Docker/portainer
Docker/portainer
1
0
Fork 0
mirror of https://github.com/portainer/portainer.git synced 2025-07-23 07:19:41 +02:00
Code Issues Releases Activity
portainer/api/kubernetes/cli/role.go
zees-dev 54d47ebc76
feat(docker/kubernetes): backend docker and kubernetes dependency updates (#5861) 
* client-go library update + go mod tidy

* update all k8s methods to include context

* docker/cli updated to v20.10.9 (latest)

* - removed docker/docker to docker/engine replace directive
- go mod tidy

* docker/docker updated to v20.10.9 (latest)
2021-10-12 15:32:14 +13:00

50 lines
1.1 KiB
Go
Raw Blame History

package cli
import (
"context"
rbacv1 "k8s.io/api/rbac/v1"
k8serrors "k8s.io/apimachinery/pkg/api/errors"
metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
)
func getPortainerUserDefaultPolicies() []rbacv1.PolicyRule {
return []rbacv1.PolicyRule{
{
Verbs: []string{"list"},
Resources: []string{"namespaces", "nodes"},
APIGroups: []string{""},
},
{
Verbs: []string{"list"},
Resources: []string{"storageclasses"},
APIGroups: []string{"storage.k8s.io"},
},
{
Verbs: []string{"list"},
Resources: []string{"namespaces", "pods"},
APIGroups: []string{"metrics.k8s.io"},
},
}
}
func (kcl *KubeClient) upsertPortainerK8sClusterRoles() error {
clusterRole := &rbacv1.ClusterRole{
ObjectMeta: metav1.ObjectMeta{
Name: portainerUserCRName,
},
Rules: getPortainerUserDefaultPolicies(),
}
_, err := kcl.cli.RbacV1().ClusterRoles().Create(context.TODO(), clusterRole, metav1.CreateOptions{})
if err != nil {
if k8serrors.IsAlreadyExists(err) {
_, err = kcl.cli.RbacV1().ClusterRoles().Update(context.TODO(), clusterRole, metav1.UpdateOptions{})
}
if err != nil {
return err
}
}
return nil
}
View git blame Copy permalink