Open Rajalakshmi-Girish opened 2 years ago
Hello @Rajalakshmi-Girish this seems to be a permission issue:
User \"system:serviceaccount:prow:cerberus\" cannot list resource \"clusterversions\" in API group \"config.openshift.io\" at the cluster scope
This means that your user has insufficient permissions to check if the clusterversions resource exists, which is why this check fails.
user has insufficient permissions to check if the clusterversions resource exists,
Yes, I understand.
But why would a user in Kubernetes distribution need permissions to a resource in the config.openshift.io
API group?
I am trying to run Cerberus against a Kubernetes cluster.
@redhat-chaos/developers I have no strong opinion on this, the 403 code can be added to the error handling. This would mean that if the user does not have permissions to the clusterversion resource, we assume it's not an OpenShift.
Cerberus throws the below error for
Kubernetes
distribution:This is observed after the change https://github.com/redhat-chaos/cerberus/pull/169
Asking for list permission for resource
clusterveersions
in API groupconfig.openshift.io
doesnt seem right when the distribution isKubernetes
.https://github.com/redhat-chaos/cerberus/blob/0ce6f371d8577ea50d4ecd080f5b998884cf91d9/cerberus/kubernetes/client.py#L426 says the function should return empty string for the distributions other than
openshift
.