public_git
/
kubernetes-operator
mirror of https://github.com/jenkinsci/kubernetes-operator.git
1
0
Fork 0
Code Issues Releases Wiki Activity

#507 Allow listing events (#514) 

Added missing permissions for listing events by Jenkins
This commit is contained in:
SylwiaBrant 2021-02-12 15:38:23 +01:00 committed by GitHub
parent 3dab502234
commit 652580c0a5
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
5 changed files with 6 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
chart/jenkins-operator/templates/role.yaml
View File

@ -72,6 +72,7 @@ rules:
resources: resources:
- events - events
verbs: verbs:
- get
- watch - watch
- list - list
- create - create

1
config/all_in_one_v1alpha2.yaml
View File

@ -104,6 +104,7 @@ rules:
resources: resources:
- events - events
verbs: verbs:
- get
- watch - watch
- list - list
- create - create

1
config/rbac/role.yaml
View File

@ -63,6 +63,7 @@ rules:
resources: resources:
- events - events
verbs: verbs:
- get
- watch - watch
- list - list
- create - create

4
main.go
View File

@ -81,7 +81,7 @@ func main() {
isRunningInCluster, err := resources.IsRunningInCluster() isRunningInCluster, err := resources.IsRunningInCluster()
if err != nil { if err != nil {
fatal(errors.Wrap(err, "failed to get watch namespace"), true) fatal(errors.Wrap(err, "failed to determine if operator is running in cluster"), true)
} }
flag.StringVar(&metricsAddr, "metrics-bind-address", ":8080", "The address the metric endpoint binds to.") flag.StringVar(&metricsAddr, "metrics-bind-address", ":8080", "The address the metric endpoint binds to.")
@ -133,7 +133,7 @@ func main() {
fatal(errors.Wrap(err, "failed to setup events"), *debug) fatal(errors.Wrap(err, "failed to setup events"), *debug)
} }
//Setup controller // setup controller
clientSet, err := kubernetes.NewForConfig(cfg) clientSet, err := kubernetes.NewForConfig(cfg)
if err != nil { if err != nil {
fatal(errors.Wrap(err, "failed to create Kubernetes client set"), *debug) fatal(errors.Wrap(err, "failed to create Kubernetes client set"), *debug)

3
pkg/configuration/base/resources/rbac.go
View File

@ -62,7 +62,6 @@ func NewDefaultPolicyRules() []v1.PolicyRule {
readOnly := []string{getVerb, listVerb, watchVerb} readOnly := []string{getVerb, listVerb, watchVerb}
Default := []string{createVerb, deleteVerb, getVerb, listVerb, patchVerb, updateVerb, watchVerb} Default := []string{createVerb, deleteVerb, getVerb, listVerb, patchVerb, updateVerb, watchVerb}
create := []string{createVerb} create := []string{createVerb}
watch := []string{watchVerb}
rules = append(rules, NewPolicyRule(EmptyAPIGroup, "pods/portforward", create)) rules = append(rules, NewPolicyRule(EmptyAPIGroup, "pods/portforward", create))
rules = append(rules, NewPolicyRule(EmptyAPIGroup, "pods", Default)) rules = append(rules, NewPolicyRule(EmptyAPIGroup, "pods", Default))
@ -70,7 +69,7 @@ func NewDefaultPolicyRules() []v1.PolicyRule {
rules = append(rules, NewPolicyRule(EmptyAPIGroup, "configmaps", readOnly)) rules = append(rules, NewPolicyRule(EmptyAPIGroup, "configmaps", readOnly))
rules = append(rules, NewPolicyRule(EmptyAPIGroup, "pods/log", readOnly)) rules = append(rules, NewPolicyRule(EmptyAPIGroup, "pods/log", readOnly))
rules = append(rules, NewPolicyRule(EmptyAPIGroup, "secrets", readOnly)) rules = append(rules, NewPolicyRule(EmptyAPIGroup, "secrets", readOnly))
rules = append(rules, NewPolicyRule(EmptyAPIGroup, "events", watch)) rules = append(rules, NewPolicyRule(EmptyAPIGroup, "events", readOnly))
rules = append(rules, NewOpenShiftPolicyRule(OpenshiftAPIGroup, "imagestreams", readOnly)) rules = append(rules, NewOpenShiftPolicyRule(OpenshiftAPIGroup, "imagestreams", readOnly))
rules = append(rules, NewOpenShiftPolicyRule(BuildAPIGroup, "buildconfigs", readOnly)) rules = append(rules, NewOpenShiftPolicyRule(BuildAPIGroup, "buildconfigs", readOnly))