diff options
Diffstat (limited to 'lib/gitlab/kubernetes/config_maps/aws_node_auth.rb')
| -rw-r--r-- | lib/gitlab/kubernetes/config_maps/aws_node_auth.rb | 46 |
1 files changed, 46 insertions, 0 deletions
diff --git a/lib/gitlab/kubernetes/config_maps/aws_node_auth.rb b/lib/gitlab/kubernetes/config_maps/aws_node_auth.rb new file mode 100644 index 00000000000..ef51cee09ca --- /dev/null +++ b/lib/gitlab/kubernetes/config_maps/aws_node_auth.rb @@ -0,0 +1,46 @@ +# frozen_string_literal: true + +module Gitlab + module Kubernetes + module ConfigMaps + class AwsNodeAuth + attr_reader :node_role + + def initialize(node_role) + @node_role = node_role + end + + def generate + Kubeclient::Resource.new( + metadata: metadata, + data: data + ) + end + + private + + def metadata + { + 'name' => 'aws-auth', + 'namespace' => 'kube-system' + } + end + + def data + { 'mapRoles' => instance_role_config(node_role) } + end + + def instance_role_config(role) + [{ + 'rolearn' => role, + 'username' => 'system:node:{{EC2PrivateDNSName}}', + 'groups' => [ + 'system:bootstrappers', + 'system:nodes' + ] + }].to_yaml + end + end + end + end +end |