Uploaded image for project: 'OpenShift GitOps'
  1. OpenShift GitOps
  2. GITOPS-3502

Add support for impersonation in gitops-engine

XMLWordPrintable

    • Icon: Story Story
    • Resolution: Unresolved
    • Icon: Normal Normal
    • None
    • None
    • None
    • GITOPS Sprint 249, GITOPS Core Sprint 3248, GITOPS Core Sprint 3249, GITOPS Core Sprint 3251, GITOPS Core Sprint 3252, GITOPS Core Sprint 3253, GITOPS Core Sprint 3254, GitOps Tangerine - Sprint 2255, GitOps Tangerine - Sprint 3256, GitOps Tangerine - Sprint 3258

      Goal

      Fix GitOps Engine code to honor Impersonate configuration set in the Application sync context for all kubectl commands that are being executed.

      Acceptance Criteria:

      • It should be possible for the GitOps Engine to run application sync using impersonation config.
      • When impersonation config is not set, then the existing behaviour of using the control-plane service account for the sync operation must be the default behaviour.
      • If there is error in the impersonation configuration, then error with appropriate message should be reported.
      • If the impersonating user does not have sufficient permissions for the application sync to happen, then the sync operation should fail with an appropriate error message.

            anjoseph Anand Francis Joseph
            anjoseph Anand Francis Joseph
            Votes:
            0 Vote for this issue
            Watchers:
            2 Start watching this issue

              Created:
              Updated: