-
Epic
-
Resolution: Unresolved
-
Major
-
None
-
None
-
ACM Deeper Integration of ClusterPermission into ACM/MCE
-
False
-
None
-
False
-
Not Selected
-
To Do
-
VIRTSTRAT-51 - ACM fine grained RBAC for OpenShift Virtualization
-
VIRTSTRAT-51ACM fine grained RBAC for OpenShift Virtualization
We need to better integrate ClusterPermission resource into ACM
https://github.com/open-cluster-management-io/cluster-permission
After some initial investigation the following topics need to be resolved:
- Bundle it into the MCE instead of ACM.
- Update the API to fit more use cases
- Rewrite from hub controller into an addon agent similar to managedserviceaccount (MSA)
- Dedicated doc section (right now its hiding under GitOps section)
- Maybe UI (it should integrate with MSA)
Done Checklist
- CI - CI is running, tests are automated and merged.
- Release Enablement <link to Feature Enablement Presentation>
- DEV - Upstream code and tests merged: <link to meaningful PR or GitHub
Issue> - DEV - Upstream documentation merged: <link to meaningful PR or GitHub
Issue> - DEV - Downstream build attached to advisory: <link to errata>
- QE - Test plans in Polarion: <link or reference to Polarion>
- QE - Automated tests merged: <link or reference to automated tests>
- DOC - Doc issue opened with a completed template. Separate doc issue
opened for any deprecation, removal, or any current known
issue/troubleshooting removal from the doc, if applicable.