Skip to content

Commit

Permalink
Merge pull request #54005 from deads2k/rbac-02-aggregation
Browse files Browse the repository at this point in the history 
Automatic merge from submit-queue (batch tested with PRs 54005, 55127, 53850, 55486, 53440). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.

aggregate cluster roles

xref kubernetes/community#1219 kubernetes/enhancements#502

This is a pull with API types, a controller, and a demonstration of how to move admin, edit, and view.  Once we agree on the shape, I'll

I added
```yaml
aggregationRule:
  clusterRoleSelectors:
  - matchLabels:
      rbac.authorization.k8s.io/aggregate-to-admin: true
```
to the `ClusterRole`.  A controller then goes and gathers all the matching ClusterRoles and sets the `rules` to the union of matching cluster roles.

@kubernetes/sig-auth-pr-reviews

```release-note
RBAC ClusterRoles can now select other roles to aggregate
```

Kubernetes-commit: f575c55589db84ef4d392823120f0238fd19ad93
  • Loading branch information
@k8s-publish-robot
k8s-publish-robot committed Nov 28, 2017
2 parents 1438cb3 + c350e97 commit 34a0360
Show file tree
Hide file tree
Showing 16 changed files with 1,063 additions and 266 deletions.
50 changes: 25 additions & 25 deletions Godeps/Godeps.json
View file

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

0 comments on commit 34a0360

Please sign in to comment.