This repository was archived by the owner on May 28, 2021. It is now read-only.
This repository was archived by the owner on May 28, 2021. It is now read-only.
RBAC for Events missing #136
Closed
Description
Both the mysql-agent and mysql-operator [Cluster]Roles need permissions to manipulate Events.
I0613 10:42:39.149403 1 event.go:218] Event(v1.ObjectReference{Kind:"Cluster", Namespace:"mysql-operator-e2e-tests-cluster-creation-w25v9", Name:"basic-twenty-eight-char-name", UID:"3809616b-6ef6-11e8-bd71-020017000bef", APIVersion:"mysql.oracle.com", ResourceVersion:"1315947", FieldPath:""}): type: 'Normal' reason: 'Synced' Cluster synced successfully
E0613 10:42:39.150712 1 event.go:200] Server rejected event '&v1.Event{TypeMeta:v1.TypeMeta{Kind:"", APIVersion:""}, ObjectMeta:v1.ObjectMeta{Name:"basic-twenty-eight-char-name.1537b21e47f1a6da", GenerateName:"", Namespace:"mysql-operator-e2e-tests-cluster-creation-w25v9", SelfLink:"", UID:"", ResourceVersion:"", Generation:0, CreationTimestamp:v1.Time{Time:time.Time{wall:0x0, ext:0, loc:(*time.Location)(nil)}}, DeletionTimestamp:(*v1.Time)(nil), DeletionGracePeriodSeconds:(*int64)(nil), Labels:map[string]string(nil), Annotations:map[string]string(nil), OwnerReferences:[]v1.OwnerReference(nil), Initializers:(*v1.Initializers)(nil), Finalizers:[]string(nil), ClusterName:""}, InvolvedObject:v1.ObjectReference{Kind:"Cluster", Namespace:"mysql-operator-e2e-tests-cluster-creation-w25v9", Name:"basic-twenty-eight-char-name", UID:"3809616b-6ef6-11e8-bd71-020017000bef", APIVersion:"mysql.oracle.com", ResourceVersion:"1315947", FieldPath:""}, Reason:"Synced", Message:"Cluster synced successfully", Source:v1.EventSource{Component:"mysql-operator", Host:""}, FirstTimestamp:v1.Time{Time:time.Time{wall:0xbec05b0a663a4cda, ext:2030840935, loc:(*time.Location)(0x1bbc880)}}, LastTimestamp:v1.Time{Time:time.Time{wall:0xbec05b27c8e5f9a3, ext:119538775338, loc:(*time.Location)(0x1bbc880)}}, Count:8, Type:"Normal", EventTime:v1.MicroTime{Time:time.Time{wall:0x0, ext:0, loc:(*time.Location)(nil)}}, Series:(*v1.EventSeries)(nil), Action:"", Related:(*v1.ObjectReference)(nil), ReportingController:"", ReportingInstance:""}': 'events "basic-twenty-eight-char-name.1537b21e47f1a6da" is forbidden: User "system:serviceaccount:mysql-operator-e2e-tests-cluster-creation-w25v9:mysql-operator" cannot patch events in the namespace "mysql-operator-e2e-tests-cluster-creation-w25v9"' (will not retry!)