Skip to content

fix: update namespace handling in cluster resource reporter #965

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 3 commits into from
Nov 30, 2025
Merged

fix: update namespace handling in cluster resource reporter #965

merged 3 commits into from
Nov 30, 2025

Conversation

@ATGardner
Copy link
Contributor

@ATGardner ATGardner commented Nov 26, 2025
edited
Loading

What

fix rbac and cluster-event-reporter when running in a namespaced runtime

@ATGardner
fix: remove nonResourceURLs from RBAC rules for event reporters
92008a0 
Eliminate unnecessary nonResourceURLs permissions from the RBAC
configuration of both cluster and runtime event reporters to enhance
security and adhere to least privilege principles.
@ATGardner ATGardner requested a review from a team as a code owner November 26, 2025 15:25
@ATGardner ATGardner self-assigned this Nov 26, 2025
@ATGardner ATGardner mentioned this pull request Nov 26, 2025
Merged
@ATGardner
fix: add IS_NAMESPACED_RUNTIME variable to environment variables for …
81b6e81 
…event reporters

This change introduces the IS_NAMESPACED_RUNTIME variable in the environment configuration for both cluster and runtime event reporters. This variable is set to the value of .Values.global.runtime.singleNamespace, ensuring that the runtime context is correctly reflected in the environment settings.
@ATGardner ATGardner changed the title fix: remove nonResourceURLs from RBAC rules for event reporters fix: update namespace handling in cluster resource reporter Nov 30, 2025
@ATGardner ATGardner requested a review from a team as a code owner November 30, 2025 12:21
@ATGardner
Copy link
Contributor Author

ATGardner commented Nov 30, 2025

/e2e

@ATGardner ATGardner merged commit 6cb9040 into main Nov 30, 2025
5 checks passed
@ATGardner ATGardner deleted the CR-32335-fix-namesapced-runtime-roles-to-main branch November 30, 2025 13:32
ATGardner added a commit that referenced this pull request Nov 30, 2025
@ATGardner
fix: update namespace handling in cluster resource reporter (#964)
110eebc 
based on #965

* fix: remove nonResourceURLs from RBAC rules for event reporters
* fix: add IS_NAMESPACED_RUNTIME variable to environment variables for event reporters
* update event-reporters image to `aca2645` - fix: update namespace handling in cluster resource reporter (codefresh-io/cf-argocd-extras#98)
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@dmaizel dmaizel dmaizel approved these changes

@shirtabachii shirtabachii shirtabachii approved these changes

Assignees

@ATGardner ATGardner

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

4 participants

@ATGardner @dmaizel @shirtabachii