Example 41 with RoleBinding
use of io.fabric8.kubernetes.api.model.rbac.RoleBinding in project fabric8-maven-plugin by fabric8io.
the class ApplyService method applyRoleBinding.
public void applyRoleBinding(RoleBinding entity, String sourceName) {
OpenShiftClient openShiftClient = getOpenShiftClient();
if (openShiftClient != null) {
String id = getName(entity);
Objects.requireNonNull(id, "No name for " + entity + " " + sourceName);
String namespace = KubernetesHelper.getNamespace(entity);
if (StringUtils.isBlank(namespace)) {
namespace = getNamespace(entity);
}
applyNamespace(namespace);
RoleBinding old = openShiftClient.rbac().roleBindings().inNamespace(namespace).withName(id).get();
if (isRunning(old)) {
if (UserConfigurationCompare.configEqual(entity, old)) {
log.info("RoleBinding has not changed so not doing anything");
} else {
if (isRecreateMode()) {
log.info("Deleting RoleBinding: " + id);
openShiftClient.roleBindings().inNamespace(namespace).withName(id).delete();
doCreateRoleBinding(entity, namespace, sourceName);
} else {
log.info("Updating RoleBinding from " + sourceName);
try {
String resourceVersion = KubernetesHelper.getResourceVersion(old);
ObjectMeta metadata = getOrCreateMetadata(entity);
metadata.setNamespace(namespace);
metadata.setResourceVersion(resourceVersion);
Object answer = openShiftClient.rbac().roleBindings().inNamespace(namespace).withName(id).replace(entity);
logGeneratedEntity("Updated RoleBinding: ", namespace, entity, answer);
} catch (Exception e) {
onApplyError("Failed to update RoleBinding from " + sourceName + ". " + e + ". " + entity, e);
}
}
}
} else {
if (!isAllowCreate()) {
log.warn("Creation disabled so not creating RoleBinding from " + sourceName + " namespace " + namespace + " name " + getName(entity));
} else {
doCreateRoleBinding(entity, namespace, sourceName);
}
}
}
}
Also used :
ObjectMeta(io.fabric8.kubernetes.api.model.ObjectMeta)
OpenShiftClient(io.fabric8.openshift.client.OpenShiftClient)
RoleBinding(io.fabric8.kubernetes.api.model.rbac.RoleBinding)
KubernetesClientException(io.fabric8.kubernetes.client.KubernetesClientException)
JsonProcessingException(com.fasterxml.jackson.core.JsonProcessingException)
IOException(java.io.IOException)
Example 42 with RoleBinding
use of io.fabric8.kubernetes.api.model.rbac.RoleBinding in project strimzi by strimzi.
the class EntityTopicOperatorTest method testRoleBindingInOtherNamespace.
@ParallelTest
public void testRoleBindingInOtherNamespace() {
RoleBinding binding = entityTopicOperator.generateRoleBindingForRole(namespace, toWatchedNamespace);
assertThat(binding.getSubjects().get(0).getNamespace(), is(namespace));
assertThat(binding.getMetadata().getNamespace(), is(toWatchedNamespace));
assertThat(binding.getMetadata().getOwnerReferences().size(), is(0));
assertThat(binding.getRoleRef().getKind(), is("Role"));
assertThat(binding.getRoleRef().getName(), is("foo-entity-operator"));
}
Also used :
RoleBinding(io.fabric8.kubernetes.api.model.rbac.RoleBinding)
ParallelTest(io.strimzi.test.annotations.ParallelTest)
Example 43 with RoleBinding
use of io.fabric8.kubernetes.api.model.rbac.RoleBinding in project strimzi by strimzi.
the class RoleBindingOperatorIT method getOriginal.
@Override
protected RoleBinding getOriginal() {
Subject ks = new SubjectBuilder().withKind("ServiceAccount").withName("my-service-account").withNamespace("my-namespace").build();
RoleRef roleRef = new RoleRefBuilder().withName("my-cluster-role").withApiGroup("rbac.authorization.k8s.io").withKind("ClusterRole").build();
return new RoleBindingBuilder().withNewMetadata().withName(resourceName).withNamespace(namespace).withLabels(singletonMap("state", "new")).endMetadata().withSubjects(ks).withRoleRef(roleRef).build();
}
Also used :
RoleBindingBuilder(io.fabric8.kubernetes.api.model.rbac.RoleBindingBuilder)
RoleRef(io.fabric8.kubernetes.api.model.rbac.RoleRef)
SubjectBuilder(io.fabric8.kubernetes.api.model.rbac.SubjectBuilder)
Subject(io.fabric8.kubernetes.api.model.rbac.Subject)
RoleRefBuilder(io.fabric8.kubernetes.api.model.rbac.RoleRefBuilder)
Example 44 with RoleBinding
use of io.fabric8.kubernetes.api.model.rbac.RoleBinding in project strimzi by strimzi.
the class RoleBindingOperatorTest method resource.
@Override
protected RoleBinding resource() {
Subject ks = new SubjectBuilder().withKind("ServiceAccount").withName("some-service-account").withNamespace(NAMESPACE).build();
RoleRef roleRef = new RoleRefBuilder().withName("some-role").withApiGroup("rbac.authorization.k8s.io").withKind("ClusterRole").build();
return new RoleBindingBuilder().withNewMetadata().withName(RESOURCE_NAME).withNamespace(NAMESPACE).withLabels(singletonMap("foo", "bar")).endMetadata().withRoleRef(roleRef).withSubjects(singletonList(ks)).build();
}
Also used :
RoleBindingBuilder(io.fabric8.kubernetes.api.model.rbac.RoleBindingBuilder)
RoleRef(io.fabric8.kubernetes.api.model.rbac.RoleRef)
SubjectBuilder(io.fabric8.kubernetes.api.model.rbac.SubjectBuilder)
Subject(io.fabric8.kubernetes.api.model.rbac.Subject)
RoleRefBuilder(io.fabric8.kubernetes.api.model.rbac.RoleRefBuilder)
Example 45 with RoleBinding
use of io.fabric8.kubernetes.api.model.rbac.RoleBinding in project strimzi by strimzi.
the class EntityUserOperatorTest method testRoleBindingInTheSameNamespace.
@ParallelTest
public void testRoleBindingInTheSameNamespace() {
RoleBinding binding = entityUserOperator.generateRoleBindingForRole(namespace, namespace);
assertThat(binding.getSubjects().get(0).getNamespace(), is(namespace));
assertThat(binding.getMetadata().getNamespace(), is(namespace));
assertThat(binding.getMetadata().getOwnerReferences().size(), is(1));
assertThat(binding.getRoleRef().getKind(), is("Role"));
assertThat(binding.getRoleRef().getName(), is("foo-entity-operator"));
}
Also used :
RoleBinding(io.fabric8.kubernetes.api.model.rbac.RoleBinding)
ParallelTest(io.strimzi.test.annotations.ParallelTest)
Aggregations
RoleBinding (io.fabric8.kubernetes.api.model.rbac.RoleBinding)33
RoleRefBuilder (io.fabric8.kubernetes.api.model.rbac.RoleRefBuilder)20
RoleBinding (io.fabric8.openshift.api.model.RoleBinding)19
Test (org.junit.jupiter.api.Test)19
RoleBindingBuilder (io.fabric8.kubernetes.api.model.rbac.RoleBindingBuilder)16
RoleRef (io.fabric8.kubernetes.api.model.rbac.RoleRef)16
SubjectBuilder (io.fabric8.kubernetes.api.model.rbac.SubjectBuilder)14
RoleBindingBuilder (io.fabric8.openshift.api.model.RoleBindingBuilder)13
Role (io.fabric8.kubernetes.api.model.rbac.Role)10
Subject (io.fabric8.kubernetes.api.model.rbac.Subject)10
KubernetesClientException (io.fabric8.kubernetes.client.KubernetesClientException)10
OpenShiftClient (io.fabric8.openshift.client.OpenShiftClient)10
List (java.util.List)8
ObjectMapper (com.fasterxml.jackson.databind.ObjectMapper)6
ServiceAccount (io.fabric8.kubernetes.api.model.ServiceAccount)6
Kafka (io.strimzi.api.kafka.model.Kafka)6
KafkaBuilder (io.strimzi.api.kafka.model.KafkaBuilder)6
CertManager (io.strimzi.certs.CertManager)6
KubernetesVersion (io.strimzi.operator.KubernetesVersion)6
PlatformFeaturesAvailability (io.strimzi.operator.PlatformFeaturesAvailability)6
