github/kubernetes
4
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Add Pod Security Policy back in to GCE PD Cluster Role

Browse Source
This commit is contained in:
David Zhu 2018-10-02 14:42:14 -07:00
parent 7bcdd8b55c
commit e7af381538
1 changed files with 4 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
test/e2e/storage/csi_volumes.go
View File

@ -406,6 +406,8 @@ func (g *gcePDCSIDriver) createCSIDriver() {
g.nodeServiceAccount = csiServiceAccount(cs, config, "gce-node", false /* teardown */)
csiClusterRoleBindings(cs, config, false /* teardown */, g.controllerServiceAccount, g.controllerClusterRoles)
csiClusterRoleBindings(cs, config, false /* teardown */, g.nodeServiceAccount, g.nodeClusterRoles)
utils.PrivilegedTestPSPClusterRoleBinding(cs, config.Namespace, false, /* teardown */
[]string{g.controllerServiceAccount.Name, g.nodeServiceAccount.Name})
role := csiControllerRole(cs, config, false)
csiControllerRoleBinding(cs, config, false, role, g.controllerServiceAccount)
deployGCEPDCSIDriver(cs, config, false /* teardown */, f, g.nodeServiceAccount, g.controllerServiceAccount)
@ -419,6 +421,8 @@ func (g *gcePDCSIDriver) cleanupCSIDriver() {
deployGCEPDCSIDriver(cs, config, true /* teardown */, f, g.nodeServiceAccount, g.controllerServiceAccount)
csiClusterRoleBindings(cs, config, true /* teardown */, g.controllerServiceAccount, g.controllerClusterRoles)
csiClusterRoleBindings(cs, config, true /* teardown */, g.nodeServiceAccount, g.nodeClusterRoles)
utils.PrivilegedTestPSPClusterRoleBinding(cs, config.Namespace, true, /* teardown */
[]string{g.controllerServiceAccount.Name, g.nodeServiceAccount.Name})
role := csiControllerRole(cs, config, true)
csiControllerRoleBinding(cs, config, true, role, g.controllerServiceAccount)
csiServiceAccount(cs, config, "gce-controller", true /* teardown */)