depRicKubernetesOperator/internal/controller/getClusterRole.go

   1 package controller\r
   2 \r
   3 import (\r
   4         corev1 "k8s.io/api/core/v1"\r
   5         metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"\r
   6 )       \r
   7 \r
   8 func GetClusterRole() []*rbacv1.ClusterRole {\r
   9 \r
  10         clusterRole1 := &rbacv1.ClusterRole{\r
  11                 ObjectMeta: metav1.ObjectMeta{\r
  12                         Name: "svcacct-ricplt-appmgr-ricxapp-access",\r
  13                 },\r
  14                 Rules: []rbacv1.PolicyRule{\r
  15 \r
  16                         rbacv1.PolicyRule{\r
  17                                 APIGroups: []string{\r
  18 \r
  19                                         "",\r
  20                                 },\r
  21                                 Resources: []string{\r
  22 \r
  23                                         "pods/portforward",\r
  24                                 },\r
  25                                 Verbs: []string{\r
  26 \r
  27                                         "create",\r
  28                                 },\r
  29                         },\r
  30                         rbacv1.PolicyRule{\r
  31                                 APIGroups: []string{\r
  32 \r
  33                                         "",\r
  34                                 },\r
  35                                 Resources: []string{\r
  36 \r
  37                                         "pods",\r
  38                                         "configmaps",\r
  39                                         "deployments",\r
  40                                         "services",\r
  41                                 },\r
  42                                 Verbs: []string{\r
  43 \r
  44                                         "get",\r
  45                                         "list",\r
  46                                         "create",\r
  47                                         "delete",\r
  48                                 },\r
  49                         },\r
  50                         rbacv1.PolicyRule{\r
  51                                 APIGroups: []string{\r
  52 \r
  53                                         "",\r
  54                                 },\r
  55                                 Resources: []string{\r
  56 \r
  57                                         "secrets",\r
  58                                 },\r
  59                                 Verbs: []string{\r
  60 \r
  61                                         "get",\r
  62                                         "list",\r
  63                                 },\r
  64                         },\r
  65                 },\r
  66                 TypeMeta: metav1.TypeMeta{\r
  67                         Kind:       "ClusterRole",\r
  68                         APIVersion: "rbac.authorization.k8s.io/v1",\r
  69                 },\r
  70         }\r
  71 \r
  72         clusterRole2 := &rbacv1.ClusterRole{\r
  73                 Rules: []rbacv1.PolicyRule{\r
  74 \r
  75                         rbacv1.PolicyRule{\r
  76                                 APIGroups: []string{\r
  77 \r
  78                                         "",\r
  79                                 },\r
  80                                 Resources: []string{\r
  81 \r
  82                                         "configmaps",\r
  83                                         "endpoints",\r
  84                                         "services",\r
  85                                 },\r
  86                                 Verbs: []string{\r
  87 \r
  88                                         "get",\r
  89                                         "list",\r
  90                                         "create",\r
  91                                         "update",\r
  92                                         "delete",\r
  93                                 },\r
  94                         },\r
  95                 },\r
  96                 TypeMeta: metav1.TypeMeta{\r
  97                         APIVersion: "rbac.authorization.k8s.io/v1",\r
  98                         Kind:       "ClusterRole",\r
  99                 },\r
 100                 ObjectMeta: metav1.ObjectMeta{\r
 101                         Name: "svcacct-ricplt-appmgr-ricxapp-getappconfig",\r
 102                 },\r
 103         }\r
 104 \r
 105         return []*rbacv1.ClusterRole{clusterRole1, clusterRole2}\r
 106 \r
 107 }