Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[v2.7] fix cis operator permission #3287

Merged

Conversation

vardhaman22
Copy link
Contributor

@vardhaman22 vardhaman22 commented Dec 29, 2023

Issue:

https://github.com/rancherlabs/rancher-security/issues/1285

Solution

  • Add RBAC for rancher-cis-operator with create verb to access prometheusrules resource of monitoring.coreos.com api group.
  • Bump rancher-cis to v4.3.0-rc2

Testing

Engineering Testing

Manual Testing

  • Upgrade workflow v4.2.0 to v4.3.0-rc2 went successfully.
  • fresh install v4.3.0-rc2 went successfully.

Automated Testing

N/A

QA Testing Considerations

Regressions Considerations

Backporting considerations

Copy link

Validation steps

  • Ensure all container images have repository and tag on the same level to ensure that all container images are included in rancher-images.txt which are used by airgap customers.
  Ex:- 
    longhorn-controller:
      repository: rancher/hardened-sriov-cni
      tag: v2.6.3-build20230913
  
  • Add a 👍 (thumbs up) reaction to this comment once done. CI won't pass without this reaction to the github-action bot's latest validation comment.
  • Approve the PR to run the CI check.

@vardhaman22 vardhaman22 merged commit 6bd901f into rancher:dev-v2.7 Jan 2, 2024
7 checks passed
nicholasSUSE pushed a commit to nicholasSUSE/charts that referenced this pull request Mar 21, 2024
…r-permission

[v2.7] fix cis operator permission
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

3 participants