upstream/kubernetes
1
0
Fork 0
mirror of https://github.com/kubernetes/kubernetes.git synced 2026-03-22 10:31:26 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions
kubernetes/plugin/pkg/auth/authorizer/rbac/bootstrappolicy
History
Kirill Shirinkin 5e9da75df2 Allow aggregate-to-view roles to get jobs status (#77866) 
* Allow aggregate-to-edit roles to get jobs status

Right now users/accounts with role `admin` or `edit` can create, update and delete jobs, but are not allowed to pull the status of a job that they create.  This change extends `aggregate-to-edit` rules to include `jobs/status`.

* Move jobs/status to aggregate-to-view rules

* Add aggregate-to-view policy to view PVCs status

* Update fixtures to include new read permissions

* Add more status subresources

* Update cluster-roles.yaml

* Re-order deployment permissions

* Run go fmt

* Add more permissions

* Fix tests

* Re-order permissions in test data

* Automatically update yamls
2019-07-26 11:59:22 -07:00
..
testdata Allow aggregate-to-view roles to get jobs status (#77866) 2019-07-26 11:59:22 -07:00
BUILD Move from glog to klog 2018-11-10 07:50:31 -05:00
controller_policy.go add rbac for events.k8s.io apiGroup to system:kube-scheduler 2019-07-11 16:10:32 +02:00
controller_policy_test.go Support scale subresource for PDBs (#76294) 2019-05-23 22:24:17 -07:00
namespace_policy.go Ensure controller manager and scheduler can perform delegated auth checks 2019-02-08 11:15:52 -05:00
policy.go Allow aggregate-to-view roles to get jobs status (#77866) 2019-07-26 11:59:22 -07:00
policy_test.go Switch to sigs.k8s.io/yaml from ghodss/yaml 2018-11-07 13:17:32 -05:00