From 35acfdea89307c47b8f58e4b4edaf63fed947dcb Mon Sep 17 00:00:00 2001 From: xilabao Date: Fri, 26 May 2017 13:16:38 +0800 Subject: [PATCH] De-duplication of verb --- plugin/pkg/auth/authorizer/rbac/bootstrappolicy/policy.go | 2 +- .../authorizer/rbac/bootstrappolicy/testdata/cluster-roles.yaml | 1 - 2 files changed, 1 insertion(+), 2 deletions(-) diff --git a/plugin/pkg/auth/authorizer/rbac/bootstrappolicy/policy.go b/plugin/pkg/auth/authorizer/rbac/bootstrappolicy/policy.go index 65a568747c4..caefaf38589 100644 --- a/plugin/pkg/auth/authorizer/rbac/bootstrappolicy/policy.go +++ b/plugin/pkg/auth/authorizer/rbac/bootstrappolicy/policy.go @@ -226,7 +226,7 @@ func ClusterRoles() []rbac.ClusterRole { // TODO: remove once mirror pods are removed // TODO: restrict deletion to mirror pods created by the bound node once supported // Needed for the node to create/delete mirror pods - rbac.NewRule("get", "create", "delete").Groups(legacyGroup).Resources("pods").RuleOrDie(), + rbac.NewRule("create", "delete").Groups(legacyGroup).Resources("pods").RuleOrDie(), // TODO: restrict to pods scheduled on the bound node once supported rbac.NewRule("update").Groups(legacyGroup).Resources("pods/status").RuleOrDie(), diff --git a/plugin/pkg/auth/authorizer/rbac/bootstrappolicy/testdata/cluster-roles.yaml b/plugin/pkg/auth/authorizer/rbac/bootstrappolicy/testdata/cluster-roles.yaml index 9e785a7d0c5..d5c47f0fa6d 100644 --- a/plugin/pkg/auth/authorizer/rbac/bootstrappolicy/testdata/cluster-roles.yaml +++ b/plugin/pkg/auth/authorizer/rbac/bootstrappolicy/testdata/cluster-roles.yaml @@ -672,7 +672,6 @@ items: verbs: - create - delete - - get - apiGroups: - "" resources: