CoCalc -- clusterrole.go

GitHub Repository: gitpod-io/gitpod
Path: blob/main/install/installer/pkg/components/cluster/clusterrole.go
²⁵⁰¹ views

1
// Copyright (c) 2021 Gitpod GmbH. All rights reserved.
2
// Licensed under the GNU Affero General Public License (AGPL).
3
// See License.AGPL.txt in the project root for license information.
4

5
package cluster
6

7
import (
8
	"fmt"
9

10
	"github.com/gitpod-io/gitpod/installer/pkg/common"
11
	v1 "k8s.io/api/rbac/v1"
12
	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
13
	"k8s.io/apimachinery/pkg/runtime"
14
)
15

16
func clusterrole(ctx *common.RenderContext) ([]runtime.Object, error) {
17
	resources := []runtime.Object{
18
		&v1.ClusterRole{
19
			TypeMeta: common.TypeMetaClusterRole,
20
			ObjectMeta: metav1.ObjectMeta{
21
				Name: fmt.Sprintf("%s-kube-rbac-proxy", ctx.Namespace),
22
			},
23
			Rules: []v1.PolicyRule{
24
				{
25
					APIGroups: []string{"authentication.k8s.io"},
26
					Resources: []string{"tokenreviews"},
27
					Verbs:     []string{"create"},
28
				},
29
				{
30
					APIGroups: []string{"authorization.k8s.io"},
31
					Resources: []string{"subjectaccessreviews"},
32
					Verbs:     []string{"create"},
33
				},
34
			},
35
		},
36
	}
37

38
	return resources, nil
39
}
40

41

Product

Resources

Company