From 8e9031d110cab2641a608af83a2f68eed811cf17 Mon Sep 17 00:00:00 2001 From: Andrea Mazzotti Date: Fri, 10 Jan 2025 09:27:19 +0100 Subject: [PATCH] Fix missing kubebuilder generation Signed-off-by: Andrea Mazzotti --- Makefile | 2 +- .../templates/rancher-turtles-components.yaml | 64 +++++++++++-------- config/rbac/role.yaml | 64 +++++++++++-------- internal/controllers/import_controller_v3.go | 6 +- 4 files changed, 79 insertions(+), 57 deletions(-) diff --git a/Makefile b/Makefile index b6e8ea1c..222a15db 100644 --- a/Makefile +++ b/Makefile @@ -243,7 +243,7 @@ generate-manifests-external: vendor controller-gen ## Generate ClusterRole and C .PHONY: generate-manifests-api generate-manifests-api: controller-gen ## Generate ClusterRole and CustomResourceDefinition objects. - $(CONTROLLER_GEN) rbac:roleName=manager-role crd paths="./api/v1alpha1/..." \ + $(CONTROLLER_GEN) rbac:roleName=manager-role crd paths="./api/v1alpha1/..." paths="./internal/controllers/..." \ output:crd:artifacts:config=./config/crd/bases \ output:rbac:dir=./config/rbac \ diff --git a/charts/rancher-turtles/templates/rancher-turtles-components.yaml b/charts/rancher-turtles/templates/rancher-turtles-components.yaml index e261f0af..703084fb 100644 --- a/charts/rancher-turtles/templates/rancher-turtles-components.yaml +++ b/charts/rancher-turtles/templates/rancher-turtles-components.yaml @@ -3366,19 +3366,8 @@ rules: resources: - configmaps - events - - secrets - verbs: - - create - - delete - - get - - list - - patch - - update - - watch -- apiGroups: - - "" - resources: - namespaces + - secrets verbs: - create - delete @@ -3393,7 +3382,6 @@ rules: - clusters - clusters/status verbs: - - create - get - list - patch @@ -3409,6 +3397,7 @@ rules: - update - apiGroups: - infrastructure.cluster.x-k8s.io + - operator.cluster.x-k8s.io resources: - '*' verbs: @@ -3423,31 +3412,43 @@ rules: - management.cattle.io resources: - clusterregistrationtokens - - clusterregistrationtokens/status + - clusters + - clusters/status verbs: + - create + - delete + - deletecollection - get - list + - patch + - update - watch - - create - apiGroups: - management.cattle.io resources: + - clusterregistrationtokens/status + - settings + verbs: + - get + - list + - watch +- apiGroups: + - provisioning.cattle.io + resources: - clusters - clusters/status verbs: - create - delete - - deletecollection - get - list - patch - update - watch - apiGroups: - - provisioning.cattle.io + - turtles-capi.cattle.io resources: - - clusters - - clusters/status + - capiproviders verbs: - create - delete @@ -3459,28 +3460,37 @@ rules: - apiGroups: - turtles-capi.cattle.io resources: - - capiproviders + - capiproviders/finalizers + verbs: + - update +- apiGroups: + - turtles-capi.cattle.io + resources: - capiproviders/status + verbs: + - get + - patch + - update +- apiGroups: + - turtles-capi.cattle.io + resources: - clusterctlconfigs - clusterctlconfigs/status verbs: - get - list - - watch - patch - - update + - watch - apiGroups: - - operator.cluster.x-k8s.io + - turtles-capi.cattle.io resources: - - '*' + - clusterctlconfigs/finalizers verbs: - - create - get - list - - watch - patch - update - - create + - watch --- apiVersion: rbac.authorization.k8s.io/v1 kind: RoleBinding diff --git a/config/rbac/role.yaml b/config/rbac/role.yaml index 76e8d0d9..68e370cf 100644 --- a/config/rbac/role.yaml +++ b/config/rbac/role.yaml @@ -9,19 +9,8 @@ rules: resources: - configmaps - events - - secrets - verbs: - - create - - delete - - get - - list - - patch - - update - - watch -- apiGroups: - - "" - resources: - namespaces + - secrets verbs: - create - delete @@ -36,7 +25,6 @@ rules: - clusters - clusters/status verbs: - - create - get - list - patch @@ -52,6 +40,7 @@ rules: - update - apiGroups: - infrastructure.cluster.x-k8s.io + - operator.cluster.x-k8s.io resources: - '*' verbs: @@ -66,31 +55,43 @@ rules: - management.cattle.io resources: - clusterregistrationtokens - - clusterregistrationtokens/status + - clusters + - clusters/status verbs: + - create + - delete + - deletecollection - get - list + - patch + - update - watch - - create - apiGroups: - management.cattle.io resources: + - clusterregistrationtokens/status + - settings + verbs: + - get + - list + - watch +- apiGroups: + - provisioning.cattle.io + resources: - clusters - clusters/status verbs: - create - delete - - deletecollection - get - list - patch - update - watch - apiGroups: - - provisioning.cattle.io + - turtles-capi.cattle.io resources: - - clusters - - clusters/status + - capiproviders verbs: - create - delete @@ -102,25 +103,34 @@ rules: - apiGroups: - turtles-capi.cattle.io resources: - - capiproviders + - capiproviders/finalizers + verbs: + - update +- apiGroups: + - turtles-capi.cattle.io + resources: - capiproviders/status + verbs: + - get + - patch + - update +- apiGroups: + - turtles-capi.cattle.io + resources: - clusterctlconfigs - clusterctlconfigs/status verbs: - get - list - - watch - patch - - update + - watch - apiGroups: - - operator.cluster.x-k8s.io + - turtles-capi.cattle.io resources: - - '*' + - clusterctlconfigs/finalizers verbs: - - create - get - list - - watch - patch - update - - create + - watch diff --git a/internal/controllers/import_controller_v3.go b/internal/controllers/import_controller_v3.go index d054373d..8f37f2e2 100644 --- a/internal/controllers/import_controller_v3.go +++ b/internal/controllers/import_controller_v3.go @@ -134,8 +134,10 @@ func (r *CAPIImportManagementV3Reconciler) SetupWithManager(ctx context.Context, // +kubebuilder:rbac:groups=coordination.k8s.io,resources=leases,verbs=get;create;update // +kubebuilder:rbac:groups=cluster.x-k8s.io,resources=clusters;clusters/status,verbs=get;list;watch;update;patch // +kubebuilder:rbac:groups=infrastructure.cluster.x-k8s.io,resources=*,verbs=get;list;watch;create;update;patch;delete -// +kubebuilder:rbac:groups=management.cattle.io,resources=clusters;clusters/status,verbs=get;list;watch;create;update;delete;deletecollection;patch -// +kubebuilder:rbac:groups=management.cattle.io,resources=clusters;clusterregistrationtokens;clusterregistrationtokens/status,verbs=get;list;watch +// +kubebuilder:rbac:groups=management.cattle.io,resources=clusters;clusters/status;clusterregistrationtokens,verbs=get;list;watch;create;update;delete;deletecollection;patch +// +kubebuilder:rbac:groups=management.cattle.io,resources=clusterregistrationtokens/status;settings,verbs=get;list;watch +// +//nolint:lll // Reconcile reconciles a CAPI cluster, creating a Rancher cluster if needed and applying the import manifests. func (r *CAPIImportManagementV3Reconciler) Reconcile(ctx context.Context, req ctrl.Request) (ctrl.Result, error) {