Example 16 with RoleRef
use of io.fabric8.kubernetes.api.model.rbac.RoleRef in project strimzi-kafka-operator by strimzi.
the class KafkaConnectCluster method generateClusterRoleBinding.
/**
* Creates the ClusterRoleBinding which is used to bind the Kafka Connect SA to the ClusterRole
* which permissions the Kafka init container to access K8S nodes (necessary for rack-awareness).
*
* @return The cluster role binding.
*/
public ClusterRoleBinding generateClusterRoleBinding() {
if (rack == null) {
return null;
}
Subject subject = new SubjectBuilder().withKind("ServiceAccount").withName(getServiceAccountName()).withNamespace(namespace).build();
RoleRef roleRef = new RoleRefBuilder().withName("strimzi-kafka-client").withApiGroup("rbac.authorization.k8s.io").withKind("ClusterRole").build();
return getClusterRoleBinding(KafkaConnectResources.initContainerClusterRoleBindingName(cluster, namespace), subject, roleRef);
}
Also used :
RoleRef(io.fabric8.kubernetes.api.model.rbac.RoleRef)
SubjectBuilder(io.fabric8.kubernetes.api.model.rbac.SubjectBuilder)
Subject(io.fabric8.kubernetes.api.model.rbac.Subject)
RoleRefBuilder(io.fabric8.kubernetes.api.model.rbac.RoleRefBuilder)
Example 17 with RoleRef
use of io.fabric8.kubernetes.api.model.rbac.RoleRef in project strimzi-kafka-operator by strimzi.
the class ClusterRoleBindingOperatorIT method getModified.
@Override
protected ClusterRoleBinding getModified() {
Subject ks = new SubjectBuilder().withKind("ServiceAccount").withName("my-service-account2").withNamespace("my-namespace2").build();
// RoleRef cannot be changed
RoleRef roleRef = new RoleRefBuilder().withName("my-cluster-role").withApiGroup("rbac.authorization.k8s.io").withKind("ClusterRole").build();
return new ClusterRoleBindingBuilder().withNewMetadata().withName(resourceName).withLabels(singletonMap("state", "modified")).endMetadata().withSubjects(ks).withRoleRef(roleRef).build();
}
Also used :
RoleRef(io.fabric8.kubernetes.api.model.rbac.RoleRef)
ClusterRoleBindingBuilder(io.fabric8.kubernetes.api.model.rbac.ClusterRoleBindingBuilder)
SubjectBuilder(io.fabric8.kubernetes.api.model.rbac.SubjectBuilder)
Subject(io.fabric8.kubernetes.api.model.rbac.Subject)
RoleRefBuilder(io.fabric8.kubernetes.api.model.rbac.RoleRefBuilder)
Example 18 with RoleRef
use of io.fabric8.kubernetes.api.model.rbac.RoleRef in project strimzi-kafka-operator by strimzi.
the class RoleBindingOperatorIT method getOriginal.
@Override
protected RoleBinding getOriginal() {
Subject ks = new SubjectBuilder().withKind("ServiceAccount").withName("my-service-account").withNamespace("my-namespace").build();
RoleRef roleRef = new RoleRefBuilder().withName("my-cluster-role").withApiGroup("rbac.authorization.k8s.io").withKind("ClusterRole").build();
return new RoleBindingBuilder().withNewMetadata().withName(resourceName).withNamespace(namespace).withLabels(singletonMap("state", "new")).endMetadata().withSubjects(ks).withRoleRef(roleRef).build();
}
Also used :
RoleBindingBuilder(io.fabric8.kubernetes.api.model.rbac.RoleBindingBuilder)
RoleRef(io.fabric8.kubernetes.api.model.rbac.RoleRef)
SubjectBuilder(io.fabric8.kubernetes.api.model.rbac.SubjectBuilder)
Subject(io.fabric8.kubernetes.api.model.rbac.Subject)
RoleRefBuilder(io.fabric8.kubernetes.api.model.rbac.RoleRefBuilder)
Aggregations
RoleRef (io.fabric8.kubernetes.api.model.rbac.RoleRef)18
RoleRefBuilder (io.fabric8.kubernetes.api.model.rbac.RoleRefBuilder)18
Subject (io.fabric8.kubernetes.api.model.rbac.Subject)18
SubjectBuilder (io.fabric8.kubernetes.api.model.rbac.SubjectBuilder)18
RoleBindingBuilder (io.fabric8.kubernetes.api.model.rbac.RoleBindingBuilder)6
ClusterRoleBindingBuilder (io.fabric8.kubernetes.api.model.rbac.ClusterRoleBindingBuilder)4
RoleBinding (io.fabric8.kubernetes.api.model.rbac.RoleBinding)4
