Skip to content

[minor] add pre-install rbac for saas #376

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
whitfiea merged 2 commits into from
Jun 8, 2026
Merged

[minor] add pre-install rbac for saas #376

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
dd61ad2
add pre-install for saas
Jun 8, 2026
1ded2ab
Merge branch 'stable' into ds-saas
dixitgsathwara Jun 8, 2026
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
101 changes: 101 additions & 0 deletions bin/mas-devops-apply-preinstall-rbac-for-saas
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,101 @@
#!/usr/bin/env python3

# *****************************************************************************
# Copyright (c) 2024 IBM Corporation and other Contributors.
#
# All rights reserved. This program and the accompanying materials
# are made available under the terms of the Eclipse Public License v1.0
# which accompanies this distribution, and is available at
# http://www.eclipse.org/legal/epl-v10.html
#
# *****************************************************************************

from mas.devops.pre_install import applyPreInstallMASRBAC
from kubernetes import client, config
from kubernetes.config.config_exception import ConfigException
from openshift.dynamic import DynamicClient
import sys
import argparse
import logging
import urllib3
urllib3.disable_warnings()


if __name__ == "__main__":
parser = argparse.ArgumentParser(description='Apply Pre-Install MAS RBAC')

parser.add_argument("--mas-instance-id", required=True, help="MAS Instance ID")
parser.add_argument("--mas-version", required=True, help="MAS Version (e.g., 9.2)")
parser.add_argument("--admin-mode", required=False, default="namespaced",
choices=["cluster", "namespaced", "minimal"],
help="Admin mode: cluster, namespaced, or minimal")
parser.add_argument("--selected-apps", required=False, default="core",
help="Comma-separated list of apps (e.g., core,manage,iot)")
parser.add_argument("--rbac-root-dir", required=False, default="/opt/app-root/rbac",
help="Root directory containing RBAC manifests")
parser.add_argument("--log-level", required=False,
choices=["DEBUG", "INFO", "WARNING", "ERROR", "CRITICAL"],
default="INFO")

args = parser.parse_args()

# Setup logging
log_level = getattr(logging, args.log_level)
logger = logging.getLogger()
logger.setLevel(log_level)

ch = logging.StreamHandler()
ch.setLevel(log_level)
chFormatter = logging.Formatter(
"%(asctime)-25s %(name)-50s %(levelname)-8s %(message)s"
)
ch.setFormatter(chFormatter)
logger.addHandler(ch)

mas_instance_id = args.mas_instance_id
mas_version = ".".join(args.mas_version.split(".")[:2])
admin_mode = args.admin_mode
selected_apps_str = args.selected_apps
rbac_root_dir = args.rbac_root_dir

# Parse selected apps
selected_apps = None
if selected_apps_str:
selected_apps = [app.strip() for app in selected_apps_str.split(',') if app.strip()]

logger.info("Configuration:")
logger.info("--------------")
logger.info(f"mas_instance_id: {mas_instance_id}")
logger.info(f"mas_version: {mas_version}")
logger.info(f"admin_mode: {admin_mode}")
logger.info(f"selected_apps: {selected_apps}")
logger.info(f"rbac_root_dir: {rbac_root_dir}")
logger.info(f"log_level: {log_level}")
logger.info("")

try:
# Try to load in-cluster configuration
config.load_incluster_config()
logger.debug("Loaded in-cluster configuration")
except ConfigException:
# If that fails, fall back to kubeconfig file
config.load_kube_config()
logger.debug("Loaded kubeconfig file")

try:
dynClient = DynamicClient(client.api_client.ApiClient())
applyPreInstallMASRBAC(
dynClient=dynClient,
masVersion=mas_version,
masInstanceId=mas_instance_id,
adminMode=admin_mode,
selectedApps=selected_apps,
rbacRootDir=rbac_root_dir
)
logger.info("Pre-Install MAS RBAC applied successfully")
sys.exit(0)
except Exception as e:
logger.error(f"Error applying Pre-Install MAS RBAC: {e}")
import traceback
traceback.print_exc()
sys.exit(1)
1 change: 1 addition & 0 deletions setup.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -94,5 +94,6 @@ def get_version(rel_path):
'bin/mas-devops-create-initial-users-for-saas',
'bin/mas-devops-saas-job-cleaner',
'bin/mas-devops-notify-slack',
'bin/mas-devops-apply-preinstall-rbac-for-saas',
]
)
Loading