Test: Relax rbac roles for all resources

cmd/main.go

@@ -124,9 +124,11 @@ func InitFlags(fs *pflag.FlagSet) {
 	flags.AddDiagnosticsOptions(fs, &diagnosticsOptions)
 }
 
+/*
 // Add RBAC for the authorized diagnostics endpoint.
 // +kubebuilder:rbac:groups=authentication.k8s.io,resources=tokenreviews,verbs=create
 // +kubebuilder:rbac:groups=authorization.k8s.io,resources=subjectaccessreviews,verbs=create
+*/
 
 func main() {
 	InitFlags(pflag.CommandLine)

config/rbac/role.yaml

@@ -5,14 +5,20 @@ metadata:
   name: manager-role
 rules:
 - apiGroups:
-  - authentication.k8s.io
+  - '*'
   resources:
-  - tokenreviews
+  - '*'
   verbs:
-  - create
-- apiGroups:
-  - authorization.k8s.io
-  resources:
-  - subjectaccessreviews
-  verbs:
-  - create
+  - '*'
+# - apiGroups:
+#   - authentication.k8s.io
+#   resources:
+#   - tokenreviews
+#   verbs:
+#   - create
+# - apiGroups:
+#   - authorization.k8s.io
+#   resources:
+#   - subjectaccessreviews
+#   verbs:
+#   - create

go.test.work

@@ -0,0 +1,5 @@
+go 1.19
+
+use (
+    ./
+)

test/e2e/resources/full-chart-install.yaml

@@ -13952,17 +13952,11 @@ metadata:
   name: capi-operator-manager-role
 rules:
 - apiGroups:
-  - authentication.k8s.io
+  - '*'
   resources:
-  - tokenreviews
+  - '*'
   verbs:
-  - create
-- apiGroups:
-  - authorization.k8s.io
-  resources:
-  - subjectaccessreviews
-  verbs:
-  - create
+  - '*'
 ---
 # Source: cluster-api-operator/templates/operator-components.yaml
 apiVersion: rbac.authorization.k8s.io/v1