Examples with RoleBinding io.fabric8.kubernetes.api.model.rbac.RoleBinding used on opensource projects

Example 66 with RoleBinding

use of io.fabric8.kubernetes.api.model.rbac.RoleBinding in project devspaces-images by redhat-developer.

the class OpenShiftProject method prepare.

/**
 * Prepare a project for using.
 *
 * <p>Preparing includes creating if needed and waiting for default service account.
 *
 * @param canCreate defines what to do when the project is not found. The project is created when
 *     {@code true}, otherwise an exception is thrown.
 * @param initWithCheServerSa defines condition whether the project should be created with Che
 *     Server SA.
 * @throws InfrastructureException if any exception occurs during project preparation or if the
 *     project doesn't exist and {@code canCreate} is {@code false}.
 */
void prepare(boolean canCreate, boolean initWithCheServerSa, Map<String, String> labels, Map<String, String> annotations) throws InfrastructureException {
    String workspaceId = getWorkspaceId();
    String projectName = getName();
    KubernetesClient kubeClient = clientFactory.create(workspaceId);
    OpenShiftClient osClient = clientFactory.createOC(workspaceId);
    Project project = get(projectName, osClient);
    if (project == null) {
        if (!canCreate) {
            throw new InfrastructureException(format("Creating the namespace '%s' is not allowed, yet" + " it was not found.", projectName));
        }
        if (initWithCheServerSa) {
            OpenShiftClient openshiftClient = cheServerOpenshiftClientFactory.createOC();
            create(projectName, openshiftClient);
            waitDefaultServiceAccount(projectName, openshiftClient);
            openshiftClient.roleBindings().inNamespace(projectName).createOrReplace(new RoleBindingBuilder().withNewMetadata().withName("admin").endMetadata().addToUserNames(osClient.currentUser().getMetadata().getName()).withNewRoleRef().withApiVersion("rbac.authorization.k8s.io").withKind("RoleBinding").withName("admin").endRoleRef().build());
        } else {
            create(projectName, osClient);
            waitDefaultServiceAccount(projectName, kubeClient);
        }
    }
    label(osClient.namespaces().withName(projectName).get(), labels);
    annotate(osClient.namespaces().withName(projectName).get(), annotations);
}

Example 67 with RoleBinding

use of io.fabric8.kubernetes.api.model.rbac.RoleBinding in project devspaces-images by redhat-developer.

the class OpenShiftStopWorkspaceRoleConfigurator method configure.

@Override
public void configure(NamespaceResolutionContext namespaceResolutionContext, String projectName) throws InfrastructureException {
    if (isNullOrEmpty(oAuthIdentityProvider)) {
        return;
    }
    if (stopWorkspaceRoleEnabled && installationLocation != null) {
        OpenShiftClient osClient = clientFactory.createOC();
        String stopWorkspacesRoleName = "workspace-stop";
        if (osClient.roles().inNamespace(projectName).withName(stopWorkspacesRoleName).get() == null) {
            osClient.roles().inNamespace(projectName).createOrReplace(createStopWorkspacesRole(stopWorkspacesRoleName));
        }
        osClient.roleBindings().inNamespace(projectName).createOrReplace(createStopWorkspacesRoleBinding(projectName));
    } else {
        LOG.warn("Stop workspace Role and RoleBinding will not be provisioned to the '{}' namespace. 'che.workspace.stop.role.enabled' property is set to '{}'", installationLocation, stopWorkspaceRoleEnabled);
    }
}