From d23df051e1bee8c59c6e67cc6aea766d15ed675e Mon Sep 17 00:00:00 2001
From: Chen Rong <chenr.fnst@cn.fujitsu.com>
Date: Mon, 21 Aug 2017 17:29:10 +0800
Subject: [PATCH] update to rbac v1 in yaml file

---
 cluster/addons/cluster-monitoring/heapster-rbac.yaml      | 6 +++---
 .../dns-horizontal-autoscaler-rbac.yaml                   | 4 ++--
 cluster/addons/fluentd-elasticsearch/es-statefulset.yaml  | 4 ++--
 cluster/addons/fluentd-elasticsearch/fluentd-es-ds.yaml   | 4 ++--
 cluster/addons/fluentd-gcp/event-exporter.yaml            | 2 +-
 cluster/addons/node-problem-detector/npd.yaml             | 2 +-
 .../node-problem-detector/standalone/npd-binding.yaml     | 2 +-
 .../rbac/kube-apiserver-kubelet-api-admin-binding.yaml    | 2 +-
 cluster/addons/rbac/kubelet-api-admin-role.yaml           | 2 +-
 cluster/addons/rbac/kubelet-binding.yaml                  | 2 +-
 cluster/addons/rbac/kubelet-certificate-management.yaml   | 8 ++++----
 examples/podsecuritypolicy/rbac/bindings.yaml             | 6 +++---
 examples/podsecuritypolicy/rbac/roles.yaml                | 4 ++--
 .../addons/kubemark-rbac-bindings/heapster-binding.yaml   | 2 +-
 .../addons/kubemark-rbac-bindings/kubecfg-binding.yaml    | 2 +-
 .../addons/kubemark-rbac-bindings/kubelet-binding.yaml    | 2 +-
 .../addons/kubemark-rbac-bindings/npd-binding.yaml        | 2 +-
 17 files changed, 28 insertions(+), 28 deletions(-)

diff --git a/cluster/addons/cluster-monitoring/heapster-rbac.yaml b/cluster/addons/cluster-monitoring/heapster-rbac.yaml
index 58fa1b9921b..e75c18b614d 100644
--- a/cluster/addons/cluster-monitoring/heapster-rbac.yaml
+++ b/cluster/addons/cluster-monitoring/heapster-rbac.yaml
@@ -1,4 +1,4 @@
-apiVersion: rbac.authorization.k8s.io/v1beta1
+apiVersion: rbac.authorization.k8s.io/v1
 kind: ClusterRoleBinding
 metadata:
   name: heapster-binding
@@ -16,7 +16,7 @@ subjects:
 ---
 # Heapster's pod_nanny monitors the heapster deployment & its pod(s), and scales
 # the resources of the deployment if necessary.
-apiVersion: rbac.authorization.k8s.io/v1beta1
+apiVersion: rbac.authorization.k8s.io/v1
 kind: Role
 metadata:
   name: system:pod-nanny
@@ -39,7 +39,7 @@ rules:
   - get
   - update
 ---
-apiVersion: rbac.authorization.k8s.io/v1beta1
+apiVersion: rbac.authorization.k8s.io/v1
 kind: RoleBinding
 metadata:
   name: heapster-binding
diff --git a/cluster/addons/dns-horizontal-autoscaler/dns-horizontal-autoscaler-rbac.yaml b/cluster/addons/dns-horizontal-autoscaler/dns-horizontal-autoscaler-rbac.yaml
index 1550181c7dc..9aa518aaf61 100644
--- a/cluster/addons/dns-horizontal-autoscaler/dns-horizontal-autoscaler-rbac.yaml
+++ b/cluster/addons/dns-horizontal-autoscaler/dns-horizontal-autoscaler-rbac.yaml
@@ -21,7 +21,7 @@ metadata:
     addonmanager.kubernetes.io/mode: Reconcile
 ---
 kind: ClusterRole
-apiVersion: rbac.authorization.k8s.io/v1beta1
+apiVersion: rbac.authorization.k8s.io/v1
 metadata:
   name: system:kube-dns-autoscaler
   labels:
@@ -43,7 +43,7 @@ rules:
     verbs: ["get", "create"]
 ---
 kind: ClusterRoleBinding
-apiVersion: rbac.authorization.k8s.io/v1beta1
+apiVersion: rbac.authorization.k8s.io/v1
 metadata:
   name: system:kube-dns-autoscaler
   labels:
diff --git a/cluster/addons/fluentd-elasticsearch/es-statefulset.yaml b/cluster/addons/fluentd-elasticsearch/es-statefulset.yaml
index 43505ea476e..5bafaf83c47 100644
--- a/cluster/addons/fluentd-elasticsearch/es-statefulset.yaml
+++ b/cluster/addons/fluentd-elasticsearch/es-statefulset.yaml
@@ -10,7 +10,7 @@ metadata:
     addonmanager.kubernetes.io/mode: Reconcile
 ---
 kind: ClusterRole
-apiVersion: rbac.authorization.k8s.io/v1beta1
+apiVersion: rbac.authorization.k8s.io/v1
 metadata:
   name: elasticsearch-logging
   labels:
@@ -28,7 +28,7 @@ rules:
   - "get"
 ---
 kind: ClusterRoleBinding
-apiVersion: rbac.authorization.k8s.io/v1beta1
+apiVersion: rbac.authorization.k8s.io/v1
 metadata:
   namespace: kube-system
   name: elasticsearch-logging
diff --git a/cluster/addons/fluentd-elasticsearch/fluentd-es-ds.yaml b/cluster/addons/fluentd-elasticsearch/fluentd-es-ds.yaml
index cea6dac4cc5..ae58d601800 100644
--- a/cluster/addons/fluentd-elasticsearch/fluentd-es-ds.yaml
+++ b/cluster/addons/fluentd-elasticsearch/fluentd-es-ds.yaml
@@ -9,7 +9,7 @@ metadata:
     addonmanager.kubernetes.io/mode: Reconcile
 ---
 kind: ClusterRole
-apiVersion: rbac.authorization.k8s.io/v1beta1
+apiVersion: rbac.authorization.k8s.io/v1
 metadata:
   name: fluentd-es
   labels:
@@ -28,7 +28,7 @@ rules:
   - "list"
 ---
 kind: ClusterRoleBinding
-apiVersion: rbac.authorization.k8s.io/v1beta1
+apiVersion: rbac.authorization.k8s.io/v1
 metadata:
   name: fluentd-es
   labels:
diff --git a/cluster/addons/fluentd-gcp/event-exporter.yaml b/cluster/addons/fluentd-gcp/event-exporter.yaml
index c3fff97484d..6821e5a738f 100644
--- a/cluster/addons/fluentd-gcp/event-exporter.yaml
+++ b/cluster/addons/fluentd-gcp/event-exporter.yaml
@@ -8,7 +8,7 @@ metadata:
     kubernetes.io/cluster-service: "true"
     addonmanager.kubernetes.io/mode: Reconcile
 ---
-apiVersion: rbac.authorization.k8s.io/v1beta1
+apiVersion: rbac.authorization.k8s.io/v1
 kind: ClusterRoleBinding
 metadata:
   name: event-exporter-rb
diff --git a/cluster/addons/node-problem-detector/npd.yaml b/cluster/addons/node-problem-detector/npd.yaml
index 0790f6cccb5..7761b6a9785 100644
--- a/cluster/addons/node-problem-detector/npd.yaml
+++ b/cluster/addons/node-problem-detector/npd.yaml
@@ -7,7 +7,7 @@ metadata:
     kubernetes.io/cluster-service: "true"
     addonmanager.kubernetes.io/mode: Reconcile
 ---
-apiVersion: rbac.authorization.k8s.io/v1beta1
+apiVersion: rbac.authorization.k8s.io/v1
 kind: ClusterRoleBinding
 metadata:
   name: npd-binding
diff --git a/cluster/addons/node-problem-detector/standalone/npd-binding.yaml b/cluster/addons/node-problem-detector/standalone/npd-binding.yaml
index 6de93fd300d..d7d64a63684 100644
--- a/cluster/addons/node-problem-detector/standalone/npd-binding.yaml
+++ b/cluster/addons/node-problem-detector/standalone/npd-binding.yaml
@@ -1,4 +1,4 @@
-apiVersion: rbac.authorization.k8s.io/v1beta1
+apiVersion: rbac.authorization.k8s.io/v1
 kind: ClusterRoleBinding
 metadata:
   name: npd-binding
diff --git a/cluster/addons/rbac/kube-apiserver-kubelet-api-admin-binding.yaml b/cluster/addons/rbac/kube-apiserver-kubelet-api-admin-binding.yaml
index 65f72f15dfb..43af6488263 100644
--- a/cluster/addons/rbac/kube-apiserver-kubelet-api-admin-binding.yaml
+++ b/cluster/addons/rbac/kube-apiserver-kubelet-api-admin-binding.yaml
@@ -1,5 +1,5 @@
 # This binding gives the kube-apiserver user full access to the kubelet API
-apiVersion: rbac.authorization.k8s.io/v1beta1
+apiVersion: rbac.authorization.k8s.io/v1
 kind: ClusterRoleBinding
 metadata:
   name: kube-apiserver-kubelet-api-admin
diff --git a/cluster/addons/rbac/kubelet-api-admin-role.yaml b/cluster/addons/rbac/kubelet-api-admin-role.yaml
index 09eb1d1b37f..aab3dfd83f9 100644
--- a/cluster/addons/rbac/kubelet-api-admin-role.yaml
+++ b/cluster/addons/rbac/kubelet-api-admin-role.yaml
@@ -1,5 +1,5 @@
 # This role allows full access to the kubelet API
-apiVersion: rbac.authorization.k8s.io/v1beta1
+apiVersion: rbac.authorization.k8s.io/v1
 kind: ClusterRole
 metadata:
   name: kubelet-api-admin
diff --git a/cluster/addons/rbac/kubelet-binding.yaml b/cluster/addons/rbac/kubelet-binding.yaml
index 80567a4b61c..91b978fb49c 100644
--- a/cluster/addons/rbac/kubelet-binding.yaml
+++ b/cluster/addons/rbac/kubelet-binding.yaml
@@ -2,7 +2,7 @@
 # identify the system:nodes group.  They use the kubelet identity
 # TODO: remove this once new nodes are granted individual identities and the
 # NodeAuthorizer is enabled.
-apiVersion: rbac.authorization.k8s.io/v1beta1
+apiVersion: rbac.authorization.k8s.io/v1
 kind: ClusterRoleBinding
 metadata:
   name: kubelet-cluster-admin
diff --git a/cluster/addons/rbac/kubelet-certificate-management.yaml b/cluster/addons/rbac/kubelet-certificate-management.yaml
index 83f1187d575..611aaea400f 100644
--- a/cluster/addons/rbac/kubelet-certificate-management.yaml
+++ b/cluster/addons/rbac/kubelet-certificate-management.yaml
@@ -1,4 +1,4 @@
-apiVersion: rbac.authorization.k8s.io/v1beta1
+apiVersion: rbac.authorization.k8s.io/v1
 kind: ClusterRoleBinding
 metadata:
   name: gce:beta:kubelet-certificate-bootstrap
@@ -14,7 +14,7 @@ subjects:
   kind: User
   name: kubelet
 ---
-apiVersion: rbac.authorization.k8s.io/v1beta1
+apiVersion: rbac.authorization.k8s.io/v1
 kind: ClusterRoleBinding
 metadata:
   name: gce:beta:kubelet-certificate-rotation
@@ -30,7 +30,7 @@ subjects:
   kind: Group
   name: system:nodes
 ---
-apiVersion: rbac.authorization.k8s.io/v1beta1
+apiVersion: rbac.authorization.k8s.io/v1
 kind: ClusterRole
 metadata:
   name: gce:beta:kubelet-certificate-bootstrap
@@ -45,7 +45,7 @@ rules:
   verbs:
   - "create"
 ---
-apiVersion: rbac.authorization.k8s.io/v1beta1
+apiVersion: rbac.authorization.k8s.io/v1
 kind: ClusterRole
 metadata:
   name: gce:beta:kubelet-certificate-rotation
diff --git a/examples/podsecuritypolicy/rbac/bindings.yaml b/examples/podsecuritypolicy/rbac/bindings.yaml
index 13b8ac3c4ac..17a686755a8 100644
--- a/examples/podsecuritypolicy/rbac/bindings.yaml
+++ b/examples/podsecuritypolicy/rbac/bindings.yaml
@@ -1,6 +1,6 @@
 # privilegedPSP gives the privilegedPSP role
 # to the group privileged.
-apiVersion: rbac.authorization.k8s.io/v1beta1
+apiVersion: rbac.authorization.k8s.io/v1
 kind: ClusterRoleBinding
 metadata:
     name: privileged-psp-users
@@ -15,7 +15,7 @@ roleRef:
 ---
 # restrictedPSP grants the restrictedPSP role to
 # the groups restricted and privileged.
-apiVersion: rbac.authorization.k8s.io/v1beta1
+apiVersion: rbac.authorization.k8s.io/v1
 kind: ClusterRoleBinding
 metadata:
     name: restricted-psp-users
@@ -33,7 +33,7 @@ roleRef:
 ---
 # edit grants edit role to the groups
 # restricted and privileged.
-apiVersion: rbac.authorization.k8s.io/v1beta1
+apiVersion: rbac.authorization.k8s.io/v1
 kind: ClusterRoleBinding
 metadata:
     name: edit
diff --git a/examples/podsecuritypolicy/rbac/roles.yaml b/examples/podsecuritypolicy/rbac/roles.yaml
index 43aecf2a09a..b7ee13db472 100644
--- a/examples/podsecuritypolicy/rbac/roles.yaml
+++ b/examples/podsecuritypolicy/rbac/roles.yaml
@@ -1,6 +1,6 @@
 # restrictedPSP grants access to use
 # the restricted PSP.
-apiVersion: rbac.authorization.k8s.io/v1beta1
+apiVersion: rbac.authorization.k8s.io/v1
 kind: ClusterRole
 metadata:
   name: restricted-psp-user
@@ -16,7 +16,7 @@ rules:
 ---
 # privilegedPSP grants access to use the privileged
 # PSP.
-apiVersion: rbac.authorization.k8s.io/v1beta1
+apiVersion: rbac.authorization.k8s.io/v1
 kind: ClusterRole
 metadata:
   name: privileged-psp-user
diff --git a/test/kubemark/resources/manifests/addons/kubemark-rbac-bindings/heapster-binding.yaml b/test/kubemark/resources/manifests/addons/kubemark-rbac-bindings/heapster-binding.yaml
index a9ddfe77cd4..f2feb860ac1 100644
--- a/test/kubemark/resources/manifests/addons/kubemark-rbac-bindings/heapster-binding.yaml
+++ b/test/kubemark/resources/manifests/addons/kubemark-rbac-bindings/heapster-binding.yaml
@@ -1,5 +1,5 @@
 # This is the role binding for the kubemark heapster.
-apiVersion: rbac.authorization.k8s.io/v1beta1
+apiVersion: rbac.authorization.k8s.io/v1
 kind: ClusterRoleBinding
 metadata:
   name: heapster-view-binding
diff --git a/test/kubemark/resources/manifests/addons/kubemark-rbac-bindings/kubecfg-binding.yaml b/test/kubemark/resources/manifests/addons/kubemark-rbac-bindings/kubecfg-binding.yaml
index 1f44b9af69b..db8ffee35b7 100644
--- a/test/kubemark/resources/manifests/addons/kubemark-rbac-bindings/kubecfg-binding.yaml
+++ b/test/kubemark/resources/manifests/addons/kubemark-rbac-bindings/kubecfg-binding.yaml
@@ -2,7 +2,7 @@
 # used for listing hollow-nodes in start-kubemark.sh and
 # send resource creation requests, etc in run-e2e-tests.sh.
 # Also useful if you manually want to use local kubectl.
-apiVersion: rbac.authorization.k8s.io/v1beta1
+apiVersion: rbac.authorization.k8s.io/v1
 kind: ClusterRoleBinding
 metadata:
   name: kubecfg-cluster-admin
diff --git a/test/kubemark/resources/manifests/addons/kubemark-rbac-bindings/kubelet-binding.yaml b/test/kubemark/resources/manifests/addons/kubemark-rbac-bindings/kubelet-binding.yaml
index c0ce1955463..2c59627ae36 100644
--- a/test/kubemark/resources/manifests/addons/kubemark-rbac-bindings/kubelet-binding.yaml
+++ b/test/kubemark/resources/manifests/addons/kubemark-rbac-bindings/kubelet-binding.yaml
@@ -2,7 +2,7 @@
 #
 # TODO: give each kubelet a credential in the system:nodes group with username system:node:<nodeName>,
 # to exercise the Node authorizer and admission, then remove this binding
-apiVersion: rbac.authorization.k8s.io/v1beta1
+apiVersion: rbac.authorization.k8s.io/v1
 kind: ClusterRoleBinding
 metadata:
   name: kubelet-node
diff --git a/test/kubemark/resources/manifests/addons/kubemark-rbac-bindings/npd-binding.yaml b/test/kubemark/resources/manifests/addons/kubemark-rbac-bindings/npd-binding.yaml
index 7979b25cfc3..ced81a55a99 100644
--- a/test/kubemark/resources/manifests/addons/kubemark-rbac-bindings/npd-binding.yaml
+++ b/test/kubemark/resources/manifests/addons/kubemark-rbac-bindings/npd-binding.yaml
@@ -1,5 +1,5 @@
 # This is the role binding for the node-problem-detector.
-apiVersion: rbac.authorization.k8s.io/v1beta1
+apiVersion: rbac.authorization.k8s.io/v1
 kind: ClusterRoleBinding
 metadata:
   name: node-problem-detector-binding