fixed role and non-existing-kind#14
fixed role and non-existing-kind#14VedantMahabaleshwarkar wants to merge 1 commit intoapache:masterfrom
Conversation
| kind: Kustomization | ||
| images: | ||
| - name: controller | ||
| newName: quay.io/vedantm/airflow-operator |
There was a problem hiding this comment.
@kaxil - This would benefit from a recommended docker registry for hosting airflow related docker images.
There was a problem hiding this comment.
Ah yes this shouldn't be in the PR, my bad.
| // +kubebuilder:rbac:groups=storage.k8s.io,resources=storageclasses,verbs=get;list;watch;create;update;patch;delete | ||
|
|
||
| // +kubebuilder:rbac:groups=airflow.apache.org,resources=airflowclusters,verbs=get;list;watch;create;update;patch;delete | ||
| // +kubebuilder:rbac:groups=airflow.apache.org,resources=airflowclusters;airflowclusters/finalizers,verbs=get;list;watch;create;update;patch;delete |
There was a problem hiding this comment.
what is this finalizers subresource ? Is that a standard one ?
There was a problem hiding this comment.
It is standard for OpenShift, so that it is able to add ownerReferences to the owned resources. It will do no harm when deployed on Kubernetes
| rules: | ||
| - resources: | ||
| - apiGroups: | ||
| - "" |
There was a problem hiding this comment.
This fixes things for Openshift clusters. Kubernetes allows an empty apiGroups field but Openshift does not. Figured that adding it wouldn't hurt because everything will work on Kubernetes just the same even after the change.
There was a problem hiding this comment.
Yup, basically validation fails on OpenShift because it uses a bit tighter model
| # Refer to https://github.com/GoogleContainerTools/distroless for more details | ||
| FROM gcr.io/distroless/static:nonroot | ||
| WORKDIR / | ||
| COPY templates/ templates/ |
There was a problem hiding this comment.
Does this suffice ? I saw permission denied
There was a problem hiding this comment.
@VedantMahabaleshwarkar can you confirm?
I believe this is it, it worked for us...where did you see permission denied?
There was a problem hiding this comment.
I didn't see permission denied anywhere. Before the change the Custom Resource had the error Missing templates/*, no such file or directory and adding this line fixed the error.
|
@VedantMahabaleshwarkar could you please rebase onto actual master? We've introduced some static code checks: |
VedantMahabaleshwarkar
force-pushed
the
bug/fix-kind-and-role
branch
from
8caf2dd to
5874f26
Compare
@turbaszek I have rebased my PR |
VedantMahabaleshwarkar
force-pushed
the
bug/fix-kind-and-role
branch
from
5749941 to
0232325
Compare
4 participants
This is a PR related to the issue mentioned here : #13