From 531a0a0328d68f016c75c296fb8d60bc44887ac9 Mon Sep 17 00:00:00 2001 From: Pramod Bindal Date: Mon, 22 Jun 2026 14:47:19 +0530 Subject: [PATCH] Merge multikueueclusters permission to scheduler role tekton-multicluster-proxy-aae-role becomes redundent after this change --- config/base/kustomization.yaml | 2 -- .../tekton_multicluster_proxy_aae_role.yaml | 30 ------------------- ...n_multicluster_proxy_aae_role_binding.yaml | 28 ----------------- config/base/tekton_scheduler_role.yaml | 1 + 4 files changed, 1 insertion(+), 60 deletions(-) delete mode 100644 config/base/tekton_multicluster_proxy_aae_role.yaml delete mode 100644 config/base/tekton_multicluster_proxy_aae_role_binding.yaml diff --git a/config/base/kustomization.yaml b/config/base/kustomization.yaml index 10a0e4cbf1..a6ab8e1733 100644 --- a/config/base/kustomization.yaml +++ b/config/base/kustomization.yaml @@ -44,5 +44,3 @@ resources: - tekton_result_role_binding.yaml - tekton_scheduler_role.yaml - tekton_scheduler_role_binding.yaml -- tekton_multicluster_proxy_aae_role.yaml -- tekton_multicluster_proxy_aae_role_binding.yaml diff --git a/config/base/tekton_multicluster_proxy_aae_role.yaml b/config/base/tekton_multicluster_proxy_aae_role.yaml deleted file mode 100644 index 821d4b178e..0000000000 --- a/config/base/tekton_multicluster_proxy_aae_role.yaml +++ /dev/null @@ -1,30 +0,0 @@ -# Copyright 2026 The Tekton Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -# Permissions required for the operator to create the multicluster-proxy-aae -# ClusterRole (which grants these to the proxy-aae component). -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - name: tekton-multicluster-proxy-aae-role -rules: - - apiGroups: - - kueue.x-k8s.io - resources: - - workloads - - multikueueclusters - verbs: - - get - - list - - watch diff --git a/config/base/tekton_multicluster_proxy_aae_role_binding.yaml b/config/base/tekton_multicluster_proxy_aae_role_binding.yaml deleted file mode 100644 index 9ea65fff50..0000000000 --- a/config/base/tekton_multicluster_proxy_aae_role_binding.yaml +++ /dev/null @@ -1,28 +0,0 @@ -# Copyright 2026 The Tekton Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -# Grants the tekton-operator SA permissions to create ClusterRoles that -# grant kueue.x-k8s.io to the multicluster-proxy-aae component. -kind: ClusterRoleBinding -apiVersion: rbac.authorization.k8s.io/v1 -metadata: - name: tekton-multicluster-proxy-aae-rolebinding -subjects: - - kind: ServiceAccount - name: tekton-operator - namespace: tekton-operator -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: ClusterRole - name: tekton-multicluster-proxy-aae-role diff --git a/config/base/tekton_scheduler_role.yaml b/config/base/tekton_scheduler_role.yaml index d6c1410291..726c99bd4c 100644 --- a/config/base/tekton_scheduler_role.yaml +++ b/config/base/tekton_scheduler_role.yaml @@ -25,6 +25,7 @@ rules: - workloads/finalizers - workloads/status - workloadpriorityclasses + - multikueueclusters verbs: - get - list