astefanutti commented on issue #1766:
URL: https://github.com/apache/camel-k/issues/1766#issuecomment-767392287
Maybe we can move the creation of the IntegrationPlatform operator-side,
instead of CLI-side, so that the operator can decide what to do when there
isn't any found.
For registry auto-configuration, we can grant the operator whatever
permission is required, from example to handle auto-configuration with Minikube
registry addon, that would be :
ca_role.yaml:
```
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
name: camel-k-minikube
rules:
- apiGroups:
- ""
resources:
- services
resourceNames:
- registry
verbs:
- get
```
ca_role_binding.yaml:
```
kind: RoleBinding
apiVersion: rbac.authorization.k8s.io/v1
metadata:
name: camel-k-minikube
namespace: kube-system
subjects:
- kind: ServiceAccount
name: camel-k-operator
namespace: camel-k
roleRef:
kind: ClusterRole
name: camel-k-minikube
apiGroup: rbac.authorization.k8s.io
```
The only issue I see is with OLM packaging, as it's not possible to describe
RoleBinding of ClusterRole in the CSV, and it does not seem like these are
supported types that can be added as optional resources in the OLM bundle
`manifests` directory. Anyway, as it's read-only permissions, granting
ClusterRole seems acceptable.
Also in the future context of #1802, the operator would be able to read the
`LocalRegistryHosting` ConfigMap, and auto-configure the IntegrationPlatform
accordingly.
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
us...@infra.apache.org
