Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Conditionally allow view secrets on ClusterRole #96

Merged
merged 1 commit into from
Jun 18, 2021
Merged

Conditionally allow view secrets on ClusterRole #96

merged 1 commit into from
Jun 18, 2021

Conversation

RedbackThomson
Copy link
Contributor

@RedbackThomson RedbackThomson commented Jun 18, 2021
edited
Loading

Issue #, if available: aws-controllers-k8s/community#745

Description of changes:
If any of the fields defined in the generator are set to is_secret: True, then add get;list;watch permissions for secrets on the controller ClusterRole

Output into cluster-role-controller.yaml:

- apiGroups:
  - ""
  resources:
  - secrets
  verbs:
  - get
  - list
  - watch

By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license.

@ack-bot ack-bot requested review from a-hilaly and vijtrip2 June 18, 2021 18:32
@RedbackThomson RedbackThomson requested a review from jaypipes June 18, 2021 18:33
jaypipes
jaypipes approved these changes Jun 18, 2021
View reviewed changes
Copy link
Collaborator

@jaypipes jaypipes left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Perfect. Thank you @RedbackThomson :)

pkg/generate/generator.go
// generator.
func (g *Generator) GetConfig() *ackgenconfig.Config {
return g.cfg
}
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

👍

@jaypipes
Copy link
Collaborator

/lgtm

@ack-bot ack-bot added the lgtm Indicates that a PR is ready to be merged. label Jun 18, 2021
@ack-bot
Copy link
Collaborator

ack-bot commented Jun 18, 2021

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: jaypipes, RedbackThomson

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Needs approval from an approver in each of these files:
  • OWNERS [RedbackThomson,jaypipes]

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

@ack-bot ack-bot merged commit 0736a4b into aws-controllers-k8s:main Jun 18, 2021
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@jaypipes jaypipes jaypipes approved these changes

@a-hilaly a-hilaly Awaiting requested review from a-hilaly

@vijtrip2 vijtrip2 Awaiting requested review from vijtrip2

Assignees

@jaypipes jaypipes

Labels
approved lgtm Indicates that a PR is ready to be merged.
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@RedbackThomson @jaypipes @ack-bot