Skip to content

K
kubesphere

水淹萌龙 / kubesphere
与 Fork 源项目一致

Fork自 KubeSphere / kubesphere

通知 1
Star 0
Fork 0
K
kubesphere
提交 b90a84b9 编写于 作者: H hongming
浏览文件
操作

fix: sync devops rolebindings 

Signed-off-by: Nhongming <talonwan@yunify.com>
上级 a908757c
隐藏空白更改
内联 并排
Showing with 11 addition and 9 deletion
pkg/constants/common.go
浏览文件 @ b90a84b9
...@@ -48,6 +48,8 @@ const ( ...@@ -48,6 +48,8 @@ const (
WorkspaceAdmin = "workspace-admin" WorkspaceAdmin = "workspace-admin"
WorkspaceRegular = "workspace-regular" WorkspaceRegular = "workspace-regular"
WorkspaceViewer = "workspace-viewer" WorkspaceViewer = "workspace-viewer"
DevopsOwner = "owner"
DevopsReporter = "reporter"
) )
var ( var (
......
pkg/models/workspaces/workspaces.go
浏览文件 @ b90a84b9
...@@ -110,16 +110,16 @@ func CreateDevopsProject(username string, workspace string, devops DevopsProject ...@@ -110,16 +110,16 @@ func CreateDevopsProject(username string, workspace string, devops DevopsProject
} }
func createDefaultDevopsRoleBinding(workspace string, project DevopsProject) { func createDefaultDevopsRoleBinding(workspace string, project DevopsProject) {
admins := iam.GetWorkspaceUsers(workspace, "admin") admins := iam.GetWorkspaceUsers(workspace, constants.WorkspaceAdmin)
for _, admin := range admins { for _, admin := range admins {
createDevopsRoleBinding(workspace, *project.ProjectId, admin, "owner") createDevopsRoleBinding(workspace, *project.ProjectId, admin, constants.DevopsOwner)
} }
viewers := iam.GetWorkspaceUsers(workspace, "viewer") viewers := iam.GetWorkspaceUsers(workspace, constants.WorkspaceViewer)
for _, viewer := range viewers { for _, viewer := range viewers {
createDevopsRoleBinding(workspace, *project.ProjectId, viewer, "reporter") createDevopsRoleBinding(workspace, *project.ProjectId, viewer, constants.DevopsReporter)
} }
} }
...@@ -1156,7 +1156,7 @@ func CreateWorkspaceRoleBinding(workspace *Workspace, username string, role stri ...@@ -1156,7 +1156,7 @@ func CreateWorkspaceRoleBinding(workspace *Workspace, username string, role stri
} else { } else {
modify = true modify = true
roleBinding.Subjects = append(roleBinding.Subjects[:i], roleBinding.Subjects[i+1:]...) roleBinding.Subjects = append(roleBinding.Subjects[:i], roleBinding.Subjects[i+1:]...)
if roleName == "admin" || roleName == "viewer" { if roleName == constants.WorkspaceAdmin || roleName == constants.WorkspaceViewer {
go deleteDevopsRoleBinding(workspace.Name, "", username) go deleteDevopsRoleBinding(workspace.Name, "", username)
} }
break break
...@@ -1167,10 +1167,10 @@ func CreateWorkspaceRoleBinding(workspace *Workspace, username string, role stri ...@@ -1167,10 +1167,10 @@ func CreateWorkspaceRoleBinding(workspace *Workspace, username string, role stri
if roleName == role { if roleName == role {
modify = true modify = true
roleBinding.Subjects = append(roleBinding.Subjects, v1.Subject{Kind: v1.UserKind, Name: username}) roleBinding.Subjects = append(roleBinding.Subjects, v1.Subject{Kind: v1.UserKind, Name: username})
if roleName == "admin" { if roleName == constants.WorkspaceAdmin {
go createDevopsRoleBinding(workspace.Name, "", username, "owner") go createDevopsRoleBinding(workspace.Name, "", username, constants.DevopsOwner)
} else if roleName == "viewer" { } else if roleName == constants.WorkspaceViewer {
go createDevopsRoleBinding(workspace.Name, "", username, "reporter") go createDevopsRoleBinding(workspace.Name, "", username, constants.DevopsReporter)
} }
} }
......
Markdown is supported
0% .
You are about to add 0 people to the discussion. Proceed with caution.
先完成此消息的编辑!
想要评论请 注册