p.s
I found that curl -k -H "Authorization: Bearer $TOKEN" -H 'Accept:
application/json' https://kubernetes.default.svc/oapi/v1/projectrequests
Gives a similar result
{
"kind": "Status",
"apiVersion": "v1",
"metadata": {},
"status": "Failure",
"message": "You may not request a new project via this API.",
"reason": "Forbidden",
"details": {
"group": "project.openshift.io",
"kind": "projectrequest"
},
"code": 403
Is there some extra permission needed to call apis with a service account?
On 3 May 2018 at 11:45, jelmer van amen <jelmervana...@gmail.com> wrote:
> Hi all,
>
> I'm trying to get arquillian-cube working from jenkins. Arquillian cube
> want's to create new namepsaces to spin up the tests. To do this, it calls
> curl -k -H "Authorization: Bearer $TOKEN" -H 'Accept:
> application/json' https://kubernetes.default.
> svc/apis/project.openshift.io/v1/projectrequests
>
> This returns:
> {
> "kind": "Status",
> "apiVersion": "v1",
> "metadata": {},
> "status": "Failure",
> "message": "You may not request a new project via this API.",
> "reason": "Forbidden",
> "details": {
> "group": "project.openshift.io",
> "kind": "projectrequest"
> },
> "code": 403
>
>
> The service user belonging to the token should have all the rights. I've
> searched the documentation and the first notice of this specific path is in
> openshift v3.7. Am I correct in thinking that this api endpoint is not
> available in openshift v3.6? Or is this still a rights problem?
>
> Kind regards,
> Jelmer
>
>
_______________________________________________
users mailing list
users@lists.openshift.redhat.com
http://lists.openshift.redhat.com/openshiftmm/listinfo/users
