Skip to content

Commit

Permalink
Grant e2e sa ScyllaCluster member permissions so it can grant them
Browse files Browse the repository at this point in the history 
further
  • Loading branch information
@tnozicka
tnozicka committed Dec 27, 2024
1 parent 8350450 commit ed87226
Showing 1 changed file with 21 additions and 0 deletions.
21 changes: 21 additions & 0 deletions test/e2e/framework/framework.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -351,6 +351,27 @@ func CreateUserNamespace(ctx context.Context, clusterName string, labels map[str
}, metav1.CreateOptions{})
o.Expect(err).NotTo(o.HaveOccurred())

// Grant it permission needed for ScyllaClusters
_, err = adminClient.RbacV1().RoleBindings(ns.Name).Create(ctx, &rbacv1.RoleBinding{
ObjectMeta: metav1.ObjectMeta{
Name: userSA.Name + "-scyllacluster-member",
},
Subjects: []rbacv1.Subject{
{
APIGroup: corev1.GroupName,
Kind: rbacv1.ServiceAccountKind,
Namespace: userSA.Namespace,
Name: userSA.Name,
},
},
RoleRef: rbacv1.RoleRef{
APIGroup: rbacv1.GroupName,
Kind: "ClusterRole",
Name: "scyllacluster-member",
},
}, metav1.CreateOptions{})
o.Expect(err).NotTo(o.HaveOccurred())

// Create a service account token Secret for the user ServiceAccount.
userSATokenSecret, err := adminClient.CoreV1().Secrets(ns.Name).Create(ctx, &corev1.Secret{
ObjectMeta: metav1.ObjectMeta{
Expand Down

0 comments on commit ed87226

Please sign in to comment.