Add edit options to apiGroups at Role or ClusterRole
Hi! :D
After installing gitlab Runner, through its chart helm, I found problems in tasks of implementing new runners pods the cluster. As like the error message below:
is forbidden: User "system:serviceaccount:gitlab-runner:gitlab-runner" cannot get resource "deployments" in API group "extensions" in the namespace "gitlab-runner"
I've added the apiGroups: ["*"]
in the file values.yaml, but ClusterRole continued with the empty apiGroups string.
So, reviewing the template files, I found no way to customize the apiGroups list, being fixed as empty (apiGroups: [""]
), which tells kubernetes only the core apiGroups as pointed out quietly in the official Kuberentes documentation.
Ok! Ok! I have another problem there! In version 1.14 of kubernetes I'm using here, apiGroups extensions is no longer part of Core. As in version 1.16 "extensions / v1beta1
" will be discontinued. I will have to solve this soon! ;)
Anyway, I believe the gitlab runner chart should have editing options for which apiGroups I want to enable for RBAC. Also because it is possible to use Gitlab CI/CD for infrastructure resources such as Prometheus, Elasticsearch and any others. And many of these have CRDs with their own apiGroups.
So I made the necessary adjustments for that. If you can review and approve my Merge Request, I will be very grateful. Thanks! :)