Go to Katenary V3

This is the next-gen of Katenary
2023-12-06 15:24:02 +01:00
parent c37bde487b
commit 475a025d9e
132 changed files with 6410 additions and 4621 deletions
--- a/generator/rbac.go
+++ b/generator/rbac.go
@@ -0,0 +1,139 @@
+package generator
+
+import (
+	"katenary/utils"
+
+	"github.com/compose-spec/compose-go/types"
+	corev1 "k8s.io/api/core/v1"
+	rbacv1 "k8s.io/api/rbac/v1"
+	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
+	"sigs.k8s.io/yaml"
+)
+
+var (
+	_ Yaml = (*RoleBinding)(nil)
+	_ Yaml = (*Role)(nil)
+	_ Yaml = (*ServiceAccount)(nil)
+)
+
+// RBAC is a kubernetes RBAC containing a role, a rolebinding and an associated serviceaccount.
+type RBAC struct {
+	RoleBinding    *RoleBinding
+	Role           *Role
+	ServiceAccount *ServiceAccount
+}
+
+// NewRBAC creates a new RBAC from a compose service. The appName is the name of the application taken from the project name.
+func NewRBAC(service types.ServiceConfig, appName string) *RBAC {
+	role := &Role{
+		Role: &rbacv1.Role{
+			TypeMeta: metav1.TypeMeta{
+				Kind:       "Role",
+				APIVersion: "rbac.authorization.k8s.io/v1",
+			},
+			ObjectMeta: metav1.ObjectMeta{
+				Name:        utils.TplName(service.Name, appName),
+				Labels:      GetLabels(service.Name, appName),
+				Annotations: Annotations,
+			},
+			Rules: []rbacv1.PolicyRule{
+				{
+					APIGroups: []string{"", "extensions", "apps"},
+					Resources: []string{"*"},
+					Verbs:     []string{"*"},
+				},
+			},
+		},
+		service: &service,
+	}
+
+	rolebinding := &RoleBinding{
+		RoleBinding: &rbacv1.RoleBinding{
+			TypeMeta: metav1.TypeMeta{
+				Kind:       "RoleBinding",
+				APIVersion: "rbac.authorization.k8s.io/v1",
+			},
+			ObjectMeta: metav1.ObjectMeta{
+				Name:        utils.TplName(service.Name, appName),
+				Labels:      GetLabels(service.Name, appName),
+				Annotations: Annotations,
+			},
+			Subjects: []rbacv1.Subject{
+				{
+					Kind:      "ServiceAccount",
+					Name:      utils.TplName(service.Name, appName),
+					Namespace: "{{ .Release.Namespace }}",
+				},
+			},
+			RoleRef: rbacv1.RoleRef{
+				Kind:     "Role",
+				Name:     utils.TplName(service.Name, appName),
+				APIGroup: "rbac.authorization.k8s.io",
+			},
+		},
+		service: &service,
+	}
+
+	serviceaccount := &ServiceAccount{
+		ServiceAccount: &corev1.ServiceAccount{
+			TypeMeta: metav1.TypeMeta{
+				Kind:       "ServiceAccount",
+				APIVersion: "v1",
+			},
+			ObjectMeta: metav1.ObjectMeta{
+				Name:        utils.TplName(service.Name, appName),
+				Labels:      GetLabels(service.Name, appName),
+				Annotations: Annotations,
+			},
+		},
+		service: &service,
+	}
+
+	return &RBAC{
+		RoleBinding:    rolebinding,
+		Role:           role,
+		ServiceAccount: serviceaccount,
+	}
+}
+
+// RoleBinding is a kubernetes RoleBinding.
+type RoleBinding struct {
+	*rbacv1.RoleBinding
+	service *types.ServiceConfig
+}
+
+func (r *RoleBinding) Yaml() ([]byte, error) {
+	return yaml.Marshal(r)
+}
+
+func (r *RoleBinding) Filename() string {
+	return r.service.Name + ".rolebinding.yaml"
+}
+
+// Role is a kubernetes Role.
+type Role struct {
+	*rbacv1.Role
+	service *types.ServiceConfig
+}
+
+func (r *Role) Yaml() ([]byte, error) {
+	return yaml.Marshal(r)
+}
+
+func (r *Role) Filename() string {
+	return r.service.Name + ".role.yaml"
+}
+
+// ServiceAccount is a kubernetes ServiceAccount.
+type ServiceAccount struct {
+	*corev1.ServiceAccount
+	service *types.ServiceConfig
+}
+
+func (r *ServiceAccount) Yaml() ([]byte, error) {
+	return yaml.Marshal(r)
+}
+
+func (r *ServiceAccount) Filename() string {
+	return r.service.Name + ".serviceaccount.yaml"
+}