timsn commented on code in PR #857:
URL:
https://github.com/apache/flink-kubernetes-operator/pull/857#discussion_r1699592335
##########
helm/flink-kubernetes-operator/templates/rbac.yaml:
##########
@@ -61,26 +59,20 @@ rules:
- update
- patch
- delete
+ - deletecollection
- apiGroups:
- - extensions
+ - apps
resources:
- - deployments
- - ingresses
+ - deployments/scale
verbs:
- get
- - list
- - watch
- - create
- update
- patch
- - delete
- apiGroups:
- flink.apache.org
resources:
- flinkdeployments
- - flinkdeployments/finalizers
Review Comment:
I'm not the best to judge this. But at least from my point of view the
"/finializers" resources are also making trouble with the deployment because it
looks like the resources do not exist and (like mentioned above) Kyverno is
blocking our deployment because it cannot add verbs to non existing resources.
That's at least how I understand it.
Here is the output of available resources on our cluster for the flink
operator:
```
API Resource Verbs
flink.apache.org flinkdeployments
delete,deletecollection,get,list,patch,create,update,watch
flink.apache.org flinkdeployments/status get,patch,update
flink.apache.org flinkdeployments/scale get,patch,update
flink.apache.org flinksessionjobs
delete,deletecollection,get,list,patch,create,update,watch
flink.apache.org flinksessionjobs/status get,patch,update
```
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
