Closed rain-on closed 1 month ago
Latest commit: ce5883e677bf2cb6d2a7b51f89fa8e5b9c772ede
The changes in this PR will be included in the next version bump.
Not sure what this means? Click here to learn what changesets are.
Click here if you're a maintainer who wants to add another changeset to this PR
It was found that when running as a worker, the clusterrole (used in deployment-target mode) was still attached to the service account being used to run scritps.
This meant that worker-scripts were able affect the greater cluster.
This fix removes the cluster-rolebinding from the serviceAccount when in worker-mode.