Add RoleBinding methodsadd-role-binding-to-kubeclient

Includes RoleBinding methods to Kubeclient and introduce a new lib class to generate RoleBinding resources. This MR is part of https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/22011
author: Mayra Cabrera <mcabrera@gitlab.com> 2018-10-22 16:47:54 -0500
committer: Mayra Cabrera <mcabrera@gitlab.com> 2018-10-22 17:16:14 -0500
commit: 1e4d61500039ad84e2ab95b58910f592994f56e5 (patch)
tree: 614fee02a747fd8d27ffe0d3d573e91887df1873 /lib
parent: 4cf1845e7ea5d9a52fe5af49dd1644f98a921010 (diff)
download: gitlab-ce-1e4d61500039ad84e2ab95b58910f592994f56e5.tar.gz
2 files changed, 54 insertions, 0 deletions
diff --git a/lib/gitlab/kubernetes/kube_client.rb b/lib/gitlab/kubernetes/kube_client.rb
index 588238de608..e88a15b8acd 100644
--- a/lib/gitlab/kubernetes/kube_client.rb
+++ b/lib/gitlab/kubernetes/kube_client.rb
@@ -45,6 +45,13 @@ module Gitlab
         :update_cluster_role_binding,
         to: :rbac_client
 
+      # RBAC methods delegates to the apis/rbac.authorization.k8s.io api
+      # group client
+      delegate :create_role_binding,
+        :get_role_binding,
+        :update_role_binding,
+        to: :rbac_client
+
       # Deployments resource is currently on the apis/extensions api group
       delegate :get_deployments,
         to: :extensions_client
diff --git a/lib/gitlab/kubernetes/role_binding.rb b/lib/gitlab/kubernetes/role_binding.rb
new file mode 100644
index 00000000000..4f3ee040bf2
--- /dev/null
+++ b/lib/gitlab/kubernetes/role_binding.rb
@@ -0,0 +1,47 @@
+# frozen_string_literal: true
+
+module Gitlab
+  module Kubernetes
+    class RoleBinding
+      attr_reader :role_name, :namespace, :service_account_name
+
+      def initialize(role_name:, namespace:, service_account_name:)
+        @role_name = role_name
+        @namespace = namespace
+        @service_account_name = service_account_name
+      end
+
+      def generate
+        ::Kubeclient::Resource.new.tap do |resource|
+          resource.metadata = metadata
+          resource.roleRef  = role_ref
+          resource.subjects = subjects
+        end
+      end
+
+      private
+
+      def metadata
+        { name: "gitlab-#{namespace}", namespace: namespace }
+      end
+
+      def role_ref
+        {
+          apiGroup: 'rbac.authorization.k8s.io',
+          kind: 'Role',
+          name: role_name
+        }
+      end
+
+      def subjects
+        [
+          {
+            kind: 'ServiceAccount',
+            name: service_account_name,
+            namespace: namespace
+          }
+        ]
+      end
+    end
+  end
+end
author	Mayra Cabrera <mcabrera@gitlab.com>	2018-10-22 16:47:54 -0500
committer	Mayra Cabrera <mcabrera@gitlab.com>	2018-10-22 17:16:14 -0500
commit	1e4d61500039ad84e2ab95b58910f592994f56e5 (patch)
tree	614fee02a747fd8d27ffe0d3d573e91887df1873 /lib
parent	4cf1845e7ea5d9a52fe5af49dd1644f98a921010 (diff)
download	gitlab-ce-1e4d61500039ad84e2ab95b58910f592994f56e5.tar.gz