From 044bf2e4154ca1500211a6a34a7ee063886b2c30 Mon Sep 17 00:00:00 2001
From: Slava Semushin <vsemushi@redhat.com>
Date: Tue, 17 Apr 2018 12:31:15 +0200
Subject: [PATCH] Update addon manifests to use policy/v1beta1 and grant
 permissions in policy API group.

---
 .../podsecuritypolicies/etcd-empty-dir-cleanup-psp-role.yaml    | 2 +-
 .../podsecuritypolicies/etcd-empty-dir-cleanup-psp.yaml         | 2 +-
 .../podsecuritypolicies/event-exporter-psp-role.yaml            | 2 +-
 .../fluentd-gcp/podsecuritypolicies/event-exporter-psp.yaml     | 2 +-
 .../fluentd-gcp/podsecuritypolicies/fluentd-gcp-psp-role.yaml   | 2 +-
 .../addons/fluentd-gcp/podsecuritypolicies/fluentd-gcp-psp.yaml | 2 +-
 .../podsecuritypolicies/persistent-volume-binder-role.yaml      | 2 +-
 .../addons/podsecuritypolicies/persistent-volume-binder.yaml    | 2 +-
 cluster/gce/addons/podsecuritypolicies/privileged-role.yaml     | 2 +-
 cluster/gce/addons/podsecuritypolicies/privileged.yaml          | 2 +-
 .../gce/addons/podsecuritypolicies/unprivileged-addon-role.yaml | 2 +-
 cluster/gce/addons/podsecuritypolicies/unprivileged-addon.yaml  | 2 +-
 12 files changed, 12 insertions(+), 12 deletions(-)

diff --git a/cluster/addons/etcd-empty-dir-cleanup/podsecuritypolicies/etcd-empty-dir-cleanup-psp-role.yaml b/cluster/addons/etcd-empty-dir-cleanup/podsecuritypolicies/etcd-empty-dir-cleanup-psp-role.yaml
index 6b577479d59..0f57b204d38 100644
--- a/cluster/addons/etcd-empty-dir-cleanup/podsecuritypolicies/etcd-empty-dir-cleanup-psp-role.yaml
+++ b/cluster/addons/etcd-empty-dir-cleanup/podsecuritypolicies/etcd-empty-dir-cleanup-psp-role.yaml
@@ -8,7 +8,7 @@ metadata:
     addonmanager.kubernetes.io/mode: Reconcile
 rules:
 - apiGroups:
-  - extensions
+  - policy
   resourceNames:
   - gce.etcd-empty-dir-cleanup
   resources:
diff --git a/cluster/addons/etcd-empty-dir-cleanup/podsecuritypolicies/etcd-empty-dir-cleanup-psp.yaml b/cluster/addons/etcd-empty-dir-cleanup/podsecuritypolicies/etcd-empty-dir-cleanup-psp.yaml
index d51c4781148..c0b315d5868 100644
--- a/cluster/addons/etcd-empty-dir-cleanup/podsecuritypolicies/etcd-empty-dir-cleanup-psp.yaml
+++ b/cluster/addons/etcd-empty-dir-cleanup/podsecuritypolicies/etcd-empty-dir-cleanup-psp.yaml
@@ -1,4 +1,4 @@
-apiVersion: extensions/v1beta1
+apiVersion: policy/v1beta1
 kind: PodSecurityPolicy
 metadata:
   name: gce.etcd-empty-dir-cleanup
diff --git a/cluster/addons/fluentd-gcp/podsecuritypolicies/event-exporter-psp-role.yaml b/cluster/addons/fluentd-gcp/podsecuritypolicies/event-exporter-psp-role.yaml
index f360a87f4c8..1b0e02b2aa2 100644
--- a/cluster/addons/fluentd-gcp/podsecuritypolicies/event-exporter-psp-role.yaml
+++ b/cluster/addons/fluentd-gcp/podsecuritypolicies/event-exporter-psp-role.yaml
@@ -8,7 +8,7 @@ metadata:
     addonmanager.kubernetes.io/mode: Reconcile
 rules:
 - apiGroups:
-  - extensions
+  - policy
   resourceNames:
   - gce.event-exporter
   resources:
diff --git a/cluster/addons/fluentd-gcp/podsecuritypolicies/event-exporter-psp.yaml b/cluster/addons/fluentd-gcp/podsecuritypolicies/event-exporter-psp.yaml
index 48e57f7f0a6..d08d39312e5 100644
--- a/cluster/addons/fluentd-gcp/podsecuritypolicies/event-exporter-psp.yaml
+++ b/cluster/addons/fluentd-gcp/podsecuritypolicies/event-exporter-psp.yaml
@@ -1,4 +1,4 @@
-apiVersion: extensions/v1beta1
+apiVersion: policy/v1beta1
 kind: PodSecurityPolicy
 metadata:
   name: gce.event-exporter
diff --git a/cluster/addons/fluentd-gcp/podsecuritypolicies/fluentd-gcp-psp-role.yaml b/cluster/addons/fluentd-gcp/podsecuritypolicies/fluentd-gcp-psp-role.yaml
index 478257bf2a4..529d41b7ae4 100644
--- a/cluster/addons/fluentd-gcp/podsecuritypolicies/fluentd-gcp-psp-role.yaml
+++ b/cluster/addons/fluentd-gcp/podsecuritypolicies/fluentd-gcp-psp-role.yaml
@@ -8,7 +8,7 @@ metadata:
     addonmanager.kubernetes.io/mode: Reconcile
 rules:
 - apiGroups:
-  - extensions
+  - policy
   resourceNames:
   - gce.fluentd-gcp
   resources:
diff --git a/cluster/addons/fluentd-gcp/podsecuritypolicies/fluentd-gcp-psp.yaml b/cluster/addons/fluentd-gcp/podsecuritypolicies/fluentd-gcp-psp.yaml
index 36b3168f83d..e9616473363 100644
--- a/cluster/addons/fluentd-gcp/podsecuritypolicies/fluentd-gcp-psp.yaml
+++ b/cluster/addons/fluentd-gcp/podsecuritypolicies/fluentd-gcp-psp.yaml
@@ -1,4 +1,4 @@
-apiVersion: extensions/v1beta1
+apiVersion: policy/v1beta1
 kind: PodSecurityPolicy
 metadata:
   name: gce.fluentd-gcp
diff --git a/cluster/gce/addons/podsecuritypolicies/persistent-volume-binder-role.yaml b/cluster/gce/addons/podsecuritypolicies/persistent-volume-binder-role.yaml
index 27770701991..5103b54ddd8 100644
--- a/cluster/gce/addons/podsecuritypolicies/persistent-volume-binder-role.yaml
+++ b/cluster/gce/addons/podsecuritypolicies/persistent-volume-binder-role.yaml
@@ -11,7 +11,7 @@ metadata:
     addonmanager.kubernetes.io/mode: Reconcile
 rules:
 - apiGroups:
-  - extensions
+  - policy
   resourceNames:
   - gce.persistent-volume-binder
   resources:
diff --git a/cluster/gce/addons/podsecuritypolicies/persistent-volume-binder.yaml b/cluster/gce/addons/podsecuritypolicies/persistent-volume-binder.yaml
index f1546203757..68b1a8f733e 100644
--- a/cluster/gce/addons/podsecuritypolicies/persistent-volume-binder.yaml
+++ b/cluster/gce/addons/podsecuritypolicies/persistent-volume-binder.yaml
@@ -1,4 +1,4 @@
-apiVersion: extensions/v1beta1
+apiVersion: policy/v1beta1
 kind: PodSecurityPolicy
 metadata:
   name: gce.persistent-volume-binder
diff --git a/cluster/gce/addons/podsecuritypolicies/privileged-role.yaml b/cluster/gce/addons/podsecuritypolicies/privileged-role.yaml
index 84bc91898d3..d89f67f2591 100644
--- a/cluster/gce/addons/podsecuritypolicies/privileged-role.yaml
+++ b/cluster/gce/addons/podsecuritypolicies/privileged-role.yaml
@@ -7,7 +7,7 @@ metadata:
     addonmanager.kubernetes.io/mode: Reconcile
 rules:
 - apiGroups:
-  - extensions
+  - policy
   resourceNames:
   - gce.privileged
   resources:
diff --git a/cluster/gce/addons/podsecuritypolicies/privileged.yaml b/cluster/gce/addons/podsecuritypolicies/privileged.yaml
index 0fb96e1644d..ba85ef98700 100644
--- a/cluster/gce/addons/podsecuritypolicies/privileged.yaml
+++ b/cluster/gce/addons/podsecuritypolicies/privileged.yaml
@@ -1,4 +1,4 @@
-apiVersion: extensions/v1beta1
+apiVersion: policy/v1beta1
 kind: PodSecurityPolicy
 metadata:
   name: gce.privileged
diff --git a/cluster/gce/addons/podsecuritypolicies/unprivileged-addon-role.yaml b/cluster/gce/addons/podsecuritypolicies/unprivileged-addon-role.yaml
index 580d67dec42..2edfd62e078 100644
--- a/cluster/gce/addons/podsecuritypolicies/unprivileged-addon-role.yaml
+++ b/cluster/gce/addons/podsecuritypolicies/unprivileged-addon-role.yaml
@@ -8,7 +8,7 @@ metadata:
     addonmanager.kubernetes.io/mode: Reconcile
 rules:
 - apiGroups:
-  - extensions
+  - policy
   resourceNames:
   - gce.unprivileged-addon
   resources:
diff --git a/cluster/gce/addons/podsecuritypolicies/unprivileged-addon.yaml b/cluster/gce/addons/podsecuritypolicies/unprivileged-addon.yaml
index c3af5e2a356..9df16efbaf4 100644
--- a/cluster/gce/addons/podsecuritypolicies/unprivileged-addon.yaml
+++ b/cluster/gce/addons/podsecuritypolicies/unprivileged-addon.yaml
@@ -1,4 +1,4 @@
-apiVersion: extensions/v1beta1
+apiVersion: policy/v1beta1
 kind: PodSecurityPolicy
 metadata:
   name: gce.unprivileged-addon