use of io.fabric8.kubernetes.api.model.rbac.RoleBinding in project fabric8-maven-plugin by fabric8io.
the class ApplyService method applyRoleBinding.
public void applyRoleBinding(RoleBinding entity, String sourceName) {
OpenShiftClient openShiftClient = getOpenShiftClient();
if (openShiftClient != null) {
String id = getName(entity);
Objects.requireNonNull(id, "No name for " + entity + " " + sourceName);
String namespace = KubernetesHelper.getNamespace(entity);
if (StringUtils.isBlank(namespace)) {
namespace = getNamespace(entity);
}
applyNamespace(namespace);
RoleBinding old = openShiftClient.rbac().roleBindings().inNamespace(namespace).withName(id).get();
if (isRunning(old)) {
if (UserConfigurationCompare.configEqual(entity, old)) {
log.info("RoleBinding has not changed so not doing anything");
} else {
if (isRecreateMode()) {
log.info("Deleting RoleBinding: " + id);
openShiftClient.roleBindings().inNamespace(namespace).withName(id).delete();
doCreateRoleBinding(entity, namespace, sourceName);
} else {
log.info("Updating RoleBinding from " + sourceName);
try {
String resourceVersion = KubernetesHelper.getResourceVersion(old);
ObjectMeta metadata = getOrCreateMetadata(entity);
metadata.setNamespace(namespace);
metadata.setResourceVersion(resourceVersion);
Object answer = openShiftClient.rbac().roleBindings().inNamespace(namespace).withName(id).replace(entity);
logGeneratedEntity("Updated RoleBinding: ", namespace, entity, answer);
} catch (Exception e) {
onApplyError("Failed to update RoleBinding from " + sourceName + ". " + e + ". " + entity, e);
}
}
}
} else {
if (!isAllowCreate()) {
log.warn("Creation disabled so not creating RoleBinding from " + sourceName + " namespace " + namespace + " name " + getName(entity));
} else {
doCreateRoleBinding(entity, namespace, sourceName);
}
}
}
}
use of io.fabric8.kubernetes.api.model.rbac.RoleBinding in project strimzi by strimzi.
the class EntityTopicOperatorTest method testRoleBindingInOtherNamespace.
@ParallelTest
public void testRoleBindingInOtherNamespace() {
RoleBinding binding = entityTopicOperator.generateRoleBindingForRole(namespace, toWatchedNamespace);
assertThat(binding.getSubjects().get(0).getNamespace(), is(namespace));
assertThat(binding.getMetadata().getNamespace(), is(toWatchedNamespace));
assertThat(binding.getMetadata().getOwnerReferences().size(), is(0));
assertThat(binding.getRoleRef().getKind(), is("Role"));
assertThat(binding.getRoleRef().getName(), is("foo-entity-operator"));
}
use of io.fabric8.kubernetes.api.model.rbac.RoleBinding in project strimzi by strimzi.
the class RoleBindingOperatorIT method getOriginal.
@Override
protected RoleBinding getOriginal() {
Subject ks = new SubjectBuilder().withKind("ServiceAccount").withName("my-service-account").withNamespace("my-namespace").build();
RoleRef roleRef = new RoleRefBuilder().withName("my-cluster-role").withApiGroup("rbac.authorization.k8s.io").withKind("ClusterRole").build();
return new RoleBindingBuilder().withNewMetadata().withName(resourceName).withNamespace(namespace).withLabels(singletonMap("state", "new")).endMetadata().withSubjects(ks).withRoleRef(roleRef).build();
}
use of io.fabric8.kubernetes.api.model.rbac.RoleBinding in project strimzi by strimzi.
the class RoleBindingOperatorTest method resource.
@Override
protected RoleBinding resource() {
Subject ks = new SubjectBuilder().withKind("ServiceAccount").withName("some-service-account").withNamespace(NAMESPACE).build();
RoleRef roleRef = new RoleRefBuilder().withName("some-role").withApiGroup("rbac.authorization.k8s.io").withKind("ClusterRole").build();
return new RoleBindingBuilder().withNewMetadata().withName(RESOURCE_NAME).withNamespace(NAMESPACE).withLabels(singletonMap("foo", "bar")).endMetadata().withRoleRef(roleRef).withSubjects(singletonList(ks)).build();
}
use of io.fabric8.kubernetes.api.model.rbac.RoleBinding in project strimzi by strimzi.
the class EntityUserOperatorTest method testRoleBindingInTheSameNamespace.
@ParallelTest
public void testRoleBindingInTheSameNamespace() {
RoleBinding binding = entityUserOperator.generateRoleBindingForRole(namespace, namespace);
assertThat(binding.getSubjects().get(0).getNamespace(), is(namespace));
assertThat(binding.getMetadata().getNamespace(), is(namespace));
assertThat(binding.getMetadata().getOwnerReferences().size(), is(1));
assertThat(binding.getRoleRef().getKind(), is("Role"));
assertThat(binding.getRoleRef().getName(), is("foo-entity-operator"));
}
Aggregations