search

knative / eventing

Event-driven application platform for Kubernetes
https://knative.dev/docs/eventing
Apache License 2.0
1.42k stars 595 forks source link

Overly permissive ClusterRole permissions #6498

Open a7i opened 2 years ago

a7i commented 2 years ago

Describe the bug knative-eventing-controller ClusterRole is overly permissive. For example, why does knative-eventing require the deletion of events or namespaces?

https://github.com/knative/eventing/blob/db235e7b704c37b5e64cd1a62b5760b3829507ff/config/core/roles/controller-clusterroles.yaml#L26-L42

Expected behavior Reduce permissions to only require what is needed by knative-eventing

To Reproduce N/A

Knative release version v1.6.0

Additional context Add any other context about the problem here such as proposed priority

github-actions[bot] commented 1 year ago

This issue is stale because it has been open for 90 days with no activity. It will automatically close after 30 more days of inactivity. Reopen the issue with /reopen. Mark the issue as fresh by adding the comment /remove-lifecycle stale.

pierDipi commented 1 year ago

/remove-lifecycle stale

pierDipi commented 1 year ago

/triage accepted

gab-satchi commented 1 year ago

/assign