Examples with Role io.fabric8.kubernetes.api.model.rbac.Role used on opensource projects

Search in sources :

Example 21 with Role

use of io.fabric8.kubernetes.api.model.rbac.Role in project strimzi-kafka-operator by strimzi.

the class Main method maybeCreateClusterRoles.

/*test*/
static Future<Void> maybeCreateClusterRoles(Vertx vertx, ClusterOperatorConfig config, KubernetesClient client) {
    if (config.isCreateClusterRoles()) {
        List<Future> futures = new ArrayList<>();
        ClusterRoleOperator cro = new ClusterRoleOperator(vertx, client);
        Map<String, String> clusterRoles = new HashMap<>(6);
        clusterRoles.put("strimzi-cluster-operator-namespaced", "020-ClusterRole-strimzi-cluster-operator-role.yaml");
        clusterRoles.put("strimzi-cluster-operator-global", "021-ClusterRole-strimzi-cluster-operator-role.yaml");
        clusterRoles.put("strimzi-kafka-broker", "030-ClusterRole-strimzi-kafka-broker.yaml");
        clusterRoles.put("strimzi-entity-operator", "031-ClusterRole-strimzi-entity-operator.yaml");
        clusterRoles.put("strimzi-kafka-client", "033-ClusterRole-strimzi-kafka-client.yaml");
        for (Map.Entry<String, String> clusterRole : clusterRoles.entrySet()) {
            LOGGER.info("Creating cluster role {}", clusterRole.getKey());
            try (BufferedReader br = new BufferedReader(new InputStreamReader(Main.class.getResourceAsStream("/cluster-roles/" + clusterRole.getValue()), StandardCharsets.UTF_8))) {
                String yaml = br.lines().collect(Collectors.joining(System.lineSeparator()));
                ClusterRole role = ClusterRoleOperator.convertYamlToClusterRole(yaml);
                Future fut = cro.reconcile(new Reconciliation("start-cluster-operator", "Deployment", config.getOperatorNamespace(), "cluster-operator"), role.getMetadata().getName(), role);
                futures.add(fut);
            } catch (IOException e) {
                LOGGER.error("Failed to create Cluster Roles.", e);
                throw new RuntimeException(e);
            }
        }
        Promise<Void> returnPromise = Promise.promise();
        CompositeFuture.all(futures).onComplete(res -> {
            if (res.succeeded()) {
                returnPromise.complete();
            } else {
                returnPromise.fail("Failed to create Cluster Roles.");
            }
        });
        return returnPromise.future();
    } else {
        return Future.succeededFuture();
    }
}
Also used : InputStreamReader(java.io.InputStreamReader) HashMap(java.util.HashMap) ArrayList(java.util.ArrayList) IOException(java.io.IOException) ClusterRole(io.fabric8.kubernetes.api.model.rbac.ClusterRole) ClusterRoleOperator(io.strimzi.operator.common.operator.resource.ClusterRoleOperator) Reconciliation(io.strimzi.operator.common.Reconciliation) BufferedReader(java.io.BufferedReader) CompositeFuture(io.vertx.core.CompositeFuture) Future(io.vertx.core.Future) HashMap(java.util.HashMap) Map(java.util.Map)

Example 22 with Role

use of io.fabric8.kubernetes.api.model.rbac.Role in project strimzi-kafka-operator by strimzi.

the class EntityUserOperator method generateRoleBindingForRole.

public RoleBinding generateRoleBindingForRole(String namespace, String watchedNamespace) {
    Subject ks = new SubjectBuilder().withKind("ServiceAccount").withName(EntityOperator.entityOperatorServiceAccountName(cluster)).withNamespace(namespace).build();
    RoleRef roleRef = new RoleRefBuilder().withName(getRoleName()).withApiGroup("rbac.authorization.k8s.io").withKind("Role").build();
    RoleBinding rb = generateRoleBinding(roleBindingForRoleName(cluster), watchedNamespace, roleRef, singletonList(ks));
    // We set OwnerReference only within the same namespace since it does not work cross-namespace
    if (!namespace.equals(watchedNamespace)) {
        rb.getMetadata().setOwnerReferences(Collections.emptyList());
    }
    return rb;
}
Also used : RoleRef(io.fabric8.kubernetes.api.model.rbac.RoleRef) RoleBinding(io.fabric8.kubernetes.api.model.rbac.RoleBinding) SubjectBuilder(io.fabric8.kubernetes.api.model.rbac.SubjectBuilder) Subject(io.fabric8.kubernetes.api.model.rbac.Subject) RoleRefBuilder(io.fabric8.kubernetes.api.model.rbac.RoleRefBuilder)

Example 23 with Role

use of io.fabric8.kubernetes.api.model.rbac.Role in project strimzi-kafka-operator by strimzi.

the class EntityOperatorTest method testRoleInDifferentNamespace.

@ParallelTest
public void testRoleInDifferentNamespace() {
    Kafka resource = new KafkaBuilder(ResourceUtils.createKafka(namespace, cluster, replicas, image, healthDelay, healthTimeout)).editSpec().editOrNewEntityOperator().endEntityOperator().endSpec().build();
    EntityOperator eo = EntityOperator.fromCrd(new Reconciliation("test", resource.getKind(), resource.getMetadata().getNamespace(), resource.getMetadata().getName()), resource, VERSIONS);
    Role role = eo.generateRole(namespace, namespace);
    assertThat(role.getMetadata().getOwnerReferences().get(0), is(entityOperator.createOwnerReference()));
    role = eo.generateRole(namespace, "some-other-namespace");
    assertThat(role.getMetadata().getOwnerReferences().size(), is(0));
}
Also used : Role(io.fabric8.kubernetes.api.model.rbac.Role) Reconciliation(io.strimzi.operator.common.Reconciliation) Kafka(io.strimzi.api.kafka.model.Kafka) KafkaBuilder(io.strimzi.api.kafka.model.KafkaBuilder) ParallelTest(io.strimzi.test.annotations.ParallelTest)

Example 24 with Role

use of io.fabric8.kubernetes.api.model.rbac.Role in project strimzi-kafka-operator by strimzi.

the class EntityOperatorTest method testRole.

@ParallelTest
public void testRole() {
    Kafka resource = new KafkaBuilder(ResourceUtils.createKafka(namespace, cluster, replicas, image, healthDelay, healthTimeout)).editSpec().editOrNewEntityOperator().endEntityOperator().endSpec().build();
    EntityOperator eo = EntityOperator.fromCrd(new Reconciliation("test", resource.getKind(), resource.getMetadata().getNamespace(), resource.getMetadata().getName()), resource, VERSIONS);
    Role role = eo.generateRole(namespace, namespace);
    assertThat(role.getMetadata().getName(), is("foo-entity-operator"));
    assertThat(role.getMetadata().getNamespace(), is(namespace));
    List<PolicyRule> rules = new ArrayList<>();
    rules.add(new PolicyRuleBuilder().addToResources("kafkatopics", "kafkatopics/status", "kafkausers", "kafkausers/status").addToVerbs("get", "list", "watch", "create", "patch", "update", "delete").addToApiGroups(Constants.RESOURCE_GROUP_NAME).build());
    rules.add(new PolicyRuleBuilder().addToResources("events").addToVerbs("create").addToApiGroups("").build());
    rules.add(new PolicyRuleBuilder().addToResources("secrets").addToVerbs("get", "list", "watch", "create", "delete", "patch", "update").addToApiGroups("").build());
    assertThat(role.getRules(), is(rules));
}
Also used : Role(io.fabric8.kubernetes.api.model.rbac.Role) PolicyRule(io.fabric8.kubernetes.api.model.rbac.PolicyRule) Reconciliation(io.strimzi.operator.common.Reconciliation) Kafka(io.strimzi.api.kafka.model.Kafka) ArrayList(java.util.ArrayList) KafkaBuilder(io.strimzi.api.kafka.model.KafkaBuilder) PolicyRuleBuilder(io.fabric8.kubernetes.api.model.rbac.PolicyRuleBuilder) ParallelTest(io.strimzi.test.annotations.ParallelTest)

Example 25 with Role

use of io.fabric8.kubernetes.api.model.rbac.Role in project strimzi-kafka-operator by strimzi.

the class EntityUserOperatorTest method testRoleBindingInOtherNamespace.

@ParallelTest
public void testRoleBindingInOtherNamespace() {
    RoleBinding binding = entityUserOperator.generateRoleBindingForRole(namespace, uoWatchedNamespace);
    assertThat(binding.getSubjects().get(0).getNamespace(), is(namespace));
    assertThat(binding.getMetadata().getNamespace(), is(uoWatchedNamespace));
    assertThat(binding.getMetadata().getOwnerReferences().size(), is(0));
    assertThat(binding.getRoleRef().getKind(), is("Role"));
    assertThat(binding.getRoleRef().getName(), is("foo-entity-operator"));
}
Also used : RoleBinding(io.fabric8.kubernetes.api.model.rbac.RoleBinding) ParallelTest(io.strimzi.test.annotations.ParallelTest)

Aggregations

RoleRefBuilder (io.fabric8.kubernetes.api.model.rbac.RoleRefBuilder)28 RoleRef (io.fabric8.kubernetes.api.model.rbac.RoleRef)24 SubjectBuilder (io.fabric8.kubernetes.api.model.rbac.SubjectBuilder)22 Role (io.fabric8.kubernetes.api.model.rbac.Role)19 RoleBinding (io.fabric8.kubernetes.api.model.rbac.RoleBinding)19 Subject (io.fabric8.kubernetes.api.model.rbac.Subject)18 Reconciliation (io.strimzi.operator.common.Reconciliation)12 ParallelTest (io.strimzi.test.annotations.ParallelTest)12 IOException (java.io.IOException)12 Kafka (io.strimzi.api.kafka.model.Kafka)10 KafkaBuilder (io.strimzi.api.kafka.model.KafkaBuilder)10 List (java.util.List)10 RoleBindingBuilder (io.fabric8.kubernetes.api.model.rbac.RoleBindingBuilder)8 Future (io.vertx.core.Future)8 HashMap (java.util.HashMap)7 ConfigMap (io.fabric8.kubernetes.api.model.ConfigMap)5 ClusterRoleBindingBuilder (io.fabric8.kubernetes.api.model.rbac.ClusterRoleBindingBuilder)5 ArrayList (java.util.ArrayList)5 ServiceAccount (io.fabric8.kubernetes.api.model.ServiceAccount)4 ClusterRole (io.fabric8.kubernetes.api.model.rbac.ClusterRole)4
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial