Skip to content

Commit

Permalink
chore: change cluster roles
Browse files Browse the repository at this point in the history 
Signed-off-by: Rory Z <[email protected]>
  • Loading branch information
@Rory-Z
Rory-Z committed Sep 4, 2023
1 parent f403893 commit 4aeb874
Show file tree
Hide file tree
Showing 5 changed files with 23 additions and 112 deletions.
4 changes: 2 additions & 2 deletions RELEASE.md
View file
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
# Release Note 🍻

EMQX Operator 2.2.2-rc.2 has been released.
EMQX Operator 2.2.2-rc.3 has been released.

## Supported version
+ apps.emqx.io/v2beta1
Expand Down Expand Up @@ -29,7 +29,7 @@ helm repo update
helm upgrade --install emqx-operator emqx/emqx-operator \
--namespace emqx-operator-system \
--create-namespace \
--version 2.2.2-rc.2
--version 2.2.2-rc.3
kubectl wait --for=condition=Ready pods -l "control-plane=controller-manager" -n emqx-operator-system
```

Expand Down
48 changes: 4 additions & 44 deletions config/rbac/role.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -13,18 +13,6 @@ rules:
- create
- get
- list
- patch
- update
- watch
- apiGroups:
- ""
resources:
- endpoints
verbs:
- create
- get
- list
- patch
- update
- watch
- apiGroups:
Expand All @@ -35,7 +23,6 @@ rules:
- create
- get
- list
- patch
- update
- watch
- apiGroups:
Expand All @@ -44,9 +31,9 @@ rules:
- persistentvolumeclaims
verbs:
- create
- delete
- get
- list
- patch
- update
- watch
- apiGroups:
Expand All @@ -57,41 +44,15 @@ rules:
- create
- get
- list
- patch
- update
- watch
- apiGroups:
- ""
resources:
- pods
verbs:
- create
- get
- list
- patch
- update
- watch
- apiGroups:
- ""
resources:
- pods/exec
verbs:
- create
- get
- list
- patch
- update
- watch
- apiGroups:
- ""
resources:
- pods/portforward
verbs:
- create
- get
- list
- patch
- update
- watch
- apiGroups:
- ""
Expand All @@ -107,7 +68,6 @@ rules:
- create
- get
- list
- patch
- update
- watch
- apiGroups:
Expand All @@ -118,7 +78,6 @@ rules:
- create
- get
- list
- patch
- update
- watch
- apiGroups:
Expand All @@ -127,9 +86,9 @@ rules:
- replicasets
verbs:
- create
- delete
- get
- list
- patch
- update
- watch
- apiGroups:
Expand All @@ -138,9 +97,9 @@ rules:
- statefulsets
verbs:
- create
- delete
- get
- list
- patch
- update
- watch
- apiGroups:
Expand Down Expand Up @@ -282,3 +241,4 @@ rules:
- get
- list
- update
- watch
4 changes: 2 additions & 2 deletions deploy/charts/emqx-operator/Chart.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -15,9 +15,9 @@ type: application
# This is the chart version. This version number should be incremented each time you make changes
# to the chart and its templates, including the app version.
# Versions are expected to follow Semantic Versioning (https://semver.org/)
version: 2.2.2-rc.2
version: 2.2.2-rc.3

# This is the version number of the application being deployed. This version number should be
# incremented each time you make changes to the application. Versions are not expected to
# follow Semantic Versioning. They should reflect the version the application is using.
appVersion: 2.2.2-rc.2
appVersion: 2.2.2-rc.3
56 changes: 5 additions & 51 deletions deploy/charts/emqx-operator/templates/controller-manager-rbac.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -42,7 +42,6 @@ rules:
- create
- get
- list
- patch
- update
- watch
- apiGroups:
Expand All @@ -53,7 +52,6 @@ rules:
- create
- get
- list
- patch
- update
- watch
- apiGroups:
Expand All @@ -62,9 +60,9 @@ rules:
- persistentvolumeclaims
verbs:
- create
- delete
- get
- list
- patch
- update
- watch
- apiGroups:
Expand All @@ -75,41 +73,15 @@ rules:
- create
- get
- list
- patch
- update
- watch
- apiGroups:
- ""
resources:
- pods
verbs:
- create
- get
- list
- patch
- update
- watch
- apiGroups:
- ""
resources:
- pods/exec
verbs:
- create
- get
- list
- patch
- update
- watch
- apiGroups:
- ""
resources:
- pods/portforward
verbs:
- create
- get
- list
- patch
- update
- watch
- apiGroups:
- ""
Expand All @@ -125,7 +97,6 @@ rules:
- create
- get
- list
- patch
- update
- watch
- apiGroups:
Expand All @@ -136,7 +107,6 @@ rules:
- create
- get
- list
- patch
- update
- watch
- apiGroups:
Expand All @@ -145,9 +115,9 @@ rules:
- replicasets
verbs:
- create
- delete
- get
- list
- patch
- update
- watch
- apiGroups:
Expand All @@ -156,9 +126,9 @@ rules:
- statefulsets
verbs:
- create
- delete
- get
- list
- patch
- update
- watch
- apiGroups:
Expand All @@ -167,6 +137,7 @@ rules:
- emqxbrokers
verbs:
- create
- delete
- get
- list
- patch
Expand All @@ -192,6 +163,7 @@ rules:
- emqxenterprises
verbs:
- create
- delete
- get
- list
- patch
Expand All @@ -211,14 +183,6 @@ rules:
- get
- patch
- update
- apiGroups:
- apps.emqx.io
resources:
- emqxenterprises/status
verbs:
- get
- patch
- update
- apiGroups:
- apps.emqx.io
resources:
Expand Down Expand Up @@ -306,15 +270,5 @@ rules:
- get
- list
- update
- apiGroups:
- ""
resources:
- endpoints
verbs:
- create
- get
- list
- patch
- update
- watch
{{- end }}
23 changes: 10 additions & 13 deletions main.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -59,20 +59,17 @@ func init() {
//+kubebuilder:scaffold:scheme
}

//+kubebuilder:rbac:groups="",resources=configmaps,verbs=get;list;watch;create;update;patch
//+kubebuilder:rbac:groups="",resources=events,verbs=get;list;watch;create;update;patch
//+kubebuilder:rbac:groups="",resources=persistentvolumes,verbs=get;list;watch;create;update;patch
//+kubebuilder:rbac:groups="",resources=persistentvolumeclaims,verbs=get;list;watch;create;update;patch
//+kubebuilder:rbac:groups="",resources=pods,verbs=get;list;watch;create;update;patch
//+kubebuilder:rbac:groups="",resources=pods/exec,verbs=get;list;watch;create;update;patch
//+kubebuilder:rbac:groups="",resources=pods/portforward,verbs=get;list;watch;create;update;patch
//+kubebuilder:rbac:groups="",resources=configmaps,verbs=get;list;watch;create;update
//+kubebuilder:rbac:groups="",resources=events,verbs=get;list;watch;create;update
//+kubebuilder:rbac:groups="",resources=persistentvolumes,verbs=get;list;watch;create;update
//+kubebuilder:rbac:groups="",resources=persistentvolumeclaims,verbs=get;list;watch;create;update;delete
//+kubebuilder:rbac:groups="",resources=pods,verbs=get;list;watch
//+kubebuilder:rbac:groups="",resources=pods/status,verbs=patch
//+kubebuilder:rbac:groups="",resources=secrets,verbs=get;list;watch;create;update;patch
//+kubebuilder:rbac:groups="",resources=services,verbs=get;list;watch;create;update;patch
//+kubebuilder:rbac:groups=apps,resources=statefulsets,verbs=get;list;watch;create;update;patch
//+kubebuilder:rbac:groups=apps,resources=replicasets,verbs=get;list;watch;create;update;patch
//+kubebuilder:rbac:groups="",resources=endpoints,verbs=get;list;watch;create;update;patch
//+kubebuilder:rbac:groups=coordination.k8s.io,resources=leases,verbs=get;list;create;update
//+kubebuilder:rbac:groups="",resources=secrets,verbs=get;list;watch;create;update
//+kubebuilder:rbac:groups="",resources=services,verbs=get;list;watch;create;update
//+kubebuilder:rbac:groups=apps,resources=statefulsets,verbs=get;list;watch;create;update;delete
//+kubebuilder:rbac:groups=apps,resources=replicasets,verbs=get;list;watch;create;update;delete
//+kubebuilder:rbac:groups=coordination.k8s.io,resources=leases,verbs=get;list;watch;create;update

func main() {
var metricsAddr string
Expand Down

0 comments on commit 4aeb874

Please sign in to comment.