Please vote on this issue by adding a 👍 reaction to the original issue to help the community and maintainers prioritize this request. Searching for pre-existing feature requests helps us consolidate datapoints for identical requirements into a single place, thank you!
Please do not leave "+1" or other comments that do not add relevant new information or questions, they generate extra noise for issue followers and do not help prioritize the request.
If you are interested in working on this issue or have submitted a pull request, please leave a comment.
Overview of the Issue
We are trying to deploy a helm chart using the helm-provider, using atlantis. This however fails with the following error
customresourcedefinitions.apiextensions.k8s.io is forbidden: User "system:serviceaccount:atlantis:atlantis"
cannot create resource "customresourcedefinitions" in API group "apiextensions.k8s.io" at the cluster scope
The user we are using for the terraform provider has cluster owner issue so it can create any resource.
What I don't understand is, why the service account should be involved, when we configure the terraform provider to use a specific user with adequate access.
Community Note
Overview of the Issue
We are trying to deploy a helm chart using the helm-provider, using atlantis. This however fails with the following error
The user we are using for the terraform provider has cluster owner issue so it can create any resource.
Reproduction Steps
We deploy this terraform code
Logs
No logs as the issue occurs during plan
Environment details
Additional Context
N/A