Skip to content

Commit

Permalink
generate rbac
Browse files Browse the repository at this point in the history 
Signed-off-by: Shubham Gupta <[email protected]>
  • Loading branch information
@shubham-cmyk
shubham-cmyk committed Aug 17, 2023
1 parent f9e824f commit bcff04d
Show file tree
Hide file tree
Showing 2 changed files with 70 additions and 34 deletions.
11 changes: 11 additions & 0 deletions api/v1beta2/rbac.go
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,11 @@
package v1beta2

// +kubebuilder:rbac:groups=redis.redis.opstreelabs.in,resources=rediss;redisclusters;redisreplications;redis;rediscluster;redissentinel;redissentinels;redisreplication,verbs=create;delete;get;list;patch;update;watch
// +kubebuilder:rbac:groups="",urls="*",verbs=get
// +kubebuilder:rbac:groups=apiextensions.k8s.io,resources=customresourcedefinitions,verbs=get;list;watch
// +kubebuilder:rbac:groups=redis.redis.opstreelabs.in,resources=redis/finalizers;rediscluster/finalizers;redissentinel/finalizers;redisreplication/finalizers,verbs=update
// +kubebuilder:rbac:groups=redis.redis.opstreelabs.in,resources=redis/status;rediscluster/status;redissentinel/status;redisreplication/status,verbs=get;patch;update
// +kubebuilder:rbac:groups="",resources=secrets;pods/exec;pods;services;configmaps;events;persistentvolumeclaims;namespace,verbs=create;delete;get;list;patch;update;watch
// +kubebuilder:rbac:groups=apps,resources=statefulsets,verbs=create;delete;get;list;patch;update;watch
// +kubebuilder:rbac:groups=coordination.k8s.io,resources=leases,verbs=create;delete;get;list;patch;update;watch
// +kubebuilder:rbac:groups=policy,resources=poddisruptionbudgets,verbs=create;delete;get;list;patch;update;watch
93 changes: 59 additions & 34 deletions config/rbac/role.yaml
View file
Original file line number Diff line number Diff line change
@@ -1,16 +1,28 @@

---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
name: redis-operator
creationTimestamp: null
name: manager-role
rules:
- apiGroups:
- redis.redis.opstreelabs.in
- ""
nonResourceURLs:
- '*'
verbs:
- get
- apiGroups:
- ""
resources:
- rediss
- redisclusters
- redis
- rediscluster
- configmaps
- events
- namespace
- persistentvolumeclaims
- pods
- pods/exec
- secrets
- services
verbs:
- create
- delete
Expand All @@ -20,31 +32,29 @@ rules:
- update
- watch
- apiGroups:
- redis.redis.opstreelabs.in
- apiextensions.k8s.io
resources:
- redis/finalizers
- rediscluster/finalizers
- customresourcedefinitions
verbs:
- update
- get
- list
- watch
- apiGroups:
- redis.redis.opstreelabs.in
- apps
resources:
- redis/status
- rediscluster/status
- statefulsets
verbs:
- create
- delete
- get
- list
- patch
- update
- watch
- apiGroups:
- ""
- coordination.k8s.io
resources:
- secrets
- pods/exec
- pods
- services
- configmaps
- persistentvolumes
- persistentvolumeclaims
- leases
verbs:
- create
- delete
Expand All @@ -54,9 +64,9 @@ rules:
- update
- watch
- apiGroups:
- apps
- policy
resources:
- statefulsets
- poddisruptionbudgets
verbs:
- create
- delete
Expand All @@ -66,9 +76,16 @@ rules:
- update
- watch
- apiGroups:
- "coordination.k8s.io"
- redis.redis.opstreelabs.in
resources:
- leases
- redis
- rediscluster
- redisclusters
- redisreplication
- redisreplications
- rediss
- redissentinel
- redissentinels
verbs:
- create
- delete
Expand All @@ -78,14 +95,22 @@ rules:
- update
- watch
- apiGroups:
- "policy"
- redis.redis.opstreelabs.in
resources:
- poddisruptionbudgets
- redis/finalizers
- rediscluster/finalizers
- redisreplication/finalizers
- redissentinel/finalizers
verbs:
- create
- delete
- get
- list
- patch
- update
- watch
- update
- apiGroups:
- redis.redis.opstreelabs.in
resources:
- redis/status
- rediscluster/status
- redisreplication/status
- redissentinel/status
verbs:
- get
- patch
- update

0 comments on commit bcff04d

Please sign in to comment.