nicolaferraro commented on issue #1766: URL: https://github.com/apache/camel-k/issues/1766#issuecomment-767394694
> Maybe we can move the creation of the IntegrationPlatform operator-side, instead of CLI-side, so that the operator can decide what to do when there isn't any found. > > For registry auto-configuration, we can grant the operator whatever permission is required, from example to handle auto-configuration with Minikube registry addon, that would be : > > ca_role.yaml: > > ``` > apiVersion: rbac.authorization.k8s.io/v1 > kind: ClusterRole > metadata: > name: camel-k-minikube > rules: > - apiGroups: > - "" > resources: > - services > resourceNames: > - registry > verbs: > - get > ``` > > ca_role_binding.yaml: > > ``` > kind: RoleBinding > apiVersion: rbac.authorization.k8s.io/v1 > metadata: > name: camel-k-minikube > namespace: kube-system > subjects: > - kind: ServiceAccount > name: camel-k-operator > namespace: camel-k > roleRef: > kind: ClusterRole > name: camel-k-minikube > apiGroup: rbac.authorization.k8s.io > ``` > > The only issue I see is with OLM packaging, as it's not possible to describe RoleBinding of ClusterRole in the CSV, and it does not seem like these are supported types that can be added as optional resources in the OLM bundle `manifests` directory. Anyway, as it's read-only permissions, granting ClusterRole seems acceptable. > > Also in the future context of #1802, the operator would be able to read the `LocalRegistryHosting` ConfigMap, and auto-configure the IntegrationPlatform accordingly. Yeah, that would solve the cases when auto-creation is possible, so we can remove the special cases for minikube and also support e.g. Kind oob. Currently only on OpenShift we're able to auto-create platforms via the platform trait. But I think there are many cases, e.g. Kubernetes on GKE, Azure, AWS.. where there's need for user input and the CLI is the main way to inject those into an integration platform at installation time. ---------------------------------------------------------------- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: us...@infra.apache.org
