ignore duplicate resource in create rolebinding
This commit is contained in:
xilabao
@@ -96,6 +96,7 @@ go_library(
|
|||||||
"//vendor:k8s.io/apimachinery/pkg/types",
|
"//vendor:k8s.io/apimachinery/pkg/types",
|
||||||
"//vendor:k8s.io/apimachinery/pkg/util/errors",
|
"//vendor:k8s.io/apimachinery/pkg/util/errors",
|
||||||
"//vendor:k8s.io/apimachinery/pkg/util/intstr",
|
"//vendor:k8s.io/apimachinery/pkg/util/intstr",
|
||||||
|
"//vendor:k8s.io/apimachinery/pkg/util/sets",
|
||||||
"//vendor:k8s.io/apimachinery/pkg/util/uuid",
|
"//vendor:k8s.io/apimachinery/pkg/util/uuid",
|
||||||
"//vendor:k8s.io/apimachinery/pkg/util/validation",
|
"//vendor:k8s.io/apimachinery/pkg/util/validation",
|
||||||
"//vendor:k8s.io/apimachinery/pkg/util/wait",
|
"//vendor:k8s.io/apimachinery/pkg/util/wait",
|
||||||
|
|||||||
@@ -22,6 +22,7 @@ import (
|
|||||||
"strings"
|
"strings"
|
||||||
|
|
||||||
"k8s.io/apimachinery/pkg/runtime"
|
"k8s.io/apimachinery/pkg/runtime"
|
||||||
|
"k8s.io/apimachinery/pkg/util/sets"
|
||||||
"k8s.io/kubernetes/pkg/apis/rbac"
|
"k8s.io/kubernetes/pkg/apis/rbac"
|
||||||
)
|
)
|
||||||
|
|
||||||
@@ -115,21 +116,21 @@ func (s ClusterRoleBindingGeneratorV1) StructuredGenerate() (runtime.Object, err
|
|||||||
Kind: "ClusterRole",
|
Kind: "ClusterRole",
|
||||||
Name: s.ClusterRole,
|
Name: s.ClusterRole,
|
||||||
}
|
}
|
||||||
for _, user := range s.Users {
|
for _, user := range sets.NewString(s.Users...).List() {
|
||||||
clusterRoleBinding.Subjects = append(clusterRoleBinding.Subjects, rbac.Subject{
|
clusterRoleBinding.Subjects = append(clusterRoleBinding.Subjects, rbac.Subject{
|
||||||
Kind: rbac.UserKind,
|
Kind: rbac.UserKind,
|
||||||
APIGroup: rbac.GroupName,
|
APIGroup: rbac.GroupName,
|
||||||
Name: user,
|
Name: user,
|
||||||
})
|
})
|
||||||
}
|
}
|
||||||
for _, group := range s.Groups {
|
for _, group := range sets.NewString(s.Groups...).List() {
|
||||||
clusterRoleBinding.Subjects = append(clusterRoleBinding.Subjects, rbac.Subject{
|
clusterRoleBinding.Subjects = append(clusterRoleBinding.Subjects, rbac.Subject{
|
||||||
Kind: rbac.GroupKind,
|
Kind: rbac.GroupKind,
|
||||||
APIGroup: rbac.GroupName,
|
APIGroup: rbac.GroupName,
|
||||||
Name: group,
|
Name: group,
|
||||||
})
|
})
|
||||||
}
|
}
|
||||||
for _, sa := range s.ServiceAccounts {
|
for _, sa := range sets.NewString(s.ServiceAccounts...).List() {
|
||||||
tokens := strings.Split(sa, ":")
|
tokens := strings.Split(sa, ":")
|
||||||
if len(tokens) != 2 {
|
if len(tokens) != 2 {
|
||||||
return nil, fmt.Errorf("serviceaccount must be <namespace>:<name>")
|
return nil, fmt.Errorf("serviceaccount must be <namespace>:<name>")
|
||||||
|
|||||||
@@ -22,6 +22,7 @@ import (
|
|||||||
"strings"
|
"strings"
|
||||||
|
|
||||||
"k8s.io/apimachinery/pkg/runtime"
|
"k8s.io/apimachinery/pkg/runtime"
|
||||||
|
"k8s.io/apimachinery/pkg/util/sets"
|
||||||
"k8s.io/kubernetes/pkg/apis/rbac"
|
"k8s.io/kubernetes/pkg/apis/rbac"
|
||||||
)
|
)
|
||||||
|
|
||||||
@@ -130,21 +131,21 @@ func (s RoleBindingGeneratorV1) StructuredGenerate() (runtime.Object, error) {
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
for _, user := range s.Users {
|
for _, user := range sets.NewString(s.Users...).List() {
|
||||||
roleBinding.Subjects = append(roleBinding.Subjects, rbac.Subject{
|
roleBinding.Subjects = append(roleBinding.Subjects, rbac.Subject{
|
||||||
Kind: rbac.UserKind,
|
Kind: rbac.UserKind,
|
||||||
APIGroup: rbac.GroupName,
|
APIGroup: rbac.GroupName,
|
||||||
Name: user,
|
Name: user,
|
||||||
})
|
})
|
||||||
}
|
}
|
||||||
for _, group := range s.Groups {
|
for _, group := range sets.NewString(s.Groups...).List() {
|
||||||
roleBinding.Subjects = append(roleBinding.Subjects, rbac.Subject{
|
roleBinding.Subjects = append(roleBinding.Subjects, rbac.Subject{
|
||||||
Kind: rbac.GroupKind,
|
Kind: rbac.GroupKind,
|
||||||
APIGroup: rbac.GroupName,
|
APIGroup: rbac.GroupName,
|
||||||
Name: group,
|
Name: group,
|
||||||
})
|
})
|
||||||
}
|
}
|
||||||
for _, sa := range s.ServiceAccounts {
|
for _, sa := range sets.NewString(s.ServiceAccounts...).List() {
|
||||||
tokens := strings.Split(sa, ":")
|
tokens := strings.Split(sa, ":")
|
||||||
if len(tokens) != 2 {
|
if len(tokens) != 2 {
|
||||||
return nil, fmt.Errorf("serviceaccount must be <namespace>:<name>")
|
return nil, fmt.Errorf("serviceaccount must be <namespace>:<name>")
|
||||||
|
|||||||
Reference in New Issue
Block a user