arheom commented on issue #1125: URL: https://github.com/apache/camel-karavan/issues/1125#issuecomment-1946392505
There are 2 cases: 1. if you use devmode (run from the top right) - then the karavan service account should be used, from my understanding. You might need to update the karavan role, bound to the karavan service account, to allow get and list verbs on the secrets resources. If this is your case, not sure why you have another service account. Maybe karavan.builder.service.account=karavan could be set to the kubernetes-application.properties, but I assume thats for the builder. 2. If you build and deploy, then you need to assign a service account to the deployment. I recommend to create a new service account, and a new role and a new binding, so every integration runs with minimum security to function correctly. This means to add to the project: role.jkube.yaml, rolebinding.jbube.yaml and deployment.jkube.yaml. Then in the deployment to define a new serviceAccountName, which you will bind to a role, like this: ``` apiVersion: rbac.authorization.k8s.io/v1 kind: Role metadata: name: myServiceAccountName namespace: myNamespace rules: - apiGroups: - "" resources: - secrets verbs: - 'get' - 'list' ``` -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: commits-unsubscr...@camel.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org