awx-operator
awx-operator copied to clipboard
aws operator 2.7.2 helm chart namespaced options?
Please confirm the following
- [X] I agree to follow this project's code of conduct.
- [X] I have checked the current issues for duplicates.
- [X] I understand that the AWX Operator is open source software provided for free and that I might not receive a timely response.
Bug Summary
I am trying to deploy namespaced operator via helm chart but it keeps creating clusterroles, clusterrolebindings, etc, which we do not want.
Per #541 this should be possible:
This PR has been updated to move the awx-operator from a cluster-scoped operator to a namespace-scoped operator. At a high level this means only Roles for service accounts, no ClusterRoles, and it also means that operators & AWX deployments will have a 1-to-1 relationship.
Yet I cannot figure out the correct values.yaml
.
AWX Operator version
2.7.2
AWX version
latest
Kubernetes platform
Rancher 2.7
Kubernetes/Platform version
1.24.10
Modifications
no
Steps to reproduce
wget https://github.com/ansible/awx-operator/releases/download/2.7.2/awx-operator-2.7.2.tgz
helm upgrade --install -v8 -n ti-ansible-awx ti-ansible-awx ./awx-operator-2.7.2.tgz -f myvalues.yaml
---
AWX:
enabled: true
spec:
image_version: 2.7.2
Expected results
installs without need for clusterrolebindings
Actual results
creates clusterroles, clusterrolebinding, and fails:
I1108 12:44:03.813284 25185 request.go:1188] Response Body: {"kind":"Status","apiVersion":"v1","metadata":{},"status":"Failure","message":"awxs.awx.ansible.com \"awx\" is forbidden: User \"u-ouq5l5qa3n\" cannot get resource \"awxs\" in API group \"awx.ansible.com\" in the namespace \"ti-ansible-awx\"","reason":"Forbidden","details":{"name":"awx","group":"awx.ansible.com","kind":"awxs"},"code":403}
Error: rendered manifests contain a resource that already exists. Unable to continue with install: could not get information about the resource AWX "awx" in namespace "ti-ansible-awx": awxs.awx.ansible.com "awx" is forbidden: User "u-ouq5l5qa3n" cannot get resource "awxs" in API group "awx.ansible.com" in the namespace "ti-ansible-awx"
Additional information
Operator Logs
No response