func GetBootstrapPolicy() *authorizationapi.ClusterPolicy {
policy := &authorizationapi.ClusterPolicy{
ObjectMeta: kapi.ObjectMeta{
Name: authorizationapi.PolicyName,
CreationTimestamp: util.Now(),
UID: util.NewUUID(),
},
LastModified: util.Now(),
Roles: make(map[string]*authorizationapi.ClusterRole),
}
roles := bootstrappolicy.GetBootstrapClusterRoles()
for i := range roles {
policy.Roles[roles[i].Name] = &roles[i]
}
return policy
}
func (o CreateBootstrapPolicyFileOptions) CreateBootstrapPolicyFile() error {
if err := os.MkdirAll(path.Dir(o.File), os.FileMode(0755)); err != nil {
return err
}
policyTemplate := &api.Template{}
clusterRoles := bootstrappolicy.GetBootstrapClusterRoles()
for i := range clusterRoles {
policyTemplate.Objects = append(policyTemplate.Objects, &clusterRoles[i])
}
clusterRoleBindings := bootstrappolicy.GetBootstrapClusterRoleBindings()
for i := range clusterRoleBindings {
policyTemplate.Objects = append(policyTemplate.Objects, &clusterRoleBindings[i])
}
openshiftRoles := bootstrappolicy.GetBootstrapOpenshiftRoles(o.OpenShiftSharedResourcesNamespace)
for i := range openshiftRoles {
policyTemplate.Objects = append(policyTemplate.Objects, &openshiftRoles[i])
}
openshiftRoleBindings := bootstrappolicy.GetBootstrapOpenshiftRoleBindings(o.OpenShiftSharedResourcesNamespace)
for i := range openshiftRoleBindings {
policyTemplate.Objects = append(policyTemplate.Objects, &openshiftRoleBindings[i])
}
versionedPolicyTemplate, err := kapi.Scheme.ConvertToVersion(policyTemplate, latest.Version)
if err != nil {
return err
}
buffer := &bytes.Buffer{}
(&kubectl.JSONPrinter{}).PrintObj(versionedPolicyTemplate, buffer)
if err := ioutil.WriteFile(o.File, buffer.Bytes(), 0644); err != nil {
return err
}
return nil
}
