fd5410cb · fd5410cb · fd5410cb · fd5410cb · fd5410cb · fd5410cb
20 changed files
--- a/config/crd/patches/cainjection_in_chiefinformationsecurityofficers.yaml
+++ b/config/crd/patches/cainjection_in_chiefinformationsecurityofficers.yaml
-# The following patch adds a directive for certmanager to inject CA into the CRD
-apiVersion: apiextensions.k8s.io/v1
-kind: CustomResourceDefinition
-metadata:
-  annotations:
-    cert-manager.io/inject-ca-from: $(CERTIFICATE_NAMESPACE)/$(CERTIFICATE_NAME)
-  name: chiefinformationsecurityofficers.customer.valkyrie.dso.mil
--- a/config/crd/patches/cainjection_in_customers.yaml
+++ b/config/crd/patches/cainjection_in_customers.yaml
-# The following patch adds a directive for certmanager to inject CA into the CRD
-apiVersion: apiextensions.k8s.io/v1
-kind: CustomResourceDefinition
-metadata:
-  annotations:
-    cert-manager.io/inject-ca-from: $(CERTIFICATE_NAMESPACE)/$(CERTIFICATE_NAME)
-  name: customers.customer.valkyrie.dso.mil
--- a/config/crd/patches/cainjection_in_organizations.yaml
+++ b/config/crd/patches/cainjection_in_organizations.yaml
-# The following patch adds a directive for certmanager to inject CA into the CRD
-apiVersion: apiextensions.k8s.io/v1
-kind: CustomResourceDefinition
-metadata:
-  annotations:
-    cert-manager.io/inject-ca-from: $(CERTIFICATE_NAMESPACE)/$(CERTIFICATE_NAME)
-  name: organizations.customer.valkyrie.dso.mil
--- a/config/crd/patches/cainjection_in_systemowners.yaml
+++ b/config/crd/patches/cainjection_in_systemowners.yaml
-# The following patch adds a directive for certmanager to inject CA into the CRD
-apiVersion: apiextensions.k8s.io/v1
-kind: CustomResourceDefinition
-metadata:
-  annotations:
-    cert-manager.io/inject-ca-from: $(CERTIFICATE_NAMESPACE)/$(CERTIFICATE_NAME)
-  name: systemowners.customer.valkyrie.dso.mil
--- a/config/crd/patches/webhook_in_authorizingofficials.yaml
+++ b/config/crd/patches/webhook_in_authorizingofficials.yaml
-# The following patch enables a conversion webhook for the CRD
-apiVersion: apiextensions.k8s.io/v1
-kind: CustomResourceDefinition
-metadata:
-  name: authorizingofficials.customer.valkyrie.dso.mil
-spec:
-  conversion:
-    strategy: Webhook
-    webhook:
-      clientConfig:
-        service:
-          namespace: system
-          name: webhook-service
-          path: /convert
-      conversionReviewVersions:
-      - v1
--- a/config/crd/patches/webhook_in_chiefinformationsecurityofficers.yaml
+++ b/config/crd/patches/webhook_in_chiefinformationsecurityofficers.yaml
-# The following patch enables a conversion webhook for the CRD
-apiVersion: apiextensions.k8s.io/v1
-kind: CustomResourceDefinition
-metadata:
-  name: chiefinformationsecurityofficers.customer.valkyrie.dso.mil
-spec:
-  conversion:
-    strategy: Webhook
-    webhook:
-      clientConfig:
-        service:
-          namespace: system
-          name: webhook-service
-          path: /convert
-      conversionReviewVersions:
-      - v1
--- a/config/crd/patches/webhook_in_customers.yaml
+++ b/config/crd/patches/webhook_in_customers.yaml
-# The following patch enables a conversion webhook for the CRD
-apiVersion: apiextensions.k8s.io/v1
-kind: CustomResourceDefinition
-metadata:
-  name: customers.customer.valkyrie.dso.mil
-spec:
-  conversion:
-    strategy: Webhook
-    webhook:
-      clientConfig:
-        service:
-          namespace: system
-          name: webhook-service
-          path: /convert
--- a/config/crd/patches/webhook_in_organizations.yaml
+++ b/config/crd/patches/webhook_in_organizations.yaml
-# The following patch enables a conversion webhook for the CRD
-apiVersion: apiextensions.k8s.io/v1
-kind: CustomResourceDefinition
-metadata:
-  name: organizations.customer.valkyrie.dso.mil
-spec:
-  conversion:
-    strategy: Webhook
-    webhook:
-      clientConfig:
-        service:
-          namespace: system
-          name: webhook-service
-          path: /convert
--- a/config/crd/patches/webhook_in_systemowners.yaml
+++ b/config/crd/patches/webhook_in_systemowners.yaml
-# The following patch enables a conversion webhook for the CRD
-apiVersion: apiextensions.k8s.io/v1
-kind: CustomResourceDefinition
-metadata:
-  name: systemowners.customer.valkyrie.dso.mil
-spec:
-  conversion:
-    strategy: Webhook
-    webhook:
-      clientConfig:
-        service:
-          namespace: system
-          name: webhook-service
-          path: /convert
-      conversionReviewVersions:
-      - v1
--- a/config/rbac/authorizingofficial_editor_role.yaml
+++ b/config/rbac/authorizingofficial_editor_role.yaml
-# permissions for end users to edit authorizingofficials.
-apiVersion: rbac.authorization.k8s.io/v1
-kind: ClusterRole
-metadata:
-  name: authorizingofficial-editor-role
-rules:
- apiGroups:
-  - customer.valkyrie.dso.mil
-  resources:
-  - authorizingofficials
-  verbs:
-  - create
-  - delete
-  - get
-  - list
-  - patch
-  - update
-  - watch
- apiGroups:
-  - customer.valkyrie.dso.mil
-  resources:
-  - authorizingofficials/status
-  verbs:
-  - get
--- a/config/rbac/authorizingofficial_viewer_role.yaml
+++ b/config/rbac/authorizingofficial_viewer_role.yaml
-# permissions for end users to view authorizingofficials.
-apiVersion: rbac.authorization.k8s.io/v1
-kind: ClusterRole
-metadata:
-  name: authorizingofficial-viewer-role
-rules:
- apiGroups:
-  - customer.valkyrie.dso.mil
-  resources:
-  - authorizingofficials
-  verbs:
-  - get
-  - list
-  - watch
- apiGroups:
-  - customer.valkyrie.dso.mil
-  resources:
-  - authorizingofficials/status
-  verbs:
-  - get
--- a/config/rbac/chiefinformationsecurityofficer_editor_role.yaml
+++ b/config/rbac/chiefinformationsecurityofficer_editor_role.yaml
-# permissions for end users to edit chiefinformationsecurityofficers.
-apiVersion: rbac.authorization.k8s.io/v1
-kind: ClusterRole
-metadata:
-  name: chiefinformationsecurityofficer-editor-role
-rules:
- apiGroups:
-  - customer.valkyrie.dso.mil
-  resources:
-  - chiefinformationsecurityofficers
-  verbs:
-  - create
-  - delete
-  - get
-  - list
-  - patch
-  - update
-  - watch
- apiGroups:
-  - customer.valkyrie.dso.mil
-  resources:
-  - chiefinformationsecurityofficers/status
-  verbs:
-  - get
--- a/config/rbac/chiefinformationsecurityofficer_viewer_role.yaml
+++ b/config/rbac/chiefinformationsecurityofficer_viewer_role.yaml
-# permissions for end users to view chiefinformationsecurityofficers.
-apiVersion: rbac.authorization.k8s.io/v1
-kind: ClusterRole
-metadata:
-  name: chiefinformationsecurityofficer-viewer-role
-rules:
- apiGroups:
-  - customer.valkyrie.dso.mil
-  resources:
-  - chiefinformationsecurityofficers
-  verbs:
-  - get
-  - list
-  - watch
- apiGroups:
-  - customer.valkyrie.dso.mil
-  resources:
-  - chiefinformationsecurityofficers/status
-  verbs:
-  - get
--- a/config/rbac/customer_editor_role.yaml
+++ b/config/rbac/customer_editor_role.yaml
-# permissions for end users to edit customers.
-apiVersion: rbac.authorization.k8s.io/v1
-kind: ClusterRole
-metadata:
-  name: customer-editor-role
-rules:
- apiGroups:
-  - customer.valkyrie.dso.mil
-  resources:
-  - customers
-  verbs:
-  - create
-  - delete
-  - get
-  - list
-  - patch
-  - update
-  - watch
- apiGroups:
-  - customer.valkyrie.dso.mil
-  resources:
-  - customers/status
-  verbs:
-  - get
--- a/config/rbac/customer_viewer_role.yaml
+++ b/config/rbac/customer_viewer_role.yaml
-# permissions for end users to view customers.
-apiVersion: rbac.authorization.k8s.io/v1
-kind: ClusterRole
-metadata:
-  name: customer-viewer-role
-rules:
- apiGroups:
-  - customer.valkyrie.dso.mil
-  resources:
-  - customers
-  verbs:
-  - get
-  - list
-  - watch
- apiGroups:
-  - customer.valkyrie.dso.mil
-  resources:
-  - customers/status
-  verbs:
-  - get
--- a/config/rbac/organization_editor_role.yaml
+++ b/config/rbac/organization_editor_role.yaml
-# permissions for end users to edit organizations.
-apiVersion: rbac.authorization.k8s.io/v1
-kind: ClusterRole
-metadata:
-  name: organization-editor-role
-rules:
- apiGroups:
-  - customer.valkyrie.dso.mil
-  resources:
-  - organizations
-  verbs:
-  - create
-  - delete
-  - get
-  - list
-  - patch
-  - update
-  - watch
- apiGroups:
-  - customer.valkyrie.dso.mil
-  resources:
-  - organizations/status
-  verbs:
-  - get
--- a/config/rbac/organization_viewer_role.yaml
+++ b/config/rbac/organization_viewer_role.yaml
-# permissions for end users to view organizations.
-apiVersion: rbac.authorization.k8s.io/v1
-kind: ClusterRole
-metadata:
-  name: organization-viewer-role
-rules:
- apiGroups:
-  - customer.valkyrie.dso.mil
-  resources:
-  - organizations
-  verbs:
-  - get
-  - list
-  - watch
- apiGroups:
-  - customer.valkyrie.dso.mil
-  resources:
-  - organizations/status
-  verbs:
-  - get
--- a/config/rbac/role.yaml
+++ b/config/rbac/role.yaml
@@ -22,136 +22,6 @@ rules:
  - get
  - list
  - watch
- apiGroups:
-  - customer.valkyrie.dso.mil
-  resources:
-  - authorizingofficials
-  verbs:
-  - create
-  - delete
-  - get
-  - list
-  - patch
-  - update
-  - watch
- apiGroups:
-  - customer.valkyrie.dso.mil
-  resources:
-  - authorizingofficials/finalizers
-  verbs:
-  - update
- apiGroups:
-  - customer.valkyrie.dso.mil
-  resources:
-  - authorizingofficials/status
-  verbs:
-  - get
-  - patch
-  - update
- apiGroups:
-  - customer.valkyrie.dso.mil
-  resources:
-  - chiefinformationsecurityofficers
-  verbs:
-  - create
-  - delete
-  - get
-  - list
-  - patch
-  - update
-  - watch
- apiGroups:
-  - customer.valkyrie.dso.mil
-  resources:
-  - chiefinformationsecurityofficers/finalizers
-  verbs:
-  - update
- apiGroups:
-  - customer.valkyrie.dso.mil
-  resources:
-  - chiefinformationsecurityofficers/status
-  verbs:
-  - get
-  - patch
-  - update
- apiGroups:
-  - customer.valkyrie.dso.mil
-  resources:
-  - customers
-  verbs:
-  - create
-  - delete
-  - get
-  - list
-  - patch
-  - update
-  - watch
- apiGroups:
-  - customer.valkyrie.dso.mil
-  resources:
-  - customers/finalizers
-  verbs:
-  - update
- apiGroups:
-  - customer.valkyrie.dso.mil
-  resources:
-  - customers/status
-  verbs:
-  - get
-  - patch
-  - update
- apiGroups:
-  - customer.valkyrie.dso.mil
-  resources:
-  - organizations
-  verbs:
-  - create
-  - delete
-  - get
-  - list
-  - patch
-  - update
-  - watch
- apiGroups:
-  - customer.valkyrie.dso.mil
-  resources:
-  - organizations/finalizers
-  verbs:
-  - update
- apiGroups:
-  - customer.valkyrie.dso.mil
-  resources:
-  - organizations/status
-  verbs:
-  - get
-  - patch
-  - update
- apiGroups:
-  - customer.valkyrie.dso.mil
-  resources:
-  - systemowners
-  verbs:
-  - create
-  - delete
-  - get
-  - list
-  - patch
-  - update
-  - watch
- apiGroups:
-  - customer.valkyrie.dso.mil
-  resources:
-  - systemowners/finalizers
-  verbs:
-  - update
- apiGroups:
-  - customer.valkyrie.dso.mil
-  resources:
-  - systemowners/status
-  verbs:
-  - get
-  - patch
-  - update
 - apiGroups:
  - fortify.valkyrie.dso.mil
  resources:

--- a/config/rbac/systemowner_editor_role.yaml
+++ b/config/rbac/systemowner_editor_role.yaml
-# permissions for end users to edit systemowners.
-apiVersion: rbac.authorization.k8s.io/v1
-kind: ClusterRole
-metadata:
-  name: systemowner-editor-role
-rules:
- apiGroups:
-  - customer.valkyrie.dso.mil
-  resources:
-  - systemowners
-  verbs:
-  - create
-  - delete
-  - get
-  - list
-  - patch
-  - update
-  - watch
- apiGroups:
-  - customer.valkyrie.dso.mil
-  resources:
-  - systemowners/status
-  verbs:
-  - get
--- a/config/rbac/systemowner_viewer_role.yaml
+++ b/config/rbac/systemowner_viewer_role.yaml
-# permissions for end users to view systemowners.
-apiVersion: rbac.authorization.k8s.io/v1
-kind: ClusterRole
-metadata:
-  name: systemowner-viewer-role
-rules:
- apiGroups:
-  - customer.valkyrie.dso.mil
-  resources:
-  - systemowners
-  verbs:
-  - get
-  - list
-  - watch
- apiGroups:
-  - customer.valkyrie.dso.mil
-  resources:
-  - systemowners/status
-  verbs:
-  - get