question-mark
Stuck on an issue?

Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.

And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.

[DevWorkspace] Make it possible to bind namespace role to a namespace service-account

See original GitHub issue

Is your task related to a problem? Please describe

When provisioning a namespace, Che sets serviceAccountName as che-workspace, but in the DevWorkspace installation we have another Service Account like workspace<workspace id>-sa which is actually used for a workspace. So when creating a role binding it is binded to the che-workspace service account, but when I make a kubernetes request from a workspace container it is using a token of the workspace<workspace id>-sa service account.

Describe the solution you’d like

Need to have a way to bind namespace roles to a namespace service-account.

Describe alternatives you’ve considered

No response

Additional context

No response

Issue Analytics

  • State:closed
  • Created 2 years ago
  • Comments:11 (10 by maintainers)

github_iconTop GitHub Comments

2reactions
vinokurigcommented, Nov 16, 2021

There is no technical reason for storing preferences in secret but not in config-map, so I am +1 to have a config-map workspace-preferences-configmap.

0reactions
amisevskcommented, Nov 23, 2021
Read more comments on GitHub >

github_iconTop Results From Across the Web

How to Use ClusterRoleBinding With A ServiceAccount in All ...
ClusterRoleBinding is a powerful feature of Kubernetes RBAC that allows you to grant permissions cluster-wide in all namespaces.
Read more >
Using RBAC Authorization | Kubernetes
A RoleBinding grants permissions within a specific namespace whereas a ClusterRoleBinding grants that access cluster-wide. A RoleBinding may ...
Read more >
How to Create kubernetes Role for Service Account
Create a service account bound to the namespace webapps namespace · Create a role with the list of required API access to Kubernetes...
Read more >
How to Create Namespace, Role Binding and Service ...
In this article, We are going to perform How to Create New Namespace, Role Binding and Service Account in Kubernetes Cluster using YAML....
Read more >
Add dynamic service accounts in namespace matchLabel #137
When a namespace is created with a given label, I'd like to provision a service account in that namespace, and create rolebindings for...
Read more >

github_iconTop Related Medium Post

No results found

github_iconTop Related StackOverflow Question

No results found

github_iconTroubleshoot Live Code

Lightrun enables developers to add logs, metrics and snapshots to live code - no restarts or redeploys required.
Start Free

github_iconTop Related Reddit Thread

No results found

github_iconTop Related Hackernoon Post

No results found

github_iconTop Related Tweet

No results found

github_iconTop Related Dev.to Post

No results found

github_iconTop Related Hashnode Post

No results found