private async Task <k8s.Models.V1ServiceAccount> GetSaFromNamespace(KubernetesEndpointManifest clusterInfo) { var all = await k8s.ListNamespacedServiceAccountAsync(clusterInfo.Namespace.Metadata.Name); var found = all.Items.FirstOrDefault(al => al.Metadata.Name.Equals(clusterInfo.ServiceAccount.Spec.Metadata.Name)); return(found); }
private async Task <k8s.Models.V1Namespace> GetNamespaceAsync(KubernetesEndpointManifest clusterInfo) { var all = await k8s.ListNamespaceAsync(); var found = all.Items .FirstOrDefault(al => al.Metadata.Name.Equals(clusterInfo.Namespace.Metadata.Name, StringComparison.OrdinalIgnoreCase)); return(found); }
public async Task EnsureNamespaceExistsAsync( KubernetesEndpointManifest clusterInfo) { using var operation = Logger.BeginOperation($"Checking Kubernetes namespace '{clusterInfo.Namespace.Metadata.Name}' ...", "K8SNamespace"); var found = await GetNamespaceAsync(clusterInfo); if (found == null) { await k8s.CreateNamespaceAsync(clusterInfo.Namespace); operation.EndWithSuccess(); } else { using var subOp = Logger.BeginOperation($"Updating Kubernetes namespace '{clusterInfo.Namespace.Metadata.Name}' ..."); await k8s.ReplaceNamespaceAsync(clusterInfo.Namespace, clusterInfo.Namespace.Metadata.Name); subOp.EndWithSuccess("Namespace updated"); } }
public async Task EnsureRoleExistsAsync(KubernetesEndpointManifest clusterInfo) { using var op = Logger.BeginOperation($"Preparing Role '{clusterInfo.ServiceAccount.Role.Metadata.Name}' ...", "K8S-Role"); var all = await k8s.ListNamespacedRoleAsync(clusterInfo.Namespace.Metadata.Name); var found = all.Items.FirstOrDefault(al => al.Metadata.Name.Equals(clusterInfo.ServiceAccount.Role.Metadata.Name)); if (found == null) { await k8s.CreateNamespacedRoleAsync(clusterInfo.ServiceAccount.Role, clusterInfo.Namespace.Metadata.Name); op.EndWithSuccess("Created"); } else { await k8s.ReplaceNamespacedRoleAsync(clusterInfo.ServiceAccount.Role, clusterInfo.ServiceAccount.Role.Metadata.Name, clusterInfo.Namespace.Metadata.Name); op.EndWithSuccess("Updated"); } }
public async Task <k8s.Models.V1ServiceAccount> EnsureServiceAccountExists(KubernetesEndpointManifest clusterInfo) { clusterInfo.ServiceAccount.Spec.Metadata.NamespaceProperty = clusterInfo.Namespace.Metadata.Name; clusterInfo.ServiceAccount.Role.Metadata.NamespaceProperty = clusterInfo.Namespace.Metadata.Name; clusterInfo.ServiceAccount.Binding.Metadata.NamespaceProperty = clusterInfo.Namespace.Metadata.Name; using var operation = Logger.BeginOperation($"Preparing Kubernetes service account '{clusterInfo.ServiceAccount.Spec.Metadata.Name}' ...", "Ensure-K8S-ServiceAccount"); foreach (var item in clusterInfo.ServiceAccount.Binding.Subjects) { item.NamespaceProperty = clusterInfo.Namespace.Metadata.Name; } var found = await GetSaFromNamespace(clusterInfo); if (found == null) { _ = await k8s.CreateNamespacedServiceAccountAsync(clusterInfo.ServiceAccount.Spec, clusterInfo.Namespace.Metadata.Name); operation.EndWithSuccess("SA Created"); } else { using var op = Logger.BeginOperation($"Updating Kubernetes service account '{clusterInfo.ServiceAccount.Spec.Metadata.Name}' ...", "Update-K8S-SA"); _ = await k8s.ReplaceNamespacedServiceAccountAsync(clusterInfo.ServiceAccount.Spec, clusterInfo.ServiceAccount.Spec.Metadata.Name, clusterInfo.Namespace.Metadata.Name); operation.EndWithSuccess("SA Updated"); } await EnsureRoleExistsAsync(clusterInfo); await EnsureRoleBindingExistsAsync(clusterInfo); // You need to reload this - so the secrets are also poplulated return(await GetSaFromNamespace(clusterInfo)); }