use existing cluster-role

apps/stage-maker/cluster-role-binding.yaml

@@ -0,0 +1,13 @@
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRoleBinding
+metadata:
+  name: edit-stages-clusterrolebinding
+subjects:
+- kind: ServiceAccount
+  name: stage-editor
+  namespace: stage-maker
+roleRef:
+  kind: ClusterRole
+  name: ontime-operator-stage-editor-role
+  apiGroup: rbac.authorization.k8s.io

apps/stage-maker/cluster-role.yaml

@@ -1,36 +0,0 @@
-apiVersion: rbac.authorization.k8s.io/v1
-kind: ClusterRole
-metadata:
-  name: stage-editor-role
-rules:
-- apiGroups:
-  - ontime.getontime.no
-  resources:
-  - stages
-  verbs:
-  - create
-  - delete
-  - get
-  - list
-  - patch
-  - update
-  - watch
-- apiGroups:
-  - ontime.getontime.no
-  resources:
-  - stages/status
-  verbs:
-  - get
----
-apiVersion: rbac.authorization.k8s.io/v1
-kind: ClusterRoleBinding
-metadata:
-  name: edit-stages-clusterrolebinding
-subjects:
-- kind: ServiceAccount
-  name: stage-editor
-  namespace: stage-maker
-roleRef:
-  kind: ClusterRole
-  name: stage-editor-role
-  apiGroup: rbac.authorization.k8s.io

apps/stage-maker/kustomization.yaml

@@ -4,6 +4,5 @@ resources:
   - namespace.yaml
   - deployment.yaml
   - ingress.yaml
-  - cluster-role.yaml
   - service-account.yaml
   - service.yaml