mirror of
https://github.com/kyverno/kyverno.git
synced 2025-03-31 03:45:17 +00:00
change cluster role labels (#2776)
* change cluster role labels * change cluster role label value * fix cluster role label issue * fix comment
This commit is contained in:
parent
962f4de8d8
commit
b7767d79d3
6 changed files with 9 additions and 8 deletions
|
@ -22,7 +22,6 @@ kind: ClusterRole
|
|||
metadata:
|
||||
name: {{ template "kyverno.fullname" . }}:webhook
|
||||
labels: {{ include "kyverno.labels" . | nindent 4 }}
|
||||
app.kubernetes.io/ownerreference: "true"
|
||||
app: kyverno
|
||||
rules:
|
||||
# Dynamic creation of webhooks, events & certs
|
||||
|
|
|
@ -7360,7 +7360,6 @@ metadata:
|
|||
app.kubernetes.io/name: kyverno
|
||||
app.kubernetes.io/part-of: kyverno
|
||||
app.kubernetes.io/version: latest
|
||||
app.kubernetes.io/ownerreference: "true"
|
||||
name: kyverno:webhook
|
||||
rules:
|
||||
- apiGroups:
|
||||
|
|
|
@ -7245,7 +7245,6 @@ kind: ClusterRole
|
|||
metadata:
|
||||
labels:
|
||||
app: kyverno
|
||||
app.kubernetes.io/ownerreference: "true"
|
||||
name: kyverno:webhook
|
||||
rules:
|
||||
- apiGroups:
|
||||
|
|
|
@ -22,7 +22,6 @@ kind: ClusterRole
|
|||
metadata:
|
||||
labels:
|
||||
app: kyverno
|
||||
app.kubernetes.io/ownerreference: "true"
|
||||
name: kyverno:webhook
|
||||
rules:
|
||||
# Dynamic creation of webhooks, events & certs
|
||||
|
|
|
@ -7278,7 +7278,6 @@ metadata:
|
|||
app.kubernetes.io/name: kyverno
|
||||
app.kubernetes.io/part-of: kyverno
|
||||
app.kubernetes.io/version: latest
|
||||
app.kubernetes.io/ownerreference: "true"
|
||||
name: kyverno:webhook
|
||||
rules:
|
||||
- apiGroups:
|
||||
|
|
|
@ -1,9 +1,11 @@
|
|||
package webhookconfig
|
||||
|
||||
import (
|
||||
"errors"
|
||||
"io/ioutil"
|
||||
"path/filepath"
|
||||
"reflect"
|
||||
"strings"
|
||||
|
||||
"github.com/kyverno/kyverno/pkg/config"
|
||||
"github.com/kyverno/kyverno/pkg/tls"
|
||||
|
@ -75,12 +77,16 @@ func (wrc *Register) constructOwner() v1.OwnerReference {
|
|||
}
|
||||
|
||||
func (wrc *Register) GetKubePolicyClusterRoleName() (*unstructured.Unstructured, error) {
|
||||
clusterRole, err := wrc.client.ListResource(config.ClusterRoleAPIVersion, config.ClusterRoleKind, "", &v1.LabelSelector{MatchLabels: map[string]string{"app.kubernetes.io/ownerreference": "true"}})
|
||||
clusterRoles, err := wrc.client.ListResource(config.ClusterRoleAPIVersion, config.ClusterRoleKind, "", &v1.LabelSelector{MatchLabels: map[string]string{"app": "kyverno"}})
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
|
||||
return &clusterRole.Items[0], nil
|
||||
for _, cr := range clusterRoles.Items {
|
||||
if strings.HasSuffix(cr.GetName(), "webhook") {
|
||||
return &cr, nil
|
||||
}
|
||||
}
|
||||
return nil, errors.New("failed to get cluster role with suffix webhook")
|
||||
}
|
||||
|
||||
// GetKubePolicyDeployment gets Kyverno deployment using the resource cache
|
||||
|
|
Loading…
Add table
Reference in a new issue