forked from openshift/origin
/
sample_template.go
67 lines (54 loc) · 2.25 KB
/
sample_template.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
package delegated
import (
"k8s.io/api/rbac/v1beta1"
"k8s.io/apimachinery/pkg/runtime"
"k8s.io/kubernetes/pkg/apis/rbac"
projectapiv1 "github.com/openshift/api/project/v1"
oapi "github.com/openshift/origin/pkg/api"
"github.com/openshift/origin/pkg/cmd/server/bootstrappolicy"
projectapi "github.com/openshift/origin/pkg/project/apis/project"
templateapi "github.com/openshift/origin/pkg/template/apis/template"
)
const (
DefaultTemplateName = "project-request"
ProjectNameParam = "PROJECT_NAME"
ProjectDisplayNameParam = "PROJECT_DISPLAYNAME"
ProjectDescriptionParam = "PROJECT_DESCRIPTION"
ProjectAdminUserParam = "PROJECT_ADMIN_USER"
ProjectRequesterParam = "PROJECT_REQUESTING_USER"
)
var (
parameters = []string{ProjectNameParam, ProjectDisplayNameParam, ProjectDescriptionParam, ProjectAdminUserParam, ProjectRequesterParam}
)
func DefaultTemplate() *templateapi.Template {
ret := &templateapi.Template{}
ret.Name = DefaultTemplateName
ns := "${" + ProjectNameParam + "}"
project := &projectapi.Project{}
project.Name = ns
project.Annotations = map[string]string{
oapi.OpenShiftDescription: "${" + ProjectDescriptionParam + "}",
oapi.OpenShiftDisplayName: "${" + ProjectDisplayNameParam + "}",
projectapi.ProjectRequester: "${" + ProjectRequesterParam + "}",
}
if err := templateapi.AddObjectsToTemplate(ret, []runtime.Object{project}, projectapiv1.SchemeGroupVersion); err != nil {
panic(err)
}
serviceAccountRoleBindings := bootstrappolicy.GetBootstrapServiceAccountProjectRoleBindings(ns)
for i := range serviceAccountRoleBindings {
if err := templateapi.AddObjectsToTemplate(ret, []runtime.Object{&serviceAccountRoleBindings[i]}, v1beta1.SchemeGroupVersion); err != nil {
panic(err)
}
}
binding := rbac.NewRoleBindingForClusterRole(bootstrappolicy.AdminRoleName, ns).Users("${" + ProjectAdminUserParam + "}").BindingOrDie()
if err := templateapi.AddObjectsToTemplate(ret, []runtime.Object{&binding}, v1beta1.SchemeGroupVersion); err != nil {
// this should never happen because we're tightly controlling what goes in.
panic(err)
}
for _, parameterName := range parameters {
parameter := templateapi.Parameter{}
parameter.Name = parameterName
ret.Parameters = append(ret.Parameters, parameter)
}
return ret
}