search

falcosecurity / deploy-kubernetes

Kubernetes deployment resources for Falco
Apache License 2.0
11 stars 16 forks source link

Service account, cluster role and cluster role binding still remain #124

Closed tippy3 closed 2 months ago

tippy3 commented 2 months ago

Describe the bug

Service account, cluster role and cluster role binding were removed in v4.0.0 but still remain in kubernetes/falco/templates.

As far as I see Prowjob and #101, those files need to be removed manually?

How to reproduce it

Expected behaviour

They are removed from this repository.

Screenshots

Environment

Additional context

leogr commented 2 months ago

Hey @tippy3

Good catch, thank you!

Service account, cluster role and cluster role binding were removed in v4.0.0 but still remain in kubernetes/falco/templates.

They were all removed. Anyway just, the service account was re-introduced in v4.0.1

@alacuku can you let us know if we should keep the service account template? (I guess so, asking for confirmation)

As far as I see Prowjob and https://github.com/falcosecurity/deploy-kubernetes/pull/101, those files need to be removed manually?

Yes, it looks like the script does not handle the removal (cc @ maxgio92), so we need to remove them manually.

@tippy3, would you like to open a PR once we confirm which files need to be removed?

alacuku commented 2 months ago

In the next release of the charts for Falco 0.38 we will introduce a new role & roleBinding. Let's wait until Falco 0.38 is out and then update the templates.

tippy3 commented 2 months ago

I got it and I will wait. Thank you!