chore(e2e): add conditional policies to the e2e rbac operator instance

rh-pre-commit.version: 2.3.2 rh-pre-commit.check-secrets: ENABLED
redhat-developer · Jan 28, 2025 · d41ac20 · d41ac20
1 parent 2c17518
commit d41ac20
Show file tree

Hide file tree

Showing 2 changed files with 20 additions and 4 deletions.
diff --git a/.ibm/pipelines/jobs/operator.sh b/.ibm/pipelines/jobs/operator.sh
@@ -47,6 +47,7 @@ initiate_operator_deployments() {
 
   configure_namespace "${NAME_SPACE_RBAC}"
   local rbac_rhdh_base_url="https://backstage-${RELEASE_NAME_RBAC}-${NAME_SPACE_RBAC}.${K8S_CLUSTER_ROUTER_BASE}"
+  create_conditional_policies_operator /tmp/conditional-policies.yaml
   apply_yaml_files "${DIR}" "${NAME_SPACE_RBAC}" "${rbac_rhdh_base_url}"
   create_dynamic_plugins_config "${DIR}/value_files/${HELM_CHART_RBAC_VALUE_FILE_NAME}" "/tmp/configmap-dynamic-plugins-rbac.yaml"
   oc apply -f /tmp/configmap-dynamic-plugins-rbac.yaml -n "${NAME_SPACE_RBAC}"

diff --git a/.ibm/pipelines/utils.sh b/.ibm/pipelines/utils.sh
@@ -462,10 +462,19 @@ apply_yaml_files() {
       --from-file="dynamic-homepage-and-sidebar-config.yaml"="$dir/resources/config_map/dynamic-homepage-and-sidebar-config.yaml" \
       --namespace="${project}" \
       --dry-run=client -o yaml | oc apply -f -
-    oc create configmap rbac-policy \
-      --from-file="rbac-policy.csv"="$dir/resources/config_map/rbac-policy.csv" \
-      --namespace="$project" \
-      --dry-run=client -o yaml | oc apply -f -
+
+    if [[ "${project}" == *showcase-op* ]]; then
+      oc create configmap rbac-policy \
+        --from-file="rbac-policy.csv"="$dir/resources/config_map/rbac-policy.csv" \
+        --from-file="conditional-policies.yaml"="/tmp/conditional-policies.yaml" \
+        --namespace="$project" \
+        --dry-run=client -o yaml | oc apply -f -
+    else
+      oc create configmap rbac-policy \
+        --from-file="rbac-policy.csv"="$dir/resources/config_map/rbac-policy.csv" \
+        --namespace="$project" \
+        --dry-run=client -o yaml | oc apply -f -
+    fi
 
     oc apply -f "$dir/auth/secrets-rhdh-secrets.yaml" --namespace="${project}"
 
@@ -513,6 +522,8 @@ select_config_map_file() {
   fi
 }
 
+
+
 create_dynamic_plugins_config() {
   local base_file=$1
   local final_file=$2
@@ -525,6 +536,10 @@ data:
   yq '.global.dynamic' ${base_file} | sed -e 's/^/    /' >> ${final_file}
 }
 
+create_conditional_policies_operator() {
+  local destination_file=$1
+  yq '.upstream.backstage.initContainers[0].command[2]' "${DIR}/value_files/values_showcase-rbac.yaml" | head -n -4 | tail -n +2 > ${destination_file}
+}
 create_app_config_map_k8s() {
     local config_file=$1
     local project=$2