Search in sources :

Example 1 with ClusterRoleBindingBuilder

use of io.fabric8.kubernetes.api.model.rbac.ClusterRoleBindingBuilder in project elastest-torm by elastest.

the class K8sService method deleteClusterRoleBindingAdmin.

public void deleteClusterRoleBindingAdmin(String name, String namespace) throws Exception {
    if (namespace != null && !"default".equals(namespace) && name != null && !"cluster-admin".equals("name")) {
        String role = "cluster-admin";
        logger.debug("Deleting Cluster Role Binding with name {} in the namespace {} with role {}", name, namespace, role);
        ClusterRoleBinding clusterRoleBinding = new ClusterRoleBindingBuilder().withNewMetadata().withName(name).endMetadata().withRoleRef(new RoleRefBuilder().withName(role).withKind("ClusterRole").withApiGroup("rbac.authorization.k8s.io").build()).withSubjects(new SubjectBuilder().withKind("ServiceAccount").withNamespace(namespace).withName("default").build()).build();
        client.rbac().clusterRoleBindings().delete(clusterRoleBinding);
        logger.debug("Cluster Role Binding with name {} deleted successfully from namespace {}", name, namespace);
    }
}
Also used : ClusterRoleBindingBuilder(io.fabric8.kubernetes.api.model.rbac.ClusterRoleBindingBuilder) ClusterRoleBinding(io.fabric8.kubernetes.api.model.rbac.ClusterRoleBinding) SubjectBuilder(io.fabric8.kubernetes.api.model.rbac.SubjectBuilder) RoleRefBuilder(io.fabric8.kubernetes.api.model.rbac.RoleRefBuilder)

Example 2 with ClusterRoleBindingBuilder

use of io.fabric8.kubernetes.api.model.rbac.ClusterRoleBindingBuilder in project elastest-torm by elastest.

the class K8sService method createClusterRoleBindingAdmin.

public void createClusterRoleBindingAdmin(String name, String namespace) throws Exception {
    String role = "cluster-admin";
    logger.debug("Creating Cluster Role Binding with name {} in the namespace {} with role {}", name, namespace, role);
    ClusterRoleBinding clusterRoleBinding = new ClusterRoleBindingBuilder().withNewMetadata().withName(name).endMetadata().withRoleRef(new RoleRefBuilder().withName(role).withKind("ClusterRole").withApiGroup("rbac.authorization.k8s.io").build()).withSubjects(new SubjectBuilder().withKind("ServiceAccount").withNamespace(namespace).withName("default").build()).build();
    client.rbac().clusterRoleBindings().create(clusterRoleBinding);
    logger.debug("Cluster Role Binding with name {} created successfully in the namespace {}", name, namespace);
}
Also used : ClusterRoleBindingBuilder(io.fabric8.kubernetes.api.model.rbac.ClusterRoleBindingBuilder) ClusterRoleBinding(io.fabric8.kubernetes.api.model.rbac.ClusterRoleBinding) SubjectBuilder(io.fabric8.kubernetes.api.model.rbac.SubjectBuilder) RoleRefBuilder(io.fabric8.kubernetes.api.model.rbac.RoleRefBuilder)

Example 3 with ClusterRoleBindingBuilder

use of io.fabric8.kubernetes.api.model.rbac.ClusterRoleBindingBuilder in project strimzi by strimzi.

the class ClusterRoleBindingOperatorIT method getOriginal.

@Override
protected ClusterRoleBinding getOriginal() {
    Subject ks = new SubjectBuilder().withKind("ServiceAccount").withName("my-service-account").withNamespace("my-namespace").build();
    RoleRef roleRef = new RoleRefBuilder().withName("my-cluster-role").withApiGroup("rbac.authorization.k8s.io").withKind("ClusterRole").build();
    return new ClusterRoleBindingBuilder().withNewMetadata().withName(resourceName).withLabels(singletonMap("state", "new")).endMetadata().withSubjects(ks).withRoleRef(roleRef).build();
}
Also used : RoleRef(io.fabric8.kubernetes.api.model.rbac.RoleRef) ClusterRoleBindingBuilder(io.fabric8.kubernetes.api.model.rbac.ClusterRoleBindingBuilder) SubjectBuilder(io.fabric8.kubernetes.api.model.rbac.SubjectBuilder) Subject(io.fabric8.kubernetes.api.model.rbac.Subject) RoleRefBuilder(io.fabric8.kubernetes.api.model.rbac.RoleRefBuilder)

Example 4 with ClusterRoleBindingBuilder

use of io.fabric8.kubernetes.api.model.rbac.ClusterRoleBindingBuilder in project strimzi by strimzi.

the class ClusterRoleBindingOperatorIT method getModified.

@Override
protected ClusterRoleBinding getModified() {
    Subject ks = new SubjectBuilder().withKind("ServiceAccount").withName("my-service-account2").withNamespace("my-namespace2").build();
    // RoleRef cannot be changed
    RoleRef roleRef = new RoleRefBuilder().withName("my-cluster-role").withApiGroup("rbac.authorization.k8s.io").withKind("ClusterRole").build();
    return new ClusterRoleBindingBuilder().withNewMetadata().withName(resourceName).withLabels(singletonMap("state", "modified")).endMetadata().withSubjects(ks).withRoleRef(roleRef).build();
}
Also used : RoleRef(io.fabric8.kubernetes.api.model.rbac.RoleRef) ClusterRoleBindingBuilder(io.fabric8.kubernetes.api.model.rbac.ClusterRoleBindingBuilder) SubjectBuilder(io.fabric8.kubernetes.api.model.rbac.SubjectBuilder) Subject(io.fabric8.kubernetes.api.model.rbac.Subject) RoleRefBuilder(io.fabric8.kubernetes.api.model.rbac.RoleRefBuilder)

Example 5 with ClusterRoleBindingBuilder

use of io.fabric8.kubernetes.api.model.rbac.ClusterRoleBindingBuilder in project strimzi by strimzi.

the class SetupDrainCleaner method applyInstallFiles.

public void applyInstallFiles(ExtensionContext extensionContext) {
    List<File> drainCleanerFiles = Arrays.stream(new File(PATH_TO_DC_CONFIG).listFiles()).sorted().filter(File::isFile).collect(Collectors.toList());
    drainCleanerFiles.forEach(file -> {
        if (!file.getName().contains("README") && !file.getName().contains("Namespace") && !file.getName().contains("Deployment")) {
            final String resourceType = file.getName().split("-")[1].split(".yaml")[0];
            switch(resourceType) {
                case Constants.CLUSTER_ROLE:
                    ClusterRole clusterRole = TestUtils.configFromYaml(file, ClusterRole.class);
                    ResourceManager.getInstance().createResource(extensionContext, clusterRole);
                    break;
                case Constants.SERVICE_ACCOUNT:
                    ServiceAccount serviceAccount = TestUtils.configFromYaml(file, ServiceAccount.class);
                    ResourceManager.getInstance().createResource(extensionContext, new ServiceAccountBuilder(serviceAccount).editMetadata().withNamespace(Constants.DRAIN_CLEANER_NAMESPACE).endMetadata().build());
                    break;
                case Constants.CLUSTER_ROLE_BINDING:
                    ClusterRoleBinding clusterRoleBinding = TestUtils.configFromYaml(file, ClusterRoleBinding.class);
                    ResourceManager.getInstance().createResource(extensionContext, new ClusterRoleBindingBuilder(clusterRoleBinding).build());
                    break;
                case Constants.SECRET:
                    Secret secret = TestUtils.configFromYaml(file, Secret.class);
                    ResourceManager.getInstance().createResource(extensionContext, secret);
                    break;
                case Constants.SERVICE:
                    Service service = TestUtils.configFromYaml(file, Service.class);
                    ResourceManager.getInstance().createResource(extensionContext, service);
                    break;
                case Constants.VALIDATION_WEBHOOK_CONFIG:
                    ValidatingWebhookConfiguration webhookConfiguration = TestUtils.configFromYaml(file, ValidatingWebhookConfiguration.class);
                    ResourceManager.getInstance().createResource(extensionContext, webhookConfiguration);
                    break;
                default:
                    LOGGER.error("Unknown installation resource type: {}", resourceType);
                    throw new RuntimeException("Unknown installation resource type:" + resourceType);
            }
        }
    });
}
Also used : Secret(io.fabric8.kubernetes.api.model.Secret) ServiceAccount(io.fabric8.kubernetes.api.model.ServiceAccount) ValidatingWebhookConfiguration(io.fabric8.kubernetes.api.model.admissionregistration.v1.ValidatingWebhookConfiguration) ClusterRoleBindingBuilder(io.fabric8.kubernetes.api.model.rbac.ClusterRoleBindingBuilder) ClusterRoleBinding(io.fabric8.kubernetes.api.model.rbac.ClusterRoleBinding) ServiceAccountBuilder(io.fabric8.kubernetes.api.model.ServiceAccountBuilder) Service(io.fabric8.kubernetes.api.model.Service) File(java.io.File) ClusterRole(io.fabric8.kubernetes.api.model.rbac.ClusterRole)

Aggregations

ClusterRoleBindingBuilder (io.fabric8.kubernetes.api.model.rbac.ClusterRoleBindingBuilder)12 ClusterRoleBinding (io.fabric8.kubernetes.api.model.rbac.ClusterRoleBinding)8 SubjectBuilder (io.fabric8.kubernetes.api.model.rbac.SubjectBuilder)8 RoleRefBuilder (io.fabric8.kubernetes.api.model.rbac.RoleRefBuilder)6 RoleRef (io.fabric8.kubernetes.api.model.rbac.RoleRef)4 Subject (io.fabric8.kubernetes.api.model.rbac.Subject)4 Secret (io.fabric8.kubernetes.api.model.Secret)2 Service (io.fabric8.kubernetes.api.model.Service)2 ServiceAccount (io.fabric8.kubernetes.api.model.ServiceAccount)2 ServiceAccountBuilder (io.fabric8.kubernetes.api.model.ServiceAccountBuilder)2 ValidatingWebhookConfiguration (io.fabric8.kubernetes.api.model.admissionregistration.v1.ValidatingWebhookConfiguration)2 ClusterRole (io.fabric8.kubernetes.api.model.rbac.ClusterRole)2 File (java.io.File)2 ArrayList (java.util.ArrayList)2