Uploaded image for project: 'OpenShift Bugs'
  1. OpenShift Bugs
  2. OCPBUGS-24312

[secrets-store-csi-driver operator] report failed to list *v1.APIServer: apiservers.config.openshift.io

XMLWordPrintable

    • Icon: Bug Bug
    • Resolution: Done-Errata
    • Icon: Normal Normal
    • None
    • 4.15
    • Storage / Operators
    • None
    • Moderate
    • No
    • Rejected
    • False
    • Hide

      None

      Show
      None

      In secrets-store-csi-driver operator, it reports the permission missing:

      W1201 02:02:27.901026       1 reflector.go:535] k8s.io/client-go@v0.28.4/tools/cache/reflector.go:229: failed to list *v1.APIServer: apiservers.config.openshift.io is forbidden: User "system:serviceaccount:openshift-cluster-csi-drivers:secrets-store-csi-driver-operator" cannot list resource "apiservers" in API group "config.openshift.io" at the cluster scope
E1201 02:02:27.901057       1 reflector.go:147] k8s.io/client-go@v0.28.4/tools/cache/reflector.go:229: Failed to watch *v1.APIServer: failed to list *v1.APIServer: apiservers.config.openshift.io is forbidden: User "system:serviceaccount:openshift-cluster-csi-drivers:secrets-store-csi-driver-operator" cannot list resource "apiservers" in API group "config.openshift.io" at the cluster scope

      And I have a question, so all the ClusterCSIDriver should have the permission even they might not need to talk to apiservers?

            jdobson@redhat.com Jonathan Dobson
            wduan@redhat.com Wei Duan
            Wei Duan Wei Duan
            Votes:
            0 Vote for this issue
            Watchers:
            5 Start watching this issue

              Created:
              Updated:
              Resolved: