Examples with ClusterRole io.fabric8.kubernetes.api.model.rbac.ClusterRole used on opensource projects

Search in sources :

Example 6 with ClusterRole

use of io.fabric8.kubernetes.api.model.rbac.ClusterRole in project kubernetes-client by fabric8io.

the class ClusterRoleIT method load.

@Test
public void load() {
    ClusterRole aClusterRole = client.rbac().clusterRoles().load(getClass().getResourceAsStream("/test-kubernetesclusterrole.yml")).get();
    assertNotNull(aClusterRole);
    assertEquals("ClusterRole", aClusterRole.getKind());
    assertNotNull(aClusterRole.getMetadata());
    assertEquals("node-reader", aClusterRole.getMetadata().getName());
    assertNotNull(aClusterRole.getRules());
    assertEquals(1, aClusterRole.getRules().size());
    assertNotNull(aClusterRole.getRules().get(0).getApiGroups());
    assertEquals(1, aClusterRole.getRules().get(0).getApiGroups().size());
    assertEquals("", aClusterRole.getRules().get(0).getApiGroups().get(0));
    assertNotNull(aClusterRole.getRules().get(0).getResourceNames());
    assertNotNull(aClusterRole.getRules().get(0).getResources());
    assertEquals(1, aClusterRole.getRules().get(0).getResources().size());
    assertEquals("nodes", aClusterRole.getRules().get(0).getResources().get(0));
    assertNotNull(aClusterRole.getRules().get(0).getVerbs());
    assertEquals(3, aClusterRole.getRules().get(0).getVerbs().size());
    assertEquals("get", aClusterRole.getRules().get(0).getVerbs().get(0));
    assertEquals("watch", aClusterRole.getRules().get(0).getVerbs().get(1));
    assertEquals("list", aClusterRole.getRules().get(0).getVerbs().get(2));
}
Also used : ClusterRole(io.fabric8.kubernetes.api.model.rbac.ClusterRole) Test(org.junit.Test)

Example 7 with ClusterRole

use of io.fabric8.kubernetes.api.model.rbac.ClusterRole in project kubernetes-client by fabric8io.

the class ClusterRoleIT method update.

@Test
public void update() {
    ClusterRole clusterRole = client.rbac().clusterRoles().withName("node-reader-update").edit(c -> new ClusterRoleBuilder(c).editRule(0).addToApiGroups(1, "extensions").endRule().build());
    assertNotNull(clusterRole);
    assertEquals("ClusterRole", clusterRole.getKind());
    assertNotNull(clusterRole.getMetadata());
    assertEquals("node-reader-update", clusterRole.getMetadata().getName());
    assertNotNull(clusterRole.getRules());
    assertEquals(1, clusterRole.getRules().size());
    assertNotNull(clusterRole.getRules().get(0).getApiGroups());
    assertEquals(2, clusterRole.getRules().get(0).getApiGroups().size());
    assertEquals("", clusterRole.getRules().get(0).getApiGroups().get(0));
    assertEquals("extensions", clusterRole.getRules().get(0).getApiGroups().get(1));
    assertNotNull(clusterRole.getRules().get(0).getResourceNames());
    assertNotNull(clusterRole.getRules().get(0).getResources());
    assertEquals(1, clusterRole.getRules().get(0).getResources().size());
    assertEquals("secrets", clusterRole.getRules().get(0).getResources().get(0));
    assertNotNull(clusterRole.getRules().get(0).getVerbs());
    assertEquals(3, clusterRole.getRules().get(0).getVerbs().size());
    assertEquals("get", clusterRole.getRules().get(0).getVerbs().get(0));
    assertEquals("watch", clusterRole.getRules().get(0).getVerbs().get(1));
    assertEquals("list", clusterRole.getRules().get(0).getVerbs().get(2));
}
Also used : ClusterRoleBuilder(io.fabric8.kubernetes.api.model.rbac.ClusterRoleBuilder) ClusterRole(io.fabric8.kubernetes.api.model.rbac.ClusterRole) Test(org.junit.Test)

Example 8 with ClusterRole

use of io.fabric8.kubernetes.api.model.rbac.ClusterRole in project kubernetes-client by fabric8io.

the class UserImpersonationIT method init.

@Before
public void init() {
    currentNamespace = session.getNamespace();
    // Create impersonator cluster role
    impersonatorRole = new ClusterRoleBuilder().withNewMetadata().withName("impersonator").endMetadata().addToRules(new PolicyRuleBuilder().addToApiGroups("").addToResources("users", "groups", "userextras", "serviceaccounts").addToVerbs("impersonate").build()).build();
    client.rbac().clusterRoles().createOrReplace(impersonatorRole);
    // Create Service Account
    serviceAccount1 = new ServiceAccountBuilder().withNewMetadata().withName(SERVICE_ACCOUNT).endMetadata().build();
    client.serviceAccounts().inNamespace(currentNamespace).create(serviceAccount1);
    // Bind Impersonator Role to current user
    impersonatorRoleBinding = new ClusterRoleBindingBuilder().withNewMetadata().withName("impersonate-role").endMetadata().addToSubjects(new SubjectBuilder().withApiGroup("rbac.authorization.k8s.io").withKind("User").withName(client.currentUser().getMetadata().getName()).withNamespace(currentNamespace).build()).withRoleRef(new RoleRefBuilder().withApiGroup("rbac.authorization.k8s.io").withKind("ClusterRole").withName("impersonator").build()).build();
    client.rbac().clusterRoleBindings().createOrReplace(impersonatorRoleBinding);
}
Also used : ClusterRoleBuilder(io.fabric8.kubernetes.api.model.rbac.ClusterRoleBuilder) ClusterRoleBindingBuilder(io.fabric8.kubernetes.api.model.rbac.ClusterRoleBindingBuilder) ServiceAccountBuilder(io.fabric8.kubernetes.api.model.ServiceAccountBuilder) SubjectBuilder(io.fabric8.kubernetes.api.model.rbac.SubjectBuilder) PolicyRuleBuilder(io.fabric8.kubernetes.api.model.rbac.PolicyRuleBuilder) RoleRefBuilder(io.fabric8.kubernetes.api.model.rbac.RoleRefBuilder) Before(org.junit.Before)

Example 9 with ClusterRole

use of io.fabric8.kubernetes.api.model.rbac.ClusterRole in project kubernetes-client by fabric8io.

the class K8sAuthorizationOnOpenShiftIT method createClusterRoleK8s.

@Test
public void createClusterRoleK8s() {
    // Given
    String name = "create-clusterrole-k8s";
    ClusterRole clusterRole = new ClusterRoleBuilder().withNewMetadata().withName(name).endMetadata().addNewRule().withApiGroups("").withResources("pods").withVerbs("get", "watch", "list").endRule().build();
    // When
    ClusterRole createdClusterRole = client.rbac().clusterRoles().create(clusterRole);
    // Then
    assertNotNull(createdClusterRole);
    assertNotNull(createdClusterRole.getMetadata().getUid());
    assertEquals(name, createdClusterRole.getMetadata().getName());
    client.rbac().clusterRoles().withName(name).delete();
}
Also used : ClusterRoleBuilder(io.fabric8.kubernetes.api.model.rbac.ClusterRoleBuilder) ClusterRole(io.fabric8.kubernetes.api.model.rbac.ClusterRole) Test(org.junit.Test)

Example 10 with ClusterRole

use of io.fabric8.kubernetes.api.model.rbac.ClusterRole in project kubernetes-client by fabric8io.

the class ClusterRoleBindingCrudTest method crudTest.

@Test
void crudTest() {
    ClusterRoleBinding kubernetesClusterRoleBinding = new ClusterRoleBindingBuilder().withNewMetadata().withName("read-nodes").endMetadata().addToSubjects(0, new SubjectBuilder().withApiGroup("rbac.authorization.k8s.io").withKind("User").withName("jane").withNamespace("default").build()).withRoleRef(new RoleRefBuilder().withApiGroup("rbac.authorization.k8s.io").withKind("ClusterRole").withName("node-reader").build()).build();
    // test of creation
    kubernetesClusterRoleBinding = client.rbac().clusterRoleBindings().create(kubernetesClusterRoleBinding);
    assertNotNull(kubernetesClusterRoleBinding);
    assertEquals("ClusterRoleBinding", kubernetesClusterRoleBinding.getKind());
    assertEquals("rbac.authorization.k8s.io/v1", kubernetesClusterRoleBinding.getApiVersion());
    assertNotNull(kubernetesClusterRoleBinding.getMetadata());
    assertEquals("read-nodes", kubernetesClusterRoleBinding.getMetadata().getName());
    assertNotNull(kubernetesClusterRoleBinding.getSubjects());
    assertEquals(1, kubernetesClusterRoleBinding.getSubjects().size());
    assertEquals("rbac.authorization.k8s.io", kubernetesClusterRoleBinding.getSubjects().get(0).getApiGroup());
    assertEquals("User", kubernetesClusterRoleBinding.getSubjects().get(0).getKind());
    assertEquals("jane", kubernetesClusterRoleBinding.getSubjects().get(0).getName());
    assertEquals("default", kubernetesClusterRoleBinding.getSubjects().get(0).getNamespace());
    assertNotNull(kubernetesClusterRoleBinding.getRoleRef());
    assertEquals("ClusterRole", kubernetesClusterRoleBinding.getRoleRef().getKind());
    assertEquals("node-reader", kubernetesClusterRoleBinding.getRoleRef().getName());
    assertEquals("rbac.authorization.k8s.io", kubernetesClusterRoleBinding.getRoleRef().getApiGroup());
    // test of list
    ClusterRoleBindingList kubernetesClusterRoleBindingList = client.rbac().clusterRoleBindings().list();
    assertNotNull(kubernetesClusterRoleBindingList);
    assertNotNull(kubernetesClusterRoleBindingList.getItems());
    assertEquals(1, kubernetesClusterRoleBindingList.getItems().size());
    assertNotNull(kubernetesClusterRoleBindingList.getItems().get(0));
    assertEquals("ClusterRoleBinding", kubernetesClusterRoleBindingList.getItems().get(0).getKind());
    assertEquals("rbac.authorization.k8s.io/v1", kubernetesClusterRoleBindingList.getItems().get(0).getApiVersion());
    assertNotNull(kubernetesClusterRoleBindingList.getItems().get(0).getMetadata());
    assertEquals("read-nodes", kubernetesClusterRoleBindingList.getItems().get(0).getMetadata().getName());
    assertNotNull(kubernetesClusterRoleBindingList.getItems().get(0).getSubjects());
    assertEquals(1, kubernetesClusterRoleBindingList.getItems().get(0).getSubjects().size());
    assertEquals("rbac.authorization.k8s.io", kubernetesClusterRoleBindingList.getItems().get(0).getSubjects().get(0).getApiGroup());
    assertEquals("User", kubernetesClusterRoleBindingList.getItems().get(0).getSubjects().get(0).getKind());
    assertEquals("jane", kubernetesClusterRoleBindingList.getItems().get(0).getSubjects().get(0).getName());
    assertEquals("default", kubernetesClusterRoleBindingList.getItems().get(0).getSubjects().get(0).getNamespace());
    assertNotNull(kubernetesClusterRoleBindingList.getItems().get(0).getRoleRef());
    assertEquals("ClusterRole", kubernetesClusterRoleBindingList.getItems().get(0).getRoleRef().getKind());
    assertEquals("node-reader", kubernetesClusterRoleBindingList.getItems().get(0).getRoleRef().getName());
    assertEquals("rbac.authorization.k8s.io", kubernetesClusterRoleBindingList.getItems().get(0).getRoleRef().getApiGroup());
    // test of updation
    kubernetesClusterRoleBinding = client.rbac().clusterRoleBindings().withName("read-nodes").edit(c -> new ClusterRoleBindingBuilder(c).editSubject(0).withName("jane-new").endSubject().build());
    assertNotNull(kubernetesClusterRoleBinding);
    assertEquals("ClusterRoleBinding", kubernetesClusterRoleBinding.getKind());
    assertEquals("rbac.authorization.k8s.io/v1", kubernetesClusterRoleBinding.getApiVersion());
    assertNotNull(kubernetesClusterRoleBinding.getMetadata());
    assertEquals("read-nodes", kubernetesClusterRoleBinding.getMetadata().getName());
    assertNotNull(kubernetesClusterRoleBinding.getSubjects());
    assertEquals(1, kubernetesClusterRoleBinding.getSubjects().size());
    assertEquals("rbac.authorization.k8s.io", kubernetesClusterRoleBinding.getSubjects().get(0).getApiGroup());
    assertEquals("User", kubernetesClusterRoleBinding.getSubjects().get(0).getKind());
    assertEquals("jane-new", kubernetesClusterRoleBinding.getSubjects().get(0).getName());
    assertEquals("default", kubernetesClusterRoleBinding.getSubjects().get(0).getNamespace());
    assertNotNull(kubernetesClusterRoleBinding.getRoleRef());
    assertEquals("ClusterRole", kubernetesClusterRoleBinding.getRoleRef().getKind());
    assertEquals("node-reader", kubernetesClusterRoleBinding.getRoleRef().getName());
    assertEquals("rbac.authorization.k8s.io", kubernetesClusterRoleBinding.getRoleRef().getApiGroup());
    // test of deletion
    boolean deleted = client.rbac().clusterRoleBindings().delete();
    assertTrue(deleted);
    kubernetesClusterRoleBindingList = client.rbac().clusterRoleBindings().list();
    assertEquals(0, kubernetesClusterRoleBindingList.getItems().size());
}
Also used : ClusterRoleBinding(io.fabric8.kubernetes.api.model.rbac.ClusterRoleBinding) Assertions.assertNotNull(org.junit.jupiter.api.Assertions.assertNotNull) Logger(org.slf4j.Logger) SubjectBuilder(io.fabric8.kubernetes.api.model.rbac.SubjectBuilder) LoggerFactory(org.slf4j.LoggerFactory) RoleRefBuilder(io.fabric8.kubernetes.api.model.rbac.RoleRefBuilder) Test(org.junit.jupiter.api.Test) EnableKubernetesMockClient(io.fabric8.kubernetes.client.server.mock.EnableKubernetesMockClient) Assertions.assertTrue(org.junit.jupiter.api.Assertions.assertTrue) ClusterRoleBindingList(io.fabric8.kubernetes.api.model.rbac.ClusterRoleBindingList) KubernetesClient(io.fabric8.kubernetes.client.KubernetesClient) Assertions.assertEquals(org.junit.jupiter.api.Assertions.assertEquals) ClusterRoleBindingBuilder(io.fabric8.kubernetes.api.model.rbac.ClusterRoleBindingBuilder) ClusterRoleBindingList(io.fabric8.kubernetes.api.model.rbac.ClusterRoleBindingList) ClusterRoleBindingBuilder(io.fabric8.kubernetes.api.model.rbac.ClusterRoleBindingBuilder) ClusterRoleBinding(io.fabric8.kubernetes.api.model.rbac.ClusterRoleBinding) SubjectBuilder(io.fabric8.kubernetes.api.model.rbac.SubjectBuilder) RoleRefBuilder(io.fabric8.kubernetes.api.model.rbac.RoleRefBuilder) Test(org.junit.jupiter.api.Test)

Aggregations

ClusterRole (io.fabric8.kubernetes.api.model.rbac.ClusterRole)23 SubjectBuilder (io.fabric8.kubernetes.api.model.rbac.SubjectBuilder)21 ClusterRoleBinding (io.fabric8.kubernetes.api.model.rbac.ClusterRoleBinding)18 RoleRefBuilder (io.fabric8.kubernetes.api.model.rbac.RoleRefBuilder)18 ClusterRoleBindingBuilder (io.fabric8.kubernetes.api.model.rbac.ClusterRoleBindingBuilder)15 RoleRef (io.fabric8.kubernetes.api.model.rbac.RoleRef)14 Subject (io.fabric8.kubernetes.api.model.rbac.Subject)14 IOException (java.io.IOException)11 Test (org.junit.Test)11 RoleBindingBuilder (io.fabric8.kubernetes.api.model.rbac.RoleBindingBuilder)8 List (java.util.List)8 Role (io.fabric8.kubernetes.api.model.rbac.Role)7 ArrayList (java.util.ArrayList)7 HashMap (java.util.HashMap)7 Map (java.util.Map)7 ServiceAccount (io.fabric8.kubernetes.api.model.ServiceAccount)6 ServiceAccountBuilder (io.fabric8.kubernetes.api.model.ServiceAccountBuilder)6 ClusterRoleBuilder (io.fabric8.kubernetes.api.model.rbac.ClusterRoleBuilder)5 Collections (java.util.Collections)5 Test (org.junit.jupiter.api.Test)5
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial