Limit rbac privileges for certmanager-issuer
Removes cluster-admin from the service account and limits issuer CRD rights to the namespace.
In order to avoid needing a ClusterRole
with read access to CRDs, this changes the script to retry the Issuer
patch until it succeeds without waiting for the CRD (since we no longer have permission to check if the CRD exists).
Closes #543 (closed)
Edited by Corey O'Brien