Commit e6da1ce4 authored by Michael Völske's avatar Michael Völske

k8s/setup-user-namespaces: apply to both test cluster and betaweb

parent c5bb4574
......@@ -49,8 +49,9 @@ roleRef:
@click.command()
@click.option('-t', '--keep-tempfiles', is_flag=True, help='Keep temporary k8s yaml files', default=False)
def setup_user_namespaces(keep_tempfiles):
@click.option('-t', '--keep-tempfiles', is_flag=True, help='Keep temporary k8s yaml files (for debugging)', default=False)
@click.option('-c', '--context', multiple=True, default=['test', 'betaweb'], help='Configuration contexts where the namespace setup should take place. Can be specified multiple times.', show_default=True)
def setup_user_namespaces(keep_tempfiles, context):
"""Set up k8s access per gitlab groups."""
gl = get_api_instance()
group = gl.groups.get(GROUP_ID_AUTH_K8S_USER)
......@@ -66,18 +67,19 @@ def setup_user_namespaces(keep_tempfiles):
with open(namespaces_file, 'w') as f:
f.write("\n---\n".join(namespace_template.format(**u) for u in users))
logger.info("Creating namespaces")
os.system('kubectl apply -f ' + namespaces_file)
with open(roles_file, 'w') as f:
f.write("\n---\n".join(role_template.format(**u) for u in users))
logger.info("Deleting existing k8s-auth/user resources")
for obj in ['rolebinding', 'role']:
os.system('kubectl delete %s -l source==webiscmd -A' % obj)
for ctx in context:
logger.info(f"Context {ctx}: Creating namespaces")
os.system(f'kubectl --context {ctx} apply -f {namespaces_file}')
logger.info(f"Context {ctx}: Deleting existing k8s-auth/user resources")
for obj in ['rolebinding', 'role']:
os.system(f'kubectl --context {ctx} delete {obj} -l source==webiscmd -A')
logger.info("Creating up-to-date k8s-auth/user resources from gitlab group membership")
os.system('kubectl apply -f ' + roles_file)
logger.info("Context {ctx}: Creating up-to-date k8s-auth/user resources from gitlab group membership")
os.system(f'kubectl --context {ctx} apply -f {roles_file}')
if keep_tempfiles:
logger.warn(f"Temporary yaml files left in {tmp}.")
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment