Skip to content

Give RBAC permission to read listeners #497

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 2 commits into from
Sep 9, 2024
Merged

Give RBAC permission to read listeners #497

merged 2 commits into from
Sep 9, 2024

Conversation

nightkr
Copy link
Member

@nightkr nightkr commented Sep 6, 2024

Description

This is required for listener volume scopes that use manually created listeners

Definition of Done Checklist

  • Not all of these items are applicable to all PRs, the author should update this template to only leave the boxes in that are relevant
  • Please make sure all these things are done and tick the boxes

Author
Preview Give feedback

Reviewer
Preview Give feedback

Acceptance
Preview Give feedback

@nightkr
Give RBAC permission to read listeners
c49c399 
This is required for listener volume scopes that use manually created listeners
@nightkr
Changelog
ace847f
@nightkr nightkr requested a review from a team September 6, 2024 16:10
@nightkr nightkr added this pull request to the merge queue Sep 9, 2024
Merged via the queue into main with commit 74ce5da Sep 9, 2024
31 checks passed
@nightkr nightkr deleted the bugfix/listener-permission branch September 9, 2024 11:17
@lfrancke
Copy link
Member

Should this be mentioned in the release notes? If so: Could you add asnippet?

@nightkr
Copy link
Member Author

nightkr commented Sep 11, 2024

I'd say no, unless you want to list every bugfix (and at that point, what's the difference vs the changelog again?).

@lfrancke
Copy link
Member

It's a subjective thing. I thought this might warrant an entry because it's security relevant and should someone not use our Helm charts for some reason, they'd need to take action.

Also....do we need to do anything for OpenShift here @razvan @adwk67?

@razvan
Copy link
Member

razvan commented Sep 16, 2024

Yes, we need to to check for this when updating OLM

@lfrancke
Copy link
Member

Do we have an issue or anything else to track this so we don't forget? If not: Do we need it?

@razvan
Copy link
Member

razvan commented Sep 25, 2024

I'd say we don't need an issue for it. Diffing cluster roles between Helm and OLM is part of the process. Also the OpenShift tests will hopefully catch any inconsistencies.

@nightkr
Copy link
Member Author

nightkr commented Sep 25, 2024

Well if you want to add a release note for it, something like:

The Stackable Secret Operator now requests permission to read Listeners, which is required to provision secrets for listener volumes with listeners.stackable.tech/listener-name.

@lfrancke lfrancke added the release-note Denotes a PR that will be considered when it comes time to generate release notes. label Sep 25, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@sbernauer sbernauer sbernauer approved these changes

Assignees

@nightkr nightkr

@sbernauer sbernauer

Labels
release/24.11.0 release-note Denotes a PR that will be considered when it comes time to generate release notes.
Projects
Stackable Engineering
Archived in project
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@nightkr @lfrancke @razvan @sbernauer