func GetBootstrapPolicyBinding() *authorizationapi.ClusterPolicyBinding {
policyBinding := &authorizationapi.ClusterPolicyBinding{
ObjectMeta: kapi.ObjectMeta{
Name: ":Default",
CreationTimestamp: util.Now(),
UID: util.NewUUID(),
},
LastModified: util.Now(),
RoleBindings: make(map[string]*authorizationapi.ClusterRoleBinding),
}
bindings := bootstrappolicy.GetBootstrapClusterRoleBindings()
for i := range bindings {
policyBinding.RoleBindings[bindings[i].Name] = &bindings[i]
}
return policyBinding
}
func (o CreateBootstrapPolicyFileOptions) CreateBootstrapPolicyFile() error {
if err := os.MkdirAll(path.Dir(o.File), os.FileMode(0755)); err != nil {
return err
}
policyTemplate := &api.Template{}
clusterRoles := bootstrappolicy.GetBootstrapClusterRoles()
for i := range clusterRoles {
policyTemplate.Objects = append(policyTemplate.Objects, &clusterRoles[i])
}
clusterRoleBindings := bootstrappolicy.GetBootstrapClusterRoleBindings()
for i := range clusterRoleBindings {
policyTemplate.Objects = append(policyTemplate.Objects, &clusterRoleBindings[i])
}
openshiftRoles := bootstrappolicy.GetBootstrapOpenshiftRoles(o.OpenShiftSharedResourcesNamespace)
for i := range openshiftRoles {
policyTemplate.Objects = append(policyTemplate.Objects, &openshiftRoles[i])
}
openshiftRoleBindings := bootstrappolicy.GetBootstrapOpenshiftRoleBindings(o.OpenShiftSharedResourcesNamespace)
for i := range openshiftRoleBindings {
policyTemplate.Objects = append(policyTemplate.Objects, &openshiftRoleBindings[i])
}
versionedPolicyTemplate, err := kapi.Scheme.ConvertToVersion(policyTemplate, latest.Version)
if err != nil {
return err
}
buffer := &bytes.Buffer{}
(&kubectl.JSONPrinter{}).PrintObj(versionedPolicyTemplate, buffer)
if err := ioutil.WriteFile(o.File, buffer.Bytes(), 0644); err != nil {
return err
}
return nil
}