Skip to content

Commit

Permalink
fix: permissions to list groups in webhook-server (#412)
Browse files Browse the repository at this point in the history
  • Loading branch information
@royhadad
royhadad authored Jul 6, 2023
1 parent d6e3505 commit 9162c53
Show file tree
Hide file tree
Showing 2 changed files with 6 additions and 7 deletions.
7 changes: 6 additions & 1 deletion charts/datree-admission-webhook/templates/clusterrole.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -8,12 +8,17 @@ metadata:
annotations: {{ toYaml . | nindent 4 }}
{{- end }}
rules:
- apiGroups:
- "user.openshift.io"
resources:
- "groups"
verbs:
- "list"
- apiGroups:
- ""
resources:
- "nodes"
- "namespaces"
- "groups"
verbs:
- "get"
- "list"
Expand Down
6 changes: 0 additions & 6 deletions pkg/k8sMetadataUtil/k8sMetadataUtil.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -167,17 +167,11 @@ func (k8sMetadataUtil *K8sMetadataUtil) GetClusterUuid() (k8sTypes.UID, error) {
if k8sMetadataUtil.CreateClientSetError != nil {
return "", k8sMetadataUtil.CreateClientSetError
} else {
// test
result := k8sMetadataUtil.ClientSet.CoreV1().RESTClient().Get().Resource("groups").Do(context.Background())
fmt.Println(result.Get())
// test

clusterMetadata, err := k8sMetadataUtil.ClientSet.CoreV1().Namespaces().Get(context.TODO(), "kube-system", metav1.GetOptions{})
if err != nil {
return "", err
}
ClusterUuid = clusterMetadata.UID
fmt.Println("cluster uuid: ", ClusterUuid)
}

return ClusterUuid, nil
Expand Down

0 comments on commit 9162c53

Please sign in to comment.