Join GitHub today
GitHub is home to over 28 million developers working together to host and review code, manage projects, and build software together.Sign up
[DO NOT MERGE] Create basic RBAC permissions for KubeVirt #322
Make sure that KubeVirt can run on Kubernetes instances where RBAC is
This does not at all provide a more secure way to run KubeVirt. It's
The depolyment can be properly secured, as soon as we have movedm from
Signed-off-by: Roman Mohr firstname.lastname@example.org
any more word on this?
I think it's really important that we start working with RBAC now for each of our components.
With RBAC limited to exactly what each component consumes, it means we have to be explicit about any new capabilities that are being added to a component. This will make it obvious when we try to give a component access to cluster capabilities it really shouldn't have access to.
Ok, so the latest state on this is, that everything works when starting VMs, ... by hand. However functional tests currently don't start because of a permission error. Will look into it as soon as I can. But someone else can pick it up too. Also @admiyo confirmed that he could practically unchanged use this PR on OpenShift during his investigations.