func()

in controllers/stage/chain/configure_registryviewer_rbac.go [19:55]

• 31 lines of code
• 3 McCabe index (conditional complexity)

func (h ConfigureRegistryViewerRbac) ServeRequest(ctx context.Context, stage *cdPipeApi.Stage) error {
	targetNamespace := stage.Spec.Namespace
	roleBindingName := generateSaRegistryViewerRoleBindingName(stage)
	logger := ctrl.LoggerFrom(ctx).WithValues("targetNamespace", targetNamespace, "roleBindingName", roleBindingName)

	logger.Info("Configuring RoleBinding sa-registry-viewer")

	if !platform.IsOpenshift() {
		logger.Info("Skip configuring RoleBinding sa-registry-viewer for non-openshift platform")

		return nil
	}

	if err := h.rbac.CreateRoleBindingIfNotExists(
		ctx,
		roleBindingName,
		stage.Namespace,
		[]rbacApi.Subject{
			{
				Kind:     rbacApi.GroupKind,
				APIGroup: rbacApi.GroupName,
				Name:     fmt.Sprintf("system:serviceaccounts:%s", targetNamespace),
			},
		},
		rbacApi.RoleRef{
			Kind:     rbac.ClusterRoleKind,
			APIGroup: rbacApi.GroupName,
			Name:     "registry-viewer",
		},
	); err != nil {
		return fmt.Errorf("failed to create %s RoleBinding: %w", roleBindingName, err)
	}

	logger.Info("RoleBinding sa-registry-viewer has been configured")

	return nil
}