Open jpeach opened 4 years ago
Description of what's required is outlined in the examples yaml doc: https://github.com/projectcontour/contour/blob/master/examples/contour/02-role-contour.yaml
I’m not sure what is meant by this request @jpeach. When you apply the contour yaml, it creates all the crds, cluster roles, rolebindings etc for you. Are you asking for the description of all these primitives to be documented like in the nginx docs? Or something deeper like explaining the relationships between the objects?
I think James was asking for this to be documented in a more verbose format than what's in the YAMLs, so that people who may already have their own RBAC can design their own least-privilege RBAC set (or add it to an existing one, or whatever).
The main thing that's missing from the example YAML is the explanation of why we ask for the things we do. Maybe we could improve that with the simple tool of comments in the YAML?
Hi, can I work on documenting the following?
Hi @kushthedude, of course. I think a good place to start is to put some more information about what features require what RBAC, and why, and to put that in the example YAMLs. Please feel free to ask for history if you need it.
What steps did you take and what happened:
There is no operator-facing documentation for how to apply Kubernetes RBAC for Contour and its components. For an example of what would be useful, the ingress-nginx docs do a good job of this.