From 47c249e3bebef3e631417df21b60fb9002bea276 Mon Sep 17 00:00:00 2001
From: stefanprodan <stefan.prodan@gmail.com>
Date: Sun, 3 May 2020 12:51:50 +0300
Subject: [PATCH] manifests: fix leader election rbac
---
.github/workflows/e2e.yaml | 4 +++-
.../bases/kustomize-controller/kustomization.yaml | 3 ---
manifests/bases/kustomize-controller/patch.yaml | 8 --------
.../cluster_role.yaml => rbac/cluster-role.yaml} | 8 +-------
manifests/rbac/kustomization.yaml | 1 +
manifests/rbac/role.yaml | 12 ++++++++++++
6 files changed, 17 insertions(+), 19 deletions(-)
delete mode 100644 manifests/bases/kustomize-controller/patch.yaml
rename manifests/{bases/kustomize-controller/cluster_role.yaml => rbac/cluster-role.yaml} (66%)
diff --git a/.github/workflows/e2e.yaml b/.github/workflows/e2e.yaml
index 42e9e6eb..f7bdc646 100644
--- a/.github/workflows/e2e.yaml
+++ b/.github/workflows/e2e.yaml
@@ -48,7 +48,7 @@ jobs:
./bin/tk uninstall --namespace=test --crds --silent
- name: tk install --manifests
run: |
- ./bin/tk install --manifests ./manifests/install/
+ ./bin/tk install --manifests ./manifests/install/ --version=""
- name: tk create source git
run: |
./bin/tk create source git podinfo \
@@ -99,3 +99,5 @@ jobs:
kubectl version --client --short
kustomize version --short
kubectl -n gitops-system get all
+ kubectl -n gitops-system logs deploy/source-controller
+ kubectl -n gitops-system logs deploy/kustomize-controller
diff --git a/manifests/bases/kustomize-controller/kustomization.yaml b/manifests/bases/kustomize-controller/kustomization.yaml
index e05233b8..e5672615 100644
--- a/manifests/bases/kustomize-controller/kustomization.yaml
+++ b/manifests/bases/kustomize-controller/kustomization.yaml
@@ -3,6 +3,3 @@ kind: Kustomization
resources:
- github.com/fluxcd/kustomize-controller/config//crd?ref=v0.0.1-alpha.6
- github.com/fluxcd/kustomize-controller/config//manager?ref=v0.0.1-alpha.6
-- cluster_role.yaml
-patchesStrategicMerge:
-- patch.yaml
diff --git a/manifests/bases/kustomize-controller/patch.yaml b/manifests/bases/kustomize-controller/patch.yaml
deleted file mode 100644
index 44bbf5bb..00000000
--- a/manifests/bases/kustomize-controller/patch.yaml
+++ /dev/null
@@ -1,8 +0,0 @@
-apiVersion: apps/v1
-kind: Deployment
-metadata:
- name: kustomize-controller
-spec:
- template:
- spec:
- serviceAccountName: cluster-reconciler
diff --git a/manifests/bases/kustomize-controller/cluster_role.yaml b/manifests/rbac/cluster-role.yaml
similarity index 66%
rename from manifests/bases/kustomize-controller/cluster_role.yaml
rename to manifests/rbac/cluster-role.yaml
index 256b1ed5..e54dea57 100644
--- a/manifests/bases/kustomize-controller/cluster_role.yaml
+++ b/manifests/rbac/cluster-role.yaml
@@ -1,9 +1,3 @@
-apiVersion: v1
-kind: ServiceAccount
-metadata:
- name: cluster-reconciler
- namespace: system
----
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
@@ -14,5 +8,5 @@ roleRef:
name: cluster-admin
subjects:
- kind: ServiceAccount
- name: cluster-reconciler
+ name: default
namespace: system
diff --git a/manifests/rbac/kustomization.yaml b/manifests/rbac/kustomization.yaml
index 4f84bb68..3036fad9 100644
--- a/manifests/rbac/kustomization.yaml
+++ b/manifests/rbac/kustomization.yaml
@@ -2,3 +2,4 @@ apiVersion: kustomize.config.k8s.io/v1beta1
kind: Kustomization
resources:
- role.yaml
+ - cluster-role.yaml
diff --git a/manifests/rbac/role.yaml b/manifests/rbac/role.yaml
index 4e79d185..7a919de3 100644
--- a/manifests/rbac/role.yaml
+++ b/manifests/rbac/role.yaml
@@ -9,6 +9,18 @@ rules:
- apiGroups: ['kustomize.fluxcd.io']
resources: ['*']
verbs: ['*']
+- apiGroups:
+ - ""
+ resources:
+ - configmaps
+ - configmaps/status
+ verbs: ['*']
+- apiGroups:
+ - ""
+ resources:
+ - events
+ verbs:
+ - create
---
apiVersion: rbac.authorization.k8s.io/v1
kind: RoleBinding
--
GitLab