pkg/scaffold/role.go: moved UpdateRoleForResource here

commands/.../add/*,new.go: update to 'internal/util' imports

Author: estroz

commands/operator-sdk/cmd/add/api.go

@@ -18,7 +18,6 @@ import (
 	"log"
 
 	"github.com/operator-framework/operator-sdk/commands/operator-sdk/cmd/generate"
-	"github.com/operator-framework/operator-sdk/internal/util/fileutil"
 	"github.com/operator-framework/operator-sdk/internal/util/projutil"
 	"github.com/operator-framework/operator-sdk/pkg/scaffold"
 	"github.com/operator-framework/operator-sdk/pkg/scaffold/input"
@@ -92,7 +91,7 @@ func apiRun(cmd *cobra.Command, args []string) {
 	}
 
 	// update deploy/role.yaml for the given resource r.
-	if err := cmdutil.UpdateRoleForResource(r, absProjectPath); err != nil {
+	if err := scaffold.UpdateRoleForResource(r, absProjectPath); err != nil {
 		log.Fatalf("failed to update the RBAC manifest for the resource (%v, %v): %v", r.APIVersion, r.Kind, err)
 	}
 

commands/operator-sdk/cmd/add/crd.go

@@ -78,7 +78,7 @@ func crdFunc(cmd *cobra.Command, args []string) {
 	}
 
 	// update deploy/role.yaml for the given resource r.
-	if err := cmdutil.UpdateRoleForResource(resource, cfg.AbsProjectPath); err != nil {
+	if err := scaffold.UpdateRoleForResource(resource, cfg.AbsProjectPath); err != nil {
 		log.Fatalf("failed to update the RBAC manifest for the resource (%v, %v): %v", resource.APIVersion, resource.Kind, err)
 	}
 }

commands/operator-sdk/cmd/build.go

@@ -146,7 +146,7 @@ func buildFunc(cmd *cobra.Command, args []string) {
 
 	// Don't need to buld go code if Ansible Operator
 	if mainExists() {
-		managerDir := filepath.Join(cmdutil.CheckAndGetCurrPkg(), scaffold.ManagerDir)
+		managerDir := filepath.Join(projutil.CheckAndGetCurrPkg(), scaffold.ManagerDir)
 		outputBinName := filepath.Join(wd, scaffold.BuildBinDir, filepath.Base(wd))
 		buildCmd := exec.Command("go", "build", "-o", outputBinName, managerDir)
 		buildCmd.Env = goBuildEnv

commands/operator-sdk/cmd/new.go

@@ -23,7 +23,6 @@ import (
 	"path/filepath"
 	"strings"
 
-	"github.com/operator-framework/operator-sdk/internal/util/fileutil"
 	"github.com/operator-framework/operator-sdk/internal/util/projutil"
 	"github.com/operator-framework/operator-sdk/pkg/scaffold"
 	"github.com/operator-framework/operator-sdk/pkg/scaffold/ansible"
@@ -217,7 +216,7 @@ func doAnsibleScaffold() {
 	}
 
 	// update deploy/role.yaml for the given resource r.
-	if err := cmdutil.UpdateRoleForResource(resource, cfg.AbsProjectPath); err != nil {
+	if err := scaffold.UpdateRoleForResource(resource, cfg.AbsProjectPath); err != nil {
 		log.Fatalf("failed to update the RBAC manifest for the resource (%v, %v): %v", resource.APIVersion, resource.Kind, err)
 	}
 }

internal/util/projutil/project_util.go

@@ -15,20 +15,10 @@
 package projutil
 
 import (
-	"encoding/json"
-	"errors"
-	"fmt"
-	"io/ioutil"
 	"log"
 	"os"
 	"path/filepath"
 	"strings"
-
-	"github.com/operator-framework/operator-sdk/pkg/scaffold"
-
-	yaml "gopkg.in/yaml.v2"
-	rbacv1 "k8s.io/api/rbac/v1"
-	cgoscheme "k8s.io/client-go/kubernetes/scheme"
 )
 
 const (
@@ -99,107 +89,3 @@ func GetOperatorType() OperatorType {
 	}
 	return OperatorTypeGo
 }
-
-func UpdateRoleForResource(r *scaffold.Resource, absProjectPath string) error {
-	// append rbac rule to deploy/role.yaml
-	roleFilePath := filepath.Join(absProjectPath, "deploy", "role.yaml")
-	roleYAML, err := ioutil.ReadFile(roleFilePath)
-	if err != nil {
-		return fmt.Errorf("failed to read role manifest %v: %v", roleFilePath, err)
-	}
-	obj, _, err := cgoscheme.Codecs.UniversalDeserializer().Decode(roleYAML, nil, nil)
-	if err != nil {
-		return fmt.Errorf("failed to decode role manifest %v: %v", roleFilePath, err)
-	}
-	switch role := obj.(type) {
-	// TODO: use rbac/v1.
-	case *rbacv1.Role:
-		pr := &rbacv1.PolicyRule{}
-		apiGroupFound := false
-		for i := range role.Rules {
-			if role.Rules[i].APIGroups[0] == r.FullGroup {
-				apiGroupFound = true
-				pr = &role.Rules[i]
-				break
-			}
-		}
-		// check if the resource already exists
-		for _, resource := range pr.Resources {
-			if resource == r.Resource {
-				log.Printf("deploy/role.yaml RBAC rules already up to date for the resource (%v, %v)", r.APIVersion, r.Kind)
-				return nil
-			}
-		}
-
-		pr.Resources = append(pr.Resources, r.Resource)
-		// create a new apiGroup if not found.
-		if !apiGroupFound {
-			pr.APIGroups = []string{r.FullGroup}
-			// Using "*" to allow access to the resource and all its subresources e.g "memcacheds" and "memcacheds/finalizers"
-			// https://kubernetes.io/docs/reference/access-authn-authz/admission-controllers/#ownerreferencespermissionenforcement
-			pr.Resources = []string{"*"}
-			pr.Verbs = []string{"*"}
-			role.Rules = append(role.Rules, *pr)
-		}
-		// update role.yaml
-		d, err := json.Marshal(&role)
-		if err != nil {
-			return fmt.Errorf("failed to marshal role(%+v): %v", role, err)
-		}
-		m := &map[string]interface{}{}
-		err = yaml.Unmarshal(d, m)
-		data, err := yaml.Marshal(m)
-		if err != nil {
-			return fmt.Errorf("failed to marshal role(%+v): %v", role, err)
-		}
-		if err := ioutil.WriteFile(roleFilePath, data, DefaultFileMode); err != nil {
-			return fmt.Errorf("failed to update %v: %v", roleFilePath, err)
-		}
-	case *rbacv1.ClusterRole:
-		pr := &rbacv1.PolicyRule{}
-		apiGroupFound := false
-		for i := range role.Rules {
-			if role.Rules[i].APIGroups[0] == r.FullGroup {
-				apiGroupFound = true
-				pr = &role.Rules[i]
-				break
-			}
-		}
-		// check if the resource already exists
-		for _, resource := range pr.Resources {
-			if resource == r.Resource {
-				log.Printf("deploy/role.yaml RBAC rules already up to date for the resource (%v, %v)", r.APIVersion, r.Kind)
-				return nil
-			}
-		}
-
-		pr.Resources = append(pr.Resources, r.Resource)
-		// create a new apiGroup if not found.
-		if !apiGroupFound {
-			pr.APIGroups = []string{r.FullGroup}
-			// Using "*" to allow access to the resource and all its subresources e.g "memcacheds" and "memcacheds/finalizers"
-			// https://kubernetes.io/docs/reference/access-authn-authz/admission-controllers/#ownerreferencespermissionenforcement
-			pr.Resources = []string{"*"}
-			pr.Verbs = []string{"*"}
-			role.Rules = append(role.Rules, *pr)
-		}
-		// update role.yaml
-		d, err := json.Marshal(&role)
-		if err != nil {
-			return fmt.Errorf("failed to marshal role(%+v): %v", role, err)
-		}
-		m := &map[string]interface{}{}
-		err = yaml.Unmarshal(d, m)
-		data, err := yaml.Marshal(m)
-		if err != nil {
-			return fmt.Errorf("failed to marshal role(%+v): %v", role, err)
-		}
-		if err := ioutil.WriteFile(roleFilePath, data, DefaultFileMode); err != nil {
-			return fmt.Errorf("failed to update %v: %v", roleFilePath, err)
-		}
-	default:
-		return errors.New("failed to parse role.yaml as a role")
-	}
-	// not reachable
-	return nil
-}

pkg/scaffold/role.go

@@ -15,9 +15,19 @@
 package scaffold
 
 import (
+	"encoding/json"
+	"errors"
+	"fmt"
+	"io/ioutil"
+	"log"
 	"path/filepath"
 
+	"github.com/operator-framework/operator-sdk/internal/util/fileutil"
 	"github.com/operator-framework/operator-sdk/pkg/scaffold/input"
+
+	yaml "gopkg.in/yaml.v2"
+	rbacv1 "k8s.io/api/rbac/v1"
+	cgoscheme "k8s.io/client-go/kubernetes/scheme"
 )
 
 const RoleYamlFile = "role.yaml"
@@ -34,6 +44,110 @@ func (s *Role) GetInput() (input.Input, error) {
 	return s.Input, nil
 }
 
+func UpdateRoleForResource(r *Resource, absProjectPath string) error {
+	// append rbac rule to deploy/role.yaml
+	roleFilePath := filepath.Join(absProjectPath, DeployDir, RoleYamlFile)
+	roleYAML, err := ioutil.ReadFile(roleFilePath)
+	if err != nil {
+		return fmt.Errorf("failed to read role manifest %v: %v", roleFilePath, err)
+	}
+	obj, _, err := cgoscheme.Codecs.UniversalDeserializer().Decode(roleYAML, nil, nil)
+	if err != nil {
+		return fmt.Errorf("failed to decode role manifest %v: %v", roleFilePath, err)
+	}
+	switch role := obj.(type) {
+	// TODO: use rbac/v1.
+	case *rbacv1.Role:
+		pr := &rbacv1.PolicyRule{}
+		apiGroupFound := false
+		for i := range role.Rules {
+			if role.Rules[i].APIGroups[0] == r.FullGroup {
+				apiGroupFound = true
+				pr = &role.Rules[i]
+				break
+			}
+		}
+		// check if the resource already exists
+		for _, resource := range pr.Resources {
+			if resource == r.Resource {
+				log.Printf("deploy/role.yaml RBAC rules already up to date for the resource (%v, %v)", r.APIVersion, r.Kind)
+				return nil
+			}
+		}
+
+		pr.Resources = append(pr.Resources, r.Resource)
+		// create a new apiGroup if not found.
+		if !apiGroupFound {
+			pr.APIGroups = []string{r.FullGroup}
+			// Using "*" to allow access to the resource and all its subresources e.g "memcacheds" and "memcacheds/finalizers"
+			// https://kubernetes.io/docs/reference/access-authn-authz/admission-controllers/#ownerreferencespermissionenforcement
+			pr.Resources = []string{"*"}
+			pr.Verbs = []string{"*"}
+			role.Rules = append(role.Rules, *pr)
+		}
+		// update role.yaml
+		d, err := json.Marshal(&role)
+		if err != nil {
+			return fmt.Errorf("failed to marshal role(%+v): %v", role, err)
+		}
+		m := &map[string]interface{}{}
+		err = yaml.Unmarshal(d, m)
+		data, err := yaml.Marshal(m)
+		if err != nil {
+			return fmt.Errorf("failed to marshal role(%+v): %v", role, err)
+		}
+		if err := ioutil.WriteFile(roleFilePath, data, fileutil.DefaultFileMode); err != nil {
+			return fmt.Errorf("failed to update %v: %v", roleFilePath, err)
+		}
+	case *rbacv1.ClusterRole:
+		pr := &rbacv1.PolicyRule{}
+		apiGroupFound := false
+		for i := range role.Rules {
+			if role.Rules[i].APIGroups[0] == r.FullGroup {
+				apiGroupFound = true
+				pr = &role.Rules[i]
+				break
+			}
+		}
+		// check if the resource already exists
+		for _, resource := range pr.Resources {
+			if resource == r.Resource {
+				log.Printf("deploy/role.yaml RBAC rules already up to date for the resource (%v, %v)", r.APIVersion, r.Kind)
+				return nil
+			}
+		}
+
+		pr.Resources = append(pr.Resources, r.Resource)
+		// create a new apiGroup if not found.
+		if !apiGroupFound {
+			pr.APIGroups = []string{r.FullGroup}
+			// Using "*" to allow access to the resource and all its subresources e.g "memcacheds" and "memcacheds/finalizers"
+			// https://kubernetes.io/docs/reference/access-authn-authz/admission-controllers/#ownerreferencespermissionenforcement
+			pr.Resources = []string{"*"}
+			pr.Verbs = []string{"*"}
+			role.Rules = append(role.Rules, *pr)
+		}
+		// update role.yaml
+		d, err := json.Marshal(&role)
+		if err != nil {
+			return fmt.Errorf("failed to marshal role(%+v): %v", role, err)
+		}
+		m := &map[string]interface{}{}
+		err = yaml.Unmarshal(d, m)
+		data, err := yaml.Marshal(m)
+		if err != nil {
+			return fmt.Errorf("failed to marshal role(%+v): %v", role, err)
+		}
+		if err := ioutil.WriteFile(roleFilePath, data, fileutil.DefaultFileMode); err != nil {
+			return fmt.Errorf("failed to update %v: %v", roleFilePath, err)
+		}
+	default:
+		return errors.New("failed to parse role.yaml as a role")
+	}
+	// not reachable
+	return nil
+}
+
 const roleTemplate = `kind: Role
 apiVersion: rbac.authorization.k8s.io/v1
 metadata: