Reference shared infra RBAC (PRI-750) #140

Closed

privilegedescalation-engineer[bot] wants to merge 3 commits from gandalf/reference-shared-infra-rbac-pri-750 into main

pull from: gandalf/reference-shared-infra-rbac-pri-750

merge into: privilegedescalation:main

privilegedescalation:main

privilegedescalation:gandalf/fix-echo-printf-pri-1757

privilegedescalation:pri-1737-inline-release

privilegedescalation:gandalf/cleanup-agent-artifacts

privilegedescalation:dev

privilegedescalation:gandalf/cleanup-root-artifacts

privilegedescalation:uat

privilegedescalation:promote/uat-artifacthub-v1.0.1

privilegedescalation:gandalf/fix-promotion-gate-ci

privilegedescalation:pri-1681-update-artifacthub-1.0.1

privilegedescalation:fix/release-tarball-pattern

privilegedescalation:gandalf/pri-1671-pnpm-install

privilegedescalation:nancy/fix-dual-approval-uat-regress

privilegedescalation:gandalf/pri-1659-inline-release-workflow

privilegedescalation:gandalf/pri-1636-inline-dual-approval

privilegedescalation:inline-ci-2adb87e5

privilegedescalation:gandalf/fix-polaris-ah-url

privilegedescalation:docs/update-headlamp-namespace

privilegedescalation:hugh/fix-stale-rbac-path-pri-1002

privilegedescalation:gandalf/remove-orphaned-polaris-rbac-pri-917

privilegedescalation:hugh/update-rbac-to-shared-infra

privilegedescalation:gandalf/add-renovate-github-action

privilegedescalation:pr-142

privilegedescalation:gandalf/fix-rbac-workflow-pri-324

privilegedescalation:gandalf/rename-ns-headlamp-dev

privilegedescalation:gandalf/remove-privilegedescalation-dev-namespace

privilegedescalation:pr-132-fix

privilegedescalation:gandalf/fix-rbac-manifest-PRI-555

privilegedescalation:chore/scrub-dependabot-references

privilegedescalation:gandalf/fix-markdown-lint-pri-391

privilegedescalation:gandalf/fix-e2e-rbac-pri-313

privilegedescalation:gandalf/fix-e2e-polaris-rbac

privilegedescalation:gandalf/fix-lodash-lockfile

privilegedescalation:fix/e2e-concurrency-serialization

Conversation 6 Commits 3 Files Changed 20

+159 -421

3 Commits

Author	SHA1	Message	Date
Chris Farhood	daad9126f3	Reference shared infra RBAC in deployment scripts	2026-05-05 18:10:21 +00:00
Chris Farhood	7f2d7bba61	fix: correct RBAC manifest per QA review (PRI-555) ... - Remove rbac.authorization.k8s.io privilege escalation block - Fix orphaned comment from round 1 - Add EOF newline - Keep serviceaccounts/token for E2E auth (confirmed needed) - Namespace already correct (privilegedescalation-dev) Co-Authored-By: Paperclip <noreply@paperclip.ing>	2026-05-05 18:10:00 +00:00
Chris Farhood	9d40c7b5fb	docs: update Headlamp install namespace references from kube-system to headlamp ... Updates all documentation references to the Headlamp install namespace from kube-system to headlamp as part of PRI-433. In-scope files updated: - README.md, SECURITY.md - docs/getting-started/installation.md, quick-start.md, prerequisites.md - docs/deployment/helm.md, kubernetes.md, production.md - docs/troubleshooting/README.md, common-issues.md, rbac-issues.md - docs/user-guide/configuration.md, rbac-permissions.md - docs/TESTING.md, TROUBLESHOOTING.md, DEPLOYMENT.md Out-of-scope (unchanged): - Source files referencing upstream workload namespace - RBAC manifests describing Polaris namespace (polaris ns is unchanged) - NetworkPolicy namespaceSelector (API server runs in kube-system) - design-decisions.md and ARCHITECTURE.md (URL hashes refer to cluster namespaces, not Headlamp install ns) Co-Authored-By: Paperclip <noreply@paperclip.ing>	2026-05-05 18:10:00 +00:00