mirror of
https://github.com/k3s-io/kubernetes.git
synced 2025-07-24 20:24:09 +00:00
update RBAC rules in e2e aggregator test
Add the "get" and "watch" verbs to the ClusterRole created for the sample apiserver. Without this, the test complains about "Failed to watch..." the resources in question. Strictly speaking the "get" verb doesn't seem to be needed, but this aligns the e2e test with the example at staging/src/k8s.io/sample-apiserver/artifacts/example/rbac.yaml
This commit is contained in:
parent
fcc35b0468
commit
a9f80c70b2
@ -144,8 +144,8 @@ func TestSampleAPIServer(f *framework.Framework, aggrclient *aggregatorclient.Cl
|
||||
// role for listing ValidatingWebhookConfiguration/MutatingWebhookConfiguration/Namespaces
|
||||
ObjectMeta: metav1.ObjectMeta{Name: "sample-apiserver-reader"},
|
||||
Rules: []rbacv1.PolicyRule{
|
||||
rbacv1helpers.NewRule("list").Groups("").Resources("namespaces").RuleOrDie(),
|
||||
rbacv1helpers.NewRule("list").Groups("admissionregistration.k8s.io").Resources("*").RuleOrDie(),
|
||||
rbacv1helpers.NewRule("get", "list", "watch").Groups("").Resources("namespaces").RuleOrDie(),
|
||||
rbacv1helpers.NewRule("get", "list", "watch").Groups("admissionregistration.k8s.io").Resources("*").RuleOrDie(),
|
||||
},
|
||||
})
|
||||
framework.ExpectNoError(err, "creating cluster role %s", "sample-apiserver-reader")
|
||||
|
Loading…
Reference in New Issue
Block a user