From f748114dfa6633a921b2f89df42215c88e71bdce Mon Sep 17 00:00:00 2001
From: Edvin Norling <edvin.norling@xenit.se>
Date: Wed, 16 Jun 2021 13:56:43 +0200
Subject: [PATCH] Remove resourceNames in integration secrets

* Solves #1524
* We remove resourceName due to the following:
  Note: You cannot restrict create or deletecollection requests by resourceName.
  For create, this limitation is because the object name is not known at authorization time.
* Fix typo in azure-registry cronjob
Signed-off-by: Edvin Norling <edvin.norling@xenit.se>
---
 .../integrations/eventhub-credentials-sync/_base/sync.yaml    | 4 ++--
 .../integrations/registry-credentials-sync/_base/sync.yaml    | 4 ++--
 .../registry-credentials-sync/_cronjobs/_base/sync.yaml       | 2 +-
 3 files changed, 5 insertions(+), 5 deletions(-)

diff --git a/manifests/integrations/eventhub-credentials-sync/_base/sync.yaml b/manifests/integrations/eventhub-credentials-sync/_base/sync.yaml
index 409db4fd..80d89a0d 100644
--- a/manifests/integrations/eventhub-credentials-sync/_base/sync.yaml
+++ b/manifests/integrations/eventhub-credentials-sync/_base/sync.yaml
@@ -110,8 +110,8 @@ rules:
       - update
       - patch
     # Lock this down to the specific Secret name  (Optional)
-    resourceNames:
-     - $(KUBE_SECRET) # templated from kustomize vars referencing ConfigMap, also see kustomizeconfig.yaml
+    #resourceNames:
+    # - $(KUBE_SECRET) # templated from kustomize vars referencing ConfigMap, also see kustomizeconfig.yaml
 ---
 kind: RoleBinding
 apiVersion: rbac.authorization.k8s.io/v1
diff --git a/manifests/integrations/registry-credentials-sync/_base/sync.yaml b/manifests/integrations/registry-credentials-sync/_base/sync.yaml
index 7ad7222e..f827c2aa 100644
--- a/manifests/integrations/registry-credentials-sync/_base/sync.yaml
+++ b/manifests/integrations/registry-credentials-sync/_base/sync.yaml
@@ -102,8 +102,8 @@ rules:
   - update
   - patch
   # # Lock this down to the specific Secret name  (Optional)
-  resourceNames:
-  - $(KUBE_SECRET)  # templated from kustomize vars referencing ConfigMap, also see kustomizeconfig.yaml
+  #resourceNames:
+  #- $(KUBE_SECRET)  # templated from kustomize vars referencing ConfigMap, also see kustomizeconfig.yaml
 ---
 kind: RoleBinding
 apiVersion: rbac.authorization.k8s.io/v1
diff --git a/manifests/integrations/registry-credentials-sync/_cronjobs/_base/sync.yaml b/manifests/integrations/registry-credentials-sync/_cronjobs/_base/sync.yaml
index 17ed5a19..2fcc3a2a 100644
--- a/manifests/integrations/registry-credentials-sync/_cronjobs/_base/sync.yaml
+++ b/manifests/integrations/registry-credentials-sync/_cronjobs/_base/sync.yaml
@@ -49,7 +49,7 @@ spec:
 
               apply-secret() {
                 /kbin/kubectl create secret docker-registry "${1}" \
-                  --docker-passwrod="${2}" \
+                  --docker-password="${2}" \
                   --docker-username="${3}" \
                   --docker-server="${4}" \
                   --dry-run=client -o=yaml \
-- 
GitLab