From ac666fe1c0ed9338f541385d8a780e8d2e753267 Mon Sep 17 00:00:00 2001
From: Jon Huhn <johuhn@microsoft.com>
Date: Mon, 1 Jul 2024 17:36:22 +0000
Subject: [PATCH] fix RBAC upgrade

---
 Makefile                                 | 4 ++--
 config/rbac/aggregation_role.yaml        | 4 ++--
 config/rbac/capz_manager_role_patch.yaml | 2 +-
 config/rbac/role.yaml                    | 2 +-
 config/rbac/role_binding.yaml            | 2 +-
 5 files changed, 7 insertions(+), 7 deletions(-)

diff --git a/Makefile b/Makefile
index 93798561571..d06ecf685e6 100644
--- a/Makefile
+++ b/Makefile
@@ -473,7 +473,7 @@ generate-manifests: $(CONTROLLER_GEN) ## Generate manifests e.g. CRD, RBAC etc.
 		paths=./api/... \
 		paths=./$(EXP_DIR)/api/... \
 		crd:crdVersions=v1 \
-		rbac:roleName=manager-role \
+		rbac:roleName=base-manager-role \
 		output:crd:dir=$(CRD_ROOT) \
 		output:webhook:dir=$(WEBHOOK_ROOT) \
 		webhook
@@ -482,7 +482,7 @@ generate-manifests: $(CONTROLLER_GEN) ## Generate manifests e.g. CRD, RBAC etc.
 		paths=./controllers/... \
 		paths=./$(EXP_DIR)/controllers/... \
 		output:rbac:dir=$(RBAC_ROOT) \
-		rbac:roleName=manager-role
+		rbac:roleName=base-manager-role
 
 .PHONY: generate-flavors ## Generate template flavors.
 generate-flavors: $(KUSTOMIZE) generate-addons
diff --git a/config/rbac/aggregation_role.yaml b/config/rbac/aggregation_role.yaml
index 07102e208b6..29585917919 100644
--- a/config/rbac/aggregation_role.yaml
+++ b/config/rbac/aggregation_role.yaml
@@ -2,9 +2,9 @@
 apiVersion: rbac.authorization.k8s.io/v1
 kind: ClusterRole
 metadata:
-  name: aggregated-manager-role
+  name: manager-role
 aggregationRule:
   clusterRoleSelectors:
   - matchLabels:
       cluster.x-k8s.io/aggregate-to-capz-manager: "true"
-rules: []
\ No newline at end of file
+rules: []
diff --git a/config/rbac/capz_manager_role_patch.yaml b/config/rbac/capz_manager_role_patch.yaml
index 1704966d935..1c25d14e7bf 100644
--- a/config/rbac/capz_manager_role_patch.yaml
+++ b/config/rbac/capz_manager_role_patch.yaml
@@ -1,6 +1,6 @@
 apiVersion: rbac.authorization.k8s.io/v1
 kind: ClusterRole
 metadata:
-  name: manager-role
+  name: base-manager-role
   labels:
     cluster.x-k8s.io/aggregate-to-capz-manager: "true"
diff --git a/config/rbac/role.yaml b/config/rbac/role.yaml
index d1883654504..eb76b94f586 100644
--- a/config/rbac/role.yaml
+++ b/config/rbac/role.yaml
@@ -2,7 +2,7 @@
 apiVersion: rbac.authorization.k8s.io/v1
 kind: ClusterRole
 metadata:
-  name: manager-role
+  name: base-manager-role
 rules:
 - apiGroups:
   - ""
diff --git a/config/rbac/role_binding.yaml b/config/rbac/role_binding.yaml
index c2d7565e283..5a95f66d6f8 100644
--- a/config/rbac/role_binding.yaml
+++ b/config/rbac/role_binding.yaml
@@ -5,7 +5,7 @@ metadata:
 roleRef:
   apiGroup: rbac.authorization.k8s.io
   kind: ClusterRole
-  name: aggregated-manager-role
+  name: manager-role
 subjects:
 - kind: ServiceAccount
   name: manager