io.fabric8.kubernetes.api.model.rbac.PolicyRuleBuilder#io.fabric8.kubernetes.api.model.rbac.RoleBuilder源码实例Demo

下面列出了io.fabric8.kubernetes.api.model.rbac.PolicyRuleBuilder#io.fabric8.kubernetes.api.model.rbac.RoleBuilder 实例代码，或者点击链接到github查看源代码，也可以在右侧发表评论。

源代码1 项目： kubernetes-client 文件： RoleIT.java

@Before
public void init() {

  currentNamespace = session.getNamespace();

  // Do not run tests on opeshift 3.6.0 and 3.6.1
  assumeFalse(client.getVersion().getMajor().equalsIgnoreCase("1")
    && client.getVersion().getMinor().startsWith("6"));

  Role role = new RoleBuilder()
    .withNewMetadata()
    .withName("job-reader")
    .endMetadata()
    .addToRules(0, new PolicyRuleBuilder()
      .addToApiGroups(0,"batch")
      .addToResourceNames(0,"my-job")
      .addToResources(0,"jobs")
      .addToVerbs(0, "get")
      .addToVerbs(1, "watch")
      .addToVerbs(2, "list")
      .build()
    )
    .build();

  client.rbac().roles().inNamespace(currentNamespace).createOrReplace(role);
}

源代码2 项目： dekorate 文件： TektonHandler.java

public Role createRole(TektonConfig config) {
  return new RoleBuilder()
    .withNewMetadata()
      .withName("pipeline-deployer")
    .endMetadata()
    .addNewRule()
    .withApiGroups("", "apps", "extensions", "serving.knative.dev", "apps.openshift.io")
    .withResources("deployments", "services", "ingresses", "serviceaccounts", "rolebindings", "persistentvolumeclaims", "configmaps", "secrets")
    .withVerbs("get", "create", "update", "patch")
    .endRule()
    .build();
}

源代码3 项目： che 文件： KubernetesWorkspaceServiceAccount.java

private void createExecRole(KubernetesClient k8sClient, String name) {
  Role execRole =
      new RoleBuilder()
          .withNewMetadata()
          .withName(name)
          .endMetadata()
          .withRules(
              new PolicyRuleBuilder()
                  .withResources("pods/exec")
                  .withApiGroups("")
                  .withVerbs("create")
                  .build())
          .build();
  k8sClient.rbac().roles().inNamespace(namespace).create(execRole);
}

源代码4 项目： che 文件： KubernetesWorkspaceServiceAccount.java

private void createViewRole(KubernetesClient k8sClient, String name) {
  Role viewRole =
      new RoleBuilder()
          .withNewMetadata()
          .withName(name)
          .endMetadata()
          .withRules(
              new PolicyRuleBuilder()
                  .withResources("pods", "services")
                  .withApiGroups("")
                  .withVerbs("list")
                  .build())
          .build();
  k8sClient.rbac().roles().inNamespace(namespace).create(viewRole);
}

源代码5 项目： enmasse 文件： SystemtestsKubernetesApps.java

public static void deployAMQBroker(String namespace, String name, String user, String password, BrokerCertBundle certBundle) throws Exception {
    kube.createNamespace(namespace);

    kube.getClient().rbac().roles().inNamespace(namespace).createOrReplace(new RoleBuilder()
            .withNewMetadata()
            .withName(name)
            .withNamespace(namespace)
            .endMetadata()
            .withRules(new PolicyRuleBuilder()
                    .addToApiGroups("")
                    .addToResources("secrets")
                    .addToResourceNames(name)
                    .addToVerbs("get")
                    .build())
            .build());
    kube.getClient().rbac().roleBindings().inNamespace(namespace).createOrReplace(new RoleBindingBuilder()
            .withNewMetadata()
            .withName(name)
            .withNamespace(namespace)
            .endMetadata()
            .withNewRoleRef("rbac.authorization.k8s.io", "Role", name)
            .withSubjects(new SubjectBuilder()
                    .withKind("ServiceAccount")
                    .withName("address-space-controller")
                    .withNamespace(kube.getInfraNamespace())
                    .build())
            .build());

    kube.createSecret(namespace, getBrokerSecret(name, certBundle, user, password));

    kube.createDeploymentFromResource(namespace, getBrokerDeployment(name, user, password), 3, TimeUnit.MINUTES);

    ServicePort tlsPort = new ServicePortBuilder()
            .withName("amqps")
            .withPort(5671)
            .withTargetPort(new IntOrString(5671))
            .build();

    ServicePort mutualTlsPort = new ServicePortBuilder()
            .withName("amqpsmutual")
            .withPort(55671)
            .withTargetPort(new IntOrString(55671))
            .build();

    Service service = getSystemtestsServiceResource(name, name, new ServicePortBuilder()
                    .withName("amqp")
                    .withPort(5672)
                    .withTargetPort(new IntOrString(5672))
                    .build(),
            tlsPort,
            mutualTlsPort);

    kube.createServiceFromResource(namespace, service);

    kube.createExternalEndpoint(name, namespace, service, tlsPort);

    kube.getClient()
            .apps().deployments()
            .inNamespace(namespace)
            .withName(name)
            .waitUntilReady(5, TimeUnit.MINUTES);

    Thread.sleep(5000);
}

方法所在类

io.fabric8.kubernetes.api.model.rbac.PolicyRuleBuilder