From c8f0756f0f9b0c0d56f2a5d93d7fb11d4bde1841 Mon Sep 17 00:00:00 2001 From: Matt Boersma Date: Mon, 21 Sep 2020 13:48:59 -0600 Subject: [PATCH] chore: remove no-op 1.15 version checks in templates (#3851) --- parts/k8s/addons/azure-cloud-provider.yaml | 10 ---------- parts/k8s/addons/pod-security-policy.yaml | 12 ++---------- pkg/engine/templates_generated.go | 22 ++-------------------- 3 files changed, 4 insertions(+), 40 deletions(-) diff --git a/parts/k8s/addons/azure-cloud-provider.yaml b/parts/k8s/addons/azure-cloud-provider.yaml index e67015919a..a1fa1b549b 100644 --- a/parts/k8s/addons/azure-cloud-provider.yaml +++ b/parts/k8s/addons/azure-cloud-provider.yaml @@ -53,7 +53,6 @@ subjects: - kind: ServiceAccount name: persistent-volume-binder namespace: kube-system -{{- if IsKubernetesVersionGe "1.15.0"}} --- apiVersion: rbac.authorization.k8s.io/v1{{- if not (IsKubernetesVersionGe "1.16.0")}}beta1{{end}} kind: ClusterRole @@ -81,7 +80,6 @@ subjects: - kind: ServiceAccount name: azure-cloud-provider namespace: kube-system -{{- end}} {{- if UsesCloudControllerManager}} --- apiVersion: storage.k8s.io/v1 @@ -98,9 +96,7 @@ parameters: kind: managed cachingMode: ReadOnly reclaimPolicy: Delete - {{- if IsKubernetesVersionGe "1.15.0"}} allowVolumeExpansion: true - {{- end}} {{- if HasAvailabilityZones}} volumeBindingMode: WaitForFirstConsumer allowedTopologies: @@ -123,9 +119,7 @@ parameters: kind: managed cachingMode: ReadOnly reclaimPolicy: Delete - {{- if IsKubernetesVersionGe "1.15.0"}} allowVolumeExpansion: true - {{- end}} {{- if HasAvailabilityZones}} volumeBindingMode: WaitForFirstConsumer allowedTopologies: @@ -148,9 +142,7 @@ parameters: kind: managed cachingMode: ReadOnly reclaimPolicy: Delete - {{- if IsKubernetesVersionGe "1.15.0"}} allowVolumeExpansion: true - {{- end}} {{- if HasAvailabilityZones}} volumeBindingMode: WaitForFirstConsumer allowedTopologies: @@ -171,9 +163,7 @@ provisioner: file.csi.azure.com parameters: skuName: Standard_LRS reclaimPolicy: Delete - {{- if IsKubernetesVersionGe "1.15.0"}} allowVolumeExpansion: true - {{- end}} volumeBindingMode: Immediate {{else}} {{- if NeedsStorageAccountStorageClasses}} diff --git a/parts/k8s/addons/pod-security-policy.yaml b/parts/k8s/addons/pod-security-policy.yaml index 9cf2fb2b4b..86e0d68736 100644 --- a/parts/k8s/addons/pod-security-policy.yaml +++ b/parts/k8s/addons/pod-security-policy.yaml @@ -114,12 +114,9 @@ subjects: apiGroup: rbac.authorization.k8s.io --- apiVersion: rbac.authorization.k8s.io/v1 -kind: {{if IsKubernetesVersionGe "1.15.0"}}ClusterRoleBinding{{else}}RoleBinding{{end}} +kind: ClusterRoleBinding metadata: name: default:privileged -{{- if not (IsKubernetesVersionGe "1.15.0")}} - namespace: kube-system -{{end}} labels: addonmanager.kubernetes.io/mode: Reconcile roleRef: @@ -128,13 +125,8 @@ roleRef: name: psp:privileged subjects: - kind: Group - name: {{if IsKubernetesVersionGe "1.15.0"}}system:authenticated{{else}}system:masters{{end}} - apiGroup: rbac.authorization.k8s.io -{{- if not (IsKubernetesVersionGe "1.15.0")}} -- kind: Group - name: system:serviceaccounts:kube-system + name: system:authenticated apiGroup: rbac.authorization.k8s.io -{{end}} - kind: Group name: system:nodes apiGroup: rbac.authorization.k8s.io diff --git a/pkg/engine/templates_generated.go b/pkg/engine/templates_generated.go index 2bc8d8f9a5..39205fb52d 100644 --- a/pkg/engine/templates_generated.go +++ b/pkg/engine/templates_generated.go @@ -8654,7 +8654,6 @@ subjects: - kind: ServiceAccount name: persistent-volume-binder namespace: kube-system -{{- if IsKubernetesVersionGe "1.15.0"}} --- apiVersion: rbac.authorization.k8s.io/v1{{- if not (IsKubernetesVersionGe "1.16.0")}}beta1{{end}} kind: ClusterRole @@ -8682,7 +8681,6 @@ subjects: - kind: ServiceAccount name: azure-cloud-provider namespace: kube-system -{{- end}} {{- if UsesCloudControllerManager}} --- apiVersion: storage.k8s.io/v1 @@ -8699,9 +8697,7 @@ parameters: kind: managed cachingMode: ReadOnly reclaimPolicy: Delete - {{- if IsKubernetesVersionGe "1.15.0"}} allowVolumeExpansion: true - {{- end}} {{- if HasAvailabilityZones}} volumeBindingMode: WaitForFirstConsumer allowedTopologies: @@ -8724,9 +8720,7 @@ parameters: kind: managed cachingMode: ReadOnly reclaimPolicy: Delete - {{- if IsKubernetesVersionGe "1.15.0"}} allowVolumeExpansion: true - {{- end}} {{- if HasAvailabilityZones}} volumeBindingMode: WaitForFirstConsumer allowedTopologies: @@ -8749,9 +8743,7 @@ parameters: kind: managed cachingMode: ReadOnly reclaimPolicy: Delete - {{- if IsKubernetesVersionGe "1.15.0"}} allowVolumeExpansion: true - {{- end}} {{- if HasAvailabilityZones}} volumeBindingMode: WaitForFirstConsumer allowedTopologies: @@ -8772,9 +8764,7 @@ provisioner: file.csi.azure.com parameters: skuName: Standard_LRS reclaimPolicy: Delete - {{- if IsKubernetesVersionGe "1.15.0"}} allowVolumeExpansion: true - {{- end}} volumeBindingMode: Immediate {{else}} {{- if NeedsStorageAccountStorageClasses}} @@ -17002,12 +16992,9 @@ subjects: apiGroup: rbac.authorization.k8s.io --- apiVersion: rbac.authorization.k8s.io/v1 -kind: {{if IsKubernetesVersionGe "1.15.0"}}ClusterRoleBinding{{else}}RoleBinding{{end}} +kind: ClusterRoleBinding metadata: name: default:privileged -{{- if not (IsKubernetesVersionGe "1.15.0")}} - namespace: kube-system -{{end}} labels: addonmanager.kubernetes.io/mode: Reconcile roleRef: @@ -17016,13 +17003,8 @@ roleRef: name: psp:privileged subjects: - kind: Group - name: {{if IsKubernetesVersionGe "1.15.0"}}system:authenticated{{else}}system:masters{{end}} - apiGroup: rbac.authorization.k8s.io -{{- if not (IsKubernetesVersionGe "1.15.0")}} -- kind: Group - name: system:serviceaccounts:kube-system + name: system:authenticated apiGroup: rbac.authorization.k8s.io -{{end}} - kind: Group name: system:nodes apiGroup: rbac.authorization.k8s.io