You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
I am currently configuring the solr-operator which uses the zookeeper-operator as a dependency. Upon reviewing the RBAC that both operators are creating I noted that they create ClusterRole/ClusterRoleBinding with fairly wide-ranging permissions.
I noticed when configuring the watchNamespaces variable in the solr-operator helm chart that it switched the ClusterRole/ClusterRoleBinding for namespaced Role/RoleBinding for the namespaces specified in the variable. Which makes the permissions the operator has much more restricted. (it looks like these changes were implemented in apache/solr-operator#124)
I noticed that zookeeper-operator has a similarly named watchNamespace variable in the helm chart which looks like it provides a similar functionality.
Would it be possible to implement a similar change to the RBAC in the zookeeper-operator?
Importance
should-have.
Location
helm chart.
Suggestions for an improvement
Implement RBAC helm chart templates similarly to the solr-operator. Also change watchNamespace variable to watchNamespaces.
I am happy to provide a contribution if this is something that would work & be accepted.
The text was updated successfully, but these errors were encountered:
Description
I am currently configuring the solr-operator which uses the zookeeper-operator as a dependency. Upon reviewing the RBAC that both operators are creating I noted that they create ClusterRole/ClusterRoleBinding with fairly wide-ranging permissions.
I noticed when configuring the
watchNamespacesvariable in the solr-operator helm chart that it switched the ClusterRole/ClusterRoleBinding for namespaced Role/RoleBinding for the namespaces specified in the variable. Which makes the permissions the operator has much more restricted. (it looks like these changes were implemented in apache/solr-operator#124)I noticed that zookeeper-operator has a similarly named
watchNamespacevariable in the helm chart which looks like it provides a similar functionality.Would it be possible to implement a similar change to the RBAC in the zookeeper-operator?
Importance
should-have.
Location
helm chart.
Suggestions for an improvement
Implement RBAC helm chart templates similarly to the solr-operator. Also change
watchNamespacevariable towatchNamespaces.I am happy to provide a contribution if this is something that would work & be accepted.
The text was updated successfully, but these errors were encountered: