Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Change kind of Role to ClusterRole #84

Merged
merged 1 commit into from
Aug 26, 2022
Merged

Change kind of Role to ClusterRole #84

merged 1 commit into from
Aug 26, 2022

Conversation

knikolla
Copy link
Contributor

During testing in ocp-staging, the project doesn't show up for the user
since there is no kind Role in the namespace. This is fixed by
creating a RoleBinding with the ClusterRole on the namespace.

It appears that the OpenShift dashboard does also add the ClusterRole
when adding users to a project through the form instead of a Role as
seen below with.

kind: RoleBinding
apiVersion: rbac.authorization.k8s.io/v1
metadata:
  name: test@example.com-edit-6daeb68123ea4a2e
  namespace: de0e163455c34e4dbed65e72ca765651
  uid: d2a32a6d-d845-46bd-9757-ebfaf885d938
  resourceVersion: '545901838'
  creationTimestamp: '2022-08-24T17:43:53Z'
  managedFields:
    - manager: Mozilla
      operation: Update
      apiVersion: rbac.authorization.k8s.io/v1
      time: '2022-08-24T17:43:53Z'
      fieldsType: FieldsV1
      fieldsV1:
        'f:roleRef': {}
        'f:subjects': {}
subjects:
  - kind: User
    apiGroup: rbac.authorization.k8s.io
    name: test@example.com
roleRef:
  apiGroup: rbac.authorization.k8s.io
  kind: ClusterRole
  name: edit

@knikolla
Change kind of Role to ClusterRole
fa6ccff 
During testing in ocp-staging, the project doesn't show up for the user
since there is no kind Role in the namespace. This is fixed by
creating a RoleBinding with the ClusterRole on the namespace.

It appears that the OpenShift dashboard does also add the ClusterRole
when adding users to a project through the form instead of a Role as
seen below with.

```
kind: RoleBinding
apiVersion: rbac.authorization.k8s.io/v1
metadata:
  name: test@example.com-edit-6daeb68123ea4a2e
  namespace: de0e163455c34e4dbed65e72ca765651
  uid: d2a32a6d-d845-46bd-9757-ebfaf885d938
  resourceVersion: '545901838'
  creationTimestamp: '2022-08-24T17:43:53Z'
  managedFields:
    - manager: Mozilla
      operation: Update
      apiVersion: rbac.authorization.k8s.io/v1
      time: '2022-08-24T17:43:53Z'
      fieldsType: FieldsV1
      fieldsV1:
        'f:roleRef': {}
        'f:subjects': {}
subjects:
  - kind: User
    apiGroup: rbac.authorization.k8s.io
    name: test@example.com
roleRef:
  apiGroup: rbac.authorization.k8s.io
  kind: ClusterRole
  name: edit
```
@knikolla knikolla merged commit acd4f46 into CCI-MOC:master Aug 26, 2022
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@larsks larsks larsks approved these changes

@naved001 naved001 naved001 approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@knikolla @larsks @naved001