Examples with RoleBindingBuilder io.fabric8.openshift.api.model.RoleBindingBuilder used on opensource projects

Example 36 with RoleBindingBuilder

use of io.fabric8.openshift.api.model.RoleBindingBuilder in project devspaces-images by redhat-developer.

the class UserPermissionConfiguratorTest method replaceExistingBindingsWithSameName.

@Test
public void replaceExistingBindingsWithSameName() throws InfrastructureException {
    // given - cr1 binding already exists
    client.rbac().roleBindings().inNamespace(TEST_NAMESPACE_NAME).create(new RoleBindingBuilder().withNewMetadata().withName("cr1").endMetadata().withSubjects(new Subject("blabol", "blabol", "blabol", "blabol")).withNewRoleRef().withName("blabol").endRoleRef().build());
    // when
    configurator.configure(namespaceResolutionContext, TEST_NAMESPACE_NAME);
    // then
    var roleBindings = client.rbac().roleBindings().inNamespace(TEST_NAMESPACE_NAME);
    Assert.assertEquals(roleBindings.list().getItems().size(), 2);
    var cr1 = roleBindings.withName("cr1").get();
    Assert.assertEquals(cr1.getRoleRef().getName(), "cr1");
    Assert.assertEquals(cr1.getSubjects().size(), 1);
    Assert.assertEquals(cr1.getSubjects().get(0).getName(), TEST_USERNAME);
    Assert.assertEquals(cr1.getSubjects().get(0).getNamespace(), TEST_NAMESPACE_NAME);
}

Example 37 with RoleBindingBuilder

use of io.fabric8.openshift.api.model.RoleBindingBuilder in project devspaces-images by redhat-developer.

the class OpenShiftProject method prepare.

/**
 * Prepare a project for using.
 *
 * <p>Preparing includes creating if needed and waiting for default service account.
 *
 * @param canCreate defines what to do when the project is not found. The project is created when
 *     {@code true}, otherwise an exception is thrown.
 * @param initWithCheServerSa defines condition whether the project should be created with Che
 *     Server SA.
 * @throws InfrastructureException if any exception occurs during project preparation or if the
 *     project doesn't exist and {@code canCreate} is {@code false}.
 */
void prepare(boolean canCreate, boolean initWithCheServerSa, Map<String, String> labels, Map<String, String> annotations) throws InfrastructureException {
    String workspaceId = getWorkspaceId();
    String projectName = getName();
    KubernetesClient kubeClient = clientFactory.create(workspaceId);
    OpenShiftClient osClient = clientFactory.createOC(workspaceId);
    Project project = get(projectName, osClient);
    if (project == null) {
        if (!canCreate) {
            throw new InfrastructureException(format("Creating the namespace '%s' is not allowed, yet" + " it was not found.", projectName));
        }
        if (initWithCheServerSa) {
            OpenShiftClient openshiftClient = cheServerOpenshiftClientFactory.createOC();
            create(projectName, openshiftClient);
            waitDefaultServiceAccount(projectName, openshiftClient);
            openshiftClient.roleBindings().inNamespace(projectName).createOrReplace(new RoleBindingBuilder().withNewMetadata().withName("admin").endMetadata().addToUserNames(osClient.currentUser().getMetadata().getName()).withNewRoleRef().withApiVersion("rbac.authorization.k8s.io").withKind("RoleBinding").withName("admin").endRoleRef().build());
        } else {
            create(projectName, osClient);
            waitDefaultServiceAccount(projectName, kubeClient);
        }
    }
    label(osClient.namespaces().withName(projectName).get(), labels);
    annotate(osClient.namespaces().withName(projectName).get(), annotations);
}