Skip to content

Commit

Permalink
drop install-operator & configure-monitoring roles (#73)
Browse files Browse the repository at this point in the history
  • Loading branch information
MatousJobanek authored Sep 5, 2024
1 parent 43eb3db commit 53a2210
Show file tree
Hide file tree
Showing 3 changed files with 0 additions and 202 deletions.
76 changes: 0 additions & 76 deletions resources/roles/host.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -4,26 +4,6 @@ metadata:
name: host-roles
objects:

- kind: Role
apiVersion: rbac.authorization.k8s.io/v1
metadata:
name: install-operator
labels:
provider: sandbox-sre
rules:
- apiGroups:
- operators.coreos.com
resources:
- "catalogsources"
- "operatorgroups"
- "subscriptions"
verbs:
- "get"
- "list"
- "create"
- "patch"
- "update"

- kind: Role
apiVersion: rbac.authorization.k8s.io/v1
metadata:
Expand Down Expand Up @@ -75,62 +55,6 @@ objects:
- "update"
- "patch"

- kind: Role
apiVersion: rbac.authorization.k8s.io/v1
metadata:
name: configure-monitoring
labels:
provider: sandbox-sre
rules:
- apiGroups:
- ""
resources:
- "configmaps"
- "secrets"
- "serviceaccounts"
- "services"
verbs:
- "create"
- "update"
- "get"
- "list"
- apiGroups:
- ""
resources:
- "serviceaccounts/token"
verbs:
- "create"
- apiGroups:
- "apps"
resources:
- "deployments"
- "statefulsets"
verbs:
- "create"
- "update"
- "get"
- "list"
- apiGroups:
- "route.openshift.io"
resources:
- "routes"
verbs:
- "create"
- "update"
- "get"
- "list"
- apiGroups:
- "monitoring.coreos.com"
resources:
- "prometheuses"
- "prometheusrules"
- "servicemonitors"
verbs:
- "create"
- "update"
- "get"
- "list"

- kind: Role
apiVersion: rbac.authorization.k8s.io/v1
metadata:
Expand Down
76 changes: 0 additions & 76 deletions resources/roles/member.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -4,26 +4,6 @@ metadata:
name: member-roles
objects:

- kind: Role
apiVersion: rbac.authorization.k8s.io/v1
metadata:
name: install-operator
labels:
provider: sandbox-sre
rules:
- apiGroups:
- operators.coreos.com
resources:
- "catalogsources"
- "operatorgroups"
- "subscriptions"
verbs:
- "get"
- "list"
- "create"
- "patch"
- "update"

- kind: Role
apiVersion: rbac.authorization.k8s.io/v1
metadata:
Expand Down Expand Up @@ -94,62 +74,6 @@ objects:
- "update"
- "patch"

- kind: Role
apiVersion: rbac.authorization.k8s.io/v1
metadata:
name: configure-monitoring
labels:
provider: sandbox-sre
rules:
- apiGroups:
- ""
resources:
- "configmaps"
- "secrets"
- "serviceaccounts"
- "services"
verbs:
- "create"
- "update"
- "get"
- "list"
- apiGroups:
- ""
resources:
- "serviceaccounts/token"
verbs:
- "create"
- apiGroups:
- "apps"
resources:
- "deployments"
- "statefulsets"
verbs:
- "create"
- "update"
- "get"
- "list"
- apiGroups:
- "route.openshift.io"
resources:
- "routes"
verbs:
- "create"
- "update"
- "get"
- "list"
- apiGroups:
- "monitoring.coreos.com"
resources:
- "prometheuses"
- "prometheusrules"
- "servicemonitors"
verbs:
- "create"
- "update"
- "get"
- "list"

- kind: Role
apiVersion: rbac.authorization.k8s.io/v1
metadata:
Expand Down
50 changes: 0 additions & 50 deletions test-resources/dummy.openshiftapps.com/kubesaw-admins.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -17,7 +17,6 @@ serviceAccounts:
roleBindings:
- namespace: toolchain-host-operator
roles:
- install-operator
- restart-deployment
- approve-user
- view-secrets
Expand All @@ -30,50 +29,15 @@ serviceAccounts:
- create-social-event
- add-space-users
clusterRoles:
- edit
- view
- namespace: openshift-customer-monitoring
roles:
- install-operator
- view-secrets
- configure-monitoring
clusterRoles:
- edit
- namespace: openshift-logging
roles:
- install-operator
clusterRoles:
- edit
member:
roleBindings:
- namespace: toolchain-member-operator
roles:
- install-operator
- restart-deployment
- view-secrets
clusterRoles:
- edit
- view
- namespace: openshift-customer-monitoring
roles:
- install-operator
- view-secrets
- configure-monitoring
clusterRoles:
- edit
- namespace: openshift-logging
roles:
- install-operator
clusterRoles:
- edit
- namespace: openshift-config-managed
roles:
- configure-monitoring
clusterRoles:
- edit
clusterRoleBindings:
clusterRoles:
- manage-console-resources

- name: second-admin
host:
Expand Down Expand Up @@ -131,19 +95,12 @@ users:
- view
- namespace: openshift-customer-monitoring
roles:
- install-operator
- view-secrets
- configure-monitoring
clusterRoles:
- edit
- namespace: openshift-logging
clusterRoles:
- view
- namespace: sandbox-sre-host
roles:
- view-secrets
clusterRoles:
- view
member:
roleBindings:
- namespace: toolchain-member-operator
Expand All @@ -158,19 +115,12 @@ users:
- view
- namespace: openshift-customer-monitoring
roles:
- install-operator
- view-secrets
- configure-monitoring
clusterRoles:
- edit
- namespace: openshift-logging
clusterRoles:
- view
- namespace: sandbox-sre-member
roles:
- view-secrets
clusterRoles:
- view

- name: standard-viewer-crtadmin
id:
Expand Down

0 comments on commit 53a2210

Please sign in to comment.