add resource output

openshift · Dec 5, 2024 · 9c1aac2 · 9c1aac2
1 parent 456a46c
commit 9c1aac2
Showing 1 changed file with 20 additions and 28 deletions.
diff --git a/pkg/cmd/mom/output_resources_command.go b/pkg/cmd/mom/output_resources_command.go
@@ -22,17 +22,22 @@ func runOutputResources(ctx context.Context) (*libraryoutputresources.OutputReso
 		ManagementResources: libraryoutputresources.ResourceList{
 			ExactResources: []libraryoutputresources.ExactResourceID{
 				libraryoutputresources.ExactClusterOperator("authentication"),
+				libraryoutputresources.ExactLowLevelOperator("authentications"),
+				libraryoutputresources.ExactNamespace("openshift-authentication"),
+				libraryoutputresources.ExactNamespace("openshift-oauth-apiserver"),
+
 				libraryoutputresources.ExactConfigMap("openshift-authentication", "audit"),
 				libraryoutputresources.ExactConfigMap("openshift-authentication", "v4-0-config-system-trusted-ca-bundle"),
 				libraryoutputresources.ExactDeployment("openshift-authentication", "oauth-openshift"),
-				libraryoutputresources.ExactLowLevelOperator("authentications"),
-				exactNamespace("openshift-authentication"),
-				exactRole("openshift-config-managed", "system:openshift:oauth-servercert-trust"),
-				exactRoleBinding("openshift-config-managed", "system:openshift:oauth-servercert-trust"),
 				libraryoutputresources.ExactSecret("openshift-authentication", "v4-0-config-system-session"),
 				libraryoutputresources.ExactSecret("openshift-authentication", "v4-0-config-system-ocp-branding-template"),
-				exactService("openshift-authentication", "oauth-openshift"),
+				libraryoutputresources.ExactService("openshift-authentication", "oauth-openshift"),
 				libraryoutputresources.ExactServiceAccount("openshift-authentication", "oauth-openshift"),
+
+				libraryoutputresources.ExactRole("openshift-config-managed", "system:openshift:oauth-servercert-trust"),
+				libraryoutputresources.ExactRoleBinding("openshift-config-managed", "system:openshift:oauth-servercert-trust"),
+
+				libraryoutputresources.ExactPDB("openshift-oauth-apiserver", "oauth-apiserver-pdb"),
 			},
 			EventingNamespaces: []string{
 				"openshift-authentication-operator",
@@ -41,33 +46,20 @@ func runOutputResources(ctx context.Context) (*libraryoutputresources.OutputReso
 		UserWorkloadResources: libraryoutputresources.ResourceList{
 			ExactResources: []libraryoutputresources.ExactResourceID{
 				libraryoutputresources.ExactClusterRoleBinding("system:openshift:openshift-authentication"),
-				exactOAuthClient("openshift-browser-client"),
-				exactOAuthClient("openshift-challenging-client"),
-				exactOAuthClient("openshift-cli-client"),
+				libraryoutputresources.ExactClusterRoleBinding("system:openshift:oauth-apiserver"),
+				libraryoutputresources.ExactClusterRoleBinding("system:openshift:useroauthaccesstoken-manager"),
+				libraryoutputresources.ExactClusterRole("system:openshift:useroauthaccesstoken-manager"),
+				libraryoutputresources.ExactOAuthClient("openshift-browser-client"),
+				libraryoutputresources.ExactOAuthClient("openshift-challenging-client"),
+				libraryoutputresources.ExactOAuthClient("openshift-cli-client"),
+
+				// these are used to access resources in the user workload cluster
+				libraryoutputresources.ExactServiceAccount("openshift-oauth-apiserver", "oauth-apiserver-sa"),
+				libraryoutputresources.ExactService("openshift-oauth-apiserver", "api"),
 			},
 			GeneratedNameResources: []libraryoutputresources.GeneratedResourceID{
 				libraryoutputresources.GeneratedCSR("system:openshift:openshift-authenticator-"),
 			},
 		},
 	}, nil
 }
-
-func exactOAuthClient(name string) libraryoutputresources.ExactResourceID {
-	return libraryoutputresources.ExactResource("oauth.openshift.io", "v1", "oauthclients", "", name)
-}
-
-func exactNamespace(name string) libraryoutputresources.ExactResourceID {
-	return libraryoutputresources.ExactNamespace(name)
-}
-
-func exactService(namespace, name string) libraryoutputresources.ExactResourceID {
-	return libraryoutputresources.ExactResource("", "v1", "services", namespace, name)
-}
-
-func exactRole(namespace, name string) libraryoutputresources.ExactResourceID {
-	return libraryoutputresources.ExactRole(namespace, name)
-}
-
-func exactRoleBinding(namespace, name string) libraryoutputresources.ExactResourceID {
-	return libraryoutputresources.ExactRoleBinding(namespace, name)
-}