Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Missing "routes/custom-host" resource in ClusterRole #21

Closed
trumbaut opened this issue Apr 7, 2023 · 6 comments · Fixed by #35 or skupperproject/skupper#1265
Closed

Missing "routes/custom-host" resource in ClusterRole #21

trumbaut opened this issue Apr 7, 2023 · 6 comments · Fixed by #35 or skupperproject/skupper#1265
Assignees
@fgiorgetti

Comments

@trumbaut
Copy link
Contributor

trumbaut commented Apr 7, 2023

Skupper allows setting a hostname for routes using the data:ingress-host parameter in the skupper-site ConfigMap. However, currently this doesn't work in OCP (skupper-operator.v1.2.2-74cbf46bbc) due to missing ClusterRole permissions. As a result, setting the data:ingress-host parameter breaks initialising the site with following errors in the site controller pod:

2023/04/07 09:49:53 Initialising skupper site ...
2023/04/07 09:49:54 Error initialising skupper: Route.route.openshift.io "skupper-inter-router" is invalid: spec.host: Forbidden: you do not have permission to set the host field of the route
E0407 09:49:54.785647 1 controller.go:168] Route.route.openshift.io "skupper-inter-router" is invalid: spec.host: Forbidden: you do not have permission to set the host field of the route

To fix this, we simply need to add routes/custom-host as a resource for the ClusterRole (https://github.com/skupperproject/skupper-operator/blob/main/bundle/manifests/1.3.0/skupper-operator.v1.3.0.clusterserviceversion.yaml#L68):

[...]
        - apiGroups:
          - route.openshift.io
          resources:
          - routes
          - routes/custom-host
          verbs:
[...]

Let me know if/where I can create a PR for this.
@fgiorgetti fgiorgetti self-assigned this Aug 14, 2023
@fgiorgetti
Copy link
Member

@trumbaut makes sense to me.
@grs @ajssmith @nluaces thoughts?

@grs
Copy link
Member

grs commented Nov 4, 2023

Yes, makes sense to me also

@fgiorgetti
Copy link
Member

@trumbaut could you please submit a PR with the proposed change?
You have to do it against the Skupper repository.

@trumbaut
Copy link
Contributor Author

trumbaut commented Nov 9, 2023

@fgiorgetti : I fixed this in trumbaut@ef56c2d but how can I submit it against the Skupper repository?

@fgiorgetti
Copy link
Member

@trumbaut you can send the operator PR, of course.
On the Skupper (repo) we need to add this extra resource at api/types/types.go

This was referenced Nov 9, 2023
Merged
Merged
@trumbaut
Copy link
Contributor Author

trumbaut commented Nov 9, 2023

@fgiorgetti, please check the PR's above.

@jiridanek jiridanek mentioned this issue Dec 13, 2023
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@fgiorgetti fgiorgetti

Labels
None yet
Projects
None yet
Milestone
No milestone
3 participants
@grs @trumbaut @fgiorgetti