Closed amuraru closed 3 years ago
I think it's dupe of #651 (fixed in #657).
If you use custom service accounts, then you may have to add permission to the certificatesigningrequests
resources.
@adamantal I am aware of that fix but our use case is a bit different - we cannot get the permission as we operate in a multitenant k8s environment and would need this support to be optional so we can disable it
Is your feature request related to a problem? Please describe.
In our environment is not possible to grant operator read access to CertifiticateSigningRequests cluster-scoped resources. In turn, when this is not available the operator as whole fails to start with this errors:
Describe the solution you'd like to see
When CSR RBAC is missing the operator should continue working without support for KafkaUser native CSR.
Describe alternatives you've considered
N/A
Additional context N/A