From b4067020e6a4fb4c21e59a94323899e8f3ed356a Mon Sep 17 00:00:00 2001 From: David Justice Date: Fri, 24 Apr 2020 10:53:41 -0700 Subject: [PATCH] feat: grant access to experimental infrastructure api group --- config/rbac/role.yaml | 14 ++++++++++++++ exp/controllers/machinepool_controller.go | 2 +- 2 files changed, 15 insertions(+), 1 deletion(-) diff --git a/config/rbac/role.yaml b/config/rbac/role.yaml index 1714db616ac0..95392035d15a 100644 --- a/config/rbac/role.yaml +++ b/config/rbac/role.yaml @@ -28,6 +28,20 @@ rules: - patch - update - watch +- apiGroups: + - bootstrap.cluster.x-k8s.io + - exp.infrastructure.cluster.x-k8s.io + - infrastructure.cluster.x-k8s.io + resources: + - '*' + verbs: + - create + - delete + - get + - list + - patch + - update + - watch - apiGroups: - bootstrap.cluster.x-k8s.io - infrastructure.cluster.x-k8s.io diff --git a/exp/controllers/machinepool_controller.go b/exp/controllers/machinepool_controller.go index 20894f04ca5e..1d1d64ffcc6b 100644 --- a/exp/controllers/machinepool_controller.go +++ b/exp/controllers/machinepool_controller.go @@ -46,7 +46,7 @@ import ( // +kubebuilder:rbac:groups=core,resources=events,verbs=get;list;watch;create;patch // +kubebuilder:rbac:groups=core,resources=secrets,verbs=get;list;watch // +kubebuilder:rbac:groups=core,resources=nodes,verbs=get;list;watch;create;update;patch;delete -// +kubebuilder:rbac:groups=infrastructure.cluster.x-k8s.io;bootstrap.cluster.x-k8s.io,resources=*,verbs=get;list;watch;create;update;patch;delete +// +kubebuilder:rbac:groups=exp.infrastructure.cluster.x-k8s.io;infrastructure.cluster.x-k8s.io;bootstrap.cluster.x-k8s.io,resources=*,verbs=get;list;watch;create;update;patch;delete // +kubebuilder:rbac:groups=exp.cluster.x-k8s.io,resources=machinepools;machinepools/status,verbs=get;list;watch;create;update;patch;delete // MachinePoolReconciler reconciles a MachinePool object