BUILD-348: share discoverability ('use' verb, namespace scope roles); inject build-284 in repo#51
Conversation
openshift-ci
Bot
added
the
approved
|
all green e2e's @adambkaplan @coreydaley |
adambkaplan
left a comment
adambkaplan
left a comment
There was a problem hiding this comment.
/approve
Nits, but otherwise looks good
| # OpenShift Shared Resource CSI Driver | ||
|
|
||
| The OpenShift Projected Resource CSI Driver allows for the controlled (via Kubernetes RBAC) sharing of Kubernetes Secrets and ConfigMaps across | ||
| The OpenShift Sharead Resource CSI Driver allows for the controlled (via Kubernetes RBAC) sharing of Kubernetes Secrets and ConfigMaps across |
There was a problem hiding this comment.
spelling nit:
| The OpenShift Sharead Resource CSI Driver allows for the controlled (via Kubernetes RBAC) sharing of Kubernetes Secrets and ConfigMaps across | |
| The OpenShift Shared Resource CSI Driver allows for the controlled (via Kubernetes RBAC) sharing of Kubernetes Secrets and ConfigMaps across |
| - storage.openshift.io | ||
| resources: | ||
| - shares | ||
| - sharedresourcess |
There was a problem hiding this comment.
important nit:
| - sharedresourcess | |
| - sharedresources |
There was a problem hiding this comment.
yep ... fortunately it is correct in the actual yaml files in the examples subdir ;-)
|
[APPROVALNOTIFIER] This PR is APPROVED This pull-request has been approved by: adambkaplan, gabemontero The full list of commands accepted by this bot can be found here. The pull request process is described here DetailsNeeds approval from an approver in each of these files:
Approvers can indicate their approval by writing |
| // volumeAttributes: | ||
| // sharedResource: my-share | ||
| // | ||
| // For the mount to be successful, the pod's service account must be granted permission to 'use' the named SharedResource object |
There was a problem hiding this comment.
so starting here @coreydaley was my attempt to take what @deads2k and I discussed in slack in reference to your openshift/api PR and apply "corrections" in the godoc
| // `oc create rolebinding shared-resource-my-share --role=shared-resource-my-share --serviceaccount=my-namespace:default` | ||
| // | ||
| // Administrators can create separate Roles and RoleBindings for their users to be able the list and/or view the | ||
| // available cluster scoped `SharedResources` objects. |
There was a problem hiding this comment.
this is the end of where I tried to update godoc @coreydaley in reference to discussion with @deads2k in slack
ideally you can replicate this in your openshift/api PR, and then, with the resolution of the group name that @adambkaplan will be striving for with @jsafrane and @deads2k your openshift/api PR will be "unblocked", or at least at the point where we are just iterating on grammar and word choice vs. major concepts and architectural viability
gabemontero
force-pushed
the
chg-sar-verb
branch
from
1480928 to
dc8c551
Compare
|
spelling nits updated and pushed @adambkaplan thanks @coreydaley tried to highlight the godoc updates that I hope should help your openshift/api PR pending further feedback from you @coreydaley I think this one is good to go |
|
getting 500s from CIs registry on startup of all jobs will sit tight and retry tests later |
|
/retest |
|
/lgtm |
4 participants
/assign @adambkaplan
/assign @coreydaley
@deads2k FYI (if anything else, for api godoc)
So this PR proves out our recent discussions in slack and @coreydaley 's openshift/api#979
Highlights:
I'm still going to put up a openshift/enhancements update, but I am currently of the opinion this PR progresses us on the path, could be merged after review, and then follow up PRs can come if the EP merge or api merge results in addition adjustments.