Sync uninstallation manifest from longhorn/longhorn-manager repo

Longhorn-4239 Signed-off-by: Phan Le <phan.le@suse.com>
2022-10-10 22:21:30 -07:00 · 2022-10-10 22:21:30 -07:00 · 89270bf0fa
commit 89270bf0fa
parent 6172382d1b
1 changed files with 49 additions and 49 deletions
--- a/uninstall/uninstall.yaml
+++ b/uninstall/uninstall.yaml
@ -1,38 +1,38 @@
-apiVersion: policy/v1beta1
-kind: PodSecurityPolicy
-metadata:
-  name: longhorn-uninstall-psp
-spec:
-  privileged: true
-  allowPrivilegeEscalation: true
-  requiredDropCapabilities:
-  - NET_RAW
-  allowedCapabilities:
-  - SYS_ADMIN
-  hostNetwork: false
-  hostIPC: false
-  hostPID: true
-  runAsUser:
-    rule: RunAsAny
-  seLinux:
-    rule: RunAsAny
-  fsGroup:
-    rule: RunAsAny
-  supplementalGroups:
-    rule: RunAsAny
-  volumes:
-  - configMap
-  - downwardAPI
-  - emptyDir
-  - secret
-  - projected
-  - hostPath
---
+#apiVersion: policy/v1beta1
+#kind: PodSecurityPolicy
+#metadata:
+#  name: longhorn-uninstall-psp
+#spec:
+#  privileged: true
+#  allowPrivilegeEscalation: true
+#  requiredDropCapabilities:
+#  - NET_RAW
+#  allowedCapabilities:
+#  - SYS_ADMIN
+#  hostNetwork: false
+#  hostIPC: false
+#  hostPID: true
+#  runAsUser:
+#    rule: RunAsAny
+#  seLinux:
+#    rule: RunAsAny
+#  fsGroup:
+#    rule: RunAsAny
+#  supplementalGroups:
+#    rule: RunAsAny
+#  volumes:
+#  - configMap
+#  - downwardAPI
+#  - emptyDir
+#  - secret
+#  - projected
+#  - hostPath
+#---
 apiVersion: v1
 kind: ServiceAccount
 metadata:
  name: longhorn-uninstall-service-account
-  namespace: default
+  namespace: longhorn-system
 ---
 apiVersion: rbac.authorization.k8s.io/v1
 kind: ClusterRole
@ -71,10 +71,10 @@ rules:
  - apiGroups: ["coordination.k8s.io"]
    resources: ["leases"]
    verbs: ["*"]
-  - apiGroups: ["policy"]
-    resources: ["podsecuritypolicies"]
-    verbs: ["use"]
-    resourceNames: ["longhorn-uninstall-psp"]
+  #  - apiGroups: ["policy"]
+  #    resources: ["podsecuritypolicies"]
+  #    verbs: ["use"]
+  #    resourceNames: ["longhorn-uninstall-psp"]
  - apiGroups: ["admissionregistration.k8s.io"]
    resources: ["mutatingwebhookconfigurations", "validatingwebhookconfigurations"]
    verbs: ["get", "delete"]
@ -90,13 +90,13 @@ roleRef:
 subjects:
  - kind: ServiceAccount
    name: longhorn-uninstall-service-account
-    namespace: default
+    namespace: longhorn-system
 ---
 apiVersion: batch/v1
 kind: Job
 metadata:
  name: longhorn-uninstall
-  namespace: default
+  namespace: longhorn-system
 spec:
  activeDeadlineSeconds: 900
  backoffLimit: 1
@ -105,18 +105,18 @@ spec:
      name: longhorn-uninstall
    spec:
      containers:
-      - name: longhorn-uninstall
-        image: longhornio/longhorn-manager:master-head
-        imagePullPolicy: IfNotPresent
-        securityContext:
-          privileged: true
-        command:
-        - longhorn-manager
-        - uninstall
-        - --force
-        env:
-        - name: LONGHORN_NAMESPACE
-          value: longhorn-system
+        - name: longhorn-uninstall
+          image: longhornio/longhorn-manager:master-head
+          imagePullPolicy: IfNotPresent
+          securityContext:
+            privileged: true
+          command:
+            - longhorn-manager
+            - uninstall
+            - --force
+          env:
+            - name: LONGHORN_NAMESPACE
+              value: longhorn-system
      restartPolicy: OnFailure
      serviceAccountName: longhorn-uninstall-service-account
 #      imagePullSecrets: