1e4d615000
Includes RoleBinding methods to Kubeclient and introduce a new lib class to generate RoleBinding resources. This MR is part of https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/22011
47 lines
1,014 B
Ruby
47 lines
1,014 B
Ruby
# frozen_string_literal: true
|
|
|
|
module Gitlab
|
|
module Kubernetes
|
|
class RoleBinding
|
|
attr_reader :role_name, :namespace, :service_account_name
|
|
|
|
def initialize(role_name:, namespace:, service_account_name:)
|
|
@role_name = role_name
|
|
@namespace = namespace
|
|
@service_account_name = service_account_name
|
|
end
|
|
|
|
def generate
|
|
::Kubeclient::Resource.new.tap do |resource|
|
|
resource.metadata = metadata
|
|
resource.roleRef = role_ref
|
|
resource.subjects = subjects
|
|
end
|
|
end
|
|
|
|
private
|
|
|
|
def metadata
|
|
{ name: "gitlab-#{namespace}", namespace: namespace }
|
|
end
|
|
|
|
def role_ref
|
|
{
|
|
apiGroup: 'rbac.authorization.k8s.io',
|
|
kind: 'Role',
|
|
name: role_name
|
|
}
|
|
end
|
|
|
|
def subjects
|
|
[
|
|
{
|
|
kind: 'ServiceAccount',
|
|
name: service_account_name,
|
|
namespace: namespace
|
|
}
|
|
]
|
|
end
|
|
end
|
|
end
|
|
end
|