From cb0d2f9d081f9fcd5a8ac915fe8ec3bd5764602c Mon Sep 17 00:00:00 2001
From: Karel Suta <ksuta@redhat.com>
Date: Mon, 5 Feb 2024 14:24:33 +0100
Subject: [PATCH] Create custom user for e2e tests with limited rights

---
 .github/workflows/e2e_tests.yaml | 16 ++++++++++++++--
 1 file changed, 14 insertions(+), 2 deletions(-)

diff --git a/.github/workflows/e2e_tests.yaml b/.github/workflows/e2e_tests.yaml
index 0786c290c..6189c864d 100644
--- a/.github/workflows/e2e_tests.yaml
+++ b/.github/workflows/e2e_tests.yaml
@@ -38,8 +38,8 @@ jobs:
       - name: Checkout common repo code
         uses: actions/checkout@v3
         with:
-          repository: 'project-codeflare/codeflare-common'
-          ref: 'main'
+          repository: 'sutaakar/codeflare-common'
+          ref: 'custom-users'
           path: 'common'
 
       - name: Set Go
@@ -67,6 +67,18 @@ jobs:
           echo Setting up CodeFlare stack
           make setup-e2e
 
+      - name: Add experimental user to KinD
+        uses: ./common/github-actions/kind-add-user
+        with:
+          user-name: experiment
+
+      - name: Configure RBAC for experiment user to use edit role with namespaces
+        run: |
+          kubectl create clusterrolebinding experiment-edit --clusterrole=edit --user=experiment
+          kubectl create clusterrole namespace-creator --verb=get,list,create,delete,patch --resource=namespaces
+          kubectl create clusterrolebinding experiment-namespace-creator --clusterrole=namespace-creator --user=experiment
+          kubectl config use-context experiment
+
       - name: Run e2e tests
         run: |
           export CODEFLARE_TEST_TIMEOUT_SHORT=1m