[ignite] branch master updated: Improve the role binding, the permissions of ClusterRole are too high (#10574)

ashapkin Tue, 04 Apr 2023 06:49:45 -0700

This is an automated email from the ASF dual-hosted git repository.

ashapkin pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/ignite.git



The following commit(s) were added to refs/heads/master by this push:
     new 15cce746f3d Improve the role binding, the permissions of ClusterRole 
are too high (#10574)
15cce746f3d is described below

commit 15cce746f3d0ac1ad6c84bb2a1cbf98015928b35
Author: liyujue <[email protected]>
AuthorDate: Tue Apr 4 21:49:25 2023 +0800

    Improve the role binding, the permissions of ClusterRole are too high 
(#10574)
---
 docs/_docs/code-snippets/k8s/cluster-role.yaml         | 6 +++---
 modules/kubernetes/config/az/ignite-account-role.yaml  | 2 +-
 modules/kubernetes/config/az/ignite-role-binding.yaml  | 4 ++--
 modules/kubernetes/config/eks/ignite-account-role.yaml | 2 +-
 modules/kubernetes/config/eks/ignite-role-binding.yaml | 4 ++--
 modules/kubernetes/config/gce/ignite-account-role.yaml | 2 +-
 modules/kubernetes/config/gce/ignite-role-binding.yaml | 4 ++--
 7 files changed, 12 insertions(+), 12 deletions(-)

diff --git a/docs/_docs/code-snippets/k8s/cluster-role.yaml 
b/docs/_docs/code-snippets/k8s/cluster-role.yaml
index 8d30884214c..08d8027efb1 100644
--- a/docs/_docs/code-snippets/k8s/cluster-role.yaml
+++ b/docs/_docs/code-snippets/k8s/cluster-role.yaml
@@ -15,7 +15,7 @@
 
 #tag::config-block[]
 apiVersion: rbac.authorization.k8s.io/v1
-kind: ClusterRole
+kind: Role
 metadata:
   name: ignite
   namespace: ignite
@@ -30,12 +30,12 @@ rules:
   - list
   - watch
 ---
-kind: ClusterRoleBinding
+kind: RoleBinding
 apiVersion: rbac.authorization.k8s.io/v1
 metadata:
   name: ignite 
 roleRef:
-  kind: ClusterRole
+  kind: Role
   name: ignite 
   apiGroup: rbac.authorization.k8s.io
 subjects:
diff --git a/modules/kubernetes/config/az/ignite-account-role.yaml 
b/modules/kubernetes/config/az/ignite-account-role.yaml
index 0071e431108..da0a9e2adc5 100644
--- a/modules/kubernetes/config/az/ignite-account-role.yaml
+++ b/modules/kubernetes/config/az/ignite-account-role.yaml
@@ -14,7 +14,7 @@
 # limitations under the License.
 
 apiVersion: rbac.authorization.k8s.io/v1beta1
-kind: ClusterRole
+kind: Role
 metadata:
   name: ignite
   namespace: ignite
diff --git a/modules/kubernetes/config/az/ignite-role-binding.yaml 
b/modules/kubernetes/config/az/ignite-role-binding.yaml
index fdef0f07e1e..4ed383f0ad5 100644
--- a/modules/kubernetes/config/az/ignite-role-binding.yaml
+++ b/modules/kubernetes/config/az/ignite-role-binding.yaml
@@ -13,12 +13,12 @@
 # See the License for the specific language governing permissions and
 # limitations under the License.
 
-kind: ClusterRoleBinding
+kind: RoleBinding
 apiVersion: rbac.authorization.k8s.io/v1beta1
 metadata:
   name: ignite
 roleRef:
-  kind: ClusterRole
+  kind: Role
   name: ignite
   apiGroup: rbac.authorization.k8s.io
 subjects:
diff --git a/modules/kubernetes/config/eks/ignite-account-role.yaml 
b/modules/kubernetes/config/eks/ignite-account-role.yaml
index 0071e431108..da0a9e2adc5 100644
--- a/modules/kubernetes/config/eks/ignite-account-role.yaml
+++ b/modules/kubernetes/config/eks/ignite-account-role.yaml
@@ -14,7 +14,7 @@
 # limitations under the License.
 
 apiVersion: rbac.authorization.k8s.io/v1beta1
-kind: ClusterRole
+kind: Role
 metadata:
   name: ignite
   namespace: ignite
diff --git a/modules/kubernetes/config/eks/ignite-role-binding.yaml 
b/modules/kubernetes/config/eks/ignite-role-binding.yaml
index fdef0f07e1e..4ed383f0ad5 100644
--- a/modules/kubernetes/config/eks/ignite-role-binding.yaml
+++ b/modules/kubernetes/config/eks/ignite-role-binding.yaml
@@ -13,12 +13,12 @@
 # See the License for the specific language governing permissions and
 # limitations under the License.
 
-kind: ClusterRoleBinding
+kind: RoleBinding
 apiVersion: rbac.authorization.k8s.io/v1beta1
 metadata:
   name: ignite
 roleRef:
-  kind: ClusterRole
+  kind: Role
   name: ignite
   apiGroup: rbac.authorization.k8s.io
 subjects:
diff --git a/modules/kubernetes/config/gce/ignite-account-role.yaml 
b/modules/kubernetes/config/gce/ignite-account-role.yaml
index 0071e431108..da0a9e2adc5 100644
--- a/modules/kubernetes/config/gce/ignite-account-role.yaml
+++ b/modules/kubernetes/config/gce/ignite-account-role.yaml
@@ -14,7 +14,7 @@
 # limitations under the License.
 
 apiVersion: rbac.authorization.k8s.io/v1beta1
-kind: ClusterRole
+kind: Role
 metadata:
   name: ignite
   namespace: ignite
diff --git a/modules/kubernetes/config/gce/ignite-role-binding.yaml 
b/modules/kubernetes/config/gce/ignite-role-binding.yaml
index fdef0f07e1e..4ed383f0ad5 100644
--- a/modules/kubernetes/config/gce/ignite-role-binding.yaml
+++ b/modules/kubernetes/config/gce/ignite-role-binding.yaml
@@ -13,12 +13,12 @@
 # See the License for the specific language governing permissions and
 # limitations under the License.
 
-kind: ClusterRoleBinding
+kind: RoleBinding
 apiVersion: rbac.authorization.k8s.io/v1beta1
 metadata:
   name: ignite
 roleRef:
-  kind: ClusterRole
+  kind: Role
   name: ignite
   apiGroup: rbac.authorization.k8s.io
 subjects:

[ignite] branch master updated: Improve the role binding, the permissions of ClusterRole are too high (#10574)

Reply via email to