#!/usr/bin/env bash

KUBECONFIGPATH="$(dirname $0)/kubeconfigs/default-admin.conf"

cat <<EOF | KUBECONFIG=$KUBECONFIGPATH kubectl apply -f -
---
apiVersion: v1
kind: Namespace
metadata:
  name: garden
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
  name: gardener.cloud:admin
  labels:
    garden.sapcloud.io/role: admin
    gardener.cloud/role: admin
rules:
- apiGroups:
  - core.gardener.cloud
  - dashboard.gardener.cloud
  - settings.gardener.cloud
  resources:
  - '*'
  verbs:
  - '*'
- apiGroups:
  - ""
  resources:
  - namespaces
  - secrets
  verbs:
  - get
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
  labels:
    kubernetes.io/bootstrapping: rbac-defaults
  name: front-proxy-client
roleRef:
  apiGroup: rbac.authorization.k8s.io
  kind: ClusterRole
  name: gardener.cloud:admin
subjects:
- apiGroup: rbac.authorization.k8s.io
  kind: User
  name: front-proxy-client
EOF
