Skip to content

Commit a0d0918

Browse files
Kun483Kun483
committed
Add RBAC resources and update kustomization for capc-controller-manager
1 parent c96da8f commit a0d0918

File tree

2 files changed

+211
-0
lines changed

2 files changed

+211
-0
lines changed

spectro/controller/kustomization.yaml

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -14,6 +14,7 @@ labels:
1414
cluster.x-k8s.io/provider: "infrastructure-cloudstack"
1515

1616
resources:
17+
- ../../config/rbac
1718
- ../../config/manager
1819
patches:
1920
- target:

spectro/generated/controller-manifests.yaml

Lines changed: 210 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -1,4 +1,214 @@
11
apiVersion: v1
2+
kind: ServiceAccount
3+
metadata:
4+
labels:
5+
cluster.x-k8s.io/provider: infrastructure-cloudstack
6+
name: capc-controller-manager
7+
namespace: capc-system
8+
---
9+
apiVersion: rbac.authorization.k8s.io/v1
10+
kind: Role
11+
metadata:
12+
labels:
13+
cluster.x-k8s.io/provider: infrastructure-cloudstack
14+
name: capc-leader-election-role
15+
namespace: capc-system
16+
rules:
17+
- apiGroups:
18+
- ""
19+
resources:
20+
- configmaps
21+
verbs:
22+
- get
23+
- list
24+
- watch
25+
- create
26+
- update
27+
- patch
28+
- delete
29+
- apiGroups:
30+
- ""
31+
resources:
32+
- configmaps/status
33+
verbs:
34+
- get
35+
- update
36+
- patch
37+
- apiGroups:
38+
- ""
39+
resources:
40+
- events
41+
verbs:
42+
- create
43+
- apiGroups:
44+
- coordination.k8s.io
45+
resources:
46+
- leases
47+
verbs:
48+
- get
49+
- list
50+
- watch
51+
- create
52+
- update
53+
- patch
54+
- delete
55+
---
56+
apiVersion: rbac.authorization.k8s.io/v1
57+
kind: ClusterRole
58+
metadata:
59+
labels:
60+
cluster.x-k8s.io/provider: infrastructure-cloudstack
61+
name: capc-manager-role
62+
rules:
63+
- apiGroups:
64+
- ""
65+
resources:
66+
- configmaps
67+
- secrets
68+
verbs:
69+
- get
70+
- list
71+
- watch
72+
- apiGroups:
73+
- ""
74+
resources:
75+
- events
76+
verbs:
77+
- create
78+
- get
79+
- list
80+
- patch
81+
- update
82+
- watch
83+
- apiGroups:
84+
- cluster.x-k8s.io
85+
resources:
86+
- clusters
87+
- clusters/status
88+
- machines/status
89+
- machinesets
90+
- machinesets/status
91+
verbs:
92+
- get
93+
- list
94+
- watch
95+
- apiGroups:
96+
- cluster.x-k8s.io
97+
resources:
98+
- machines
99+
verbs:
100+
- delete
101+
- get
102+
- list
103+
- watch
104+
- apiGroups:
105+
- controlplane.cluster.x-k8s.io
106+
resources:
107+
- kubeadmcontrolplanes
108+
- kubeadmcontrolplanes/status
109+
verbs:
110+
- get
111+
- list
112+
- watch
113+
- apiGroups:
114+
- etcdcluster.cluster.x-k8s.io
115+
resources:
116+
- etcdadmclusters
117+
- etcdadmclusters/status
118+
verbs:
119+
- get
120+
- list
121+
- watch
122+
- apiGroups:
123+
- infrastructure.cluster.x-k8s.io
124+
resources:
125+
- cloudstackaffinitygroups
126+
- cloudstackclusters
127+
- cloudstackfailuredomains
128+
- cloudstackisolatednetworks
129+
- cloudstackmachines
130+
- cloudstackmachinestatecheckers
131+
verbs:
132+
- create
133+
- delete
134+
- get
135+
- list
136+
- patch
137+
- update
138+
- watch
139+
- apiGroups:
140+
- infrastructure.cluster.x-k8s.io
141+
resources:
142+
- cloudstackaffinitygroups/finalizers
143+
- cloudstackclusters/finalizers
144+
- cloudstackfailuredomains/finalizers
145+
- cloudstackisolatednetworks/finalizers
146+
- cloudstackmachines/finalizers
147+
- cloudstackmachinestatecheckers/finalizers
148+
verbs:
149+
- update
150+
- apiGroups:
151+
- infrastructure.cluster.x-k8s.io
152+
resources:
153+
- cloudstackaffinitygroups/status
154+
- cloudstackfailuredomains/status
155+
- cloudstackisolatednetworks/status
156+
- cloudstackmachines/status
157+
- cloudstackmachinestatecheckers/status
158+
verbs:
159+
- get
160+
- patch
161+
- update
162+
- apiGroups:
163+
- infrastructure.cluster.x-k8s.io
164+
resources:
165+
- cloudstackclusters/status
166+
verbs:
167+
- create
168+
- get
169+
- patch
170+
- update
171+
- apiGroups:
172+
- infrastructure.cluster.x-k8s.io
173+
resources:
174+
- cloudstackmachinetemplate
175+
verbs:
176+
- get
177+
- list
178+
- watch
179+
---
180+
apiVersion: rbac.authorization.k8s.io/v1
181+
kind: RoleBinding
182+
metadata:
183+
labels:
184+
cluster.x-k8s.io/provider: infrastructure-cloudstack
185+
name: capc-leader-election-rolebinding
186+
namespace: capc-system
187+
roleRef:
188+
apiGroup: rbac.authorization.k8s.io
189+
kind: Role
190+
name: capc-leader-election-role
191+
subjects:
192+
- kind: ServiceAccount
193+
name: capc-controller-manager
194+
namespace: capc-system
195+
---
196+
apiVersion: rbac.authorization.k8s.io/v1
197+
kind: ClusterRoleBinding
198+
metadata:
199+
labels:
200+
cluster.x-k8s.io/provider: infrastructure-cloudstack
201+
name: capc-manager-rolebinding
202+
roleRef:
203+
apiGroup: rbac.authorization.k8s.io
204+
kind: ClusterRole
205+
name: capc-manager-role
206+
subjects:
207+
- kind: ServiceAccount
208+
name: capc-controller-manager
209+
namespace: capc-system
210+
---
211+
apiVersion: v1
2212
data:
3213
controller_manager_config.yaml: |
4214
apiVersion: controller-runtime.sigs.k8s.io/v1alpha1

0 commit comments

Comments
 (0)