Merge pull request #442 from akutz/feature/secret_rbac

Cluster actuator needs delete permission for secret.

Author: k8s-ci-robot

config/rbac/rbac_role.yaml

@@ -39,6 +39,7 @@ rules:
   - get
   - list
   - watch
+  - delete
 - apiGroups:
   - ""
   resources:

pkg/cloud/vsphere/actuators/cluster/actuator.go

@@ -45,7 +45,7 @@ import (
 
 //+kubebuilder:rbac:groups=vsphere.cluster.k8s.io,resources=vsphereclusterproviderspecs;vsphereclusterproviderstatuses,verbs=get;list;watch;create;update;patch;delete
 //+kubebuilder:rbac:groups=cluster.k8s.io,resources=clusters;clusters/status,verbs=get;list;watch;create;update;patch;delete
-//+kubebuilder:rbac:groups=,resources=secrets,verbs=create;get;list;watch
+//+kubebuilder:rbac:groups=,resources=secrets,verbs=create;get;list;watch;delete
 //+kubebuilder:rbac:groups="",resources=nodes;events;configmaps,verbs=get;list;watch;create;update;patch;delete
 
 // Actuator is responsible for maintaining the Cluster objects.

scripts/e2e/bootstrap_job/spec/provider-components.template

@@ -1061,6 +1061,7 @@ rules:
   - get
   - list
   - watch
+  - delete
 - apiGroups:
   - ""
   resources: