def configure_rbac_with_ap(rbac_v1: RbacAuthorizationV1Api) -> RBACAuthorization: """ Create cluster and binding for AppProtect module. :param rbac_v1: RbacAuthorizationV1Api :return: RBACAuthorization """ with open(f"{DEPLOYMENTS}/rbac/ap-rbac.yaml") as f: docs = yaml.safe_load_all(f) role_name = "" binding_name = "" for dep in docs: if dep["kind"] == "ClusterRole": print("Create cluster role for AppProtect") role_name = dep["metadata"]["name"] rbac_v1.create_cluster_role(dep) print(f"Created role '{role_name}'") elif dep["kind"] == "ClusterRoleBinding": print("Create binding for AppProtect") binding_name = dep["metadata"]["name"] rbac_v1.create_cluster_role_binding(dep) print(f"Created binding '{binding_name}'") return RBACAuthorization(role_name, binding_name)
def configure_rbac(rbac_v1: RbacAuthorizationV1Api) -> RBACAuthorization: """ Create cluster and binding. :param rbac_v1: RbacAuthorizationV1Api :return: RBACAuthorization """ with open(f'{DEPLOYMENTS}/rbac/rbac.yaml') as f: docs = yaml.safe_load_all(f) role_name = "" binding_name = "" for dep in docs: if dep["kind"] == "ClusterRole": print("Create cluster role") role_name = dep['metadata']['name'] rbac_v1.create_cluster_role(dep) print(f"Created role '{role_name}'") elif dep["kind"] == "ClusterRoleBinding": print("Create binding") binding_name = dep['metadata']['name'] rbac_v1.create_cluster_role_binding(dep) print(f"Created binding '{binding_name}'") return RBACAuthorization(role_name, binding_name)