Please sign in to comment.
Use service account in pod specs
It turns out that we did not notice that microk8s doesn't enforce RBAC. Because of that, the default service account used by shipper before this commit had access to everything. When running e2e tests against kind instead of microk8s, we learned that our deployments did not specify the correct service account created by shipperctl, so all API calls failed due to missing authorization. Adding the service account to the deployments solves it.
- Loading branch information...
Showing with 2 additions and 0 deletions.