From 28eea518e55717ab9dd253bd7654f33c97d81259 Mon Sep 17 00:00:00 2001 From: Alvaro Aleman Date: Mon, 8 Aug 2022 10:16:57 -0400 Subject: [PATCH] HCCO: Reference manifests in crb subject definition --- .../controllers/resources/rbac/reconcile.go | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/control-plane-operator/hostedclusterconfigoperator/controllers/resources/rbac/reconcile.go b/control-plane-operator/hostedclusterconfigoperator/controllers/resources/rbac/reconcile.go index 50b5f332d1..c082e9484c 100644 --- a/control-plane-operator/hostedclusterconfigoperator/controllers/resources/rbac/reconcile.go +++ b/control-plane-operator/hostedclusterconfigoperator/controllers/resources/rbac/reconcile.go @@ -1,6 +1,7 @@ package rbac import ( + hccomanifests "github.com/openshift/hypershift/control-plane-operator/hostedclusterconfigoperator/controllers/resources/manifests" rbacv1 "k8s.io/api/rbac/v1" ) @@ -52,7 +53,7 @@ func ReconcileCSRApproverClusterRoleBinding(r *rbacv1.ClusterRoleBinding) error r.RoleRef = rbacv1.RoleRef{ APIGroup: rbacv1.SchemeGroupVersion.Group, Kind: "ClusterRole", - Name: "system:openshift:controller:cluster-csr-approver-controller", + Name: hccomanifests.CSRApproverClusterRoleBinding().Name, } r.Subjects = []rbacv1.Subject{ { @@ -129,7 +130,7 @@ func ReconcileIngressToRouteControllerClusterRoleBinding(r *rbacv1.ClusterRoleBi r.RoleRef = rbacv1.RoleRef{ APIGroup: rbacv1.SchemeGroupVersion.Group, Kind: "ClusterRole", - Name: "system:openshift:openshift-controller-manager:ingress-to-route-controller", + Name: hccomanifests.IngressToRouteControllerClusterRole().Name, } r.Subjects = []rbacv1.Subject{ { @@ -183,7 +184,7 @@ func ReconcileNamespaceSecurityAllocationControllerClusterRoleBinding(r *rbacv1. r.RoleRef = rbacv1.RoleRef{ APIGroup: rbacv1.SchemeGroupVersion.Group, Kind: "ClusterRole", - Name: "system:openshift:controller:namespace-security-allocation-controller", + Name: hccomanifests.NamespaceSecurityAllocationControllerClusterRole().Name, } r.Subjects = []rbacv1.Subject{ {