Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

🐛 Reduce permission for cluster manager and klusterlet #325

Conversation

qiujian16
Copy link
Member

@qiujian16 qiujian16 commented Nov 29, 2023

@openshift-ci openshift-ci bot requested review from deads2k and jnpacker November 29, 2023 09:59
Copy link
Contributor

openshift-ci bot commented Nov 29, 2023

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: qiujian16

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Needs approval from an approver in each of these files:

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

Copy link

codecov bot commented Nov 29, 2023

Codecov Report

All modified and coverable lines are covered by tests ✅

Comparison is base (4a1a890) 61.76% compared to head (ea05bb9) 61.73%.
Report is 1 commits behind head on main.

Additional details and impacted files
@@            Coverage Diff             @@
##             main     #325      +/-   ##
==========================================
- Coverage   61.76%   61.73%   -0.04%     
==========================================
  Files         132      132              
  Lines       13989    13992       +3     
==========================================
- Hits         8641     8638       -3     
- Misses       4583     4587       +4     
- Partials      765      767       +2     
Flag Coverage Δ
unit 61.73% <ø> (-0.04%) ⬇️

Flags with carried forward coverage won't be shown. Click here to find out more.

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

@qiujian16 qiujian16 force-pushed the reduce-permission branch 4 times, most recently from 3b2bb6c to 2a2e995 Compare November 30, 2023 07:11
Signed-off-by: Jian Qiu <jqiu@redhat.com>
@zhiweiyin318
Copy link
Member

/lgtm

@openshift-ci openshift-ci bot added the lgtm label Nov 30, 2023
@openshift-merge-bot openshift-merge-bot bot merged commit 7ceb9a2 into open-cluster-management-io:main Nov 30, 2023
13 checks passed
@qiujian16 qiujian16 deleted the reduce-permission branch November 30, 2023 13:48
@sparkEchooo
Copy link

sparkEchooo commented Dec 4, 2023

Thanks for your reply!
The fixes is effective.
By the way, if it's a real issue and has been fixed, can I get a CVE-number:)
Looking forward to your reply!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Development

Successfully merging this pull request may close these issues.

A potential risk of operator makes a worker node get the token of any Service Account
3 participants