forked from openshift/origin
-
Notifications
You must be signed in to change notification settings - Fork 0
/
create_bootstrappolicy_file.go
114 lines (88 loc) · 3.3 KB
/
create_bootstrappolicy_file.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
package admin
import (
"bytes"
"errors"
"io"
"io/ioutil"
"os"
"path"
"github.com/spf13/cobra"
kapi "github.com/GoogleCloudPlatform/kubernetes/pkg/api"
"github.com/GoogleCloudPlatform/kubernetes/pkg/kubectl"
kcmdutil "github.com/GoogleCloudPlatform/kubernetes/pkg/kubectl/cmd/util"
"github.com/openshift/origin/pkg/api/latest"
"github.com/openshift/origin/pkg/cmd/server/bootstrappolicy"
"github.com/openshift/origin/pkg/template/api"
)
const (
DefaultPolicyFile = "openshift.local.config/master/policy.json"
CreateBootstrapPolicyFileCommand = "create-bootstrap-policy-file"
CreateBootstrapPolicyFileFullCommand = "openshift admin " + CreateBootstrapPolicyFileCommand
)
type CreateBootstrapPolicyFileOptions struct {
File string
OpenShiftSharedResourcesNamespace string
}
func NewCommandCreateBootstrapPolicyFile(commandName string, fullName string, out io.Writer) *cobra.Command {
options := &CreateBootstrapPolicyFileOptions{}
cmd := &cobra.Command{
Use: commandName,
Short: "Create bootstrap policy for OpenShift",
Run: func(cmd *cobra.Command, args []string) {
if err := options.Validate(args); err != nil {
kcmdutil.CheckErr(kcmdutil.UsageError(cmd, err.Error()))
}
if err := options.CreateBootstrapPolicyFile(); err != nil {
kcmdutil.CheckErr(err)
}
},
}
flags := cmd.Flags()
flags.StringVar(&options.File, "filename", DefaultPolicyFile, "The policy template file that will be written with roles and bindings.")
flags.StringVar(&options.OpenShiftSharedResourcesNamespace, "openshift-namespace", "openshift", "Namespace for shared openshift resources.")
return cmd
}
func (o CreateBootstrapPolicyFileOptions) Validate(args []string) error {
if len(args) != 0 {
return errors.New("no arguments are supported")
}
if len(o.File) == 0 {
return errors.New("filename must be provided")
}
if len(o.OpenShiftSharedResourcesNamespace) == 0 {
return errors.New("openshift-namespace must be provided")
}
return nil
}
func (o CreateBootstrapPolicyFileOptions) CreateBootstrapPolicyFile() error {
if err := os.MkdirAll(path.Dir(o.File), os.FileMode(0755)); err != nil {
return err
}
policyTemplate := &api.Template{}
clusterRoles := bootstrappolicy.GetBootstrapClusterRoles()
for i := range clusterRoles {
policyTemplate.Objects = append(policyTemplate.Objects, &clusterRoles[i])
}
clusterRoleBindings := bootstrappolicy.GetBootstrapClusterRoleBindings()
for i := range clusterRoleBindings {
policyTemplate.Objects = append(policyTemplate.Objects, &clusterRoleBindings[i])
}
openshiftRoles := bootstrappolicy.GetBootstrapOpenshiftRoles(o.OpenShiftSharedResourcesNamespace)
for i := range openshiftRoles {
policyTemplate.Objects = append(policyTemplate.Objects, &openshiftRoles[i])
}
openshiftRoleBindings := bootstrappolicy.GetBootstrapOpenshiftRoleBindings(o.OpenShiftSharedResourcesNamespace)
for i := range openshiftRoleBindings {
policyTemplate.Objects = append(policyTemplate.Objects, &openshiftRoleBindings[i])
}
versionedPolicyTemplate, err := kapi.Scheme.ConvertToVersion(policyTemplate, latest.Version)
if err != nil {
return err
}
buffer := &bytes.Buffer{}
(&kubectl.JSONPrinter{}).PrintObj(versionedPolicyTemplate, buffer)
if err := ioutil.WriteFile(o.File, buffer.Bytes(), 0644); err != nil {
return err
}
return nil
}