add finalizer rbac permission to the go/sample and doc steps #4162
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
camilamacedo86
changed the title
joelanford
reviewed
Nov 2, 2020
camilamacedo86
force-pushed
the
finalizer-status
branch
3 times, most recently
from
95490fa
to
1a88f85
Compare
camilamacedo86
force-pushed
the
finalizer-status
branch
from
1a88f85
to
1ca9052
Compare
joelanford
requested changes
Nov 4, 2020
Comment on lines
37
to
41
| **Note** If your cluster is a non-vanilla one then such as OpenShift then, add the RBAC finalizer permission on the `controllers/memcached_controller.go` file and run `make manifests` before continue. | ||
|
|
||
| ```go | ||
| // +kubebuilder:rbac:groups=cache.example.com,resources=memcacheds/finalizers,verbs=update | ||
| ``` |
There was a problem hiding this comment.
A couple of notes:
- We shouldn't put such specific information in the quickstart. Something like this seems more relevant to an FAQ entry (e.g. "I saw error X in my logs. How do I fix it?")
- The need for this permission is based on the OwnerReferencesPermissionEnforcement plugin, which can be enabled in any Kubernetes cluster because it is a feature of the upstream kube-apiserver. Anytime we talk about the need for this permission, we should reference that plugin, not a specific distro of Kubernetes.
There was a problem hiding this comment.
Too much better address it in the FAQ. Indeed we can give a better explanation. 👍
camilamacedo86
force-pushed
the
finalizer-status
branch
from
1ca9052
to
6716997
Compare
joelanford
reviewed
Nov 4, 2020
joelanford
reviewed
Nov 4, 2020
Co-authored-by: Joe Lanford <joe.lanford@gmail.com>
Co-authored-by: Joe Lanford <joe.lanford@gmail.com>
reinvantveer
pushed a commit
to reinvantveer/operator-sdk
that referenced
this pull request
Feb 5, 2021
…r-framework#4162) **Description of the change:** - Add the RBAC finalizer permission to allow users to test the Go sample project on OCP - See that for v3+ plugins this permission will be added by default - See that it was added as a NOTE to the quick start and by default in the tutorial in order to avoid the issue faced in operator-framework#3477 **Motivation for the change:** Closes : operator-framework#3477 Co-authored-by: Joe Lanford <joe.lanford@gmail.com> Signed-off-by: reinvantveer <rein.van.t.veer@geodan.nl>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Description of the change:
Motivation for the change:
Closes : #3477
Checklist
If the pull request includes user-facing changes, extra documentation is required:
changelog/fragments(seechangelog/fragments/00-template.yaml)website/content/en/docs