Class: Clusters::Kubernetes::CreateOrUpdateServiceAccountService

Inherits:

Object

• Object
• Clusters::Kubernetes::CreateOrUpdateServiceAccountService

Defined in:

app/services/clusters/kubernetes/create_or_update_service_account_service.rb

Class Method Summary

• .gitlab_creator(kubeclient, rbac:) ⇒ Object
• .namespace_creator(kubeclient, service_account_name:, service_account_namespace:, service_account_namespace_labels:, rbac:) ⇒ Object

Instance Method Summary

• #execute ⇒ Object
• #initialize(kubeclient, service_account_name:, service_account_namespace:, token_name:, rbac:, service_account_namespace_labels: nil, namespace_creator: false, role_binding_name: nil) ⇒ CreateOrUpdateServiceAccountService constructor

  A new instance of CreateOrUpdateServiceAccountService.

Constructor Details

#initialize(kubeclient, service_account_name:, service_account_namespace:, token_name:, rbac:, service_account_namespace_labels: nil, namespace_creator: false, role_binding_name: nil) ⇒ CreateOrUpdateServiceAccountService

Returns a new instance of CreateOrUpdateServiceAccountService.

# File 'app/services/clusters/kubernetes/create_or_update_service_account_service.rb', line 6

def initialize(kubeclient, service_account_name:, service_account_namespace:, token_name:, rbac:, service_account_namespace_labels: nil, namespace_creator: false, role_binding_name: nil)
  @kubeclient = kubeclient
  @service_account_name = service_account_name
  @service_account_namespace = service_account_namespace
  @service_account_namespace_labels = service_account_namespace_labels
  @token_name = token_name
  @rbac = rbac
  @namespace_creator = namespace_creator
  @role_binding_name = role_binding_name
end

Class Method Details

.gitlab_creator(kubeclient, rbac:) ⇒ Object

# File 'app/services/clusters/kubernetes/create_or_update_service_account_service.rb', line 17

def self.gitlab_creator(kubeclient, rbac:)
  self.new(
    kubeclient,
    service_account_name: Clusters::Kubernetes::GITLAB_SERVICE_ACCOUNT_NAME,
    service_account_namespace: Clusters::Kubernetes::GITLAB_SERVICE_ACCOUNT_NAMESPACE,
    token_name: Clusters::Kubernetes::GITLAB_ADMIN_TOKEN_NAME,
    rbac: rbac
  )
end

.namespace_creator(kubeclient, service_account_name:, service_account_namespace:, service_account_namespace_labels:, rbac:) ⇒ Object

# File 'app/services/clusters/kubernetes/create_or_update_service_account_service.rb', line 27

def self.namespace_creator(kubeclient, service_account_name:, service_account_namespace:, service_account_namespace_labels:, rbac:)
  self.new(
    kubeclient,
    service_account_name: service_account_name,
    service_account_namespace: service_account_namespace,
    service_account_namespace_labels: service_account_namespace_labels,
    token_name: "#{service_account_namespace}-token",
    rbac: rbac,
    namespace_creator: true,
    role_binding_name: "gitlab-#{service_account_namespace}"
  )
end

Instance Method Details

#execute ⇒ Object

# File 'app/services/clusters/kubernetes/create_or_update_service_account_service.rb', line 40

def execute
  ensure_project_namespace_exists if namespace_creator

  kubeclient.create_or_update_service_account(service_account_resource)
  kubeclient.create_or_update_secret(service_account_token_resource)

  return unless rbac

  create_role_or_cluster_role_binding

  return unless namespace_creator

  create_or_update_knative_serving_role
  create_or_update_knative_serving_role_binding
  create_or_update_crossplane_database_role
  create_or_update_crossplane_database_role_binding
end