[camel-k] 02/02: fix: The SAR request for ServiceBinding creation must be scoped to the operator watch namespace

Wed, 10 Feb 2021 09:30:29 -0800 

This is an automated email from the ASF dual-hosted git repository.

astefanutti pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/camel-k.git

commit 7743ca2fd0ef1d75e60098b413994c6115ac8f1b
Author: Antonin Stefanutti <anto...@stefanutti.fr>
AuthorDate: Wed Feb 10 16:54:20 2021 +0100

    fix: The SAR request for ServiceBinding creation must be scoped to the 
operator watch namespace
---
 pkg/controller/integration/integration_controller.go | 2 +-
 pkg/platform/operator.go                             | 8 ++++++++
 2 files changed, 9 insertions(+), 1 deletion(-)

diff --git a/pkg/controller/integration/integration_controller.go 
b/pkg/controller/integration/integration_controller.go
index 08307c2..e4a7335 100644
--- a/pkg/controller/integration/integration_controller.go
+++ b/pkg/controller/integration/integration_controller.go
@@ -226,7 +226,7 @@ func add(mgr manager.Manager, r reconcile.Reconciler, c 
client.Client) error {
                return err
        } else if !ok {
                log.Info("Service binding is disabled, install the Service 
Binding Operator if needed")
-       } else if ok, err := kubernetes.CheckPermission(context.TODO(), c, 
sb.SchemeGroupVersion.Group, "servicebindings", "", "", "create"); err != nil {
+       } else if ok, err := kubernetes.CheckPermission(context.TODO(), c, 
sb.SchemeGroupVersion.Group, "servicebindings", 
platform.GetOperatorWatchNamespace(), "", "create"); err != nil {
                return err
        } else if !ok {
                log.Info("Service binding is disabled, the operator is not 
granted permission to create ServiceBindings!")
diff --git a/pkg/platform/operator.go b/pkg/platform/operator.go
index d0ff38b..05538a9 100644
--- a/pkg/platform/operator.go
+++ b/pkg/platform/operator.go
@@ -67,6 +67,14 @@ func IsCurrentOperatorGlobal() bool {
        return false
 }
 
+// GetOperatorWatchNamespace returns the namespace the operator watches
+func GetOperatorWatchNamespace() string {
+       if namespace, envSet := 
os.LookupEnv(operatorWatchNamespaceEnvVariable); envSet {
+               return namespace
+       }
+       return ""
+}
+
 // GetOperatorNamespace returns the namespace where the current operator is 
located (if set)
 func GetOperatorNamespace() string {
        if podNamespace, envSet := os.LookupEnv(operatorNamespaceEnvVariable); 
envSet {

Reply via email to