forked from openshift/origin
-
Notifications
You must be signed in to change notification settings - Fork 0
/
sample_template.go
73 lines (61 loc) · 2.51 KB
/
sample_template.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
package delegated
import (
rbacv1 "k8s.io/api/rbac/v1"
"k8s.io/apimachinery/pkg/runtime"
"k8s.io/kubernetes/pkg/api/legacyscheme"
"k8s.io/kubernetes/pkg/apis/rbac"
projectapiv1 "github.com/openshift/api/project/v1"
templateapi "github.com/openshift/api/template/v1"
oapi "github.com/openshift/origin/pkg/api"
"github.com/openshift/origin/pkg/cmd/server/bootstrappolicy"
projectapi "github.com/openshift/origin/pkg/project/apis/project"
)
const (
DefaultTemplateName = "project-request"
ProjectNameParam = "PROJECT_NAME"
ProjectDisplayNameParam = "PROJECT_DISPLAYNAME"
ProjectDescriptionParam = "PROJECT_DESCRIPTION"
ProjectAdminUserParam = "PROJECT_ADMIN_USER"
ProjectRequesterParam = "PROJECT_REQUESTING_USER"
)
var (
parameters = []string{ProjectNameParam, ProjectDisplayNameParam, ProjectDescriptionParam, ProjectAdminUserParam, ProjectRequesterParam}
)
func DefaultTemplate() *templateapi.Template {
ret := &templateapi.Template{}
ret.Name = DefaultTemplateName
ns := "${" + ProjectNameParam + "}"
project := &projectapi.Project{}
project.Name = ns
project.Annotations = map[string]string{
oapi.OpenShiftDescription: "${" + ProjectDescriptionParam + "}",
oapi.OpenShiftDisplayName: "${" + ProjectDisplayNameParam + "}",
projectapi.ProjectRequester: "${" + ProjectRequesterParam + "}",
}
objBytes, err := runtime.Encode(legacyscheme.Codecs.LegacyCodec(projectapiv1.GroupVersion), project)
if err != nil {
panic(err)
}
ret.Objects = append(ret.Objects, runtime.RawExtension{Raw: objBytes})
// TODO this should be removed in 3.11. We need to keep it for new server, old controller cases in 3.10.
serviceAccountRoleBindings := bootstrappolicy.GetBootstrapServiceAccountProjectRoleBindings(ns)
for i := range serviceAccountRoleBindings {
objBytes, err := runtime.Encode(legacyscheme.Codecs.LegacyCodec(rbacv1.SchemeGroupVersion), &serviceAccountRoleBindings[i])
if err != nil {
panic(err)
}
ret.Objects = append(ret.Objects, runtime.RawExtension{Raw: objBytes})
}
binding := rbac.NewRoleBindingForClusterRole(bootstrappolicy.AdminRoleName, ns).Users("${" + ProjectAdminUserParam + "}").BindingOrDie()
objBytes, err = runtime.Encode(legacyscheme.Codecs.LegacyCodec(rbacv1.SchemeGroupVersion), &binding)
if err != nil {
panic(err)
}
ret.Objects = append(ret.Objects, runtime.RawExtension{Raw: objBytes})
for _, parameterName := range parameters {
parameter := templateapi.Parameter{}
parameter.Name = parameterName
ret.Parameters = append(ret.Parameters, parameter)
}
return ret
}