mirror of
https://github.com/k3s-io/kubernetes.git
synced 2025-07-24 20:24:09 +00:00
Merge pull request #41383 from liggitt/v1beta1-cleanup
Automatic merge from submit-queue Update rbac data to v1beta1 Update RBAC fixtures to v1beta1
This commit is contained in:
commit
0a56830520
@ -3,7 +3,7 @@
|
||||
# TODO cjcullen should figure out how wants to manage his upgrade
|
||||
# this will only hold the e2e tests until we get an authorizer
|
||||
# which authorizes particular nodes
|
||||
apiVersion: rbac.authorization.k8s.io/v1alpha1
|
||||
apiVersion: rbac.authorization.k8s.io/v1beta1
|
||||
kind: ClusterRoleBinding
|
||||
metadata:
|
||||
name: kubelet-cluster-admin
|
||||
@ -14,6 +14,6 @@ roleRef:
|
||||
kind: ClusterRole
|
||||
name: system:node
|
||||
subjects:
|
||||
- apiVersion: rbac/v1alpha1
|
||||
- apiGroup: rbac.authorization.k8s.io
|
||||
kind: User
|
||||
name: kubelet
|
||||
|
@ -3,7 +3,7 @@
|
||||
# the system:serviceaccount:kube-system:default identity. We need to subdivide
|
||||
# those service accounts, figure out which ones we're going to make bootstrap roles for
|
||||
# and bind those particular roles in the addon yaml itself. This just gets us started
|
||||
apiVersion: rbac.authorization.k8s.io/v1alpha1
|
||||
apiVersion: rbac.authorization.k8s.io/v1beta1
|
||||
kind: ClusterRoleBinding
|
||||
metadata:
|
||||
name: todo-remove-grabbag-cluster-admin
|
||||
|
@ -1,12 +1,12 @@
|
||||
# privilegedPSP gives the privilegedPSP role
|
||||
# to the group privileged.
|
||||
apiVersion: rbac.authorization.k8s.io/v1alpha1
|
||||
apiVersion: rbac.authorization.k8s.io/v1beta1
|
||||
kind: ClusterRoleBinding
|
||||
metadata:
|
||||
name: privileged-psp-users
|
||||
subjects:
|
||||
- kind: Group
|
||||
apiVersion: rbac.authorization.k8s.io/v1alpha1
|
||||
apiGroup: rbac.authorization.k8s.io
|
||||
name: privileged-psp-users
|
||||
roleRef:
|
||||
apiGroup: rbac.authorization.k8s.io
|
||||
@ -15,16 +15,16 @@ roleRef:
|
||||
---
|
||||
# restrictedPSP grants the restrictedPSP role to
|
||||
# the groups restricted and privileged.
|
||||
apiVersion: rbac.authorization.k8s.io/v1alpha1
|
||||
apiVersion: rbac.authorization.k8s.io/v1beta1
|
||||
kind: ClusterRoleBinding
|
||||
metadata:
|
||||
name: restricted-psp-users
|
||||
subjects:
|
||||
- kind: Group
|
||||
apiVersion: rbac.authorization.k8s.io/v1alpha1
|
||||
apiGroup: rbac.authorization.k8s.io
|
||||
name: restricted-psp-users
|
||||
- kind: Group
|
||||
apiVersion: rbac.authorization.k8s.io/v1alpha1
|
||||
apiGroup: rbac.authorization.k8s.io
|
||||
name: privileged-psp-users
|
||||
roleRef:
|
||||
apiGroup: rbac.authorization.k8s.io
|
||||
@ -32,16 +32,16 @@ roleRef:
|
||||
name: restricted-psp-user
|
||||
---
|
||||
# edit grants edit role to system:authenticated.
|
||||
apiVersion: rbac.authorization.k8s.io/v1alpha1
|
||||
apiVersion: rbac.authorization.k8s.io/v1beta1
|
||||
kind: ClusterRoleBinding
|
||||
metadata:
|
||||
name: edit
|
||||
subjects:
|
||||
- kind: Group
|
||||
apiVersion: rbac.authorization.k8s.io/v1alpha1
|
||||
apiGroup: rbac.authorization.k8s.io
|
||||
name: privileged-psp-users
|
||||
- kind: Group
|
||||
apiVersion: rbac.authorization.k8s.io/v1alpha1
|
||||
apiGroup: rbac.authorization.k8s.io
|
||||
name: restricted-psp-users
|
||||
roleRef:
|
||||
apiGroup: rbac.authorization.k8s.io
|
||||
|
@ -1,6 +1,6 @@
|
||||
# restrictedPSP grants access to use
|
||||
# the restricted PSP.
|
||||
apiVersion: rbac.authorization.k8s.io/v1alpha1
|
||||
apiVersion: rbac.authorization.k8s.io/v1beta1
|
||||
kind: ClusterRole
|
||||
metadata:
|
||||
name: restricted-psp-user
|
||||
@ -16,7 +16,7 @@ rules:
|
||||
---
|
||||
# privilegedPSP grants access to use the privileged
|
||||
# PSP.
|
||||
apiVersion: rbac.authorization.k8s.io/v1alpha1
|
||||
apiVersion: rbac.authorization.k8s.io/v1beta1
|
||||
kind: ClusterRole
|
||||
metadata:
|
||||
name: privileged-psp-user
|
||||
|
@ -1,5 +1,5 @@
|
||||
# This is the role binding for the kubemark heapster.
|
||||
apiVersion: rbac.authorization.k8s.io/v1alpha1
|
||||
apiVersion: rbac.authorization.k8s.io/v1beta1
|
||||
kind: ClusterRoleBinding
|
||||
metadata:
|
||||
name: heapster-view-binding
|
||||
@ -10,6 +10,6 @@ roleRef:
|
||||
kind: ClusterRole
|
||||
name: system:heapster
|
||||
subjects:
|
||||
- apiVersion: rbac/v1alpha1
|
||||
- apiGroup: rbac.authorization.k8s.io
|
||||
kind: User
|
||||
name: system:heapster
|
||||
|
@ -2,7 +2,7 @@
|
||||
# used for listing hollow-nodes in start-kubemark.sh and
|
||||
# send resource creation requests, etc in run-e2e-tests.sh.
|
||||
# Also useful if you manually want to use local kubectl.
|
||||
apiVersion: rbac.authorization.k8s.io/v1alpha1
|
||||
apiVersion: rbac.authorization.k8s.io/v1beta1
|
||||
kind: ClusterRoleBinding
|
||||
metadata:
|
||||
name: kubecfg-cluster-admin
|
||||
@ -13,6 +13,6 @@ roleRef:
|
||||
kind: ClusterRole
|
||||
name: cluster-admin
|
||||
subjects:
|
||||
- apiVersion: rbac/v1alpha1
|
||||
- apiGroup: rbac.authorization.k8s.io
|
||||
kind: User
|
||||
name: kubecfg
|
||||
|
@ -1,5 +1,5 @@
|
||||
# This is the role binding for the node-problem-detector.
|
||||
apiVersion: rbac.authorization.k8s.io/v1alpha1
|
||||
apiVersion: rbac.authorization.k8s.io/v1beta1
|
||||
kind: ClusterRoleBinding
|
||||
metadata:
|
||||
name: node-problem-detector-binding
|
||||
@ -10,6 +10,6 @@ roleRef:
|
||||
kind: ClusterRole
|
||||
name: system:node-problem-detector
|
||||
subjects:
|
||||
- apiVersion: rbac/v1alpha1
|
||||
- apiGroup: rbac.authorization.k8s.io
|
||||
kind: User
|
||||
name: system:node-problem-detector
|
||||
|
Loading…
Reference in New Issue
Block a user