MCPcopy Index your code
hub / github.com/zalando/postgres-operator / initRoleBinding

Method initRoleBinding

pkg/controller/controller.go:253–298  ·  view source on GitHub ↗
()

Source from the content-addressed store, hash-verified

251}
252
253func (c *Controller) initRoleBinding() {
254
255 // service account on its own lacks any rights starting with k8s v1.8
256 // operator binds it to the cluster role with sufficient privileges
257 // we assume the role is created by the k8s administrator
258 if c.opConfig.PodServiceAccountRoleBindingDefinition == "" {
259 stringValue := fmt.Sprintf(`
260 {
261 "apiVersion": "rbac.authorization.k8s.io/v1",
262 "kind": "RoleBinding",
263 "metadata": {
264 "name": "%s"
265 },
266 "roleRef": {
267 "apiGroup": "rbac.authorization.k8s.io",
268 "kind": "ClusterRole",
269 "name": "%s"
270 },
271 "subjects": [
272 {
273 "kind": "ServiceAccount",
274 "name": "%s"
275 }
276 ]
277 }`, c.PodServiceAccount.Name, c.PodServiceAccount.Name, c.PodServiceAccount.Name)
278 c.opConfig.PodServiceAccountRoleBindingDefinition = compactValue(stringValue)
279 }
280 c.logger.Info("Parse role bindings")
281 // re-uses k8s internal parsing. See k8s client-go issue #193 for explanation
282 decode := scheme.Codecs.UniversalDeserializer().Decode
283 obj, groupVersionKind, err := decode([]byte(c.opConfig.PodServiceAccountRoleBindingDefinition), nil, nil)
284
285 switch {
286 case err != nil:
287 panic(fmt.Errorf("unable to parse the role binding definition from the operator configuration: %v", err))
288 case groupVersionKind.Kind != "RoleBinding":
289 panic(fmt.Errorf("role binding definition in the operator configuration defines another type of resource: %v", groupVersionKind.Kind))
290 default:
291 c.PodServiceAccountRoleBinding = obj.(*rbacv1.RoleBinding)
292 c.PodServiceAccountRoleBinding.Namespace = ""
293 c.logger.Info("successfully parsed")
294
295 }
296
297 // actual roles bindings ar*logrus.Entrye deployed at the time of Postgres/Spilo cluster creation
298}
299
300func logMultiLineConfig(log *logrus.Entry, config string) {
301 lines := strings.Split(config, "\n")

Callers 1

initControllerMethod · 0.95

Calls 1

compactValueFunction · 0.85

Tested by

no test coverage detected