fix(e2e): apply both RBAC manifests in workflow before pre-flight check #125
Closed
privilegedescalation-engineer[bot] wants to merge 1 commits from
fix/e2e-workflow-rbac into main
pull from: fix/e2e-workflow-rbac
merge into: privilegedescalation:main
privilegedescalation:main
privilegedescalation:gandalf/fix-echo-printf-pri-1757
privilegedescalation:pri-1737-inline-release
privilegedescalation:gandalf/cleanup-agent-artifacts
privilegedescalation:dev
privilegedescalation:gandalf/cleanup-root-artifacts
privilegedescalation:uat
privilegedescalation:promote/uat-artifacthub-v1.0.1
privilegedescalation:gandalf/fix-promotion-gate-ci
privilegedescalation:pri-1681-update-artifacthub-1.0.1
privilegedescalation:fix/release-tarball-pattern
privilegedescalation:gandalf/pri-1671-pnpm-install
privilegedescalation:nancy/fix-dual-approval-uat-regress
privilegedescalation:gandalf/pri-1659-inline-release-workflow
privilegedescalation:gandalf/pri-1636-inline-dual-approval
privilegedescalation:inline-ci-2adb87e5
privilegedescalation:gandalf/fix-polaris-ah-url
privilegedescalation:docs/update-headlamp-namespace
privilegedescalation:hugh/fix-stale-rbac-path-pri-1002
privilegedescalation:gandalf/remove-orphaned-polaris-rbac-pri-917
privilegedescalation:gandalf/reference-shared-infra-rbac-pri-750
privilegedescalation:hugh/update-rbac-to-shared-infra
privilegedescalation:gandalf/add-renovate-github-action
privilegedescalation:pr-142
privilegedescalation:gandalf/fix-rbac-workflow-pri-324
privilegedescalation:gandalf/rename-ns-headlamp-dev
privilegedescalation:gandalf/remove-privilegedescalation-dev-namespace
privilegedescalation:pr-132-fix
privilegedescalation:gandalf/fix-rbac-manifest-PRI-555
privilegedescalation:chore/scrub-dependabot-references
privilegedescalation:gandalf/fix-markdown-lint-pri-391
privilegedescalation:gandalf/fix-e2e-rbac-pri-313
privilegedescalation:gandalf/fix-e2e-polaris-rbac
privilegedescalation:gandalf/fix-lodash-lockfile
privilegedescalation:fix/e2e-concurrency-serialization
1 Commits
| Author | SHA1 | Message | Date | |
|---|---|---|---|---|
 Chris Farhood
|
3c6d77eb49 |
fix(e2e): apply RBAC in workflow before pre-flight check
The E2E workflow now applies both RBAC manifests (e2e-ci-runner-rbac.yaml and polaris-rbac.yaml) in the same step, then verifies permissions with a two-namespace pre-flight check. This makes the workflow self-sufficient — no manual RBAC application or cluster-prep step required before CI runs. Changes: - Workflow now applies e2e-ci-runner-rbac.yaml + polaris-rbac.yaml before the pre-flight check (previously only applied polaris-rbac.yaml and only checked, not applied, e2e-ci-runner-rbac.yaml) - Pre-flight check verifies can-i delete configmaps in privilegedescalation-dev AND can-i get services/proxy in polaris before proceeding - e2e-ci-runner-rbac.yaml now includes Role + RoleBinding for the polaris namespace so the CI runner can apply the dashboard proxy RBAC Fixes PRI-264 / PRI-324. Co-Authored-By: Paperclip <noreply@paperclip.ing> |