Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
The initial ask was to clarify "if the entries in the table is for Installer or after-install operations or both". I don't think the above statement answers the question, could you please clarify? Thanks!
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@jianli-wei Do you have any suggestions for the text? My understanding is that these roles are required to configure a GCP project which is done prior to installing OCP.
Uh oh!
There was an error while loading. Please reload this page.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@sagidlow Sorry, it's not for configuring a GCP project, because the GCP projects (one as service project and another as host project) should have been created before OCP installation. As for the initial ask, i.e. "if the entries in the table is for Installer or after-install operations or both", sorry that I cannot answer for sure even after discussing with other QEs. We guess, the Day-1 and Day-2 operations may require the same set of roles, in terms of the control plane and compute machines. @patrickdillon Would you please advise? Thanks!
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Personally, I don't think the bug is valid. It says "As it is written now, it is not clear if the entries in the table is for Installer or after-install operations or both." The doc clearly states: " To deploy an {product-title} cluster, the service
account requires the following permissions."
So yes, it is a requirement for deployment. We have separate sections which also talk about permissions required to operate the cluster. I think https://bugzilla.redhat.com/show_bug.cgi?id=1961399 is NOTABUG
Asa a side note, when reviewing this, I noticed "The roles are applied to the service accounts that the control plane and compute machines use." This is not accurate. It could simply be removed.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@jianli-wei, are you ok with us closing this issue as NOTABUG?