Che: Make Kubernetes infrastructure create a special service account for workspaces

Created on 25 Sep 2018  路  3Comments  路  Source: eclipse/che

Description

If Kubernetes infrastructure creates a namespace for workspace then special service account (with view and exec rights) should be created there, otherwise, Tasks and Exec sidecars will fail because of permissions leaks. The same is done for OpenShift infrastructure https://github.com/eclipse/che/pull/11199

It depends on upgrading fabric8-kubernetes-client version to v.4.0.4 #11112

OS and version:

Diagnostics:

kinenhancement statucode-review teaplatform
Source
picture sleshchenko

Most helpful comment

@AndrienkoAleksandr Could you please update README.md file in che-exec-terminal plugin since this issue is closed and Terminal and Exec should work fine on both of listed helm chart configurations https://github.com/ws-skeleton/che-machine-exec.

picture sleshchenko on 8 Nov 2018
1 🎉1 👍1

All 3 comments

@skabashnyuk @sleshchenko is there any chance to work on this issue in current sprint?

l0rd picture l0rd on 28 Oct 2018

@AndrienkoAleksandr Could you please update README.md file in che-exec-terminal plugin since this issue is closed and Terminal and Exec should work fine on both of listed helm chart configurations https://github.com/ws-skeleton/che-machine-exec.

sleshchenko picture sleshchenko on 8 Nov 2018
1 🎉1 👍1

@sleshchenko thanks, I will update README.md file.

AndrienkoAleksandr picture AndrienkoAleksandr on 8 Nov 2018
Was this page helpful?
0 / 5 - 0 ratings

Related issues

l0rd picture l0rd  路  3Comments
skabashnyuk picture skabashnyuk  路  3Comments
LaneGeek picture LaneGeek  路  3Comments
vanzhiganov picture vanzhiganov  路  3Comments
amisevsk picture amisevsk  路  3Comments