Fix accidentally merged clusterrolebindings (#1501)

vmware-tanzu · Feb 5, 2020 · 0283bc4 · 0283bc4
1 parent 5c94484
commit 0283bc4
Showing 1 changed file with 0 additions and 30 deletions.
diff --git a/chart/kubeapps/templates/apprepository-rbac.yaml b/chart/kubeapps/templates/apprepository-rbac.yaml
@@ -32,18 +32,6 @@ rules:
       - jobs
     verbs:
       - create
----
-# Kubeapps can read and watch its own AppRepository resources cluster-wide.
-apiVersion: rbac.authorization.k8s.io/v1
-kind: ClusterRole
-metadata:
-  name: "kubeapps:controller:apprepository-reader-{{ .Release.Namespace }}"
-  labels:
-    app: {{ template "kubeapps.apprepository.fullname" . }}
-    chart: {{ template "kubeapps.chart" . }}
-    release: {{ .Release.Name }}
-    heritage: {{ .Release.Service }}
-rules:
   - apiGroups:
       - kubeapps.com
     resources:
@@ -73,24 +61,6 @@ subjects:
     name: {{ template "kubeapps.apprepository.fullname" . }}
     namespace: {{ .Release.Namespace }}
 ---
-apiVersion: rbac.authorization.k8s.io/v1
-kind: ClusterRoleBinding
-metadata:
-  name: "kubeapps:controller:apprepository-reader-{{ .Release.Namespace }}"
-  labels:
-    app: {{ template "kubeapps.apprepository.fullname" . }}
-    chart: {{ template "kubeapps.chart" . }}
-    release: {{ .Release.Name }}
-    heritage: {{ .Release.Service }}
-roleRef:
-  apiGroup: rbac.authorization.k8s.io
-  kind: ClusterRole
-  name: "kubeapps:controller:apprepository-reader-{{ .Release.Namespace }}"
-subjects:
-  - kind: ServiceAccount
-    name: {{ template "kubeapps.apprepository.fullname" . }}
-    namespace: {{ .Release.Namespace }}
----
 # Define role, but no binding, so users can be bound to this role
 apiVersion: rbac.authorization.k8s.io/v1
 kind: Role