use of io.fabric8.kubernetes.api.model.rbac.ClusterRoleBindingBuilder in project strimzi by strimzi.
the class ClusterRoleBindingOperatorIT method getOriginal.
@Override
protected ClusterRoleBinding getOriginal() {
Subject ks = new SubjectBuilder().withKind("ServiceAccount").withName("my-service-account").withNamespace("my-namespace").build();
RoleRef roleRef = new RoleRefBuilder().withName("my-cluster-role").withApiGroup("rbac.authorization.k8s.io").withKind("ClusterRole").build();
return new ClusterRoleBindingBuilder().withNewMetadata().withName(resourceName).withLabels(singletonMap("state", "new")).endMetadata().withSubjects(ks).withRoleRef(roleRef).build();
}
use of io.fabric8.kubernetes.api.model.rbac.ClusterRoleBindingBuilder in project strimzi by strimzi.
the class ClusterRoleBindingOperatorIT method getModified.
@Override
protected ClusterRoleBinding getModified() {
Subject ks = new SubjectBuilder().withKind("ServiceAccount").withName("my-service-account2").withNamespace("my-namespace2").build();
// RoleRef cannot be changed
RoleRef roleRef = new RoleRefBuilder().withName("my-cluster-role").withApiGroup("rbac.authorization.k8s.io").withKind("ClusterRole").build();
return new ClusterRoleBindingBuilder().withNewMetadata().withName(resourceName).withLabels(singletonMap("state", "modified")).endMetadata().withSubjects(ks).withRoleRef(roleRef).build();
}
use of io.fabric8.kubernetes.api.model.rbac.ClusterRoleBindingBuilder in project strimzi by strimzi.
the class SetupDrainCleaner method applyInstallFiles.
public void applyInstallFiles(ExtensionContext extensionContext) {
List<File> drainCleanerFiles = Arrays.stream(new File(PATH_TO_DC_CONFIG).listFiles()).sorted().filter(File::isFile).collect(Collectors.toList());
drainCleanerFiles.forEach(file -> {
if (!file.getName().contains("README") && !file.getName().contains("Namespace") && !file.getName().contains("Deployment")) {
final String resourceType = file.getName().split("-")[1].split(".yaml")[0];
switch(resourceType) {
case Constants.CLUSTER_ROLE:
ClusterRole clusterRole = TestUtils.configFromYaml(file, ClusterRole.class);
ResourceManager.getInstance().createResource(extensionContext, clusterRole);
break;
case Constants.SERVICE_ACCOUNT:
ServiceAccount serviceAccount = TestUtils.configFromYaml(file, ServiceAccount.class);
ResourceManager.getInstance().createResource(extensionContext, new ServiceAccountBuilder(serviceAccount).editMetadata().withNamespace(Constants.DRAIN_CLEANER_NAMESPACE).endMetadata().build());
break;
case Constants.CLUSTER_ROLE_BINDING:
ClusterRoleBinding clusterRoleBinding = TestUtils.configFromYaml(file, ClusterRoleBinding.class);
ResourceManager.getInstance().createResource(extensionContext, new ClusterRoleBindingBuilder(clusterRoleBinding).build());
break;
case Constants.SECRET:
Secret secret = TestUtils.configFromYaml(file, Secret.class);
ResourceManager.getInstance().createResource(extensionContext, secret);
break;
case Constants.SERVICE:
Service service = TestUtils.configFromYaml(file, Service.class);
ResourceManager.getInstance().createResource(extensionContext, service);
break;
case Constants.VALIDATION_WEBHOOK_CONFIG:
ValidatingWebhookConfiguration webhookConfiguration = TestUtils.configFromYaml(file, ValidatingWebhookConfiguration.class);
ResourceManager.getInstance().createResource(extensionContext, webhookConfiguration);
break;
default:
LOGGER.error("Unknown installation resource type: {}", resourceType);
throw new RuntimeException("Unknown installation resource type:" + resourceType);
}
}
});
}
use of io.fabric8.kubernetes.api.model.rbac.ClusterRoleBindingBuilder in project strimzi by strimzi.
the class ClusterRoleBindingResource method clusterRoleBinding.
public static ClusterRoleBinding clusterRoleBinding(ExtensionContext extensionContext, String yamlPath, String namespace) {
LOGGER.info("Creating ClusterRoleBinding in test case {} from {} in namespace {}", extensionContext.getDisplayName(), yamlPath, namespace);
ClusterRoleBinding clusterRoleBinding = getClusterRoleBindingFromYaml(yamlPath);
clusterRoleBinding = new ClusterRoleBindingBuilder(clusterRoleBinding).editFirstSubject().withNamespace(namespace).endSubject().build();
ResourceManager.getInstance().createResource(extensionContext, clusterRoleBinding);
return clusterRoleBinding;
}
use of io.fabric8.kubernetes.api.model.rbac.ClusterRoleBindingBuilder in project strimzi by strimzi.
the class ClusterRoleBindingTemplates method clusterRoleBindingsForAllNamespaces.
public static List<ClusterRoleBinding> clusterRoleBindingsForAllNamespaces(String namespace, String coName) {
LOGGER.info("Creating ClusterRoleBinding that grant cluster-wide access to all OpenShift projects");
List<ClusterRoleBinding> kCRBList = new ArrayList<>();
kCRBList.add(new ClusterRoleBindingBuilder().withNewMetadata().withName(coName + "-namespaced").endMetadata().withNewRoleRef().withApiGroup("rbac.authorization.k8s.io").withKind("ClusterRole").withName("strimzi-cluster-operator-namespaced").endRoleRef().withSubjects(new SubjectBuilder().withKind("ServiceAccount").withName("strimzi-cluster-operator").withNamespace(namespace).build()).build());
kCRBList.add(new ClusterRoleBindingBuilder().withNewMetadata().withName(coName + "-entity-operator").endMetadata().withNewRoleRef().withApiGroup("rbac.authorization.k8s.io").withKind("ClusterRole").withName("strimzi-entity-operator").endRoleRef().withSubjects(new SubjectBuilder().withKind("ServiceAccount").withName("strimzi-cluster-operator").withNamespace(namespace).build()).build());
return kCRBList;
}
Aggregations