You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
The editor and viewer cluster roles manged by the Helm chart and the k8ssandra-operator are missing RBAC labels, which would allow an automatic aggregation to cluster wide roles.
apiVersion: rbac.authorization.k8s.io/v1kind: ClusterRolemetadata:
name: aggregate-to-editlabels:
# Add these permissions to the "admin" and "edit" default roles.rbac.authorization.k8s.io/aggregate-to-admin: "true"rbac.authorization.k8s.io/aggregate-to-edit: "true""
These cluster roles, e.g., edit can be used by GitLab runners in the Kubernetes cluster to automatically modify the state of the resources watched by the k8ssandra-operator. With this, the necessity of creating additional cluster role binding is then no longer necessary.
┆Issue is synchronized with this Jira Story by Unito
┆Issue Number: K8OP-64
The text was updated successfully, but these errors were encountered:
What is missing?
The editor and viewer cluster roles manged by the Helm chart and the k8ssandra-operator are missing RBAC labels, which would allow an automatic aggregation to cluster wide roles.
See: https://kubernetes.io/docs/reference/access-authn-authz/rbac/#aggregated-clusterroles
Why do we need it?
These cluster roles, e.g.,
edit
can be used by GitLab runners in the Kubernetes cluster to automatically modify the state of the resources watched by the k8ssandra-operator. With this, the necessity of creating additional cluster role binding is then no longer necessary.┆Issue is synchronized with this Jira Story by Unito
┆Issue Number: K8OP-64
The text was updated successfully, but these errors were encountered: