Skip to content

Commit

Permalink
fix resource attribute list and retrieve namespace from kubeconfig
Browse files Browse the repository at this point in the history
  • Loading branch information
@diamonwiggins
diamonwiggins committed Nov 1, 2024
1 parent 500e8a7 commit 0ab8979
Show file tree
Hide file tree
Showing 3 changed files with 35 additions and 0 deletions.
5 changes: 5 additions & 0 deletions cmd/troubleshoot/cli/run.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -187,6 +187,11 @@ func runTroubleshoot(v *viper.Viper, args []string) error {
RunHostCollectorsInPod: mainBundle.Spec.RunHostCollectorsInPod,
}

if createOpts.Namespace == "" {
kubeconfig := k8sutil.GetKubeconfig()
createOpts.Namespace, _, _ = kubeconfig.Namespace()
}

nonInteractiveOutput := analysisOutput{}

response, err := supportbundle.CollectSupportBundleFromSpec(&mainBundle.Spec, additionalRedactors, createOpts)
Expand Down
5 changes: 5 additions & 0 deletions pkg/preflight/run.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -356,6 +356,11 @@ func collectInCluster(
BundlePath: bundlePath,
}

if collectOpts.Namespace == "" {
kubeconfig := k8sutil.GetKubeconfig()
collectOpts.Namespace, _, _ = kubeconfig.Namespace()
}

if v.GetString("since") != "" || v.GetString("since-time") != "" {
err := parseTimeFlags(v, preflightSpec.Spec.Collectors)
if err != nil {
Expand Down
25 changes: 25 additions & 0 deletions pkg/supportbundle/rbac.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -35,6 +35,11 @@ func checkRemoteCollectorRBAC(ctx context.Context, clientConfig *rest.Config, ti
var forbidden []error

resourceAttributesList := []authorizationv1.ResourceAttributes{
{
Namespace: namespace,
Verb: "get",
Resource: "pods",
},
{
Namespace: namespace,
Verb: "create",
Expand All @@ -45,15 +50,35 @@ func checkRemoteCollectorRBAC(ctx context.Context, clientConfig *rest.Config, ti
Verb: "delete",
Resource: "pods",
},
{
Namespace: namespace,
Verb: "get",
Resource: "pods/log",
},
{
Verb: "list",
Resource: "nodes",
},
{
Namespace: namespace,
Verb: "get",
Resource: "configmaps",
},
{
Namespace: namespace,
Verb: "create",
Resource: "configmaps",
},
{
Namespace: namespace,
Verb: "delete",
Resource: "configmaps",
},
{
Namespace: namespace,
Verb: "get",
Resource: "serviceaccounts",
},
}

for _, resourceAttributes := range resourceAttributesList {
Expand Down

0 comments on commit 0ab8979

Please sign in to comment.