[PR] RBAC for automatic legacy peering detection #95

kopf-archiver · 2020-08-18T19:44:08Z

A pull request by nolar at 2019-06-02 03:17:07+00:00
Original URL: zalando-incubator/kopf#95
Merged by nolar at 2019-06-14 09:18:57+00:00

Issue : #12, #13, originally mentioned in #49 comments

Add the missing RBAC permissions for legacy CRD scanning in the documentation (deployment patterns, RBAC section).

Since CRD scanning is a cluster-scoped operation, and cluster-scoped RBAC is not always possible, make so that the "403 permission denied" response for CRDs is treated as the absence of CRD. It is currently only used for legacy peering CRD, and nothing else.

As part of that, in tests, also check for other typical statuses for all get/list API operations — via parametrization.

PS: The feature was introduced in the automatic peering/standalone mode discovery (#33 #38).

kopf-archiver bot added the archive label Aug 18, 2020

kopf-archiver bot closed this as completed Aug 18, 2020

kopf-archiver bot mentioned this issue Aug 19, 2020

Automated RBAC generation and verification #49

Open

11 tasks

kopf-archiver bot changed the title ~~[archival placeholder]~~ [PR] RBAC for automatic legacy peering detection Aug 19, 2020

kopf-archiver bot added automation CI/CD: testing, linting, releasing automatically documentation Documentation improvements labels Aug 19, 2020

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

[PR] RBAC for automatic legacy peering detection #95

[PR] RBAC for automatic legacy peering detection #95

kopf-archiver bot commented Aug 18, 2020 •

edited

Loading

[PR] RBAC for automatic legacy peering detection #95

[PR] RBAC for automatic legacy peering detection #95

Comments

kopf-archiver bot commented Aug 18, 2020 • edited Loading

kopf-archiver bot commented Aug 18, 2020 •

edited

Loading