You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Currently, we run the make manifests target to generate the crds, roles, webhooks for the code we have in our repo.
This generates the config/rbac/role.yaml file for the roles. Then the developer has to copy the updated/generated lines over to the right file config/hub/rbac/role.yaml or config/dr-cluster/rbac/role.yaml depending on where the +kubebuilder:rbac: lines were updated.
This is
manual
error-prone
not documented
We should make this process easier.
More details:
output one shows where we have the +kubebuilder:rbac marker lines in our code.
output two shows the current splits between dr-cluster and hub roles.
Let's start by documenting the process of adding new rbac rules. I'm sure that if you ask current developers how to do this most will fail to describe the right process.
Currently, we run the
make manifests
target to generate the crds, roles, webhooks for the code we have in our repo.This generates the
config/rbac/role.yaml
file for the roles. Then the developer has to copy the updated/generated lines over to the right fileconfig/hub/rbac/role.yaml
orconfig/dr-cluster/rbac/role.yaml
depending on where the+kubebuilder:rbac:
lines were updated.This is
We should make this process easier.
More details:
+kubebuilder:rbac
marker lines in our code.The text was updated successfully, but these errors were encountered: