Hello,
I need that the mbox-operator service account in mbbox namespace to have access to route resources (all verbs).
mbox-operator service
mbbox
Cluster: https://console-openshift-console.apps.ocp.stg.ci.centos.org
Applying this role definition should do the trick: https://paste.centos.org/view/abaee7a2
Metadata Update from @dkirwan: - Issue assigned to dkirwan
Metadata Update from @dkirwan: - Issue priority set to: None (was: Needs Review) - Issue tagged with: centos-ci-infra, low-trouble, medium-gain
I've updated the mbbox admin group with some extra roles:
- verbs: - '*' apiGroups: - route.openshift.io resources: - routes - verbs: - get - create - delete - patch - update - watch - list apiGroups: - '' resources: - events - verbs: - create - delete - get - list - patch - update - watch apiGroups: - '' resources: - services/finalizers - verbs: - update apiGroups: - apps resources: - deployments/finalizers - mbox-operator - verbs: - '*' apiGroups: - apps.fedoraproject.org resources: - '*' - verbs: - '*' apiGroups: - monitoring.coreos.com resources: - servicemonitors - verbs: - '*' apiGroups: - networking.k8s.io resources: - ingresses - verbs: - '*' apiGroups: - route.openshift.io/v1 resources: - routes
Verified the new permissions work with @lrossett
Metadata Update from @dkirwan: - Issue close_status updated to: Fixed - Issue status updated to: Closed (was: Open)
Login to comment on this ticket.