kotovalexarian-likes-gitlab/gitlab-org--gitlab-foss
1
0
Fork 0
Code Releases Activity
gitlab-org--gitlab-foss/lib/gitlab/kubernetes/role_binding.rb
Hordur Freyr Yngvason 6971fd261d Give Knative serving permissions to service account 
GitLab uses a kubernetes service account to perform deployments. For
serverless deployments to work as expected with externally created
clusters with their own knative installations (e.g. via Cloud Run), this
account requires additional permissions in the serving.knative.dev API
group.
2019-07-11 11:26:15 +00:00

49 lines
1.1 KiB
Ruby
Raw Blame History

# frozen_string_literal: true
module Gitlab
module Kubernetes
class RoleBinding
def initialize(name:, role_name:, role_kind:, namespace:, service_account_name:)
@name = name
@role_name = role_name
@role_kind = role_kind
@namespace = namespace
@service_account_name = service_account_name
end
def generate
::Kubeclient::Resource.new.tap do |resource|
resource.metadata = metadata
resource.roleRef = role_ref
resource.subjects = subjects
end
end
private
attr_reader :name, :role_name, :role_kind, :namespace, :service_account_name
def metadata
{ name: name, namespace: namespace }
end
def role_ref
{
apiGroup: 'rbac.authorization.k8s.io',
kind: role_kind,
name: role_name
}
end
def subjects
[
{
kind: 'ServiceAccount',
name: service_account_name,
namespace: namespace
}
]
end
end
end
end
View git blame Copy permalink