Beispiel #1
0
        private async Task <string> DescribeObject(Kubernetes client, V1ClusterRole o, StringBuilder buffer)
        {
            var fetched = await client.ReadClusterRoleAsync(o.Metadata.Name).ConfigureAwait(false);

            buffer.AppendLine($"API Veresion: {fetched.ApiVersion}");
            buffer.AppendLine($"Kind: {fetched.Kind}");
            buffer.AppendLine(DescribeMetadata(fetched.Metadata));
            return($"Cluster Role - {fetched.Metadata.Name}");
        }
    public void JustNameFromClusterResource()
    {
        var resource = new V1ClusterRole(
            apiVersion: V1ClusterRole.KubeApiVersion,
            kind: V1ClusterRole.KubeKind,
            metadata: new V1ObjectMeta(
                name: "the-name"));

        var nn = NamespacedName.From(resource);

        Assert.Equal("the-name", nn.Name);
        Assert.Null(nn.Namespace);
    }
Beispiel #3
0
    public void NamespaceCanBeNull()
    {
        var resource = new V1ClusterRole(
            apiVersion: $"{V1ClusterRole.KubeGroup}/{V1ClusterRole.KubeApiVersion}",
            kind: V1ClusterRole.KubeKind,
            metadata: new V1ObjectMeta(
                name: "the-name"));

        var key = GroupKindNamespacedName.From(resource);

        Assert.Equal("rbac.authorization.k8s.io", key.Group);
        Assert.Equal("ClusterRole", key.Kind);
        Assert.Null(key.NamespacedName.Namespace);
        Assert.Equal("the-name", key.NamespacedName.Name);
    }
Beispiel #4
0
        public void JustNameFromClusterResource()
        {
            // arrange
            var resource = new V1ClusterRole(
                apiVersion: V1ClusterRole.KubeApiVersion,
                kind: V1ClusterRole.KubeKind,
                metadata: new V1ObjectMeta(
                    name: "the-name"));

            // act
            var nn = NamespacedName.From(resource);

            // assert
            nn.Name.ShouldBe("the-name");
            nn.Namespace.ShouldBeNull();
        }
        public void NamespaceCanBeNull()
        {
            // arrange
            var resource = new V1ClusterRole(
                apiVersion: $"{V1ClusterRole.KubeGroup}/{V1ClusterRole.KubeApiVersion}",
                kind: V1ClusterRole.KubeKind,
                metadata: new V1ObjectMeta(
                    name: "the-name"));

            // act
            var key = GroupKindNamespacedName.From(resource);

            // assert
            key.Group.ShouldBe("rbac.authorization.k8s.io");
            key.Kind.ShouldBe("ClusterRole");
            key.NamespacedName.Namespace.ShouldBeNull();
            key.NamespacedName.Name.ShouldBe("the-name");
        }
    private async Task <T> WithKubernetesContext <T>(Component component, DeploymentScope deploymentScope, Func <IKubernetes, KubernetesData, V1ClusterRole, V1ServiceAccount, Task <T> > callback)
    {
        if (component is null)
        {
            throw new ArgumentNullException(nameof(component));
        }

        if (deploymentScope is null)
        {
            throw new ArgumentNullException(nameof(deploymentScope));
        }

        if (callback is null)
        {
            throw new ArgumentNullException(nameof(callback));
        }

        var identity = await azureResourceService
                       .GetResourceAsync <AzureIdentityResource>(component.IdentityId, throwIfNotExists : true)
                       .ConfigureAwait(false);

        var data   = GetKubernetesData(deploymentScope);
        var client = GetKubernetesClient(data);

        var roleDefinition = new V1ClusterRole()
        {
            Metadata = new V1ObjectMeta()
            {
                Name = "teamcloud-runner"
            },
            Rules = new List <V1PolicyRule>()
            {
                new V1PolicyRule()
                {
                    ApiGroups = new List <string>()
                    {
                        "", "extensions", "apps"
                    },
                    Resources = new List <string>()
                    {
                        "*"
                    },
                    Verbs = new List <string>()
                    {
                        "*"
                    }
                },
                new V1PolicyRule()
                {
                    ApiGroups = new List <string>()
                    {
                        "batch"
                    },
                    Resources = new List <string>()
                    {
                        "jobs", "cronjobs"
                    },
                    Verbs = new List <string>()
                    {
                        "*"
                    }
                }
            }
        };

        try
        {
            roleDefinition = await client
                             .CreateClusterRoleAsync(roleDefinition)
                             .ConfigureAwait(false);
        }
        catch (HttpOperationException exc) when(exc.Response.StatusCode == System.Net.HttpStatusCode.Conflict)
        {
            roleDefinition = await client
                             .ReadClusterRoleAsync(roleDefinition.Metadata.Name)
                             .ConfigureAwait(false);
        }

        var serviceAccount = new V1ServiceAccount()
        {
            Metadata = new V1ObjectMeta()
            {
                Name = $"{data.Namespace}-{identity.PrincipalId}"
            }
        };

        try
        {
            serviceAccount = await client
                             .CreateNamespacedServiceAccountAsync(serviceAccount, data.Namespace)
                             .ConfigureAwait(false);
        }
        catch (HttpOperationException exc) when(exc.Response.StatusCode == System.Net.HttpStatusCode.Conflict)
        {
            serviceAccount = await client
                             .ReadNamespacedServiceAccountAsync(serviceAccount.Metadata.Name, data.Namespace)
                             .ConfigureAwait(false);
        }

        return(await callback(client, data, roleDefinition, serviceAccount).ConfigureAwait(false));
    }