Limit rbac privileges for certmanager-issuer (!352) · Merge requests · GitLab.org / charts / GitLab Chart

Dave Konopka requested to merge 543-certmanager-issuer-rbac into master Jun 22, 2018

Removes cluster-admin from the service account and limits issuer CRD rights to the namespace.

In order to avoid needing a ClusterRole with read access to CRDs, this changes the script to retry the Issuer patch until it succeeds without waiting for the CRD (since we no longer have permission to check if the CRD exists).

Closes #543 (closed)

Edited Jun 25, 2018 by Corey O'Brien

Limit rbac privileges for certmanager-issuer

Merge request reports