Got the feeling from kubectl get clusterrole ...

that having access control rules, in particular cluster scoped, lying around without knowing where they come from will be unmaintainable over time. Labels show up nicely in describe.
author: Staffan Olsson <staffan@repos.se> 2017-08-05 05:53:02 +0200
committer: Staffan Olsson <staffan@repos.se> 2017-08-05 05:53:08 +0200
commit: 35974266ae938856f3a254b12308b1a99e67e5e7 (patch)
tree: 29536f890adc2b4c9ea889f2d987bfb5fc06f21e /rbac-namespace-default/node-reader.yml
parent: a8ee55bb48a4915b2f119b0f409e7e714d9faf55 (diff)
download: kubernetes-kafka-35974266ae938856f3a254b12308b1a99e67e5e7.tar.gz
kubernetes-kafka-35974266ae938856f3a254b12308b1a99e67e5e7.tar.bz2
kubernetes-kafka-35974266ae938856f3a254b12308b1a99e67e5e7.zip
1 files changed, 4 insertions, 0 deletions
diff --git a/rbac-namespace-default/node-reader.yml b/rbac-namespace-default/node-reader.yml
index 3a133a8..0454579 100644
--- a/rbac-namespace-default/node-reader.yml
+++ b/rbac-namespace-default/node-reader.yml
@@ -4,6 +4,8 @@ kind: ClusterRole
 apiVersion: rbac.authorization.k8s.io/v1beta1
 metadata:
   name: node-reader
+  labels:
+    origin: github.com_Yolean_kubernetes-kafka
 rules:
 - apiGroups:
   - ""
@@ -16,6 +18,8 @@ kind: ClusterRoleBinding
 apiVersion: rbac.authorization.k8s.io/v1beta1
 metadata:
   name: kafka-node-reader
+  labels:
+    origin: github.com_Yolean_kubernetes-kafka
 roleRef:
   apiGroup: rbac.authorization.k8s.io
   kind: ClusterRole
author	Staffan Olsson <staffan@repos.se>	2017-08-05 05:53:02 +0200
committer	Staffan Olsson <staffan@repos.se>	2017-08-05 05:53:08 +0200
commit	35974266ae938856f3a254b12308b1a99e67e5e7 (patch)
tree	29536f890adc2b4c9ea889f2d987bfb5fc06f21e /rbac-namespace-default/node-reader.yml
parent	a8ee55bb48a4915b2f119b0f409e7e714d9faf55 (diff)
download	kubernetes-kafka-35974266ae938856f3a254b12308b1a99e67e5e7.tar.gz kubernetes-kafka-35974266ae938856f3a254b12308b1a99e67e5e7.tar.bz2 kubernetes-kafka-35974266ae938856f3a254b12308b1a99e67e5e7.zip