fix(install): namespaced openshift resources

Author: squakez

pkg/install/operator.go

@@ -467,13 +467,13 @@ func installClusterRoleBinding(ctx context.Context, c client.Client, collection
 func installOpenShiftRoles(ctx context.Context, c client.Client, namespace string, customizer ResourceCustomizer, collection *kubernetes.Collection, force bool, global bool) error {
 	if global {
 		return ResourcesOrCollect(ctx, c, namespace, collection, force, customizer,
-			"/config/rbac/openshift/descoped/operator-cluster-role-openshift.yaml",
-			"/config/rbac/openshift/descoped/operator-cluster-role-binding-openshift.yaml",
+			"/config/rbac/descoped/operator-cluster-role-openshift.yaml",
+			"/config/rbac/descoped/operator-cluster-role-binding-openshift.yaml",
 		)
 	} else {
 		return ResourcesOrCollect(ctx, c, namespace, collection, force, customizer,
-			"/config/rbac/openshift/namespaced/operator-role-openshift.yaml",
-			"/config/rbac/openshift/namespaced/operator-role-binding-openshift.yaml",
+			"/config/rbac/namespaced/operator-role-openshift.yaml",
+			"/config/rbac/namespaced/operator-role-binding-openshift.yaml",
 		)
 	}
 }

pkg/resources/config/rbac/namespaced/operator-cluster-role-console-binding-openshift.yaml pkg/resources/config/rbac/namespaced/operator-role-binding-openshift.yaml

@@ -15,16 +15,16 @@
 # limitations under the License.
 # ---------------------------------------------------------------------------
 
-kind: ClusterRoleBinding
+kind: RoleBinding
 apiVersion: rbac.authorization.k8s.io/v1
 metadata:
-  name: camel-k-operator-console-openshift
+  name: camel-k-operator-openshift
   labels:
     app: "camel-k"
 subjects:
 - kind: ServiceAccount
   name: camel-k-operator
 roleRef:
-  kind: ClusterRole
-  name: camel-k-operator-console-openshift
-  apiGroup: rbac.authorization.k8s.io
+  kind: Role
+  name: camel-k-operator-openshift
+  apiGroup: rbac.authorization.k8s.io

pkg/resources/config/rbac/namespaced/operator-cluster-role-console-openshift.yaml pkg/resources/config/rbac/namespaced/operator-role-openshift.yaml

@@ -15,17 +15,31 @@
 # limitations under the License.
 # ---------------------------------------------------------------------------
 
-kind: ClusterRole
+kind: Role
 apiVersion: rbac.authorization.k8s.io/v1
 metadata:
-  name: camel-k-operator-console-openshift
+  name: camel-k-operator-openshift
   labels:
     app: "camel-k"
 rules:
 - apiGroups:
-  - console.openshift.io
+  - camel.apache.org
   resources:
-  - consoleclidownloads
+  - builds/finalizers
+  - integrationkits/finalizers
+  - integrationplatforms/finalizers
+  - integrationprofiles/finalizers
+  - integrations/finalizers
+  - pipes/finalizers
+  verbs:
+  - update
+- apiGroups:
+  - ""
+  - "build.openshift.io"
+  resources:
+  - buildconfigs
+  - buildconfigs/webhooks
+  - builds
   verbs:
   - create
   - delete
@@ -35,3 +49,51 @@ rules:
   - patch
   - update
   - watch
+- apiGroups:
+  - ""
+  - "image.openshift.io"
+  resources:
+  - imagestreamimages
+  - imagestreammappings
+  - imagestreams
+  - imagestreams/secrets
+  - imagestreamtags
+  verbs:
+  - create
+  - delete
+  - deletecollection
+  - get
+  - list
+  - patch
+  - update
+  - watch
+- apiGroups:
+  - ""
+  - build.openshift.io
+  resources:
+  - buildconfigs/instantiate
+  - buildconfigs/instantiatebinary
+  - builds/clone
+  verbs:
+  - create
+- apiGroups:
+  - ""
+  - "route.openshift.io"
+  resources:
+  - routes
+  verbs:
+  - create
+  - delete
+  - deletecollection
+  - get
+  - list
+  - patch
+  - update
+  - watch
+- apiGroups:
+  - ""
+  - route.openshift.io
+  resources:
+  - routes/custom-host
+  verbs:
+  - create

script/Makefile

@@ -743,7 +743,6 @@ ifdef OPERATOR_ID
 	@sed -i 's/value: .*/value: $(OPERATOR_ID)/' $(KUST_TMP)/$(KUSTOMIZE_DIR)/patch-operator-id.yaml
 	@echo "INFO: adding a suffix for ClusterRoleBindings $(OPERATOR_ID)"
 	cd $(KUST_TMP)/install/base/config/rbac/descoped && kustomize edit set namesuffix -- -$(OPERATOR_ID)
-	cd $(KUST_TMP)/install/base/config/rbac/openshift/descoped && kustomize edit set namesuffix -- -$(OPERATOR_ID)
 else
 	@echo "INFO: no operator ID variable \"OPERATOR_ID\" provided. Keeping default."
 endif