Merge pull request #70582 from pohly/csi-driver-registrar-rbac

e2e: remove "nodes" permission from driver-registrar RBAC

test/e2e/testing-manifests/storage-csi/driver-registrar/rbac.yaml

@@ -24,9 +24,16 @@ rules:
   - apiGroups: [""]
     resources: ["events"]
     verbs: ["get", "list", "watch", "create", "update", "patch"]
-  - apiGroups: [""]
-    resources: ["nodes"]
-    verbs: ["get", "update", "patch"]
+  # The following permissions are only needed when running
+  # driver-registrar without the --kubelet-registration-path
+  # parameter, i.e. when using driver-registrar instead of
+  # kubelet to update the csi.volume.kubernetes.io/nodeid
+  # annotation. That mode of operation is going to be deprecated
+  # and should not be used anymore, but is needed on older
+  # Kubernetes versions.
+  # - apiGroups: [""]
+  #   resources: ["nodes"]
+  #   verbs: ["get", "update", "patch"]
 
 ---
 kind: ClusterRoleBinding