@hashgraph/solo/dist/src/integration/kube/k8-client/resources/rbac/k8-client-rbacs.js

An opinionated CLI tool to deploy and manage private Hedera Networks.

// SPDX-License-Identifier: Apache-2.0
import { K8ClientClusterRole } from './k8-client-cluster-role.js';
import { ResourceType } from '../../../resources/resource-type.js';
import { KubeApiResponse } from '../../../kube-api-response.js';
import { ResourceOperation } from '../../../resources/resource-operation.js';
export class K8ClientRbacs {
    k8sRbacApi;
    constructor(k8sRbacApi) {
        this.k8sRbacApi = k8sRbacApi;
    }
    async createClusterRole(name, rules, labels) {
        const clusterRole = new K8ClientClusterRole(name, rules, labels);
        try {
            await this.k8sRbacApi.createClusterRole({ body: clusterRole.toV1ClusterRole() });
        }
        catch (error) {
            KubeApiResponse.throwError(error.response, ResourceOperation.CREATE, ResourceType.RBAC, undefined, name);
        }
    }
    async clusterRoleExists(name) {
        try {
            await this.k8sRbacApi.readClusterRole({ name });
        }
        catch (error) {
            if (KubeApiResponse.isNotFound(error)) {
                return false;
            }
            KubeApiResponse.throwError(error, ResourceOperation.READ, ResourceType.RBAC, undefined, name);
        }
        return true;
    }
    async deleteClusterRole(name) {
        try {
            await this.k8sRbacApi.deleteClusterRole({ name });
        }
        catch (error) {
            KubeApiResponse.throwError(error, ResourceOperation.DELETE, ResourceType.RBAC, undefined, name);
        }
    }
    async clusterRoleBindingExists(name) {
        try {
            await this.k8sRbacApi.readClusterRoleBinding({ name });
            return true;
        }
        catch (error) {
            if (KubeApiResponse.isNotFound(error)) {
                return false;
            }
            KubeApiResponse.throwError(error, ResourceOperation.READ, ResourceType.RBAC, undefined, name);
        }
    }
    async deleteClusterRoleBinding(name) {
        try {
            await this.k8sRbacApi.deleteClusterRoleBinding({ name });
        }
        catch (error) {
            KubeApiResponse.throwError(error, ResourceOperation.DELETE, ResourceType.RBAC, undefined, name);
        }
    }
    async setHelmOwnership(name, releaseName, releaseNamespace) {
        const annotations = {
            'meta.helm.sh/release-name': releaseName,
            'meta.helm.sh/release-namespace': releaseNamespace,
        };
        const labels = {
            'app.kubernetes.io/managed-by': 'Helm',
        };
        try {
            const clusterRole = await this.k8sRbacApi.readClusterRole({ name });
            clusterRole.metadata ??= {};
            clusterRole.metadata.annotations = { ...clusterRole.metadata.annotations, ...annotations };
            clusterRole.metadata.labels = { ...clusterRole.metadata.labels, ...labels };
            await this.k8sRbacApi.replaceClusterRole({ name, body: clusterRole });
        }
        catch (error) {
            if (!KubeApiResponse.isNotFound(error)) {
                KubeApiResponse.throwError(error, ResourceOperation.REPLACE, ResourceType.RBAC, undefined, name);
            }
        }
        try {
            const clusterRoleBinding = await this.k8sRbacApi.readClusterRoleBinding({ name });
            clusterRoleBinding.metadata ??= {};
            clusterRoleBinding.metadata.annotations = { ...clusterRoleBinding.metadata.annotations, ...annotations };
            clusterRoleBinding.metadata.labels = { ...clusterRoleBinding.metadata.labels, ...labels };
            await this.k8sRbacApi.replaceClusterRoleBinding({ name, body: clusterRoleBinding });
        }
        catch (error) {
            if (!KubeApiResponse.isNotFound(error)) {
                KubeApiResponse.throwError(error, ResourceOperation.REPLACE, ResourceType.RBAC, undefined, name);
            }
        }
    }
}
//# sourceMappingURL=k8-client-rbacs.js.map