You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Hello folks,
I am trying to validate the full e2e testing framework locally but am I having an issue with Smoke and AWS test.
Once the pods are up and running the following error appears in the POD log:
E1230 07:34:13.075110 1 reflector.go:127] pkg/mod/k8s.io/[email protected]/tools/cache/reflector.go:156: Failed to watch *v1.Secret: failed to list *v1.Secret: secrets is forbidden: User "system:serviceaccount:e2e-smoke-c8f7e541-1805-4065-8d2f-8a7433cb1a73:secret-manager-smoke" cannot list resource "secrets" in API group "" at the cluster scope
In order to let it work I had to add the brand new serviceaccounts (secret-manager-smoke and secret-manager-aws), created at namespace level, into permissive-binding clusterrolebinding as they lack cluster-wide permissions.
I am not sure to understand where/how the service accounts are created and I'm wondering why the automatic build on this repo does not get affected by this issue.
Can you please give me any hint?
The text was updated successfully, but these errors were encountered:
Hello folks,
I am trying to validate the full e2e testing framework locally but am I having an issue with Smoke and AWS test.
Once the pods are up and running the following error appears in the POD log:
E1230 07:34:13.075110 1 reflector.go:127] pkg/mod/k8s.io/[email protected]/tools/cache/reflector.go:156: Failed to watch *v1.Secret: failed to list *v1.Secret: secrets is forbidden: User "system:serviceaccount:e2e-smoke-c8f7e541-1805-4065-8d2f-8a7433cb1a73:secret-manager-smoke" cannot list resource "secrets" in API group "" at the cluster scope
In order to let it work I had to add the brand new serviceaccounts (secret-manager-smoke and secret-manager-aws), created at namespace level, into permissive-binding clusterrolebinding as they lack cluster-wide permissions.
I am not sure to understand where/how the service accounts are created and I'm wondering why the automatic build on this repo does not get affected by this issue.
Can you please give me any hint?
The text was updated successfully, but these errors were encountered: