (io.fabric8.kubernetes.api.model.rbac.Subject)14 ClusterRole (io.fabric8.kubernetes.api.model.rbac.ClusterRole)12 ClusterRoleBindingBuilder (io.fabric8.kubernetes.api.model.rbac.ClusterRoleBindingBuilder)10 ClusterRoleBinding (io.fabric8.kubernetes.api.model.rbac.ClusterRoleBinding)8 IOException (java.io.IOException)8 RoleBindingBuilder (io.fabric8.kubernetes.api.model.rbac.RoleBindingBuilder)6 ArrayList (java.util.ArrayList)5 Map (java.util.Map)5 EnvVar (io.fabric8.kubernetes.api.model.EnvVar)4 ServiceAccount (io.fabric8.kubernetes.api.model.ServiceAccount)4 ServiceAccountBuilder (io.fabric8.kubernetes.api.model.ServiceAccountBuilder)4 Role (io.fabric8.kubernetes.api.model.rbac.Role)4 BeforeAllOnce (io.strimzi.systemtest.BeforeAllOnce)4 Environment (io.strimzi.systemtest.Environment)4 KubeClusterResource.kubeClient (io.strimzi.test.k8s.KubeClusterResource.kubeClient)4 ObjectMapper (com.fasterxml.jackson.databind.ObjectMapper)3 YAMLFactory (com.fasterxml.jackson.dataformat.yaml.YAMLFactory)3