use of io.fabric8.kubernetes.api.model.rbac.ClusterRoleBindingBuilder in project elastest-torm by elastest.
the class K8sService method deleteClusterRoleBindingAdmin.
public void deleteClusterRoleBindingAdmin(String name, String namespace) throws Exception {
if (namespace != null && !"default".equals(namespace) && name != null && !"cluster-admin".equals("name")) {
String role = "cluster-admin";
logger.debug("Deleting Cluster Role Binding with name {} in the namespace {} with role {}", name, namespace, role);
ClusterRoleBinding clusterRoleBinding = new ClusterRoleBindingBuilder().withNewMetadata().withName(name).endMetadata().withRoleRef(new RoleRefBuilder().withName(role).withKind("ClusterRole").withApiGroup("rbac.authorization.k8s.io").build()).withSubjects(new SubjectBuilder().withKind("ServiceAccount").withNamespace(namespace).withName("default").build()).build();
client.rbac().clusterRoleBindings().delete(clusterRoleBinding);
logger.debug("Cluster Role Binding with name {} deleted successfully from namespace {}", name, namespace);
}
}
use of io.fabric8.kubernetes.api.model.rbac.ClusterRoleBindingBuilder in project elastest-torm by elastest.
the class K8sService method createClusterRoleBindingAdmin.
public void createClusterRoleBindingAdmin(String name, String namespace) throws Exception {
String role = "cluster-admin";
logger.debug("Creating Cluster Role Binding with name {} in the namespace {} with role {}", name, namespace, role);
ClusterRoleBinding clusterRoleBinding = new ClusterRoleBindingBuilder().withNewMetadata().withName(name).endMetadata().withRoleRef(new RoleRefBuilder().withName(role).withKind("ClusterRole").withApiGroup("rbac.authorization.k8s.io").build()).withSubjects(new SubjectBuilder().withKind("ServiceAccount").withNamespace(namespace).withName("default").build()).build();
client.rbac().clusterRoleBindings().create(clusterRoleBinding);
logger.debug("Cluster Role Binding with name {} created successfully in the namespace {}", name, namespace);
}
use of io.fabric8.kubernetes.api.model.rbac.ClusterRoleBindingBuilder in project strimzi by strimzi.
the class ClusterRoleBindingOperatorIT method getOriginal.
@Override
protected ClusterRoleBinding getOriginal() {
Subject ks = new SubjectBuilder().withKind("ServiceAccount").withName("my-service-account").withNamespace("my-namespace").build();
RoleRef roleRef = new RoleRefBuilder().withName("my-cluster-role").withApiGroup("rbac.authorization.k8s.io").withKind("ClusterRole").build();
return new ClusterRoleBindingBuilder().withNewMetadata().withName(resourceName).withLabels(singletonMap("state", "new")).endMetadata().withSubjects(ks).withRoleRef(roleRef).build();
}
use of io.fabric8.kubernetes.api.model.rbac.ClusterRoleBindingBuilder in project strimzi by strimzi.
the class ClusterRoleBindingOperatorIT method getModified.
@Override
protected ClusterRoleBinding getModified() {
Subject ks = new SubjectBuilder().withKind("ServiceAccount").withName("my-service-account2").withNamespace("my-namespace2").build();
// RoleRef cannot be changed
RoleRef roleRef = new RoleRefBuilder().withName("my-cluster-role").withApiGroup("rbac.authorization.k8s.io").withKind("ClusterRole").build();
return new ClusterRoleBindingBuilder().withNewMetadata().withName(resourceName).withLabels(singletonMap("state", "modified")).endMetadata().withSubjects(ks).withRoleRef(roleRef).build();
}
use of io.fabric8.kubernetes.api.model.rbac.ClusterRoleBindingBuilder in project strimzi by strimzi.
the class SetupDrainCleaner method applyInstallFiles.
public void applyInstallFiles(ExtensionContext extensionContext) {
List<File> drainCleanerFiles = Arrays.stream(new File(PATH_TO_DC_CONFIG).listFiles()).sorted().filter(File::isFile).collect(Collectors.toList());
drainCleanerFiles.forEach(file -> {
if (!file.getName().contains("README") && !file.getName().contains("Namespace") && !file.getName().contains("Deployment")) {
final String resourceType = file.getName().split("-")[1].split(".yaml")[0];
switch(resourceType) {
case Constants.CLUSTER_ROLE:
ClusterRole clusterRole = TestUtils.configFromYaml(file, ClusterRole.class);
ResourceManager.getInstance().createResource(extensionContext, clusterRole);
break;
case Constants.SERVICE_ACCOUNT:
ServiceAccount serviceAccount = TestUtils.configFromYaml(file, ServiceAccount.class);
ResourceManager.getInstance().createResource(extensionContext, new ServiceAccountBuilder(serviceAccount).editMetadata().withNamespace(Constants.DRAIN_CLEANER_NAMESPACE).endMetadata().build());
break;
case Constants.CLUSTER_ROLE_BINDING:
ClusterRoleBinding clusterRoleBinding = TestUtils.configFromYaml(file, ClusterRoleBinding.class);
ResourceManager.getInstance().createResource(extensionContext, new ClusterRoleBindingBuilder(clusterRoleBinding).build());
break;
case Constants.SECRET:
Secret secret = TestUtils.configFromYaml(file, Secret.class);
ResourceManager.getInstance().createResource(extensionContext, secret);
break;
case Constants.SERVICE:
Service service = TestUtils.configFromYaml(file, Service.class);
ResourceManager.getInstance().createResource(extensionContext, service);
break;
case Constants.VALIDATION_WEBHOOK_CONFIG:
ValidatingWebhookConfiguration webhookConfiguration = TestUtils.configFromYaml(file, ValidatingWebhookConfiguration.class);
ResourceManager.getInstance().createResource(extensionContext, webhookConfiguration);
break;
default:
LOGGER.error("Unknown installation resource type: {}", resourceType);
throw new RuntimeException("Unknown installation resource type:" + resourceType);
}
}
});
}
Aggregations