Create a ServiceAccount for Broker Ingress#1241
Conversation
|
[APPROVALNOTIFIER] This PR is APPROVED This pull-request has been approved by: Harwayne The full list of commands accepted by this bot can be found here. The pull request process is described here DetailsNeeds approval from an approver in each of these files:
Approvers can indicate their approval by writing |
knative-prow-robot
added
size/L
|
Ping. |
| brokerCreated = "BrokerCreated" | ||
| serviceAccountCreated = "BrokerFilterServiceAccountCreated" | ||
| serviceAccountRBACCreated = "BrokerFilterServiceAccountRBACCreated" | ||
| serviceAccountCreated = "BrokerServiceAccountCreated" |
There was a problem hiding this comment.
might be better to have the 4 events: BrokerFilterXXX and BrokerIngressXXX, and you pass them as args when you call the method?
But I'm ok either way, if you want to leave it as is, it's fine.
There was a problem hiding this comment.
I guess with the message you are printing the name of the service account or role binding. We can leave it as is...
|
|
||
| In order to setup a `Broker` manually, we must first create the required | ||
| `ServiceAccount` and give it the proper RBAC permissions. This setup is required | ||
| `ServiceAccount`s and give them the proper RBAC permissions. This setup is required |
There was a problem hiding this comment.
Now that you are editing this file... can you fix the cosmetic:
the implmentation may change at any time, absolutely no guarantees are made about the implmentation
Also, inside Implementation, Namespace, you will have to add the steps of creating the eventing-broker-filter service account, and the RBAC.
There was a problem hiding this comment.
Now that is fresh, there is a broker_trigger.md file in knative/docs, with this manual steps as well. It'd be great if you can create a follow up PR on docs with this same changes...
There was a problem hiding this comment.
Made the changes here.
Once this gets in, I'll immediately open a PR on docs to update it their too.
Maybe we should just delete this file? And rely on docs only?
There was a problem hiding this comment.
Yes, I think it'd be better to remove this one. Just check if it has the same content. I think the docs one doesn't have the implementation, but I think it's fine to skip that section.
There was a problem hiding this comment.
OK. In a follow up PR (after I submit the changes to docs), I'll pair this down to a link to docs and implementation details.
|
The following is the coverage report on pkg/.
|
|
/lgtm |
* pr#1408 * pr#1398 * service/samples: add .dockerignore to samples with local build disruption risk (#1392) * service/samples: add .dockerignore to samples with risk of local build interference * serving/samples: .dockerignore readme text update * Update docs/serving/samples/hello-world/helloworld-csharp/README.md Co-Authored-By: RichieEscarez <rescarez@google.com> * Update docs/serving/samples/hello-world/helloworld-nodejs/README.md Co-Authored-By: RichieEscarez <rescarez@google.com> * Update docs/serving/samples/hello-world/helloworld-python/README.md Co-Authored-By: RichieEscarez <rescarez@google.com> * Update docs/serving/samples/hello-world/helloworld-php/README.md Co-Authored-By: Evan Anderson <evan.k.anderson@gmail.com> * Fix the wrong information in grpc example (#1380) * pr#1363 * Fix samples path (#1357) * Copy the updates from knative/eventing#1241. (#1355) * add reference to custom DNS config (#1327) * add reference to custom DNS config * Update docs/install/getting-started-knative-app.md Co-Authored-By: Sam O'Dell <31352624+samodell@users.noreply.github.com> * fix relative link * Fix PR#1202 * Document serving tag resolution (#1260) Our controller does resolution of tags to digests, which has been a source of confusion. This documents the fact that we do it, why we do it, and how to configure the controller to work around common issues.
Signed-off-by: Matthias Wessendorf <mwessend@redhat.com>
5 participants
Helps with #704, as this SA will be needed to get ConfigMap reading permissions.
Proposed Changes
eventing-broker-ingress, rather thandefaulton Broker Ingress Pods.Release Note