Skip to content

Commit

Permalink
refactor: rename classes more appropriately
Browse files Browse the repository at this point in the history
Signed-off-by: Chris Laprun <claprun@redhat.com>
  • Loading branch information
metacosm committed Jan 14, 2025
1 parent 28e5f72 commit c5a9446
Show file tree
Hide file tree
Showing 6 changed files with 29 additions and 29 deletions.
Original file line number Diff line number Diff line change
Expand Up @@ -27,7 +27,7 @@
import io.quarkiverse.operatorsdk.annotations.RBACVerbs;
import io.quarkiverse.operatorsdk.runtime.QuarkusControllerConfiguration;

public class AddClusterRolesDecorator {
public class ClusterRoles {

public static final String JOSDK_CRD_VALIDATING_CLUSTER_ROLE_NAME = "josdk-crd-validating-cluster-role";
private static final ClusterRole CRD_VALIDATING_CLUSTER_ROLE = new ClusterRoleBuilder().withNewMetadata()
Expand All @@ -38,7 +38,7 @@ public class AddClusterRolesDecorator {
.addToVerbs("get", "list")
.build())
.build();
private static final Logger log = Logger.getLogger(AddClusterRolesDecorator.class);
private static final Logger log = Logger.getLogger(ClusterRoles.class);
private static final String ADD_CLUSTER_ROLES_DECORATOR = "AddClusterRolesDecorator";

public static List<ClusterRole> createClusterRoles(Collection<QuarkusControllerConfiguration<?>> configs,
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -49,7 +49,7 @@ void augmentRBACForResources(BuildTimeOperatorConfiguration buildTimeConfigurati
BuildProducer<KubernetesClusterRoleBindingBuildItem> clusterRoleBindingsProducer) {

final var configs = configurations.getControllerConfigs().values();
AddClusterRolesDecorator.createClusterRoles(configs, buildTimeConfiguration.crd().validate())
ClusterRoles.createClusterRoles(configs, buildTimeConfiguration.crd().validate())
.forEach(clusterRole -> clusterRolesProducer.produce(clusterRoleBuildItemFrom(clusterRole)));

final String serviceAccountName;
Expand All @@ -67,10 +67,10 @@ void augmentRBACForResources(BuildTimeOperatorConfiguration buildTimeConfigurati
serviceAccountName = serviceAccount.getServiceAccountName();
serviceAccountNamespace = serviceAccount.getNamespace();
}
AddRoleBindingsDecorator
RoleBindings
.createRoleBindings(configs, buildTimeConfiguration, serviceAccountName, serviceAccountNamespace)
.forEach(binding -> roleBindingsProducer.produce(roleBindingItemFor(binding)));
AddRoleBindingsDecorator
RoleBindings
.createClusterRoleBindings(configs, buildTimeConfiguration, serviceAccountName, serviceAccountNamespace)
.forEach(binding -> clusterRoleBindingsProducer.produce(clusterRoleBindingFor(binding)));
}
Expand Down Expand Up @@ -101,7 +101,7 @@ private static Subject convertToQuarkusSubject(io.fabric8.kubernetes.api.model.r
}

private static RoleRef convertToQuarkusRoleRef(io.fabric8.kubernetes.api.model.rbac.RoleRef roleRef) {
return new RoleRef(roleRef.getName(), AddRoleBindingsDecorator.CLUSTER_ROLE.equals(roleRef.getKind()));
return new RoleRef(roleRef.getName(), RoleBindings.CLUSTER_ROLE.equals(roleRef.getKind()));
}

private static KubernetesClusterRoleBuildItem clusterRoleBuildItemFrom(ClusterRole clusterRole) {
Expand Down
Original file line number Diff line number Diff line change
@@ -1,7 +1,7 @@
package io.quarkiverse.operatorsdk.deployment;

import static io.quarkiverse.operatorsdk.deployment.AddClusterRolesDecorator.JOSDK_CRD_VALIDATING_CLUSTER_ROLE_NAME;
import static io.quarkiverse.operatorsdk.deployment.AddClusterRolesDecorator.getClusterRoleName;
import static io.quarkiverse.operatorsdk.deployment.ClusterRoles.JOSDK_CRD_VALIDATING_CLUSTER_ROLE_NAME;
import static io.quarkiverse.operatorsdk.deployment.ClusterRoles.getClusterRoleName;

import java.util.Collection;
import java.util.LinkedList;
Expand All @@ -22,14 +22,14 @@
import io.quarkiverse.operatorsdk.runtime.QuarkusControllerConfiguration;

@SuppressWarnings("rawtypes")
public class AddRoleBindingsDecorator {
public class RoleBindings {

public static final String CLUSTER_ROLE = "ClusterRole";
protected static final String RBAC_AUTHORIZATION_GROUP = "rbac.authorization.k8s.io";
public static final RoleRef CRD_VALIDATING_ROLE_REF = new RoleRef(RBAC_AUTHORIZATION_GROUP, CLUSTER_ROLE,
JOSDK_CRD_VALIDATING_CLUSTER_ROLE_NAME);
protected static final String SERVICE_ACCOUNT = "ServiceAccount";
private static final Logger log = Logger.getLogger(AddRoleBindingsDecorator.class);
private static final Logger log = Logger.getLogger(RoleBindings.class);
private static final ConcurrentMap<QuarkusControllerConfiguration, BindingsHolder> cachedBindings = new ConcurrentHashMap<>();

private static class BindingsHolder {
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -23,10 +23,10 @@
import io.quarkiverse.operatorsdk.common.ConfigurationUtils;
import io.quarkiverse.operatorsdk.common.DeserializedKubernetesResourcesBuildItem;
import io.quarkiverse.operatorsdk.common.FileUtils;
import io.quarkiverse.operatorsdk.deployment.AddClusterRolesDecorator;
import io.quarkiverse.operatorsdk.deployment.AddRoleBindingsDecorator;
import io.quarkiverse.operatorsdk.deployment.ClusterRoles;
import io.quarkiverse.operatorsdk.deployment.ControllerConfigurationsBuildItem;
import io.quarkiverse.operatorsdk.deployment.GeneratedCRDInfoBuildItem;
import io.quarkiverse.operatorsdk.deployment.RoleBindings;
import io.quarkiverse.operatorsdk.deployment.helm.model.Chart;
import io.quarkus.deployment.annotations.BuildStep;
import io.quarkus.deployment.annotations.BuildSteps;
Expand Down Expand Up @@ -122,7 +122,7 @@ void addSecondaryClusterRoleBindings(HelmTargetDirectoryBuildItem helmTargetDire
final var templatesDir = helmTargetDirectoryBuildItem.getPathToTemplatesDir();
final var stringBuilder = new StringBuilder();
controllerConfigs.forEach(cc -> cc.getAdditionalRBACRoleRefs().forEach(roleRef -> {
final String bindingName = AddRoleBindingsDecorator.getSpecificRoleBindingName(cc.getName(), roleRef);
final String bindingName = RoleBindings.getSpecificRoleBindingName(cc.getName(), roleRef);
stringBuilder.append(Qute.fmt(template, Map.of(
"role-binding-name", bindingName,
"role-ref-kind", roleRef.getKind(),
Expand All @@ -146,7 +146,7 @@ void addClusterRolesForReconcilers(HelmTargetDirectoryBuildItem helmTargetDirect
controllerConfigs.forEach(cc -> {
try {
final var name = cc.getName();
var clusterRole = AddClusterRolesDecorator.createClusterRole(cc);
var clusterRole = ClusterRoles.createClusterRole(cc);
var yaml = FileUtils.asYaml(clusterRole);
Files.writeString(templatesDir.resolve(name + "-crd-cluster-role.yaml"), yaml);
} catch (IOException e) {
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -28,8 +28,8 @@
import io.fabric8.kubernetes.client.utils.KubernetesSerialization;
import io.quarkiverse.operatorsdk.annotations.RBACRule;
import io.quarkiverse.operatorsdk.annotations.RBACVerbs;
import io.quarkiverse.operatorsdk.deployment.AddClusterRolesDecorator;
import io.quarkiverse.operatorsdk.deployment.AddRoleBindingsDecorator;
import io.quarkiverse.operatorsdk.deployment.ClusterRoles;
import io.quarkiverse.operatorsdk.deployment.RoleBindings;
import io.quarkiverse.operatorsdk.test.sources.CRUDConfigMap;
import io.quarkiverse.operatorsdk.test.sources.CreateOnlyService;
import io.quarkiverse.operatorsdk.test.sources.Foo;
Expand Down Expand Up @@ -91,7 +91,7 @@ public void shouldCreateRolesAndRoleBindings() throws IOException {
final var kubeResources = (List<HasMetadata>) serializer.unmarshal(kubeIS);

// check cluster role for TestReconciler
final var testReconcilerRoleName = AddClusterRolesDecorator.getClusterRoleName(TestReconciler.NAME);
final var testReconcilerRoleName = ClusterRoles.getClusterRoleName(TestReconciler.NAME);

// make sure the target role exists because otherwise the test will succeed without actually checking anything
assertTrue(kubeResources.stream().anyMatch(i -> testReconcilerRoleName.equals(i.getMetadata().getName())));
Expand Down Expand Up @@ -137,7 +137,7 @@ public void shouldCreateRolesAndRoleBindings() throws IOException {
});

// check that we have a role binding for TestReconciler and that it uses the operator-level specified namespace
final var testReconcilerBindingName = AddRoleBindingsDecorator.getRoleBindingName(TestReconciler.NAME);
final var testReconcilerBindingName = RoleBindings.getRoleBindingName(TestReconciler.NAME);
assertTrue(kubeResources.stream().anyMatch(i -> testReconcilerBindingName.equals(i.getMetadata().getName())));
kubeResources.stream()
.filter(i -> testReconcilerBindingName.equals(i.getMetadata().getName()))
Expand All @@ -148,7 +148,7 @@ public void shouldCreateRolesAndRoleBindings() throws IOException {
});

// check cluster role for SimpleReconciler
final var simpleReconcilerRoleName = AddClusterRolesDecorator.getClusterRoleName(SimpleReconciler.NAME);
final var simpleReconcilerRoleName = ClusterRoles.getClusterRoleName(SimpleReconciler.NAME);

//make sure the target role exists because otherwise the test will succeed without actually checking anything
assertTrue(kubeResources.stream()
Expand Down Expand Up @@ -187,7 +187,7 @@ public void shouldCreateRolesAndRoleBindings() throws IOException {

// check that we have a role binding for SimpleReconciler and that it uses the watched namespace defined in application.properties
// since generate-with-watched-namespaces only specifies one namespace, this should be a role binding, not a cluster role binding
final var simpleReconcilerBindingName = AddRoleBindingsDecorator.getRoleBindingName(SimpleReconciler.NAME);
final var simpleReconcilerBindingName = RoleBindings.getRoleBindingName(SimpleReconciler.NAME);
assertTrue(kubeResources.stream().anyMatch(i -> simpleReconcilerBindingName.equals(i.getMetadata().getName())));
kubeResources.stream()
.filter(i -> simpleReconcilerBindingName.equals(i.getMetadata().getName()))
Expand All @@ -198,7 +198,7 @@ public void shouldCreateRolesAndRoleBindings() throws IOException {
});

// check that we have an additional role binding (again, single watched namespace) as specified by annotation on SimpleReconciler
final var additionalRBName = AddRoleBindingsDecorator.getSpecificRoleBindingName(SimpleReconciler.NAME,
final var additionalRBName = RoleBindings.getSpecificRoleBindingName(SimpleReconciler.NAME,
SimpleReconciler.ROLE_REF_NAME);
assertTrue(kubeResources.stream().anyMatch(i -> additionalRBName.equals(i.getMetadata().getName())));
kubeResources.stream()
Expand All @@ -211,10 +211,10 @@ public void shouldCreateRolesAndRoleBindings() throws IOException {

// CRD validation is activated by default and there should therefore be a cluster role and 2 associated bindings to access CRDs (one per reconciler)
assertTrue(kubeResources.stream()
.anyMatch(i -> AddClusterRolesDecorator.JOSDK_CRD_VALIDATING_CLUSTER_ROLE_NAME.equals(i.getMetadata().getName())
.anyMatch(i -> ClusterRoles.JOSDK_CRD_VALIDATING_CLUSTER_ROLE_NAME.equals(i.getMetadata().getName())
&& i instanceof ClusterRole));
final var simpleCRDValidatingCRBName = AddRoleBindingsDecorator.getCRDValidatingBindingName(SimpleReconciler.NAME);
final var testCRDValidatingCRBName = AddRoleBindingsDecorator.getCRDValidatingBindingName(TestReconciler.NAME);
final var simpleCRDValidatingCRBName = RoleBindings.getCRDValidatingBindingName(SimpleReconciler.NAME);
final var testCRDValidatingCRBName = RoleBindings.getCRDValidatingBindingName(TestReconciler.NAME);
kubeResources.stream()
.filter(ClusterRoleBinding.class::isInstance)
.map(ClusterRoleBinding.class::cast)
Expand All @@ -223,7 +223,7 @@ public void shouldCreateRolesAndRoleBindings() throws IOException {
assertTrue(simpleCRDValidatingCRBName.equals(name) || testCRDValidatingCRBName.equals(name));
// the bindings should bind the CRD validating CR to the operator's service account
final var roleRef = crb.getRoleRef();
assertEquals(AddRoleBindingsDecorator.CRD_VALIDATING_ROLE_REF, roleRef);
assertEquals(RoleBindings.CRD_VALIDATING_ROLE_REF, roleRef);
assertEquals(1, crb.getSubjects().size());
assertEquals(APPLICATION_NAME, crb.getSubjects().get(0).getName());
assertEquals(HasMetadata.getKind(ServiceAccount.class), crb.getSubjects().get(0).getKind());
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -19,8 +19,8 @@
import io.fabric8.kubernetes.api.model.rbac.ClusterRole;
import io.fabric8.kubernetes.api.model.rbac.ClusterRoleBinding;
import io.fabric8.kubernetes.client.utils.KubernetesSerialization;
import io.quarkiverse.operatorsdk.deployment.AddClusterRolesDecorator;
import io.quarkiverse.operatorsdk.deployment.AddRoleBindingsDecorator;
import io.quarkiverse.operatorsdk.deployment.ClusterRoles;
import io.quarkiverse.operatorsdk.deployment.RoleBindings;
import io.quarkiverse.operatorsdk.test.sources.WatchAllReconciler;
import io.quarkus.test.ProdBuildResults;
import io.quarkus.test.ProdModeTestResults;
Expand Down Expand Up @@ -49,7 +49,7 @@ public void shouldCreateRolesAndRoleBindings() throws IOException {
final var kubeResources = (List<HasMetadata>) serialization.unmarshal(kubeIS);

// check cluster role
final var clusterRoleName = AddClusterRolesDecorator.getClusterRoleName(WatchAllReconciler.NAME);
final var clusterRoleName = ClusterRoles.getClusterRoleName(WatchAllReconciler.NAME);
//make sure the target role exists because otherwise the test will succeed without actually checking anything
assertTrue(kubeResources.stream()
.anyMatch(i -> clusterRoleName.equals(i.getMetadata().getName())));
Expand All @@ -70,7 +70,7 @@ public void shouldCreateRolesAndRoleBindings() throws IOException {
});

// check that we have a cluster role binding that is mapped to the proper ClusterRole
final var clusterRoleBindingName = AddRoleBindingsDecorator.getClusterRoleBindingName(WatchAllReconciler.NAME);
final var clusterRoleBindingName = RoleBindings.getClusterRoleBindingName(WatchAllReconciler.NAME);
assertTrue(kubeResources.stream().anyMatch(i -> clusterRoleBindingName.equals(i.getMetadata().getName())));
kubeResources.stream()
.filter(i -> clusterRoleBindingName.equals(i.getMetadata().getName()))
Expand Down

0 comments on commit c5a9446

Please sign in to comment.