github/flagger
1
0
Fork 0
mirror of https://github.com/fluxcd/flagger.git synced 2026-04-15 06:57:34 +00:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #537 from weaveworks/openshift-rbac

Browse Source 
rbac: add finalizers to RBAC rules
This commit is contained in:
Stefan Prodan
2020-03-30 12:48:11 +03:00
committed by GitHub
parent 4be2a0c4e1 6bbf99dbc5
commit 26c18a3385
3 changed files with 324 additions and 78 deletions
Download Patch File Download Diff File Expand all files Collapse all files

134
artifacts/flagger/account.yaml
View File

@@ -18,27 +18,61 @@ rules:
resources:
- events
- configmaps
- configmaps/finalizers
- secrets
- secrets/finalizers
- services
verbs: ["*"]
- services/finalizers
verbs:
- get
- list
- watch
- create
- update
- patch
- delete
- apiGroups:
- apps
resources:
- daemonsets
- daemonsets/finalizers
- deployments
verbs: ["*"]
- deployments/finalizers
verbs:
- get
- list
- watch
- create
- update
- patch
- delete
- apiGroups:
- autoscaling
resources:
- horizontalpodautoscalers
verbs: ["*"]
- horizontalpodautoscalers/finalizers
verbs:
- get
- list
- watch
- create
- update
- patch
- delete
- apiGroups:
- extensions
- networking.k8s.io
resources:
- ingresses
- ingresses/status
verbs: ["*"]
- ingresses/finalizers
verbs:
- get
- list
- watch
- create
- update
- patch
- delete
- apiGroups:
- flagger.app
resources:
@@ -48,50 +82,98 @@ rules:
- metrictemplates/status
- alertproviders
- alertproviders/status
verbs: ["*"]
verbs:
- get
- list
- watch
- create
- update
- patch
- delete
- apiGroups:
- networking.istio.io
resources:
- virtualservices
- virtualservices/status
- virtualservices/finalizers
- destinationrules
- destinationrules/status
verbs: ["*"]
- destinationrules/finalizers
verbs:
- get
- list
- watch
- create
- update
- patch
- delete
- apiGroups:
- appmesh.k8s.aws
resources:
- meshes
- meshes/status
- virtualnodes
- virtualnodes/status
- virtualnodes/finalizers
- virtualservices
- virtualservices/status
verbs: ["*"]
- virtualservices/finalizers
verbs:
- get
- list
- watch
- create
- update
- patch
- delete
- apiGroups:
- split.smi-spec.io
resources:
- trafficsplits
verbs: ["*"]
- trafficsplits/finalizers
verbs:
- get
- list
- watch
- create
- update
- patch
- delete
- apiGroups:
- specs.smi-spec.io
resources:
- httproutegroups
- httproutegroups/finalizers
verbs:
- get
- list
- watch
- create
- update
- patch
- delete
- apiGroups:
- gloo.solo.io
resources:
- settings
- upstreams
- upstreams/finalizers
- upstreamgroups
- proxies
- virtualservices
verbs: ["*"]
- apiGroups:
- gateway.solo.io
resources:
- virtualservices
- gateways
verbs: ["*"]
- upstreamgroups/finalizers
verbs:
- get
- list
- watch
- create
- update
- patch
- delete
- apiGroups:
- projectcontour.io
resources:
- httpproxies
verbs: ["*"]
- httpproxies/finalizers
verbs:
- get
- list
- watch
- create
- update
- patch
- delete
- nonResourceURLs:
- /version
verbs:

134
charts/flagger/templates/rbac.yaml
View File

@@ -14,27 +14,61 @@ rules:
resources:
- events
- configmaps
- configmaps/finalizers
- secrets
- secrets/finalizers
- services
verbs: ["*"]
- services/finalizers
verbs:
- get
- list
- watch
- create
- update
- patch
- delete
- apiGroups:
- apps
resources:
- daemonsets
- daemonsets/finalizers
- deployments
verbs: ["*"]
- deployments/finalizers
verbs:
- get
- list
- watch
- create
- update
- patch
- delete
- apiGroups:
- autoscaling
resources:
- horizontalpodautoscalers
verbs: ["*"]
- horizontalpodautoscalers/finalizers
verbs:
- get
- list
- watch
- create
- update
- patch
- delete
- apiGroups:
- extensions
- networking.k8s.io
resources:
- ingresses
- ingresses/status
verbs: ["*"]
- ingresses/finalizers
verbs:
- get
- list
- watch
- create
- update
- patch
- delete
- apiGroups:
- flagger.app
resources:
@@ -44,50 +78,98 @@ rules:
- metrictemplates/status
- alertproviders
- alertproviders/status
verbs: ["*"]
verbs:
- get
- list
- watch
- create
- update
- patch
- delete
- apiGroups:
- networking.istio.io
resources:
- virtualservices
- virtualservices/status
- virtualservices/finalizers
- destinationrules
- destinationrules/status
verbs: ["*"]
- destinationrules/finalizers
verbs:
- get
- list
- watch
- create
- update
- patch
- delete
- apiGroups:
- appmesh.k8s.aws
resources:
- meshes
- meshes/status
- virtualnodes
- virtualnodes/status
- virtualnodes/finalizers
- virtualservices
- virtualservices/status
verbs: ["*"]
- virtualservices/finalizers
verbs:
- get
- list
- watch
- create
- update
- patch
- delete
- apiGroups:
- split.smi-spec.io
resources:
- trafficsplits
verbs: ["*"]
- trafficsplits/finalizers
verbs:
- get
- list
- watch
- create
- update
- patch
- delete
- apiGroups:
- specs.smi-spec.io
resources:
- httproutegroups
- httproutegroups/finalizers
verbs:
- get
- list
- watch
- create
- update
- patch
- delete
- apiGroups:
- gloo.solo.io
resources:
- settings
- upstreams
- upstreams/finalizers
- upstreamgroups
- proxies
- virtualservices
verbs: ["*"]
- apiGroups:
- gateway.solo.io
resources:
- virtualservices
- gateways
verbs: ["*"]
- upstreamgroups/finalizers
verbs:
- get
- list
- watch
- create
- update
- patch
- delete
- apiGroups:
- projectcontour.io
resources:
- httpproxies
verbs: ["*"]
- httpproxies/finalizers
verbs:
- get
- list
- watch
- create
- update
- patch
- delete
- nonResourceURLs:
- /version
verbs:

134
kustomize/base/flagger/rbac.yaml
View File

@@ -8,27 +8,61 @@ rules:
resources:
- events
- configmaps
- configmaps/finalizers
- secrets
- secrets/finalizers
- services
verbs: ["*"]
- services/finalizers
verbs:
- get
- list
- watch
- create
- update
- patch
- delete
- apiGroups:
- apps
resources:
- daemonsets
- daemonsets/finalizers
- deployments
verbs: ["*"]
- deployments/finalizers
verbs:
- get
- list
- watch
- create
- update
- patch
- delete
- apiGroups:
- autoscaling
resources:
- horizontalpodautoscalers
verbs: ["*"]
- horizontalpodautoscalers/finalizers
verbs:
- get
- list
- watch
- create
- update
- patch
- delete
- apiGroups:
- extensions
- networking.k8s.io
resources:
- ingresses
- ingresses/status
verbs: ["*"]
- ingresses/finalizers
verbs:
- get
- list
- watch
- create
- update
- patch
- delete
- apiGroups:
- flagger.app
resources:
@@ -38,50 +72,98 @@ rules:
- metrictemplates/status
- alertproviders
- alertproviders/status
verbs: ["*"]
verbs:
- get
- list
- watch
- create
- update
- patch
- delete
- apiGroups:
- networking.istio.io
resources:
- virtualservices
- virtualservices/status
- virtualservices/finalizers
- destinationrules
- destinationrules/status
verbs: ["*"]
- destinationrules/finalizers
verbs:
- get
- list
- watch
- create
- update
- patch
- delete
- apiGroups:
- appmesh.k8s.aws
resources:
- meshes
- meshes/status
- virtualnodes
- virtualnodes/status
- virtualnodes/finalizers
- virtualservices
- virtualservices/status
verbs: ["*"]
- virtualservices/finalizers
verbs:
- get
- list
- watch
- create
- update
- patch
- delete
- apiGroups:
- split.smi-spec.io
resources:
- trafficsplits
verbs: ["*"]
- trafficsplits/finalizers
verbs:
- get
- list
- watch
- create
- update
- patch
- delete
- apiGroups:
- specs.smi-spec.io
resources:
- httproutegroups
- httproutegroups/finalizers
verbs:
- get
- list
- watch
- create
- update
- patch
- delete
- apiGroups:
- gloo.solo.io
resources:
- settings
- upstreams
- upstreams/finalizers
- upstreamgroups
- proxies
- virtualservices
verbs: ["*"]
- apiGroups:
- gateway.solo.io
resources:
- virtualservices
- gateways
verbs: ["*"]
- upstreamgroups/finalizers
verbs:
- get
- list
- watch
- create
- update
- patch
- delete
- apiGroups:
- projectcontour.io
resources:
- httpproxies
verbs: ["*"]
- httpproxies/finalizers
verbs:
- get
- list
- watch
- create
- update
- patch
- delete
- nonResourceURLs:
- /version
verbs: