This is an automated email from the ASF dual-hosted git repository.
liuxun pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/submarine.git
The following commit(s) were added to refs/heads/master by this push:
new 0fa1e22 SUBMARINE-849. RBAC for submarine operator events
0fa1e22 is described below
commit 0fa1e22c8d29150e79e68702f84be1b085609640
Author: Kai-Hsun Chen <[email protected]>
AuthorDate: Wed Jun 9 00:13:03 2021 +0800
SUBMARINE-849. RBAC for submarine operator events
### What is this PR for?
The error message is shown in the attachment. To reproduce the error
message, run operator in-cluster.
<img width="1440" alt="ζͺε 2021-06-08 δΈε11 51 57"
src="https://user-images.githubusercontent.com/20109646/121221652-5c1eeb80-c8b8-11eb-938b-6f9dc8f2b2be.png";>
### What type of PR is it?
[Bug Fix]
### Todos
### What is the Jira issue?
https://issues.apache.org/jira/browse/SUBMARINE-849
### How should this be tested?
```
# Step1: Build image "submarine-operator" to minikube's Docker
eval $(minikube docker-env)
make image
# Step2: RBAC (ClusterRole, ClusterRoleBinding, and ServiceAccount)
kubectl apply -f artifacts/examples/submarine-operator-service-account.yaml
# Step3: Deploy a submarine-operator
kubectl apply -f artifacts/examples/submarine-operator.yaml
# Step4: Deploy a submarine
kubectl create ns submarine-admin
kubectl apply -n submarine-admin -f
artifacts/examples/example-submarine.yaml
# Step5: Inspect submarine-operator POD logs
kubectl logs -f ${submarine-operator POD}
# Step6: The operator will create a new namespace "submarine-user-test"
kubectl get all -n submarine-user-test
# Step7: port-forwarding
kubectl port-forward --address 0.0.0.0 -n submarine-user-test
service/traefik 32080:80
# Step8: View workbench (127.0.0.1:32080) with your web browser
# Step9: Delete:
# (1) Remove all relevant Helm chart releases
# (2) Remove all resources in the namespace "submariner-user-test"
# (3) Remove all non-namespaced resources (Ex: PersistentVolume) created
by client-go API
# (4) **Note:** The namespace "submarine-admin" will not be deleted
kubectl delete submarine example-submarine -n submarine-admin
# Step10: Delete "submarine-operator"
kubectl delete deployment submarine-operator-demo
```
### Screenshots (if appropriate)
https://user-images.githubusercontent.com/20109646/121222021-bddf5580-c8b8-11eb-9158-92acf1d96c34.mov
### Questions:
* Do the license files need updating? No
* Are there breaking changes for older versions? No
* Does this need new documentation? No
Author: Kai-Hsun Chen <[email protected]>
Signed-off-by: Liu Xun <[email protected]>
Closes #601 from kevin85421/SUBMARINE-849 and squashes the following
commits:
6f0523f [Kai-Hsun Chen] SUBMARINE-849. RBAC for events
---
.../artifacts/examples/submarine-operator-service-account.yaml | 1 +
1 file changed, 1 insertion(+)
diff --git
a/submarine-cloud-v2/artifacts/examples/submarine-operator-service-account.yaml
b/submarine-cloud-v2/artifacts/examples/submarine-operator-service-account.yaml
index 4eafbe0..a625be5 100644
---
a/submarine-cloud-v2/artifacts/examples/submarine-operator-service-account.yaml
+++
b/submarine-cloud-v2/artifacts/examples/submarine-operator-service-account.yaml
@@ -59,6 +59,7 @@ rules:
- persistentvolumes
- persistentvolumeclaims
- pods/portforward
+ - events
verbs:
- "*"
- apiGroups:
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
![https://user-images.githubusercontent.com/20109646/121221652-5c1eeb80-c8b8-11eb-938b-6f9dc8f2b2be.png"](https://user-images.githubusercontent.com/20109646/121221652-5c1eeb80-c8b8-11eb-938b-6f9dc8f2b2be.png"){kind=link}