diff --git a/packages/apps/tenant/Chart.yaml b/packages/apps/tenant/Chart.yaml index e5737ddab..b73af8783 100644 --- a/packages/apps/tenant/Chart.yaml +++ b/packages/apps/tenant/Chart.yaml @@ -4,4 +4,4 @@ description: Separated tenant namespace icon: /logos/tenant.svg type: application -version: 1.6.3 +version: 1.6.4 diff --git a/packages/apps/tenant/templates/tenant.yaml b/packages/apps/tenant/templates/tenant.yaml index f6c6dfc11..caf4ca31b 100644 --- a/packages/apps/tenant/templates/tenant.yaml +++ b/packages/apps/tenant/templates/tenant.yaml @@ -31,9 +31,7 @@ rules: - apiGroups: ["rbac.authorization.k8s.io"] resources: ["roles"] verbs: ["get"] -- apiGroups: ["helm.toolkit.fluxcd.io"] - resources: ["helmreleases"] - verbs: ["*"] + --- apiVersion: rbac.authorization.k8s.io/v1 kind: RoleBinding @@ -86,14 +84,6 @@ rules: - get - list - watch - - apiGroups: - - helm.toolkit.fluxcd.io - resources: - - helmreleases - verbs: - - get - - list - - watch - apiGroups: - "" resources: @@ -122,6 +112,9 @@ subjects: name: tenant-root-view apiGroup: rbac.authorization.k8s.io {{- end }} +- kind: Group + name: {{ include "tenant.name" . }}-view + apiGroup: rbac.authorization.k8s.io {{- if hasPrefix "tenant-" .Release.Namespace }} {{- $parts := splitList "-" .Release.Namespace }} {{- range $i, $v := $parts }} @@ -158,13 +151,6 @@ rules: - get - list - watch - - apiGroups: ["helm.toolkit.fluxcd.io"] - resources: - - helmreleases - verbs: - - get - - list - - watch - apiGroups: [""] resources: - "*" @@ -198,6 +184,9 @@ subjects: name: tenant-root-use apiGroup: rbac.authorization.k8s.io {{- end }} +- kind: Group + name: {{ include "tenant.name" . }}-use + apiGroup: rbac.authorization.k8s.io {{- if hasPrefix "tenant-" .Release.Namespace }} {{- $parts := splitList "-" .Release.Namespace }} {{- range $i, $v := $parts }} @@ -234,13 +223,6 @@ rules: - list - watch - delete - - apiGroups: ["helm.toolkit.fluxcd.io"] - resources: - - helmreleases - verbs: - - get - - list - - watch - apiGroups: ["kubevirt.io"] resources: - virtualmachines @@ -293,6 +275,9 @@ subjects: name: tenant-root-admin apiGroup: rbac.authorization.k8s.io {{- end }} +- kind: Group + name: {{ include "tenant.name" . }}-admin + apiGroup: rbac.authorization.k8s.io {{- if hasPrefix "tenant-" .Release.Namespace }} {{- $parts := splitList "-" .Release.Namespace }} {{- range $i, $v := $parts }} @@ -329,11 +314,6 @@ rules: - list - watch - delete - - apiGroups: ["helm.toolkit.fluxcd.io"] - resources: - - helmreleases - verbs: - - '*' - apiGroups: ["kubevirt.io"] resources: - virtualmachines @@ -363,6 +343,9 @@ subjects: name: tenant-root-super-admin apiGroup: rbac.authorization.k8s.io {{- end }} +- kind: Group + name: {{ include "tenant.name" . }}-super-admin + apiGroup: rbac.authorization.k8s.io {{- if hasPrefix "tenant-" .Release.Namespace }} {{- $parts := splitList "-" .Release.Namespace }} {{- range $i, $v := $parts }} diff --git a/packages/apps/versions_map b/packages/apps/versions_map index 96728827b..9c92aa889 100644 --- a/packages/apps/versions_map +++ b/packages/apps/versions_map @@ -93,7 +93,8 @@ tenant 1.5.0 48128743 tenant 1.6.0 df448b99 tenant 1.6.1 edbbb9be tenant 1.6.2 ccedc5fe -tenant 1.6.3 HEAD +tenant 1.6.3 2057bb96 +tenant 1.6.4 HEAD virtual-machine 0.1.4 f2015d6 virtual-machine 0.1.5 7cd7de7 virtual-machine 0.2.0 5ca8823