Update secret-store

2020-08-24 15:20:02 +02:00 · 2020-08-24 15:20:02 +02:00 · 3d54f0c30d
commit 3d54f0c30d
parent fc8d34e4a9
4 changed files with 10 additions and 25 deletions
--- a/files/secrets-store/csi-secrets-store-DaemonSet.yaml
+++ b/files/secrets-store/csi-secrets-store-DaemonSet.yaml
@ -43,7 +43,7 @@ spec:
            - name: registration-dir
              mountPath: /registration
        - name: secrets-store
-          image: us.gcr.io/k8s-artifacts-prod/csi-secrets-store/driver:v0.0.12
+          image: us.gcr.io/k8s-artifacts-prod/csi-secrets-store/driver:v0.0.13
          args:
            - "--debug=true"
            - "--endpoint=$(CSI_ENDPOINT)"
--- a/files/secrets-store/secretproviderclasses-role-ClusterRole.yaml
+++ b/files/secrets-store/secretproviderclasses-role-ClusterRole.yaml
@ -1,6 +1,7 @@
 apiVersion: rbac.authorization.k8s.io/v1
 kind: ClusterRole
 metadata:
+  creationTimestamp: null
  name: secretproviderclasses-role
 rules:
 - apiGroups:
@ -10,28 +11,6 @@ rules:
  verbs:
  - get
  - list
-  - update
-  - watch
- apiGroups:
-  - secrets-store.csi.x-k8s.io
-  resources:
-  - secretproviderclasses/status
-  verbs:
-  - get
-  - patch
-  - update
-  - watch
- apiGroups:
-  - ""
-  resources:
-  - secrets
-  verbs:
-  - create
-  - delete
-  - get
-  - update
-  - patch
-  - list
  - watch
 - apiGroups:
  - secrets-store.csi.x-k8s.io
@ -51,5 +30,5 @@ rules:
  - secretproviderclasspodstatuses/status
  verbs:
  - get
-  - update
  - patch
+  - update
--- a/files/secrets-store/secretproviderclasses.secrets-store.csi.x-k8s.io-CustomResourceDefinition.yaml
+++ b/files/secrets-store/secretproviderclasses.secrets-store.csi.x-k8s.io-CustomResourceDefinition.yaml
@ -12,6 +12,7 @@ spec:
    listKind: SecretProviderClassList
    plural: secretproviderclasses
    singular: secretproviderclass
+  preserveUnknownFields: false
  scope: Namespaced
  validation:
    openAPIV3Schema:
@ -59,6 +60,11 @@ spec:
                          type: string
                      type: object
                    type: array
+                  labels:
+                    additionalProperties:
+                      type: string
+                    description: labels of K8s secret object
+                    type: object
                  secretName:
                    description: name of the K8s secret object
                    type: string
--- a/vars/secrets_store_files_list.yml
+++ b/vars/secrets_store_files_list.yml
@ -1,7 +1,7 @@
 ---
 secrets_store_files:
-  - "secrets-store/secretproviderclasses-role-ClusterRole.yaml"
  - "secrets-store/secrets-store-csi-driver-ServiceAccount.yaml"
+  - "secrets-store/secretproviderclasses-role-ClusterRole.yaml"
  - "secrets-store/secretproviderclasses-rolebinding-ClusterRoleBinding.yaml"
  - "secrets-store/secrets-store.csi.k8s.io-CSIDriver.yaml"
  - "secrets-store/secretproviderclasses.secrets-store.csi.x-k8s.io-CustomResourceDefinition.yaml"