Skip to content
This repository has been archived by the owner on Dec 16, 2024. It is now read-only.

Commit

Permalink
update rbac
Browse files Browse the repository at this point in the history
  • Loading branch information
@maleck13
maleck13 committed Nov 9, 2023
1 parent 21961cf commit 77acf07
Show file tree
Hide file tree
Showing 6 changed files with 6 additions and 30 deletions.
7 changes: 0 additions & 7 deletions bundle/manifests/mgc-dnsrecord-editor-role_rbac.authorization.k8s.io_v1_clusterrole.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2,13 +2,6 @@ apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
creationTimestamp: null
labels:
app.kubernetes.io/component: rbac
app.kubernetes.io/created-by: multicluster-gateway-controller
app.kubernetes.io/instance: dnsrecord-editor-role
app.kubernetes.io/managed-by: kustomize
app.kubernetes.io/name: clusterrole
app.kubernetes.io/part-of: multicluster-gateway-controller
name: mgc-dnsrecord-editor-role
rules:
- apiGroups:
Expand Down
7 changes: 1 addition & 6 deletions bundle/manifests/multicluster-gateway-controller.clusterserviceversion.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -4,7 +4,7 @@ metadata:
annotations:
alm-examples: '[]'
capabilities: Basic Install
createdAt: "2023-11-09T08:42:12Z"
createdAt: "2023-11-09T08:49:14Z"
operators.operatorframework.io/builder: operator-sdk-v1.28.0
operators.operatorframework.io/project_layout: go.kubebuilder.io/v3
name: multicluster-gateway-controller.v0.0.0
Expand Down Expand Up @@ -310,7 +310,6 @@ spec:
resources:
- secrets
verbs:
- delete
- get
- list
- watch
Expand Down Expand Up @@ -353,8 +352,6 @@ spec:
resources:
- gateways
verbs:
- create
- delete
- get
- list
- patch
Expand Down Expand Up @@ -407,7 +404,6 @@ spec:
resources:
- dnspolicies
verbs:
- create
- delete
- get
- list
Expand Down Expand Up @@ -485,7 +481,6 @@ spec:
resources:
- tlspolicies
verbs:
- create
- delete
- get
- list
Expand Down
7 changes: 0 additions & 7 deletions config/policy-controller/rbac/dnsrecord_editor_role.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2,13 +2,6 @@
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
labels:
app.kubernetes.io/name: clusterrole
app.kubernetes.io/instance: dnsrecord-editor-role
app.kubernetes.io/component: rbac
app.kubernetes.io/created-by: multicluster-gateway-controller
app.kubernetes.io/part-of: multicluster-gateway-controller
app.kubernetes.io/managed-by: kustomize
name: dnsrecord-editor-role
rules:
- apiGroups:
Expand Down
5 changes: 0 additions & 5 deletions config/policy-controller/rbac/role.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -10,7 +10,6 @@ rules:
resources:
- secrets
verbs:
- delete
- get
- list
- watch
Expand Down Expand Up @@ -53,8 +52,6 @@ rules:
resources:
- gateways
verbs:
- create
- delete
- get
- list
- patch
Expand Down Expand Up @@ -107,7 +104,6 @@ rules:
resources:
- dnspolicies
verbs:
- create
- delete
- get
- list
Expand Down Expand Up @@ -185,7 +181,6 @@ rules:
resources:
- tlspolicies
verbs:
- create
- delete
- get
- list
Expand Down
4 changes: 2 additions & 2 deletions pkg/controllers/dnspolicy/dnspolicy_controller.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -64,11 +64,11 @@ type DNSPolicyReconciler struct {
dnsHelper dnsHelper
}

//+kubebuilder:rbac:groups=kuadrant.io,resources=dnspolicies,verbs=get;list;watch;create;update;patch;delete
//+kubebuilder:rbac:groups=kuadrant.io,resources=dnspolicies,verbs=get;list;watch;update;patch;delete
//+kubebuilder:rbac:groups=kuadrant.io,resources=dnspolicies/status,verbs=get;update;patch
//+kubebuilder:rbac:groups=kuadrant.io,resources=dnspolicies/finalizers,verbs=update
//+kubebuilder:rbac:groups=cluster.open-cluster-management.io,resources=managedclusters,verbs=get;list;watch
// +kubebuilder:rbac:groups=gateway.networking.k8s.io,resources=gateways,verbs=get;list;watch;create;update;patch;delete
// +kubebuilder:rbac:groups=gateway.networking.k8s.io,resources=gateways,verbs=get;list;watch;update;patch
// +kubebuilder:rbac:groups=gateway.networking.k8s.io,resources=gateways/status,verbs=get;update;patch
// +kubebuilder:rbac:groups=gateway.networking.k8s.io,resources=gateways/finalizers,verbs=update

Expand Down
6 changes: 3 additions & 3 deletions pkg/controllers/tlspolicy/tlspolicy_controller.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -64,13 +64,13 @@ type TLSPolicyReconciler struct {
Scheme *runtime.Scheme
}

//+kubebuilder:rbac:groups=kuadrant.io,resources=tlspolicies,verbs=get;list;watch;create;update;patch;delete
//+kubebuilder:rbac:groups=kuadrant.io,resources=tlspolicies,verbs=get;list;watch;update;patch;delete
//+kubebuilder:rbac:groups=kuadrant.io,resources=tlspolicies/status,verbs=get;update;patch
//+kubebuilder:rbac:groups=kuadrant.io,resources=tlspolicies/finalizers,verbs=update
//+kubebuilder:rbac:groups="cert-manager.io",resources=issuers,verbs=get;list;
//+kubebuilder:rbac:groups="cert-manager.io",resources=clusterissuers,verbs=get;list;
// +kubebuilder:rbac:groups="",resources=secrets,verbs=get;list;watch;delete
// +kubebuilder:rbac:groups="cert-manager.io",resources=certificates,verbs=get;list;watch;create;update;patch;delete
//+kubebuilder:rbac:groups="",resources=secrets,verbs=get;list;watch
//+kubebuilder:rbac:groups="cert-manager.io",resources=certificates,verbs=get;list;watch;create;update;patch;delete

func (r *TLSPolicyReconciler) Reconcile(ctx context.Context, req ctrl.Request) (ctrl.Result, error) {
log := r.Logger().WithValues("TLSPolicy", req.NamespacedName)
Expand Down

0 comments on commit 77acf07

Please sign in to comment.