Code Review / ric-plt / ric-dep.git / blob
? search:


13a82001484b724be956831eddf646d9c7ac71fc
[ric-plt/ric-dep.git] / depRicKubernetesOperator / internal / controller / getClusterRole.go
1 package controller\r
2 \r
3 import (\r
4         corev1 "k8s.io/api/core/v1"\r
5         metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"\r
6         rbacv1 "k8s.io/api/rbac/v1"\r
7 )       \r
8 \r
9 func GetClusterRole() []*rbacv1.ClusterRole {\r
10 \r
11         clusterRole1 := &rbacv1.ClusterRole{\r
12                 ObjectMeta: metav1.ObjectMeta{\r
13                         Name: "svcacct-ricplt-appmgr-ricxapp-access",\r
14                 },\r
15                 Rules: []rbacv1.PolicyRule{\r
16 \r
17                         rbacv1.PolicyRule{\r
18                                 APIGroups: []string{\r
19 \r
20                                         "",\r
21                                 },\r
22                                 Resources: []string{\r
23 \r
24                                         "pods/portforward",\r
25                                 },\r
26                                 Verbs: []string{\r
27 \r
28                                         "create",\r
29                                 },\r
30                         },\r
31                         rbacv1.PolicyRule{\r
32                                 APIGroups: []string{\r
33 \r
34                                         "",\r
35                                 },\r
36                                 Resources: []string{\r
37 \r
38                                         "pods",\r
39                                         "configmaps",\r
40                                         "deployments",\r
41                                         "services",\r
42                                 },\r
43                                 Verbs: []string{\r
44 \r
45                                         "get",\r
46                                         "list",\r
47                                         "create",\r
48                                         "delete",\r
49                                 },\r
50                         },\r
51                         rbacv1.PolicyRule{\r
52                                 APIGroups: []string{\r
53 \r
54                                         "",\r
55                                 },\r
56                                 Resources: []string{\r
57 \r
58                                         "secrets",\r
59                                 },\r
60                                 Verbs: []string{\r
61 \r
62                                         "get",\r
63                                         "list",\r
64                                 },\r
65                         },\r
66                 },\r
67                 TypeMeta: metav1.TypeMeta{\r
68                         Kind:       "ClusterRole",\r
69                         APIVersion: "rbac.authorization.k8s.io/v1",\r
70                 },\r
71         }\r
72 \r
73         clusterRole2 := &rbacv1.ClusterRole{\r
74                 Rules: []rbacv1.PolicyRule{\r
75 \r
76                         rbacv1.PolicyRule{\r
77                                 APIGroups: []string{\r
78 \r
79                                         "",\r
80                                 },\r
81                                 Resources: []string{\r
82 \r
83                                         "configmaps",\r
84                                         "endpoints",\r
85                                         "services",\r
86                                 },\r
87                                 Verbs: []string{\r
88 \r
89                                         "get",\r
90                                         "list",\r
91                                         "create",\r
92                                         "update",\r
93                                         "delete",\r
94                                 },\r
95                         },\r
96                 },\r
97                 TypeMeta: metav1.TypeMeta{\r
98                         APIVersion: "rbac.authorization.k8s.io/v1",\r
99                         Kind:       "ClusterRole",\r
100                 },\r
101                 ObjectMeta: metav1.ObjectMeta{\r
102                         Name: "svcacct-ricplt-appmgr-ricxapp-getappconfig",\r
103                 },\r
104         }\r
105 \r
106         clusterRole3 := &rbacv1.ClusterRole{\r
107                 ObjectMeta: metav1.ObjectMeta{\r
108                         Labels: map[string]string{\r
109                                 "app.kubernetes.io/version":    "1.4",\r
110                                 "helm.sh/chart":                "kong-0.36.6",\r
111                                 "app.kubernetes.io/instance":   "release-name",\r
112                                 "app.kubernetes.io/managed-by": "Helm",\r
113                                 "app.kubernetes.io/name":       "kong",\r
114                         },\r
115                         Name: "release-name-kong",\r
116                 },\r
117                 Rules: []rbacv1.PolicyRule{\r
118 \r
119                         rbacv1.PolicyRule{\r
120                                 Resources: []string{\r
121 \r
122                                         "endpoints",\r
123                                         "nodes",\r
124                                         "pods",\r
125                                         "secrets",\r
126                                 },\r
127                                 Verbs: []string{\r
128 \r
129                                         "list",\r
130                                         "watch",\r
131                                 },\r
132                                 APIGroups: []string{\r
133 \r
134                                         "",\r
135                                 },\r
136                         },\r
137                         rbacv1.PolicyRule{\r
138                                 APIGroups: []string{\r
139 \r
140                                         "",\r
141                                 },\r
142                                 Resources: []string{\r
143 \r
144                                         "nodes",\r
145                                 },\r
146                                 Verbs: []string{\r
147 \r
148                                         "get",\r
149                                 },\r
150                         },\r
151                         rbacv1.PolicyRule{\r
152                                 APIGroups: []string{\r
153 \r
154                                         "",\r
155                                 },\r
156                                 Resources: []string{\r
157 \r
158                                         "services",\r
159                                 },\r
160                                 Verbs: []string{\r
161 \r
162                                         "get",\r
163                                         "list",\r
164                                         "watch",\r
165                                 },\r
166                         },\r
167                         rbacv1.PolicyRule{\r
168                                 APIGroups: []string{\r
169 \r
170                                         "extensions",\r
171                                         "networking.k8s.io",\r
172                                 },\r
173                                 Resources: []string{\r
174 \r
175                                         "ingresses",\r
176                                 },\r
177                                 Verbs: []string{\r
178 \r
179                                         "get",\r
180                                         "list",\r
181                                         "watch",\r
182                                 },\r
183                         },\r
184                         rbacv1.PolicyRule{\r
185                                 APIGroups: []string{\r
186 \r
187                                         "",\r
188                                 },\r
189                                 Resources: []string{\r
190 \r
191                                         "events",\r
192                                 },\r
193                                 Verbs: []string{\r
194 \r
195                                         "create",\r
196                                         "patch",\r
197                                 },\r
198                         },\r
199                         rbacv1.PolicyRule{\r
200                                 APIGroups: []string{\r
201 \r
202                                         "extensions",\r
203                                         "networking.k8s.io",\r
204                                 },\r
205                                 Resources: []string{\r
206 \r
207                                         "ingresses/status",\r
208                                 },\r
209                                 Verbs: []string{\r
210 \r
211                                         "update",\r
212                                 },\r
213                         },\r
214                         rbacv1.PolicyRule{\r
215                                 Verbs: []string{\r
216 \r
217                                         "get",\r
218                                         "list",\r
219                                         "watch",\r
220                                 },\r
221                                 APIGroups: []string{\r
222 \r
223                                         "configuration.konghq.com",\r
224                                 },\r
225                                 Resources: []string{\r
226 \r
227                                         "kongplugins",\r
228                                         "kongcredentials",\r
229                                         "kongconsumers",\r
230                                         "kongingresses",\r
231                                 },\r
232                         },\r
233                 },\r
234                 TypeMeta: metav1.TypeMeta{\r
235                         APIVersion: "rbac.authorization.k8s.io/v1",\r
236                         Kind:       "ClusterRole",\r
237                 },\r
238         }\r
239 \r
240         clusterRole4 := &rbacv1.ClusterRole{\r
241                 ObjectMeta: metav1.ObjectMeta{\r
242                         Labels: map[string]string{\r
243                                 "app.kubernetes.io/managed-by": "Helm",\r
244                                 "app.kubernetes.io/name":       "kong",\r
245                                 "app.kubernetes.io/version":    "1.4",\r
246                                 "helm.sh/chart":                "kong-0.36.6",\r
247                                 "app.kubernetes.io/instance":   "release-name",\r
248                         },\r
249                         Name: "release-name-kong",\r
250                 },\r
251                 Rules: []rbacv1.PolicyRule{\r
252 \r
253                         rbacv1.PolicyRule{\r
254                                 APIGroups: []string{\r
255 \r
256                                         "",\r
257                                 },\r
258                                 Resources: []string{\r
259 \r
260                                         "endpoints",\r
261                                         "nodes",\r
262                                         "pods",\r
263                                         "secrets",\r
264                                 },\r
265                                 Verbs: []string{\r
266 \r
267                                         "list",\r
268                                         "watch",\r
269                                 },\r
270                         },\r
271                         rbacv1.PolicyRule{\r
272                                 Resources: []string{\r
273 \r
274                                         "nodes",\r
275                                 },\r
276                                 Verbs: []string{\r
277 \r
278                                         "get",\r
279                                 },\r
280                                 APIGroups: []string{\r
281 \r
282                                         "",\r
283                                 },\r
284                         },\r
285                         rbacv1.PolicyRule{\r
286                                 Verbs: []string{\r
287 \r
288                                         "get",\r
289                                         "list",\r
290                                         "watch",\r
291                                 },\r
292                                 APIGroups: []string{\r
293 \r
294                                         "",\r
295                                 },\r
296                                 Resources: []string{\r
297 \r
298                                         "services",\r
299                                 },\r
300                         },\r
301                         rbacv1.PolicyRule{\r
302                                 APIGroups: []string{\r
303 \r
304                                         "extensions",\r
305                                         "networking.k8s.io",\r
306                                 },\r
307                                 Resources: []string{\r
308 \r
309                                         "ingresses",\r
310                                 },\r
311                                 Verbs: []string{\r
312 \r
313                                         "get",\r
314                                         "list",\r
315                                         "watch",\r
316                                 },\r
317                         },\r
318                         rbacv1.PolicyRule{\r
319                                 Resources: []string{\r
320 \r
321                                         "events",\r
322                                 },\r
323                                 Verbs: []string{\r
324 \r
325                                         "create",\r
326                                         "patch",\r
327                                 },\r
328                                 APIGroups: []string{\r
329 \r
330                                         "",\r
331                                 },\r
332                         },\r
333                         rbacv1.PolicyRule{\r
334                                 APIGroups: []string{\r
335 \r
336                                         "extensions",\r
337                                         "networking.k8s.io",\r
338                                 },\r
339                                 Resources: []string{\r
340 \r
341                                         "ingresses/status",\r
342                                 },\r
343                                 Verbs: []string{\r
344 \r
345                                         "update",\r
346                                 },\r
347                         },\r
348                         rbacv1.PolicyRule{\r
349                                 APIGroups: []string{\r
350 \r
351                                         "configuration.konghq.com",\r
352                                 },\r
353                                 Resources: []string{\r
354 \r
355                                         "kongplugins",\r
356                                         "kongcredentials",\r
357                                         "kongconsumers",\r
358                                         "kongingresses",\r
359                                 },\r
360                                 Verbs: []string{\r
361 \r
362                                         "get",\r
363                                         "list",\r
364                                         "watch",\r
365                                 },\r
366                         },\r
367                 },\r
368                 TypeMeta: metav1.TypeMeta{\r
369                         APIVersion: "rbac.authorization.k8s.io/v1",\r
370                         Kind:       "ClusterRole",\r
371                 },\r
372         }\r
373 \r
374         return []*rbacv1.ClusterRole{clusterRole1, clusterRole2, clusterRole3, clusterRole4}\r
375 }