From 8caeec2c9804653594cc72dae1c8d922502ba00a Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Douglas=20Mendiz=C3=A1bal?= Date: Wed, 8 Nov 2023 12:28:56 -0500 Subject: [PATCH] Add RBAC annotations to Barbican controller This patch adds the missing RBAC annotations to the Barbican controller, and also updates the role.yaml file to use the file generated by make manifests. --- config/rbac/role.yaml | 18 +++++++++--------- controllers/barbican_controller.go | 9 +++++++++ 2 files changed, 18 insertions(+), 9 deletions(-) diff --git a/config/rbac/role.yaml b/config/rbac/role.yaml index 52e0758..1aa8200 100644 --- a/config/rbac/role.yaml +++ b/config/rbac/role.yaml @@ -56,7 +56,7 @@ rules: - apiGroups: - barbican.openstack.org resources: - - barbicans + - barbicankeystonelisteners verbs: - create - delete @@ -68,13 +68,13 @@ rules: - apiGroups: - barbican.openstack.org resources: - - barbicans/finalizers + - barbicankeystonelisteners/finalizers verbs: - update - apiGroups: - barbican.openstack.org resources: - - barbicans/status + - barbicankeystonelisteners/status verbs: - get - patch @@ -82,7 +82,7 @@ rules: - apiGroups: - barbican.openstack.org resources: - - barbicanworkers + - barbicans verbs: - create - delete @@ -94,13 +94,13 @@ rules: - apiGroups: - barbican.openstack.org resources: - - barbicanworkers/finalizers + - barbicans/finalizers verbs: - update - apiGroups: - barbican.openstack.org resources: - - barbicanworkers/status + - barbicans/status verbs: - get - patch @@ -108,7 +108,7 @@ rules: - apiGroups: - barbican.openstack.org resources: - - barbicankeystonelisteners + - barbicanworkers verbs: - create - delete @@ -120,13 +120,13 @@ rules: - apiGroups: - barbican.openstack.org resources: - - barbicankeystonelisteners/finalizers + - barbicanworkers/finalizers verbs: - update - apiGroups: - barbican.openstack.org resources: - - barbicankeystonelisteners/status + - barbicanworkers/status verbs: - get - patch diff --git a/controllers/barbican_controller.go b/controllers/barbican_controller.go index f4f0c7c..13cb67d 100644 --- a/controllers/barbican_controller.go +++ b/controllers/barbican_controller.go @@ -65,6 +65,15 @@ type BarbicanReconciler struct { //+kubebuilder:rbac:groups=barbican.openstack.org,resources=barbicans,verbs=get;list;watch;create;update;patch;delete //+kubebuilder:rbac:groups=barbican.openstack.org,resources=barbicans/status,verbs=get;update;patch //+kubebuilder:rbac:groups=barbican.openstack.org,resources=barbicans/finalizers,verbs=update +//+kubebuilder:rbac:groups=barbican.openstack.org,resources=barbicanapis,verbs=get;list;watch;create;update;patch;delete +//+kubebuilder:rbac:groups=barbican.openstack.org,resources=barbicanapis/status,verbs=get;update;patch +//+kubebuilder:rbac:groups=barbican.openstack.org,resources=barbicanapis/finalizers,verbs=update +//+kubebuilder:rbac:groups=barbican.openstack.org,resources=barbicanworkers,verbs=get;list;watch;create;update;patch;delete +//+kubebuilder:rbac:groups=barbican.openstack.org,resources=barbicanworkers/status,verbs=get;update;patch +//+kubebuilder:rbac:groups=barbican.openstack.org,resources=barbicanworkers/finalizers,verbs=update +//+kubebuilder:rbac:groups=barbican.openstack.org,resources=barbicankeystonelisteners,verbs=get;list;watch;create;update;patch;delete +//+kubebuilder:rbac:groups=barbican.openstack.org,resources=barbicankeystonelisteners/status,verbs=get;update;patch +//+kubebuilder:rbac:groups=barbican.openstack.org,resources=barbicankeystonelisteners/finalizers,verbs=update //+kubebuilder:rbac:groups=core,resources=secrets,verbs=get;list;watch;create;update;patch;delete; //+kubebuilder:rbac:groups=core,resources=configmaps,verbs=get;list;watch;create;update;patch;delete; //+kubebuilder:rbac:groups=core,resources=services,verbs=get;list;watch;create;update;patch;delete;