func GetBootstrapPolicy() *authorizationapi.ClusterPolicy { policy := &authorizationapi.ClusterPolicy{ ObjectMeta: kapi.ObjectMeta{ Name: authorizationapi.PolicyName, CreationTimestamp: util.Now(), UID: util.NewUUID(), }, LastModified: util.Now(), Roles: make(map[string]*authorizationapi.ClusterRole), } roles := bootstrappolicy.GetBootstrapClusterRoles() for i := range roles { policy.Roles[roles[i].Name] = &roles[i] } return policy }
func (o CreateBootstrapPolicyFileOptions) CreateBootstrapPolicyFile() error { if err := os.MkdirAll(path.Dir(o.File), os.FileMode(0755)); err != nil { return err } policyTemplate := &api.Template{} clusterRoles := bootstrappolicy.GetBootstrapClusterRoles() for i := range clusterRoles { policyTemplate.Objects = append(policyTemplate.Objects, &clusterRoles[i]) } clusterRoleBindings := bootstrappolicy.GetBootstrapClusterRoleBindings() for i := range clusterRoleBindings { policyTemplate.Objects = append(policyTemplate.Objects, &clusterRoleBindings[i]) } openshiftRoles := bootstrappolicy.GetBootstrapOpenshiftRoles(o.OpenShiftSharedResourcesNamespace) for i := range openshiftRoles { policyTemplate.Objects = append(policyTemplate.Objects, &openshiftRoles[i]) } openshiftRoleBindings := bootstrappolicy.GetBootstrapOpenshiftRoleBindings(o.OpenShiftSharedResourcesNamespace) for i := range openshiftRoleBindings { policyTemplate.Objects = append(policyTemplate.Objects, &openshiftRoleBindings[i]) } versionedPolicyTemplate, err := kapi.Scheme.ConvertToVersion(policyTemplate, latest.Version) if err != nil { return err } buffer := &bytes.Buffer{} (&kubectl.JSONPrinter{}).PrintObj(versionedPolicyTemplate, buffer) if err := ioutil.WriteFile(o.File, buffer.Bytes(), 0644); err != nil { return err } return nil }