Examples with ClusterRole io.fabric8.kubernetes.api.model.rbac.ClusterRole used on opensource projects

Search in sources :

Example 11 with ClusterRole

use of io.fabric8.kubernetes.api.model.rbac.ClusterRole in project kubernetes-client by fabric8io.

the class ClusterRoleCrudTest method crudTest.

@Test
void crudTest() {
    ClusterRole kubernetesClusterRole = new ClusterRoleBuilder().withNewMetadata().withName("node-reader").endMetadata().addToRules(0, new PolicyRuleBuilder().addToApiGroups(0, "").addToNonResourceURLs(0, "/healthz").addToResourceNames(0, "my-node").addToResources(0, "nodes").addToVerbs(0, "get").addToVerbs(1, "watch").addToVerbs(2, "list").build()).build();
    // test of creation
    kubernetesClusterRole = client.rbac().clusterRoles().create(kubernetesClusterRole);
    assertNotNull(kubernetesClusterRole);
    assertEquals("ClusterRole", kubernetesClusterRole.getKind());
    assertEquals("rbac.authorization.k8s.io/v1", kubernetesClusterRole.getApiVersion());
    assertNotNull(kubernetesClusterRole.getMetadata());
    assertEquals("node-reader", kubernetesClusterRole.getMetadata().getName());
    assertNotNull(kubernetesClusterRole.getRules());
    assertEquals(1, kubernetesClusterRole.getRules().size());
    assertNotNull(kubernetesClusterRole.getRules().get(0).getApiGroups());
    assertEquals(1, kubernetesClusterRole.getRules().get(0).getApiGroups().size());
    assertEquals("", kubernetesClusterRole.getRules().get(0).getApiGroups().get(0));
    assertNotNull(kubernetesClusterRole.getRules().get(0).getNonResourceURLs());
    assertEquals(1, kubernetesClusterRole.getRules().get(0).getNonResourceURLs().size());
    assertEquals("/healthz", kubernetesClusterRole.getRules().get(0).getNonResourceURLs().get(0));
    assertNotNull(kubernetesClusterRole.getRules().get(0).getResourceNames());
    assertEquals(1, kubernetesClusterRole.getRules().get(0).getResourceNames().size());
    assertEquals("my-node", kubernetesClusterRole.getRules().get(0).getResourceNames().get(0));
    assertNotNull(kubernetesClusterRole.getRules().get(0).getResources());
    assertEquals(1, kubernetesClusterRole.getRules().get(0).getResources().size());
    assertEquals("nodes", kubernetesClusterRole.getRules().get(0).getResources().get(0));
    assertNotNull(kubernetesClusterRole.getRules().get(0).getVerbs());
    assertEquals(3, kubernetesClusterRole.getRules().get(0).getVerbs().size());
    assertEquals("get", kubernetesClusterRole.getRules().get(0).getVerbs().get(0));
    assertEquals("watch", kubernetesClusterRole.getRules().get(0).getVerbs().get(1));
    assertEquals("list", kubernetesClusterRole.getRules().get(0).getVerbs().get(2));
    // test of list
    ClusterRoleList kubernetesClusterRoleList = client.rbac().clusterRoles().list();
    assertNotNull(kubernetesClusterRoleList);
    assertNotNull(kubernetesClusterRoleList.getItems());
    assertEquals(1, kubernetesClusterRoleList.getItems().size());
    assertNotNull(kubernetesClusterRoleList.getItems().get(0));
    assertEquals("ClusterRole", kubernetesClusterRoleList.getItems().get(0).getKind());
    assertEquals("rbac.authorization.k8s.io/v1", kubernetesClusterRoleList.getItems().get(0).getApiVersion());
    assertNotNull(kubernetesClusterRoleList.getItems().get(0).getMetadata());
    assertEquals("node-reader", kubernetesClusterRoleList.getItems().get(0).getMetadata().getName());
    assertNotNull(kubernetesClusterRoleList.getItems().get(0).getRules());
    assertEquals(1, kubernetesClusterRoleList.getItems().get(0).getRules().size());
    assertNotNull(kubernetesClusterRoleList.getItems().get(0).getRules().get(0).getApiGroups());
    assertEquals(1, kubernetesClusterRoleList.getItems().get(0).getRules().get(0).getApiGroups().size());
    assertEquals("", kubernetesClusterRoleList.getItems().get(0).getRules().get(0).getApiGroups().get(0));
    assertNotNull(kubernetesClusterRoleList.getItems().get(0).getRules().get(0).getNonResourceURLs());
    assertEquals(1, kubernetesClusterRoleList.getItems().get(0).getRules().get(0).getNonResourceURLs().size());
    assertEquals("/healthz", kubernetesClusterRoleList.getItems().get(0).getRules().get(0).getNonResourceURLs().get(0));
    assertNotNull(kubernetesClusterRoleList.getItems().get(0).getRules().get(0).getResourceNames());
    assertEquals(1, kubernetesClusterRoleList.getItems().get(0).getRules().get(0).getResourceNames().size());
    assertEquals("my-node", kubernetesClusterRoleList.getItems().get(0).getRules().get(0).getResourceNames().get(0));
    assertNotNull(kubernetesClusterRoleList.getItems().get(0).getRules().get(0).getResources());
    assertEquals(1, kubernetesClusterRoleList.getItems().get(0).getRules().get(0).getResources().size());
    assertEquals("nodes", kubernetesClusterRoleList.getItems().get(0).getRules().get(0).getResources().get(0));
    assertNotNull(kubernetesClusterRoleList.getItems().get(0).getRules().get(0).getVerbs());
    assertEquals(3, kubernetesClusterRoleList.getItems().get(0).getRules().get(0).getVerbs().size());
    assertEquals("get", kubernetesClusterRoleList.getItems().get(0).getRules().get(0).getVerbs().get(0));
    assertEquals("watch", kubernetesClusterRoleList.getItems().get(0).getRules().get(0).getVerbs().get(1));
    assertEquals("list", kubernetesClusterRoleList.getItems().get(0).getRules().get(0).getVerbs().get(2));
    // test of updation
    kubernetesClusterRole = client.rbac().clusterRoles().withName("node-reader").edit(c -> new ClusterRoleBuilder(c).editRule(0).addToApiGroups(1, "extensions").endRule().build());
    assertNotNull(kubernetesClusterRole);
    assertEquals("ClusterRole", kubernetesClusterRole.getKind());
    assertEquals("rbac.authorization.k8s.io/v1", kubernetesClusterRole.getApiVersion());
    assertNotNull(kubernetesClusterRole.getMetadata());
    assertEquals("node-reader", kubernetesClusterRole.getMetadata().getName());
    assertNotNull(kubernetesClusterRole.getRules());
    assertEquals(1, kubernetesClusterRole.getRules().size());
    assertNotNull(kubernetesClusterRole.getRules().get(0).getApiGroups());
    assertEquals(2, kubernetesClusterRole.getRules().get(0).getApiGroups().size());
    assertEquals("", kubernetesClusterRole.getRules().get(0).getApiGroups().get(0));
    assertEquals("extensions", kubernetesClusterRole.getRules().get(0).getApiGroups().get(1));
    assertNotNull(kubernetesClusterRole.getRules().get(0).getNonResourceURLs());
    assertEquals(1, kubernetesClusterRole.getRules().get(0).getNonResourceURLs().size());
    assertEquals("/healthz", kubernetesClusterRole.getRules().get(0).getNonResourceURLs().get(0));
    assertNotNull(kubernetesClusterRole.getRules().get(0).getResourceNames());
    assertEquals(1, kubernetesClusterRole.getRules().get(0).getResourceNames().size());
    assertEquals("my-node", kubernetesClusterRole.getRules().get(0).getResourceNames().get(0));
    assertNotNull(kubernetesClusterRole.getRules().get(0).getResources());
    assertEquals(1, kubernetesClusterRole.getRules().get(0).getResources().size());
    assertEquals("nodes", kubernetesClusterRole.getRules().get(0).getResources().get(0));
    assertNotNull(kubernetesClusterRole.getRules().get(0).getVerbs());
    assertEquals(3, kubernetesClusterRole.getRules().get(0).getVerbs().size());
    assertEquals("get", kubernetesClusterRole.getRules().get(0).getVerbs().get(0));
    assertEquals("watch", kubernetesClusterRole.getRules().get(0).getVerbs().get(1));
    assertEquals("list", kubernetesClusterRole.getRules().get(0).getVerbs().get(2));
    // test of deletion
    boolean deleted = client.rbac().clusterRoles().delete();
    assertTrue(deleted);
    kubernetesClusterRoleList = client.rbac().clusterRoles().list();
    assertEquals(0, kubernetesClusterRoleList.getItems().size());
}
Also used : ClusterRoleBuilder(io.fabric8.kubernetes.api.model.rbac.ClusterRoleBuilder) Test(org.junit.jupiter.api.Test) Assertions.assertNotNull(org.junit.jupiter.api.Assertions.assertNotNull) Logger(org.slf4j.Logger) EnableKubernetesMockClient(io.fabric8.kubernetes.client.server.mock.EnableKubernetesMockClient) Assertions.assertTrue(org.junit.jupiter.api.Assertions.assertTrue) ClusterRole(io.fabric8.kubernetes.api.model.rbac.ClusterRole) ClusterRoleList(io.fabric8.kubernetes.api.model.rbac.ClusterRoleList) KubernetesClient(io.fabric8.kubernetes.client.KubernetesClient) LoggerFactory(org.slf4j.LoggerFactory) PolicyRuleBuilder(io.fabric8.kubernetes.api.model.rbac.PolicyRuleBuilder) Assertions.assertEquals(org.junit.jupiter.api.Assertions.assertEquals) ClusterRoleBuilder(io.fabric8.kubernetes.api.model.rbac.ClusterRoleBuilder) ClusterRoleList(io.fabric8.kubernetes.api.model.rbac.ClusterRoleList) ClusterRole(io.fabric8.kubernetes.api.model.rbac.ClusterRole) PolicyRuleBuilder(io.fabric8.kubernetes.api.model.rbac.PolicyRuleBuilder) Test(org.junit.jupiter.api.Test)

Example 12 with ClusterRole

use of io.fabric8.kubernetes.api.model.rbac.ClusterRole in project elastest-torm by elastest.

the class K8sService method deleteClusterRoleBindingAdmin.

public void deleteClusterRoleBindingAdmin(String name, String namespace) throws Exception {
    if (namespace != null && !"default".equals(namespace) && name != null && !"cluster-admin".equals("name")) {
        String role = "cluster-admin";
        logger.debug("Deleting Cluster Role Binding with name {} in the namespace {} with role {}", name, namespace, role);
        ClusterRoleBinding clusterRoleBinding = new ClusterRoleBindingBuilder().withNewMetadata().withName(name).endMetadata().withRoleRef(new RoleRefBuilder().withName(role).withKind("ClusterRole").withApiGroup("rbac.authorization.k8s.io").build()).withSubjects(new SubjectBuilder().withKind("ServiceAccount").withNamespace(namespace).withName("default").build()).build();
        client.rbac().clusterRoleBindings().delete(clusterRoleBinding);
        logger.debug("Cluster Role Binding with name {} deleted successfully from namespace {}", name, namespace);
    }
}
Also used : ClusterRoleBindingBuilder(io.fabric8.kubernetes.api.model.rbac.ClusterRoleBindingBuilder) ClusterRoleBinding(io.fabric8.kubernetes.api.model.rbac.ClusterRoleBinding) SubjectBuilder(io.fabric8.kubernetes.api.model.rbac.SubjectBuilder) RoleRefBuilder(io.fabric8.kubernetes.api.model.rbac.RoleRefBuilder)

Example 13 with ClusterRole

use of io.fabric8.kubernetes.api.model.rbac.ClusterRole in project elastest-torm by elastest.

the class K8sService method createClusterRoleBindingAdmin.

public void createClusterRoleBindingAdmin(String name, String namespace) throws Exception {
    String role = "cluster-admin";
    logger.debug("Creating Cluster Role Binding with name {} in the namespace {} with role {}", name, namespace, role);
    ClusterRoleBinding clusterRoleBinding = new ClusterRoleBindingBuilder().withNewMetadata().withName(name).endMetadata().withRoleRef(new RoleRefBuilder().withName(role).withKind("ClusterRole").withApiGroup("rbac.authorization.k8s.io").build()).withSubjects(new SubjectBuilder().withKind("ServiceAccount").withNamespace(namespace).withName("default").build()).build();
    client.rbac().clusterRoleBindings().create(clusterRoleBinding);
    logger.debug("Cluster Role Binding with name {} created successfully in the namespace {}", name, namespace);
}
Also used : ClusterRoleBindingBuilder(io.fabric8.kubernetes.api.model.rbac.ClusterRoleBindingBuilder) ClusterRoleBinding(io.fabric8.kubernetes.api.model.rbac.ClusterRoleBinding) SubjectBuilder(io.fabric8.kubernetes.api.model.rbac.SubjectBuilder) RoleRefBuilder(io.fabric8.kubernetes.api.model.rbac.RoleRefBuilder)

Example 14 with ClusterRole

use of io.fabric8.kubernetes.api.model.rbac.ClusterRole in project strimzi by strimzi.

the class ClusterRoleBindingOperatorIT method getOriginal.

@Override
protected ClusterRoleBinding getOriginal() {
    Subject ks = new SubjectBuilder().withKind("ServiceAccount").withName("my-service-account").withNamespace("my-namespace").build();
    RoleRef roleRef = new RoleRefBuilder().withName("my-cluster-role").withApiGroup("rbac.authorization.k8s.io").withKind("ClusterRole").build();
    return new ClusterRoleBindingBuilder().withNewMetadata().withName(resourceName).withLabels(singletonMap("state", "new")).endMetadata().withSubjects(ks).withRoleRef(roleRef).build();
}
Also used : RoleRef(io.fabric8.kubernetes.api.model.rbac.RoleRef) ClusterRoleBindingBuilder(io.fabric8.kubernetes.api.model.rbac.ClusterRoleBindingBuilder) SubjectBuilder(io.fabric8.kubernetes.api.model.rbac.SubjectBuilder) Subject(io.fabric8.kubernetes.api.model.rbac.Subject) RoleRefBuilder(io.fabric8.kubernetes.api.model.rbac.RoleRefBuilder)

Example 15 with ClusterRole

use of io.fabric8.kubernetes.api.model.rbac.ClusterRole in project strimzi by strimzi.

the class ClusterRoleBindingOperatorIT method getModified.

@Override
protected ClusterRoleBinding getModified() {
    Subject ks = new SubjectBuilder().withKind("ServiceAccount").withName("my-service-account2").withNamespace("my-namespace2").build();
    // RoleRef cannot be changed
    RoleRef roleRef = new RoleRefBuilder().withName("my-cluster-role").withApiGroup("rbac.authorization.k8s.io").withKind("ClusterRole").build();
    return new ClusterRoleBindingBuilder().withNewMetadata().withName(resourceName).withLabels(singletonMap("state", "modified")).endMetadata().withSubjects(ks).withRoleRef(roleRef).build();
}
Also used : RoleRef(io.fabric8.kubernetes.api.model.rbac.RoleRef) ClusterRoleBindingBuilder(io.fabric8.kubernetes.api.model.rbac.ClusterRoleBindingBuilder) SubjectBuilder(io.fabric8.kubernetes.api.model.rbac.SubjectBuilder) Subject(io.fabric8.kubernetes.api.model.rbac.Subject) RoleRefBuilder(io.fabric8.kubernetes.api.model.rbac.RoleRefBuilder)

Aggregations

ClusterRole (io.fabric8.kubernetes.api.model.rbac.ClusterRole)23 SubjectBuilder (io.fabric8.kubernetes.api.model.rbac.SubjectBuilder)20 ClusterRoleBinding (io.fabric8.kubernetes.api.model.rbac.ClusterRoleBinding)18 RoleRefBuilder (io.fabric8.kubernetes.api.model.rbac.RoleRefBuilder)18 ClusterRoleBindingBuilder (io.fabric8.kubernetes.api.model.rbac.ClusterRoleBindingBuilder)15 RoleRef (io.fabric8.kubernetes.api.model.rbac.RoleRef)14 Subject (io.fabric8.kubernetes.api.model.rbac.Subject)14 Test (org.junit.Test)11 IOException (java.io.IOException)10 RoleBindingBuilder (io.fabric8.kubernetes.api.model.rbac.RoleBindingBuilder)7 ArrayList (java.util.ArrayList)7 HashMap (java.util.HashMap)7 List (java.util.List)7 Map (java.util.Map)7 ServiceAccount (io.fabric8.kubernetes.api.model.ServiceAccount)6 ServiceAccountBuilder (io.fabric8.kubernetes.api.model.ServiceAccountBuilder)6 Role (io.fabric8.kubernetes.api.model.rbac.Role)6 ClusterRoleBuilder (io.fabric8.kubernetes.api.model.rbac.ClusterRoleBuilder)5 EnvVar (io.fabric8.kubernetes.api.model.EnvVar)4 File (java.io.File)4
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial