helm: Don't give operator permissions to create CRDs if not needed #2326
Conversation
lambdanis
added
area/helm
There was a problem hiding this comment.
Hi @itsCheithanya, thank you for the PR. The code change looks good, but the CI is complaining about the long commit message subject:
{[1/1] Don't give operator permissions to create CRDs if not needed ,add if block to stop it}
Error: ERROR:CUSTOM: Please avoid long commit subjects (max: 75, found: 85)
https://github.com/cilium/tetragon/actions/runs/8657663468/job/23747314419?pr=2326
Could you amend the commit message and force push? You can put details in the commit message body.
|
@itsCheithanya It seems you pushed an extra empty commit instead of amending the previous one, so the CI still fails. You can fix it like this: git reset --hard HEAD~1 # delete the second commit
git commit --amend # now edit the commit message of the first commit
git push -f # you need to force push because you edited a commitWhen done please re-request review with this button Thanks! |
itsCheithanya
force-pushed
the
cheithanya
branch
from
e60cb98
to
6f3a225
Compare
✅ Deploy Preview for tetragon ready!
To edit notification comments on pull requests, go to your Netlify site configuration. |
✅ Deploy Preview for tetragon ready!
To edit notification comments on pull requests, go to your Netlify site configuration. |
|
@itsCheithanya I see you merged the upstream main branch into your branch, could you rebase instead? Also your commit needs to be signed-off, see https://docs.cilium.io/en/stable/contributing/development/contributing_guide/#dev-coo |
|
I marked this PR a draft for now, @itsCheithanya please click the "Ready for review" button when you fix the commits. |
There was a problem hiding this comment.
This needs to be updated to reflect the recent changes in the Helm values. Sorry for the mess :)
Could you also amend the commit message to be more precise? We're not avoiding CRD creation here, only avoiding unnecessary permissions. A commit message like "Don't give operator permissions to create CRDs if not needed" would be good.
| @@ -26,12 +26,14 @@ rules: | |||
| - patch | |||
| - update | |||
| - watch | |||
| {{- if not .Values.tetragonOperator.skipCRDCreation }} | |||
There was a problem hiding this comment.
| {{- if not .Values.tetragonOperator.skipCRDCreation }} | |
| {{- if eq .Values.crds.installMethod "operator" }} |
It needs to be changed as tetragonOperator.skipCRDCreation value got deprecated & removed in the meantime.
There was a problem hiding this comment.
Okay I've done the changes as per that.
There was a problem hiding this comment.
Hey @itsCheithanya I don't see new changes, did you forget to push maybe?
There was a problem hiding this comment.
ohhh by mistake i pushed it to my main branch and not 'cheithanya' branch
i will do now,sorry for that
itsCheithanya
force-pushed
the
cheithanya
branch
from
cb87f57
to
2425e3c
Compare
There was a problem hiding this comment.
@itsCheithanya The CI job is failing because the sign-off line in the commit message doesn't match the commit author:
Missing Signed-off-by: line by nominal patch author 'itsCheithanya <[email protected]>'
https://github.com/cilium/tetragon/actions/runs/9552330690/job/26365160167?pr=2326
Could you amend the commit so that the sign-off matches the commit author?
Signed-off-by: Cheithanya <[email protected]>
itsCheithanya
force-pushed
the
cheithanya
branch
from
2425e3c
to
ae5a2a8
Compare
lambdanis
changed the title
|
Thanks! |
Don't give operator permissions to create CRDs if not needed
Result of the change :
Reproduce the result:
create a local values.yaml file with CRD creation disabled:
and then run
and install Tetragon with using local Helm chart and your values.yaml file:
./contrib/localdev/install-tetragon.sh --values values.yamlThen, check the operator ClusterRole using kubectl:kubectl get clusterrole tetragon-operator -oyamlFixes: #2226