New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
#872 Add certificates and issuers to aggregated RBAC #902
Conversation
…view, edit and admin ClusterRoles. Signed-off-by: William Lightning <wlightning@fuelmedical.com>
/ok-to-test |
Signed-off-by: William Lightning <wlightning@fuelmedical.com>
/retest |
1be479d
to
dbb174b
Compare
Signed-off-by: William Lightning <wlightning@fuelmedical.com>
dbb174b
to
9b66858
Compare
This now has the deploy manifests updated, removed the relavent note from the top description. |
Thanks for the detailed steps to test this - if we want to automate checks here, we'll need to actually write the test into part of our e2e pipeline. Feel free to give this a go - I think we do provide provisions to just run kubectl using our e2e framework. See ./test/e2e for some examples. That said, I am happy to accept this as is for now if you would like to follow up with tests later! |
I'd like to go ahead and give writing an e2e test for it a go. So I'll work on that today. |
9321fda
to
a7c6e49
Compare
Signed-off-by: William Lightning <wlightning@fuelmedical.com>
f0ade5a
to
d22a62d
Compare
Signed-off-by: William Lightning <wlightning@fuelmedical.com>
Thanks very much for putting those tests together! This looks good to me 😄 I will add lgtm and approved labels, but also add 'hold' just in case there's anything else you had meant to add. You can merge this when you are ready with /lgtm |
[APPROVALNOTIFIER] This PR is APPROVED This pull-request has been approved by: munnerz The full list of commands accepted by this bot can be found here. The pull request process is described here
Needs approval from an approver in each of these files:
Approvers can indicate their approval by writing |
@munnerz Glad to get feedback. I plan to expand these beyond certificates, to cover issuers. I did have questions regarding the following.
|
…, so we're not defining it on every it Signed-off-by: William Lightning <wlightning@fuelmedical.com>
…st to test framework util Signed-off-by: William Lightning <wlightning@fuelmedical.com>
Signed-off-by: William Lightning <wlightning@fuelmedical.com>
Signed-off-by: William Lightning <wlightning@fuelmedical.com>
1d61669
to
7d8c7dd
Compare
Okay,
Canceling do-not-merge hold, as I'm happy if the reviewers are now. |
Thanks very much for the work here! Yes there's a number of still to-do optimisations needed around e2e's (notably, we run most of our tests in parallel...) /lgtm |
What this PR does / why we need it:
This adds two permissions to the user facing RBAC roles. This allows a user with permissions to their own namespace to be able to manage their own certificates and issuers.
Which issue this PR fixes (optional, in
fixes #<issue number>(, fixes #<issue_number>, ...)
format, will close that issue when PR gets merged): fixes #872Special notes for your reviewer:
I was unable to figure out where to put tests for the chart. I'm happy to fix with some pointers. Manual test steps are below.
Manual Testing & Verification
View Access:
Edit Access:
Admin Access:
Release note: