Fix #1107: added roles and regen

addons/keda/keda.go

@@ -123,7 +123,6 @@ func (t *kedaTrait) Configure(e *trait.Environment) (bool, error) {
 
 	if t.Auto == nil || *t.Auto {
 		if err := t.populateTriggersFromKamelets(e); err != nil {
-			// TODO: set condition
 			return false, err
 		}
 	}

config/rbac/kustomization.yaml

@@ -26,10 +26,12 @@ resources:
 - operator-role-events.yaml
 - operator-role-knative.yaml
 - operator-role.yaml
+- operator-role-keda.yaml
 - operator-role-leases.yaml
 - operator-role-podmonitors.yaml
 - operator-role-strimzi.yaml
 - operator-role-binding-events.yaml
+- operator-role-binding-keda.yaml
 - operator-role-binding-knative.yaml
 - operator-role-binding-leases.yaml
 - operator-role-binding-podmonitors.yaml

config/rbac/operator-role-binding-keda.yaml

@@ -0,0 +1,30 @@
+# ---------------------------------------------------------------------------
+# Licensed to the Apache Software Foundation (ASF) under one or more
+# contributor license agreements.  See the NOTICE file distributed with
+# this work for additional information regarding copyright ownership.
+# The ASF licenses this file to You under the Apache License, Version 2.0
+# (the "License"); you may not use this file except in compliance with
+# the License.  You may obtain a copy of the License at
+#
+#      http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+# ---------------------------------------------------------------------------
+
+kind: RoleBinding
+apiVersion: rbac.authorization.k8s.io/v1
+metadata:
+  name: camel-k-operator-keda
+  labels:
+    app: "camel-k"
+subjects:
+- kind: ServiceAccount
+  name: camel-k-operator
+roleRef:
+  kind: Role
+  name: camel-k-operator-keda
+  apiGroup: rbac.authorization.k8s.io

config/rbac/operator-role-keda.yaml

@@ -0,0 +1,38 @@
+# ---------------------------------------------------------------------------
+# Licensed to the Apache Software Foundation (ASF) under one or more
+# contributor license agreements.  See the NOTICE file distributed with
+# this work for additional information regarding copyright ownership.
+# The ASF licenses this file to You under the Apache License, Version 2.0
+# (the "License"); you may not use this file except in compliance with
+# the License.  You may obtain a copy of the License at
+#
+#      http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+# ---------------------------------------------------------------------------
+
+kind: Role
+apiVersion: rbac.authorization.k8s.io/v1
+metadata:
+  name: camel-k-operator-keda
+  labels:
+    app: "camel-k"
+rules:
+- apiGroups:
+  - "keda.sh"
+  resources:
+  - scaledobjects
+  - triggerauthentications
+  verbs:
+  - create
+  - delete
+  - deletecollection
+  - get
+  - list
+  - patch
+  - update
+  - watch

docs/modules/traits/pages/keda.adoc

@@ -70,6 +70,8 @@ The following configuration options are available:
 | []github.com/apache/camel-k/addons/keda.kedaTrigger
 | Definition of triggers according to the KEDA format. Each trigger must contain `type` field corresponding
 to the name of a KEDA autoscaler and a key/value map named `metadata` containing specific trigger options.
+An optional `authentication-secret` can be declared per trigger and the operator will link each entry of
+the secret to a KEDA authentication parameter.
 
 |===
 

pkg/install/operator.go

@@ -256,6 +256,13 @@ func OperatorOrCollect(ctx context.Context, c client.Client, cfg OperatorConfigu
 		fmt.Println("Warning: the operator will not be able to publish Kubernetes events. Try installing as cluster-admin to allow it to generate events.")
 	}
 
+	if errmtr := installKedaBindings(ctx, c, cfg.Namespace, customizer, collection, force); errmtr != nil {
+		if k8serrors.IsAlreadyExists(errmtr) {
+			return errmtr
+		}
+		fmt.Println("Warning: the operator will not be able to create KEDA resources. Try installing as cluster-admin.")
+	}
+
 	if errmtr := installPodMonitors(ctx, c, cfg.Namespace, customizer, collection, force); errmtr != nil {
 		if k8serrors.IsAlreadyExists(errmtr) {
 			return errmtr
@@ -393,6 +400,13 @@ func installOperator(ctx context.Context, c client.Client, namespace string, cus
 	)
 }
 
+func installKedaBindings(ctx context.Context, c client.Client, namespace string, customizer ResourceCustomizer, collection *kubernetes.Collection, force bool) error {
+	return ResourcesOrCollect(ctx, c, namespace, collection, force, customizer,
+		"/rbac/operator-role-keda.yaml",
+		"/rbac/operator-role-binding-keda.yaml",
+	)
+}
+
 func installKnative(ctx context.Context, c client.Client, namespace string, customizer ResourceCustomizer, collection *kubernetes.Collection, force bool) error {
 	return ResourcesOrCollect(ctx, c, namespace, collection, force, customizer,
 		"/rbac/operator-role-knative.yaml",

resources/traits.yaml

@@ -622,7 +622,9 @@ traits:
     type: '[]github.com/apache/camel-k/addons/keda.kedaTrigger'
     description: Definition of triggers according to the KEDA format. Each trigger
       must contain `type` field correspondingto the name of a KEDA autoscaler and
-      a key/value map named `metadata` containing specific trigger options.
+      a key/value map named `metadata` containing specific trigger options.An optional
+      `authentication-secret` can be declared per trigger and the operator will link
+      each entry ofthe secret to a KEDA authentication parameter.
 - name: knative-service
   platform: false
   profiles: