From 44123553f6930bf72ecedc1bb7b29ad186f54ecf Mon Sep 17 00:00:00 2001
From: Sheogorath <sheogorath@shivering-isles.com>
Date: Mon, 5 Feb 2024 22:59:58 +0100
Subject: [PATCH] fix(system-upgrade): Remove CRD permissions

The System Upgrade Controller (SUC) tries to adopt the CRD, requiring
writing permissions, when it can read the CRD. Since we deploy the CRD
anyway, and SUC doesn't need to adopt the CRD. If it can't read CRDs it
just assumes they are all in order, therefore not trying to adopt them.

Therefore this patch removes the permission preventing errors.
---
 bootstrap/system-upgrades/clusterrole.yaml | 8 --------
 1 file changed, 8 deletions(-)

diff --git a/bootstrap/system-upgrades/clusterrole.yaml b/bootstrap/system-upgrades/clusterrole.yaml
index 82f40784f..627abc1a8 100644
--- a/bootstrap/system-upgrades/clusterrole.yaml
+++ b/bootstrap/system-upgrades/clusterrole.yaml
@@ -20,14 +20,6 @@ rules:
   - get
   - list
   - watch
-- apiGroups:
-  - "apiextensions.k8s.io"
-  resources:
-  - customresourcedefinitions
-  verbs:
-  - get
-  - list
-  - watch
 - apiGroups:
   - upgrade.cattle.io
   resources:
-- 
GitLab