Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

fix: cluster role and SCC should not be reconciled #355

Merged
merged 1 commit into from
Mar 31, 2023
Merged

fix: cluster role and SCC should not be reconciled #355

merged 1 commit into from
Mar 31, 2023

Conversation

redhatrises
Copy link
Contributor

  • Cluster roles for operators should be part of the package manifest and not reconciled as it is abnormal to reconcile cluster roles. This also reduces permissions that the operator controller-manager has to make changes to the cluster
  • Providing a custom SCC that is privileged is duplicative of the existing privileged SCC in OpenShift. Removing SCC reconciliation for the node sensor for the same reasons as above.

@redhatrises
fix: cluster role and SCC should not be reconciled
656acfa 
- Cluster roles for operators should be part of the package manifest and not reconciled
  as it is abnormal to reconcile cluster roles. This also reduces permissions that the
  operator controller-manager has to make changes to the cluster
- Providing a custom SCC that is privileged is duplicative of the existing privileged SCC
  in OpenShift. Removing SCC reconciliation for the node sensor for the same reasons as above.
@redhatrises redhatrises added ok-to-test Run tests that install the CS Sensor and removed ok-to-test Run tests that install the CS Sensor labels Mar 29, 2023
@redhatrises redhatrises merged commit ae27d25 into CrowdStrike:main Mar 31, 2023
@redhatrises redhatrises deleted the use_kustomize_clusterrole branch March 31, 2023 21:53
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
ok-to-test Run tests that install the CS Sensor
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@redhatrises