fix(e2e): make Polaris e2e CI self-sufficient with RBAC in workflow #131

Closed
privilegedescalation-engineer[bot] wants to merge 3 commits from hugh/pri-513-canonical-rbac-fix into main
Showing only changes of commit 599d5e4be7 - Show all commits
+6 -1
View File
@@ -46,7 +46,12 @@ jobs:
uses: azure/setup-kubectl@v4
- name: Apply RBAC for E2E pipeline
run: kubectl apply -f deployment/e2e-ci-runner-rbac.yaml
run: |
kubectl apply -f deployment/e2e-ci-runner-rbac.yaml
echo "Waiting for RBAC propagation (Kubernetes subject access review caching)..."
sleep 5
echo "Verifying CI runner permissions..."
kubectl auth can-i create roles -n headlamp-dev --as="system:serviceaccount:arc-runners:runners-privilegedescalation-gha-rs-no-permission" || { echo "::error::CI runner still lacks roles permission after propagation wait"; exit 1; }
- name: Apply Polaris dashboard RBAC
run: kubectl apply -f deployment/polaris-rbac.yaml