fabiobrz
commented
1 year ago Hi @kstekovi - and thanks for filing this issue.
Do I understand correctly that your issue is to avoid using the oc binary in first place?
In such case, yes, we would be on the same page since the less it's used, the better.
That being said, though, I think you're relating to WildflyOpenShiftApplication, correct?
If that is true, those methods' implementation is called by the OpenShiftProvisioner preDeploy() and popstUndeploy.
This is by design, i.e. it means that any OpenShiftProvisionerconcrete implementation could follow this behavior and for this very reason the feature you're proposing should:
- base its implementation on a new interface (e.g.:
HasRoles) which defines the two methods (e.g.:getRoles()andgetRoleBindings()) - let the
WildflyOpenShiftApplicationimplement them returningCollections.emptyList()as it's currently doing forgetSecrets().
WDYT?
kstekovi
Is your feature request related to a problem? The Intersmash doesn't support creating Role and RoleBinding.
Describe the solution you'd like The Intersmash support resources for Secrets. The solution for Role and RoleBinging could be similar to Secrets.
getRoles()andgetRoleBindings())OpenShiftProvisionerDescribe alternatives you've considered Now you can execute
occommands to create required resource.Additional context This could help with test implementation for
autodiscoveryfeature which require permission to list routes from OpenShift. Theautodiscoveryis a feature used by OIDC and SAML authentication. The deployment application in Wildfly can register itself in Keycloak authentication server automatically. For this automatic registration require know what is its host name. Theautodicoveryis feature can load the host name from OpenShift but it require the permission to list routes. So you don't need to configure the host name of your application in your HelmChart (OIDC_HOSTNAME_HTTP/Svariable for OIDC andSSO_HOSTNAME_HTTP/Sfor SAML)