operator-framework · AlexNPavel · Oct 3, 2018 · Oct 3, 2018 · Oct 3, 2018 · Oct 3, 2018
diff --git a/commands/operator-sdk/cmd/cmdutil/util.go b/commands/operator-sdk/cmd/cmdutil/util.go
@@ -30,12 +30,13 @@ import (
 )
 
 const configYaml = "./config/config.yaml"
+const tmpDockerfile = "./tmp/build/Dockerfile"
 
 // MustInProjectRoot checks if the current dir is the project root.
 func MustInProjectRoot() {
-	// if the current directory has the "./config/config.yaml" file, then it is safe to say
+	// if the current directory has the "./tmp/build/Dockerfile" file, then it is safe to say
 	// we are at the project root.
-	_, err := os.Stat(configYaml)
+	_, err := os.Stat(tmpDockerfile)
 	if err != nil && os.IsNotExist(err) {
 		cmdError.ExitWithError(cmdError.ExitError, fmt.Errorf("must in project root dir: %v", err))
 	}

diff --git a/pkg/generator/generator.go b/pkg/generator/generator.go
@@ -366,8 +366,9 @@ func RenderDeployCrdFiles(deployPath, apiVersion, kind string) error {
 
 func renderDeployFiles(deployDir, projectName, apiVersion, kind, operatorType string) error {
 	rbacTd := tmplData{
-		ProjectName: projectName,
-		GroupName:   groupName(apiVersion),
+		ProjectName:  projectName,
+		GroupName:    groupName(apiVersion),
+		IsGoOperator: isGoOperator(operatorType),
 	}
 	if err := renderWriteFile(filepath.Join(deployDir, rbacYaml), rbacTmplName, rbacYamlTmpl, rbacTd); err != nil {
 		return err

diff --git a/pkg/generator/generator_test.go b/pkg/generator/generator_test.go
@@ -296,6 +296,55 @@ roleRef:
   apiGroup: rbac.authorization.k8s.io
 `
 
+const rbacYamlAnsibleExp = `kind: ClusterRole
+apiVersion: rbac.authorization.k8s.io/v1beta1
+metadata:
+  name: app-operator
+rules:
+- apiGroups:
+  - app.example.com
+  resources:
+  - "*"
+  verbs:
+  - "*"
+- apiGroups:
+  - ""
+  resources:
+  - pods
+  - services
+  - endpoints
+  - persistentvolumeclaims
+  - events
+  - configmaps
+  - secrets
+  verbs:
+  - "*"
+- apiGroups:
+  - apps
+  resources:
+  - deployments
+  - daemonsets
+  - replicasets
+  - statefulsets
+  verbs:
+  - "*"
+
+---
+
+kind: ClusterRoleBinding
+apiVersion: rbac.authorization.k8s.io/v1beta1
+metadata:
+  name: app-operator
+subjects:
+- kind: ServiceAccount
+  name: default
+  namespace: default
+roleRef:
+  kind: ClusterRole
+  name: app-operator
+  apiGroup: rbac.authorization.k8s.io
+`
+
 const saYamlExp = `apiVersion: v1
 kind: ServiceAccount
 metadata:
@@ -338,7 +387,7 @@ func TestGenDeploy(t *testing.T) {
 		t.Errorf("\nTest failed. Below is the diff of the expected vs actual results.\nRed text is missing and green text is extra.\n\n" + dmp.DiffPrettyText(diffs))
 	}
 
-	// Test Ansible Operator
+	// Test Ansible Operator operator.yaml
 	buf = &bytes.Buffer{}
 	td = tmplData{
 		ProjectName:     appProjectName,
@@ -358,7 +407,7 @@ func TestGenDeploy(t *testing.T) {
 	}
 
 	buf = &bytes.Buffer{}
-	if err := renderFile(buf, rbacTmplName, rbacYamlTmpl, tmplData{ProjectName: appProjectName, GroupName: appGroupName}); err != nil {
+	if err := renderFile(buf, rbacTmplName, rbacYamlTmpl, tmplData{ProjectName: appProjectName, GroupName: appGroupName, IsGoOperator: true}); err != nil {
 		t.Error(err)
 	}
 	if rbacYamlExp != buf.String() {
@@ -367,6 +416,16 @@ func TestGenDeploy(t *testing.T) {
 		t.Errorf("\nTest failed. Below is the diff of the expected vs actual results.\nRed text is missing and green text is extra.\n\n" + dmp.DiffPrettyText(diffs))
 	}
 
+	// Test Ansible Operator rbac.yaml
+	buf = &bytes.Buffer{}
+	if err := renderFile(buf, rbacTmplName, rbacYamlTmpl, tmplData{ProjectName: appProjectName, GroupName: appGroupName, IsGoOperator: false}); err != nil {
+		t.Error(err)
+	}
+	if rbacYamlAnsibleExp != buf.String() {
+		dmp := diffmatchpatch.New()
+		diffs := dmp.DiffMain(rbacYamlAnsibleExp, buf.String(), false)
+		t.Errorf("\nTest failed. Below is the diff of the expected vs actual results.\nRed text is missing and green text is extra.\n\n" + dmp.DiffPrettyText(diffs))
+	}
 	buf = &bytes.Buffer{}
 	if err := renderFile(buf, saTmplName, saYamlTmpl, tmplData{ProjectName: appProjectName}); err != nil {
 		t.Error(err)

diff --git a/pkg/generator/templates.go b/pkg/generator/templates.go
@@ -476,7 +476,11 @@ spec:
               value: "{{.ProjectName}}"
 `
 
-const rbacYamlTmpl = `kind: Role
+// For Ansible Operator we are assuming namespace: default on ClusterRoleBinding
+// Documentation will tell user to update
+const rbacYamlTmpl = `{{- if .IsGoOperator }}kind: Role
+{{- else -}}
+kind: ClusterRole{{ end }}
 apiVersion: rbac.authorization.k8s.io/v1beta1
 metadata:
   name: {{.ProjectName}}
@@ -510,16 +514,25 @@ rules:
   - "*"
 
 ---
-
+{{ if .IsGoOperator }}
 kind: RoleBinding
+{{- else }}
+kind: ClusterRoleBinding{{ end }}
 apiVersion: rbac.authorization.k8s.io/v1beta1
 metadata:
   name: {{.ProjectName}}
 subjects:
 - kind: ServiceAccount
+{{- if .IsGoOperator }}
   name: {{.ProjectName}}
+{{- else }}
+  name: default
+  namespace: default{{ end }}
 roleRef:
+{{- if .IsGoOperator }}
   kind: Role
+{{- else }}
+  kind: ClusterRole{{ end }}
   name: {{.ProjectName}}
   apiGroup: rbac.authorization.k8s.io
 `