If you want to implement this feature, comment to let us know (we'll work with you on design, scheduling, etc.)
Issue details
The problem is that it inconvenient to grant to users the ability to work with Program and Stack objects. The administrator must define RBAC roles by hand.
The proposed solution is to automatically install aggregated roles, akin to https://github.com/cert-manager/cert-manager/issues/872. Specifically, the view role would be able to get/watch/list Program and Stack. The edit and admin roles would also be able to create/delete/update/patch.
Affected area/feature
The affected area is the deployment programs for the operator itself (see deploy/).
Hello!
Issue details
The problem is that it inconvenient to grant to users the ability to work with
ProgramandStackobjects. The administrator must define RBAC roles by hand.The proposed solution is to automatically install aggregated roles, akin to https://github.com/cert-manager/cert-manager/issues/872. Specifically, the
viewrole would be able to get/watch/listProgramandStack. Theeditandadminroles would also be able tocreate/delete/update/patch.Affected area/feature
The affected area is the deployment programs for the operator itself (see
deploy/).