Is this a BUG REPORT or FEATURE REQUEST?:
QUESTION
What happened:
When admin wants to unregister any cluster with manager, should we
Delete the service account in the target cluster?
There could be couple of things happened during registration
User provided service account name directly
User allowed manager cli to create service account.
In the 2nd option, probably it is okay to delete the service account but in 1st option, may be we shouldn't?
Apart from that, If we want to delete all the RBAC resources (sa, cluster-role, cluster role-binding) which is installed during registration, it gets into very interesting as if you delete the cluster-role-binding first you lose the access to delete anything with that service account as there is no binding so either way you are gonna have some orphan resources and probably user have to clean it up by themselves.
What you expected to happen:
Unregistration needs to be properly documented with the steps
How to reproduce it (as minimally and precisely as possible):
Is this a BUG REPORT or FEATURE REQUEST?: QUESTION
What happened: When admin wants to unregister any cluster with manager, should we
There could be couple of things happened during registration
In the 2nd option, probably it is okay to delete the service account but in 1st option, may be we shouldn't?
Apart from that, If we want to delete all the RBAC resources (sa, cluster-role, cluster role-binding) which is installed during registration, it gets into very interesting as if you delete the cluster-role-binding first you lose the access to delete anything with that service account as there is no binding so either way you are gonna have some orphan resources and probably user have to clean it up by themselves.
What you expected to happen: Unregistration needs to be properly documented with the steps
How to reproduce it (as minimally and precisely as possible):
Anything else we need to know?:
Environment:
Other debugging information (if applicable):
$ kubectl logs