diff --git a/pkg/kubectl/BUILD b/pkg/kubectl/BUILD index 75568b77ae0..fd0b16aa903 100644 --- a/pkg/kubectl/BUILD +++ b/pkg/kubectl/BUILD @@ -97,6 +97,7 @@ go_library( "//vendor:k8s.io/apimachinery/pkg/types", "//vendor:k8s.io/apimachinery/pkg/util/errors", "//vendor:k8s.io/apimachinery/pkg/util/intstr", + "//vendor:k8s.io/apimachinery/pkg/util/sets", "//vendor:k8s.io/apimachinery/pkg/util/uuid", "//vendor:k8s.io/apimachinery/pkg/util/validation", "//vendor:k8s.io/apimachinery/pkg/util/wait", diff --git a/pkg/kubectl/clusterrolebinding.go b/pkg/kubectl/clusterrolebinding.go index a05acdc1587..b5a0b0d1fdf 100644 --- a/pkg/kubectl/clusterrolebinding.go +++ b/pkg/kubectl/clusterrolebinding.go @@ -22,6 +22,7 @@ import ( "strings" "k8s.io/apimachinery/pkg/runtime" + "k8s.io/apimachinery/pkg/util/sets" "k8s.io/kubernetes/pkg/apis/rbac" ) @@ -115,21 +116,21 @@ func (s ClusterRoleBindingGeneratorV1) StructuredGenerate() (runtime.Object, err Kind: "ClusterRole", Name: s.ClusterRole, } - for _, user := range s.Users { + for _, user := range sets.NewString(s.Users...).List() { clusterRoleBinding.Subjects = append(clusterRoleBinding.Subjects, rbac.Subject{ Kind: rbac.UserKind, APIGroup: rbac.GroupName, Name: user, }) } - for _, group := range s.Groups { + for _, group := range sets.NewString(s.Groups...).List() { clusterRoleBinding.Subjects = append(clusterRoleBinding.Subjects, rbac.Subject{ Kind: rbac.GroupKind, APIGroup: rbac.GroupName, Name: group, }) } - for _, sa := range s.ServiceAccounts { + for _, sa := range sets.NewString(s.ServiceAccounts...).List() { tokens := strings.Split(sa, ":") if len(tokens) != 2 { return nil, fmt.Errorf("serviceaccount must be :") diff --git a/pkg/kubectl/rolebinding.go b/pkg/kubectl/rolebinding.go index b37f0e045f2..f9630efbe9e 100644 --- a/pkg/kubectl/rolebinding.go +++ b/pkg/kubectl/rolebinding.go @@ -22,6 +22,7 @@ import ( "strings" "k8s.io/apimachinery/pkg/runtime" + "k8s.io/apimachinery/pkg/util/sets" "k8s.io/kubernetes/pkg/apis/rbac" ) @@ -130,21 +131,21 @@ func (s RoleBindingGeneratorV1) StructuredGenerate() (runtime.Object, error) { } } - for _, user := range s.Users { + for _, user := range sets.NewString(s.Users...).List() { roleBinding.Subjects = append(roleBinding.Subjects, rbac.Subject{ Kind: rbac.UserKind, APIGroup: rbac.GroupName, Name: user, }) } - for _, group := range s.Groups { + for _, group := range sets.NewString(s.Groups...).List() { roleBinding.Subjects = append(roleBinding.Subjects, rbac.Subject{ Kind: rbac.GroupKind, APIGroup: rbac.GroupName, Name: group, }) } - for _, sa := range s.ServiceAccounts { + for _, sa := range sets.NewString(s.ServiceAccounts...).List() { tokens := strings.Split(sa, ":") if len(tokens) != 2 { return nil, fmt.Errorf("serviceaccount must be :")