-
Notifications
You must be signed in to change notification settings - Fork 21
Use global superuser (admin) to create OpenShift Projects on behalf of users #18
Comments
Existing code in question in
|
I can take a go at this tomorrow. |
I made a start on this, and I think the answer is to create a rolebinding from the user(s) to the project. This means I will need to alter the OpenShiftService to look like
At the moment I'm not sure on a couple of things:
|
TBH I'm learning as I go to so don't have insight offhand, but hey sure run with it! :) I'll take over if you get stuck/busy. |
Maybe just a bit more clearly:
And then on the impl side we can support |
ALR needs to open a discussion on this to kontinuity-dev-public and work through some technical and logistics stuff with Clayton; we will never get cluster-admin rights on Online. |
Discussion thread on this https://www.redhat.com/archives/kontinuity-dev-public/2016-April/msg00003.html |
Resurrected. Going down the OAuth route by nature of creating an OAuth client as cluster-admin for the Catapult application.
|
Now we handle this by getting auth from the user and using the user's token to execute on the OpenShift API |
Currently we log in and make projects as a user; instead we really need to, as an admin, make projects for users and grant them access.
The text was updated successfully, but these errors were encountered: