Description of the problem
The core-provider can create a dedicated Role and ClusterRole when a composition-dynamic-controller is deployed.
An enhancement would be to inspect any GVK resource in the composition helm chart, check if that GVK is cluster or namespace scoped, and populate the Role and ClusterRole accordingly.
Solution Implemented
A specific generation of Roles and ClusterRoles has been implemented. Resources within the chart are placed either in a Role or a ClusterRole based on whether they are namespace-scoped or not.
Description of the problem The core-provider can create a dedicated Role and ClusterRole when a composition-dynamic-controller is deployed.
An enhancement would be to inspect any GVK resource in the composition helm chart, check if that GVK is cluster or namespace scoped, and populate the Role and ClusterRole accordingly.
Solution Implemented A specific generation of Roles and ClusterRoles has been implemented. Resources within the chart are placed either in a Role or a ClusterRole based on whether they are namespace-scoped or not.
Additional Notes