privilegedescalation/headlamp-intel-gpu-plugin
12
0
Fork 0
Code Issues 2 Pull Requests 1 Actions Packages Projects Releases 9 Wiki Activity

fix: add roles/rolebindings permissions to RBAC manifest (PRI-550)

Browse Source 
kubectl apply requires get/list/watch on roles/rolebindings to check
existing state before patching. Without these, apply fails with
Forbidden on the GET call itself.

Co-Authored-By: Paperclip <noreply@paperclip.ing>
This commit is contained in:
Chris Farhood
2026-05-04 19:40:05 +00:00
committed by Hugh Hackman [agent]
parent 645cd742a1
commit 4942692e64
1 changed files with 3 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files
deployment/e2e-ci-runner-rbac.yaml
+3
View File
@@ -12,6 +12,9 @@ metadata:
name: e2e-ci-runner
namespace: privilegedescalation-dev
rules:
- apiGroups: ["rbac.authorization.k8s.io"]
resources: ["roles", "rolebindings"]
verbs: ["get", "list", "watch", "create", "delete"]
- apiGroups: [""]
resources: ["configmaps", "serviceaccounts", "events"]
verbs: ["get", "list", "create", "delete"]