rbac: Remove Third Party Resources rules

Since PR 460 [1] the Prometheus Operator is using Kubernetes Custom Resource
Definitions instead of Kubernetes Third Party Resources. Permissions to
handle Third Party Resources in the RBAC rules of the Prometheus
Operator is thereby obsolete.

[1] https://github.com/coreos/prometheus-operator/pull/460

jsonnet/kube-prometheus/prometheus-operator/prometheus-operator.libsonnet

@@ -33,13 +33,6 @@ local k = import 'ksonnet/ksonnet.beta.3/k.libsonnet';
       local clusterRole = k.rbac.v1.clusterRole;
       local policyRule = clusterRole.rulesType;
 
-      local extensionsRule = policyRule.new() +
-                             policyRule.withApiGroups(['extensions']) +
-                             policyRule.withResources([
-                               'thirdpartyresources',
-                             ]) +
-                             policyRule.withVerbs(['*']);
-
       local apiExtensionsRule = policyRule.new() +
                                 policyRule.withApiGroups(['apiextensions.k8s.io']) +
                                 policyRule.withResources([
@@ -102,7 +95,7 @@ local k = import 'ksonnet/ksonnet.beta.3/k.libsonnet';
                             ]) +
                             policyRule.withVerbs(['list', 'watch']);
 
-      local rules = [extensionsRule, apiExtensionsRule, monitoringRule, appsRule, coreRule, podRule, routingRule, nodeRule, namespaceRule];
+      local rules = [apiExtensionsRule, monitoringRule, appsRule, coreRule, podRule, routingRule, nodeRule, namespaceRule];
 
       clusterRole.new() +
       clusterRole.mixin.metadata.withName('prometheus-operator') +

manifests/0prometheus-operator-clusterRole.yaml

@@ -3,12 +3,6 @@ kind: ClusterRole
 metadata:
   name: prometheus-operator
 rules:
-- apiGroups:
-  - extensions
-  resources:
-  - thirdpartyresources
-  verbs:
-  - '*'
 - apiGroups:
   - apiextensions.k8s.io
   resources: