cri-o/vendor/k8s.io/kubernetes/cluster/addons/e2e-rbac-bindings/random-addon-grabbag.yaml

# TODO remove this
# currently, the kube-addon-manager is adding lots of pods which all share
# the system:serviceaccount:kube-system:default identity.  We need to subdivide
# those service accounts, figure out which ones we're going to make bootstrap roles for
# and bind those particular roles in the addon yaml itself.  This just gets us started
apiVersion: rbac.authorization.k8s.io/v1alpha1
kind: ClusterRoleBinding
metadata:
  name: todo-remove-grabbag-cluster-admin
  labels:
    kubernetes.io/cluster-service: "true"
roleRef:
  apiGroup: rbac.authorization.k8s.io
  kind: ClusterRole
  name: cluster-admin
subjects:
- kind: ServiceAccount
  name: default
  namespace: kube-system
Switch to github.com/golang/dep for vendoring Signed-off-by: Mrunal Patel <mrunalp@gmail.com> 2017-02-01 00:45:59 +00:00			`# TODO remove this`
			`# currently, the kube-addon-manager is adding lots of pods which all share`
			`# the system:serviceaccount:kube-system:default identity. We need to subdivide`
			`# those service accounts, figure out which ones we're going to make bootstrap roles for`
			`# and bind those particular roles in the addon yaml itself. This just gets us started`
			`apiVersion: rbac.authorization.k8s.io/v1alpha1`
			`kind: ClusterRoleBinding`
			`metadata:`
			`name: todo-remove-grabbag-cluster-admin`
			`labels:`
			`kubernetes.io/cluster-service: "true"`
			`roleRef:`
			`apiGroup: rbac.authorization.k8s.io`
			`kind: ClusterRole`
			`name: cluster-admin`
			`subjects:`
			`- kind: ServiceAccount`
			`name: default`
			`namespace: kube-system`