-
Notifications
You must be signed in to change notification settings - Fork 233
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Jenkins has insufficient RBAC permissions #359
Comments
Hi @Nuru, By default operator configures the Jenkins Kubernetes plugin for you and it should work out of the box. This is https://itnext.io/utilize-jenkins-in-an-auto-scaling-kubernetes-deployment-on-amazon-eks-with-spot-instances-f9159df00aee#6074 configured by the operator. What version of the Kubernetes plugin did you use? I think the new version may require more permissions. By default Jenkins master have the permissions described here. Cheers |
@tomaszsek I used the Kubernetes plugin that was installed automatically (I did not specify the plugin at all), which was version 1.25.2. I certainly agree it should "work out of the box", but it didn't, which is why I opened this issue. The link you provided showing the Jenkins master permissions does not include the permission in question, which is "watch" on "events". |
I've reproduced the error but even with If you still can't run a job with Kubernetes plugin I think the problem is somewhere else. We will try to narrow the issue. The full logs from the job run and Jenkins might be very useful. |
Yes, there were other issues preventing the agent launch. Jenkins can launch agents without this permission, but I think it fails at monitoring them in some way, like detecting that new agents have launched before they check in. |
@tomaszsek @akram Is there a timeline for when these fixes will make it to a release? |
Any updates on timelines? |
Expected Behavior
Jenkins is given all needed RBAC permissions
Actual Behavior
Jenkins log indicates an error while launching remote agent using Kubernetes plugin
Steps to Reproduce the Problem
The text was updated successfully, but these errors were encountered: