github.com/caos/orbos@v1.5.14-0.20221103111702-e6cd0cea7ad4/pkg/kubernetes/resources/rolebinding/adapt.go

github.com/caos/orbos@v1.5.14-0.20221103111702-e6cd0cea7ad4/pkg/kubernetes/resources/rolebinding/adapt.go (about)

     1  package rolebinding
     2  
     3  import (
     4  	"github.com/caos/orbos/pkg/kubernetes"
     5  	"github.com/caos/orbos/pkg/kubernetes/resources"
     6  	"github.com/caos/orbos/pkg/labels"
     7  	rbac "k8s.io/api/rbac/v1"
     8  	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
     9  )
    10  
    11  type Subject struct {
    12  	Kind      string
    13  	Name      string
    14  	Namespace string
    15  }
    16  
    17  func AdaptFuncToEnsure(namespace string, nameLabels *labels.Name, subjects []Subject, role string) (resources.QueryFunc, error) {
    18  	subjectsList := make([]rbac.Subject, 0)
    19  	for _, subject := range subjects {
    20  		subjectsList = append(subjectsList, rbac.Subject{
    21  			Kind:      subject.Kind,
    22  			Name:      subject.Name,
    23  			Namespace: subject.Namespace,
    24  		})
    25  	}
    26  
    27  	rolebinding := &rbac.RoleBinding{
    28  		ObjectMeta: metav1.ObjectMeta{
    29  			Name:      nameLabels.Name(),
    30  			Namespace: namespace,
    31  			Labels:    labels.MustK8sMap(nameLabels),
    32  		},
    33  		Subjects: subjectsList,
    34  		RoleRef: rbac.RoleRef{
    35  			Name:     role,
    36  			Kind:     "Role",
    37  			APIGroup: "rbac.authorization.k8s.io",
    38  		},
    39  	}
    40  	return func(_ kubernetes.ClientInt, _ map[string]interface{}) (resources.EnsureFunc, error) {
    41  		return func(k8sClient kubernetes.ClientInt) error {
    42  			return k8sClient.ApplyRoleBinding(rolebinding)
    43  		}, nil
    44  	}, nil
    45  }
    46  
    47  func AdaptFuncToDestroy(namespace, name string) (resources.DestroyFunc, error) {
    48  	return func(client kubernetes.ClientInt) error {
    49  		return client.DeleteRoleBinding(namespace, name)
    50  	}, nil
    51  }