Skip to content

Commit

Permalink
Remove namespace from clustered resources
Browse files Browse the repository at this point in the history
  • Loading branch information
mcruzdev committed Oct 5, 2024
1 parent 2811eec commit c0d3327
Show file tree
Hide file tree
Showing 2 changed files with 27 additions and 12 deletions.
Original file line number Diff line number Diff line change
@@ -1,29 +1,24 @@
package io.quarkus.kubernetes.deployment;

import java.util.List;
import java.util.Objects;
import java.util.Set;
import java.util.stream.Collectors;

import io.dekorate.kubernetes.decorator.AddSidecarDecorator;
import io.dekorate.kubernetes.decorator.Decorator;
import io.dekorate.kubernetes.decorator.NamedResourceDecorator;
import io.dekorate.kubernetes.decorator.ResourceProvidingDecorator;
import io.fabric8.kubernetes.api.model.ObjectMeta;
import io.fabric8.kubernetes.api.model.ObjectMetaBuilder;
import io.fabric8.kubernetes.api.model.HasMetadata;
import io.fabric8.kubernetes.api.model.KubernetesListBuilder;

public class AddNamespaceDecorator extends NamedResourceDecorator<ObjectMetaBuilder> {
public class AddNamespaceDecorator extends Decorator<KubernetesListBuilder> {

private final Set<String> clusteredResources = Set.of("ClusterRoleBinding", "ClusterRole");
private final String namespace;

public AddNamespaceDecorator(String namespace) {
this.namespace = Objects.requireNonNull(namespace);
}

@Override
public void andThenVisit(ObjectMetaBuilder builder, ObjectMeta resourceMeta) {
if (!builder.hasNamespace()) {
builder.withNamespace(namespace);
}
}

@Override
public Class<? extends Decorator>[] after() {
return new Class[] { ResourceProvidingDecorator.class, AddSidecarDecorator.class };
Expand All @@ -43,4 +38,22 @@ public boolean equals(Object o) {
public int hashCode() {
return Objects.hash(namespace);
}

@Override
public void visit(KubernetesListBuilder list) {
List<HasMetadata> buildItems = list.buildItems()
.stream()
.filter(o -> o instanceof HasMetadata)
.peek(o -> {
if (eligibleForChangingNamespace(o)) {
o.setMetadata(o.getMetadata().edit().withNamespace(namespace).build());
}
}).collect(Collectors.toList());

list.withItems(buildItems);
}

private boolean eligibleForChangingNamespace(HasMetadata o) {
return o.getMetadata().getNamespace() == null && !clusteredResources.contains(o.getKind());
}
}
Original file line number Diff line number Diff line change
Expand Up @@ -84,6 +84,7 @@ public void assertGeneratedResources() throws IOException {

// secret-reader assertions
ClusterRole secretReaderRole = getClusterRoleByName(kubernetesList, "secret-reader");
assertThat(secretReaderRole.getMetadata().getNamespace()).isNull();
assertThat(secretReaderRole.getRules()).satisfiesOnlyOnce(r -> {
assertThat(r.getApiGroups()).containsExactly("");
assertThat(r.getResources()).containsExactly("secrets");
Expand Down Expand Up @@ -111,6 +112,7 @@ public void assertGeneratedResources() throws IOException {
assertEquals("Group", clusterSubject.getKind());
assertEquals("manager", clusterSubject.getName());
assertEquals("rbac.authorization.k8s.io", clusterSubject.getApiGroup());
assertThat(clusterRoleBinding.getMetadata().getNamespace()).isNull();
}

private int lastIndexOfKind(String content, String... kinds) {
Expand Down

0 comments on commit c0d3327

Please sign in to comment.