Skip to content

Commit

Permalink
Update generated
Browse files Browse the repository at this point in the history
  • Loading branch information
@tnozicka
tnozicka committed Dec 27, 2024
1 parent 7b5d7ee commit 5800971
Show file tree
Hide file tree
Showing 14 changed files with 569 additions and 1 deletion.
19 changes: 19 additions & 0 deletions deploy/manager-dev.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -132,6 +132,25 @@ data:
hosts:
- scylla-manager-cluster-manager-dc-manager-rack-0
---
apiVersion: networking.k8s.io/v1
kind: NetworkPolicy
metadata:
namespace: scylla-manager
name: scylla-manager-to-scylla-pod
spec:
policyTypes:
- Ingress
podSelector:
matchLabels:
app.kubernetes.io/managed-by: scylla-operator
app.kubernetes.io/name: scylla
ingress:
- from:
- namespaceSelector:
matchLabels:
kubernetes.io/metadata.name: scylla-manager

---
apiVersion: v1
kind: Service
Expand Down
19 changes: 19 additions & 0 deletions deploy/manager-prod.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -132,6 +132,25 @@ data:
hosts:
- scylla-manager-cluster-manager-dc-manager-rack-0
---
apiVersion: networking.k8s.io/v1
kind: NetworkPolicy
metadata:
namespace: scylla-manager
name: scylla-manager-to-scylla-pod
spec:
policyTypes:
- Ingress
podSelector:
matchLabels:
app.kubernetes.io/managed-by: scylla-operator
app.kubernetes.io/name: scylla
ingress:
- from:
- namespaceSelector:
matchLabels:
kubernetes.io/metadata.name: scylla-manager

---
apiVersion: v1
kind: Service
Expand Down
17 changes: 17 additions & 0 deletions deploy/manager/dev/10_manager_networkpolicy.yaml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,17 @@
apiVersion: networking.k8s.io/v1
kind: NetworkPolicy
metadata:
namespace: scylla-manager
name: scylla-manager-to-scylla-pod
spec:
policyTypes:
- Ingress
podSelector:
matchLabels:
app.kubernetes.io/managed-by: scylla-operator
app.kubernetes.io/name: scylla
ingress:
- from:
- namespaceSelector:
matchLabels:
kubernetes.io/metadata.name: scylla-manager
17 changes: 17 additions & 0 deletions deploy/manager/prod/10_manager_networkpolicy.yaml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,17 @@
apiVersion: networking.k8s.io/v1
kind: NetworkPolicy
metadata:
namespace: scylla-manager
name: scylla-manager-to-scylla-pod
spec:
policyTypes:
- Ingress
podSelector:
matchLabels:
app.kubernetes.io/managed-by: scylla-operator
app.kubernetes.io/name: scylla
ingress:
- from:
- namespaceSelector:
matchLabels:
kubernetes.io/metadata.name: scylla-manager
153 changes: 153 additions & 0 deletions deploy/operator.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -297,6 +297,91 @@ rules:
- patch
- update
- delete
- apiGroups:
- ""
resources:
- configmaps/finalizers
- secrets/finalizers
- pods/finalizers
verbs:
- update
- apiGroups:
- apps
resources:
- daemonsets/finalizers
verbs:
- update
- apiGroups:
- scylla.scylladb.com
resources:
- scyllaclusters/finalizers
- scylladbdatacenters/finalizers
- scylladbmonitorings/finalizers
verbs:
- update
- apiGroups:
- policy
resources:
- poddisruptionbudgets/finalizers
verbs:
- update
- apiGroups:
- scylla.scylladb.com
resources:
- nodeconfigs/finalizers
verbs:
- update
- apiGroups:
- ""
resources:
- configmaps/finalizers
- secrets/finalizers
- pods/finalizers
verbs:
- update
- apiGroups:
- apps
resources:
- daemonsets/finalizers
verbs:
- update
- apiGroups:
- scylla.scylladb.com
resources:
- scyllaclusters/finalizers
- scylladbdatacenters/finalizers
- scylladbmonitorings/finalizers
verbs:
- update
- apiGroups:
- policy
resources:
- poddisruptionbudgets/finalizers
verbs:
- update
- apiGroups:
- scylla.scylladb.com
resources:
- nodeconfigs/finalizers
verbs:
- update

---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
name: scylladb:controller:aggregate-to-operator-openshift
labels:
rbac.operator.scylladb.com/aggregate-to-scylla-operator: "true"
rules:
- apiGroups:
- security.openshift.io
resourceNames:
- privileged
resources:
- securitycontextconstraints
verbs:
- use

---
apiVersion: rbac.authorization.k8s.io/v1
Expand Down Expand Up @@ -27904,6 +27989,57 @@ rules:
- scyllaclusters
verbs:
- get
- apiGroups:
- ""
resources:
- configmaps/finalizers
- secrets/finalizers
verbs:
- update

---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
name: scylladb:aggregate-to-scyllacluster-member-openshift
labels:
rbac.operator.scylladb.com/aggregate-to-scylla-member: "true"
rules:
- apiGroups:
- security.openshift.io
resourceNames:
- privileged
resources:
- securitycontextconstraints
verbs:
- use

---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
name: scylladb:monitoring:grafana
aggregationRule:
clusterRoleSelectors:
- matchLabels:
rbac.operator.scylladb.com/aggregate-to-scylladb-monitoring-grafana: "true"

---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
name: scylladb:aggregate-to-scylladb-monitoring-grafana-openshift
labels:
rbac.operator.scylladb.com/aggregate-to-scylladb-monitoring-grafana: "true"
rules:
- apiGroups:
- security.openshift.io
resourceNames:
- privileged
resources:
- securitycontextconstraints
verbs:
- use

---
apiVersion: rbac.authorization.k8s.io/v1
Expand Down Expand Up @@ -27940,6 +28076,23 @@ rules:
verbs:
- get

---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
name: scylladb:aggregate-to-scylladb-monitoring-prometheus-openshift
labels:
rbac.operator.scylladb.com/aggregate-to-scylladb-monitoring-prometheus: "true"
rules:
- apiGroups:
- security.openshift.io
resourceNames:
- privileged
resources:
- securitycontextconstraints
verbs:
- use

---
apiVersion: cert-manager.io/v1
kind: Certificate
Expand Down
68 changes: 68 additions & 0 deletions deploy/operator/00_operator.clusterrole_def.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -281,3 +281,71 @@ rules:
- patch
- update
- delete
- apiGroups:
- ""
resources:
- configmaps/finalizers
- secrets/finalizers
- pods/finalizers
verbs:
- update
- apiGroups:
- apps
resources:
- daemonsets/finalizers
verbs:
- update
- apiGroups:
- scylla.scylladb.com
resources:
- scyllaclusters/finalizers
- scylladbdatacenters/finalizers
- scylladbmonitorings/finalizers
verbs:
- update
- apiGroups:
- policy
resources:
- poddisruptionbudgets/finalizers
verbs:
- update
- apiGroups:
- scylla.scylladb.com
resources:
- nodeconfigs/finalizers
verbs:
- update
- apiGroups:
- ""
resources:
- configmaps/finalizers
- secrets/finalizers
- pods/finalizers
verbs:
- update
- apiGroups:
- apps
resources:
- daemonsets/finalizers
verbs:
- update
- apiGroups:
- scylla.scylladb.com
resources:
- scyllaclusters/finalizers
- scylladbdatacenters/finalizers
- scylladbmonitorings/finalizers
verbs:
- update
- apiGroups:
- policy
resources:
- poddisruptionbudgets/finalizers
verbs:
- update
- apiGroups:
- scylla.scylladb.com
resources:
- nodeconfigs/finalizers
verbs:
- update
15 changes: 15 additions & 0 deletions deploy/operator/00_operator.clusterrole_def_openshift.yaml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,15 @@
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
name: scylladb:controller:aggregate-to-operator-openshift
labels:
rbac.operator.scylladb.com/aggregate-to-scylla-operator: "true"
rules:
- apiGroups:
- security.openshift.io
resourceNames:
- privileged
resources:
- securitycontextconstraints
verbs:
- use
7 changes: 7 additions & 0 deletions deploy/operator/00_scyllacluster_member_clusterrole_def.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -56,3 +56,10 @@ rules:
- scyllaclusters
verbs:
- get
- apiGroups:
- ""
resources:
- configmaps/finalizers
- secrets/finalizers
verbs:
- update
15 changes: 15 additions & 0 deletions deploy/operator/00_scyllacluster_member_clusterrole_def_openshift.yaml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,15 @@
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
name: scylladb:aggregate-to-scyllacluster-member-openshift
labels:
rbac.operator.scylladb.com/aggregate-to-scylla-member: "true"
rules:
- apiGroups:
- security.openshift.io
resourceNames:
- privileged
resources:
- securitycontextconstraints
verbs:
- use
8 changes: 8 additions & 0 deletions deploy/operator/00_scylladbmonitoring_grafana_clusterrole.yaml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,8 @@
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
name: scylladb:monitoring:grafana
aggregationRule:
clusterRoleSelectors:
- matchLabels:
rbac.operator.scylladb.com/aggregate-to-scylladb-monitoring-grafana: "true"
Loading

0 comments on commit 5800971

Please sign in to comment.