You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Describe the solution you'd like
As I could not find the reason in the code the delete permission is requested, I would like to get this removed. Therefore the events permission should be separated from the pods, services etc to not include the delete permission.
Describe alternatives you've considered
Alternatively the delete permission could be made optional and the code follows this similar to the executor.serviceAccountCheck.enabled could help, but as of now I would not know which part of the code tries to delete events.
Additional context
The text was updated successfully, but these errors were encountered:
Is your feature request related to a problem? Please describe.
Our kubernetes clusters are quite restricted in terms of permissions and therefore it is for tracability reasons not allowed to delete events. fission seem to request the events.delete permission in two places, namely for the executor and keda linked below.
https://github.com/fission/fission/blob/main/charts/fission-all/templates/_fission-kubernetes-roles.tpl#L77
https://github.com/fission/fission/blob/main/charts/fission-all/templates/_fission-kubernetes-roles.tpl#L206
Describe the solution you'd like
As I could not find the reason in the code the delete permission is requested, I would like to get this removed. Therefore the events permission should be separated from the pods, services etc to not include the delete permission.
Describe alternatives you've considered
Alternatively the delete permission could be made optional and the code follows this similar to the executor.serviceAccountCheck.enabled could help, but as of now I would not know which part of the code tries to delete events.
Additional context
The text was updated successfully, but these errors were encountered: