java-operator-sdk icon indicating copy to clipboard operation
java-operator-sdk copied to clipboard

Published 20 hours ago verified publisher icon operator-framework

Update lease access check to account for lease name and multiple rules

Open MikeEdgar opened this issue 7 months ago • 5 comments

Allow the verbs required for lease access to be split between multiple rules and exclude rules that name a non-matching lease name. This allows rules such as those below to work as expected.

rules:
  - apiGroups:
      - coordination.k8s.io
    resources:
      # The "create" verb cannot be used with "resourceNames"
      - leases
    verbs:
      - create
  - apiGroups:
      - coordination.k8s.io
    resources:
      - leases
    resourceNames:
      - my-lease
    verbs:
      - get
      - list
      - watch
      - delete
      - patch
      - update

MikeEdgar avatar Jun 26 '24 00:06 MikeEdgar