MCPcopy Index your code
hub / github.com/zalando/postgres-operator / createRoleBindings

Method createRoleBindings

pkg/controller/postgresql.go:617–642  ·  view source on GitHub ↗
(namespace string)

Source from the content-addressed store, hash-verified

615}
616
617func (c *Controller) createRoleBindings(namespace string) error {
618
619 podServiceAccountName := c.opConfig.PodServiceAccountName
620 podServiceAccountRoleBindingName := c.PodServiceAccountRoleBinding.Name
621
622 _, err := c.KubeClient.RoleBindings(namespace).Get(context.TODO(), podServiceAccountRoleBindingName, metav1.GetOptions{})
623 if k8sutil.ResourceNotFound(err) {
624
625 c.logger.Infof("Creating the role binding %q in the %q namespace", podServiceAccountRoleBindingName, namespace)
626
627 // get a separate copy of role binding
628 // to prevent a race condition when setting a namespace for many clusters
629 rb := *c.PodServiceAccountRoleBinding
630 _, err = c.KubeClient.RoleBindings(namespace).Create(context.TODO(), &rb, metav1.CreateOptions{})
631 if err != nil {
632 return fmt.Errorf("cannot bind the pod service account %q defined in the configuration to the cluster role in the %q namespace: %v", podServiceAccountName, namespace, err)
633 }
634
635 c.logger.Infof("successfully deployed the role binding for the pod service account %q to the %q namespace", podServiceAccountName, namespace)
636
637 } else if k8sutil.ResourceAlreadyExists(err) {
638 return nil
639 }
640
641 return err
642}

Callers 1

submitRBACCredentialsMethod · 0.95

Calls 4

ResourceNotFoundFunction · 0.92
ResourceAlreadyExistsFunction · 0.92
GetMethod · 0.65
CreateMethod · 0.65

Tested by

no test coverage detected