blob: 064a00d4c2ef000324ec99534f803796cb9c05ac (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
|
# frozen_string_literal: true
module Clusters
module Gcp
class ServicesAccountService
attr_reader :kube_client, :cluster
def initialize(kube_client, cluster)
@kube_client = kube_client
@cluster = cluster
end
def execute
create_service_account
create_namespaced_service_account
end
private
def create_namespaced_service_account
return unless cluster.platform_kubernetes_rbac?
namespace_name = cluster.platform_kubernetes.actual_namespace
ensure_namespace_exists(namespace_name)
create_service_account(namespace: namespace_name, rbac: true)
end
def ensure_namespace_exists(namespace_name)
Gitlab::Kubernetes::Namespace.new(namespace_name, kube_client).ensure_exists!
end
def create_service_account(namespace: 'default', rbac: false)
Clusters::Gcp::Kubernetes::CreateServiceAccountService.new(
kube_client,
name: cluster.platform_kubernetes.service_account_name,
namespace: namespace,
rbac: rbac
).execute
end
end
end
end
|