Support creating Role and RoleBinding for service account of deployment.

[kstekovi]

Is your feature request related to a problem?
The Intersmash doesn't support creating Role and RoleBinding.

Describe the solution you'd like
The Intersmash support resources for Secrets. The solution for Role and RoleBinging could be similar to Secrets.

• create a new interface (e.g.: HasRoles) which defines the two methods (e.g.: getRoles() and getRoleBindings())
• let the WildflyOpenShiftApplication implement them returning Collections.emptyList() as it's currently doing for getSecrets().
• update preDeploy() and postUndeploy in OpenShiftProvisioner

Describe alternatives you've considered
Now you can execute oc commands to create required resource.

Additional context
This could help with test implementation for autodiscovery feature which require permission to list routes from OpenShift. The autodiscovery is a feature used by OIDC and SAML authentication. The deployment application in Wildfly can register itself in Keycloak authentication server automatically. For this automatic registration require know what is its host name. The autodicovery is feature can load the host name from OpenShift but it require the permission to list routes. So you don't need to configure the host name of your application in your HelmChart (OIDC_HOSTNAME_HTTP/S variable for OIDC and SSO_HOSTNAME_HTTP/S for SAML)

[fabiobrz]

Hi @kstekovi - and thanks for filing this issue.
Do I understand correctly that your issue is to avoid using the oc binary in first place?
In such case, yes, we would be on the same page since the less it's used, the better.

That being said, though, I think you're relating to WildflyOpenShiftApplication, correct?
If that is true, those methods' implementation is called by the OpenShiftProvisioner preDeploy() and popstUndeploy.

This is by design, i.e. it means that any OpenShiftProvisionerconcrete implementation could follow this behavior and for this very reason the feature you're proposing should:

• base its implementation on a new interface (e.g.: HasRoles) which defines the two methods (e.g.: getRoles() and getRoleBindings())
• let the WildflyOpenShiftApplication implement them returning Collections.emptyList() as it's currently doing for getSecrets().

WDYT?

[kstekovi]

Do I understand correctly that your issue is to avoid using the oc binary in first place?

Yes, This is exactly the reason why i create this.

That being said, though, I think you're relating to WildflyOpenShiftApplication, correct?

Yes. Description of the issue updated.

Thank you for suggestion.

[dosubot]

Hi, @kstekovi. I'm Dosu, and I'm helping the intersmash team manage their backlog. I'm marking this issue as stale.

Issue Summary:

• You raised an issue to add support for creating Role and RoleBinding for service accounts in Intersmash.
• The goal is to eliminate the need for manual oc command execution.
• A proposed solution involves creating a new interface for roles and role bindings.
• @fabiobrz confirmed the understanding and suggested implementing the new interface, which you agreed to.
• The issue description has been updated to reflect the agreed-upon solution.

Next Steps:

• Please confirm if this issue is still relevant to the latest version of the intersmash repository by commenting on the issue.
• If no further activity occurs, the issue will be automatically closed in 30 days.

Thank you for your understanding and contribution!